xref: /openbsd/usr.sbin/snmpd/snmpd.h (revision 01465aaa) 
1 /*	$OpenBSD: snmpd.h,v 1.102 2022/01/19 10:25:04 martijn Exp $	*/
2 
3 /*
4  * Copyright (c) 2007, 2008, 2012 Reyk Floeter <reyk@openbsd.org>
5  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
6  *
7  * Permission to use, copy, modify, and distribute this software for any
8  * purpose with or without fee is hereby granted, provided that the above
9  * copyright notice and this permission notice appear in all copies.
10  *
11  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18  */
19 
20 #ifndef SNMPD_H
21 #define SNMPD_H
22 
23 #include <sys/tree.h>
24 
25 #include <net/if.h>
26 #include <net/if_dl.h>
27 #include <netinet/in.h>
28 #include <netinet/if_ether.h>
29 #include <netinet/ip.h>
30 #include <arpa/inet.h>
31 #include <net/pfvar.h>
32 #include <net/route.h>
33 
34 #include <ber.h>
35 #include <stdio.h>
36 #include <imsg.h>
37 
38 #include "log.h"
39 #include "smi.h"
40 #include "snmp.h"
41 
42 #ifndef nitems
43 #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
44 #endif
45 
46 /*
47  * common definitions for snmpd
48  */
49 
50 #define CONF_FILE		"/etc/snmpd.conf"
51 #define SNMPD_SOCKET		"/var/run/snmpd.sock"
52 #define SNMPD_USER		"_snmpd"
53 #define SNMP_PORT		"161"
54 #define SNMPTRAP_PORT		"162"
55 
56 #define SNMPD_MAXSTRLEN		484
57 #define SNMPD_MAXCOMMUNITYLEN	SNMPD_MAXSTRLEN
58 #define SNMPD_MAXVARBIND	0x7fffffff
59 #define SNMPD_MAXVARBINDLEN	1210
60 #define SNMPD_MAXENGINEIDLEN	32
61 #define SNMPD_MAXUSERNAMELEN	32
62 #define SNMPD_MAXCONTEXNAMELEN	32
63 
64 #define SNMP_USM_MAXDIGESTLEN	48
65 #define SNMP_USM_SALTLEN	8
66 #define SNMP_USM_KEYLEN		64
67 #define SNMP_CIPHER_KEYLEN	16
68 
69 #define SMALL_READ_BUF_SIZE	1024
70 #define READ_BUF_SIZE		65535
71 #define	RT_BUF_SIZE		16384
72 #define	MAX_RTSOCK_BUF		(2 * 1024 * 1024)
73 
74 #define SNMP_ENGINEID_OLD	0x00
75 #define SNMP_ENGINEID_NEW	0x80	/* RFC3411 */
76 
77 #define SNMP_ENGINEID_FMT_IPv4	1
78 #define SNMP_ENGINEID_FMT_IPv6	2
79 #define SNMP_ENGINEID_FMT_MAC	3
80 #define SNMP_ENGINEID_FMT_TEXT	4
81 #define SNMP_ENGINEID_FMT_OCT	5
82 #define SNMP_ENGINEID_FMT_HH	129
83 
84 #define PEN_OPENBSD		30155
85 
86 enum imsg_type {
87 	IMSG_NONE,
88 	IMSG_CTL_OK,		/* answer to snmpctl requests */
89 	IMSG_CTL_FAIL,
90 	IMSG_CTL_END,
91 	IMSG_CTL_NOTIFY,
92 	IMSG_CTL_VERBOSE,
93 	IMSG_CTL_RELOAD,
94 	IMSG_CTL_PROCFD,
95 	IMSG_TRAP_EXEC
96 };
97 
98 struct imsgev {
99 	struct imsgbuf		 ibuf;
100 	void			(*handler)(int, short, void *);
101 	struct event		 ev;
102 	struct privsep_proc	*proc;
103 	void			*data;
104 	short			 events;
105 	const char		*name;
106 };
107 
108 #define IMSG_SIZE_CHECK(imsg, p) do {				\
109 	if (IMSG_DATA_SIZE(imsg) < sizeof(*p))			\
110 		fatalx("bad length imsg received");		\
111 } while (0)
112 #define IMSG_DATA_SIZE(imsg)	((imsg)->hdr.len - IMSG_HEADER_SIZE)
113 
114 enum privsep_procid {
115 	PROC_PARENT,	/* Parent process and application interface */
116 	PROC_SNMPE,	/* SNMP engine */
117 	PROC_MAX
118 };
119 
120 extern enum privsep_procid privsep_process;
121 
122 /* Attach the control socket to the following process */
123 #define PROC_CONTROL	PROC_SNMPE
124 
125 struct privsep_pipes {
126 	int			*pp_pipes[PROC_MAX];
127 };
128 
129 struct privsep {
130 	struct privsep_pipes	*ps_pipes[PROC_MAX];
131 	struct privsep_pipes	*ps_pp;
132 
133 	struct imsgev		*ps_ievs[PROC_MAX];
134 	const char		*ps_title[PROC_MAX];
135 	pid_t			 ps_pid[PROC_MAX];
136 	struct passwd		*ps_pw;
137 
138 	u_int			 ps_instances[PROC_MAX];
139 	u_int			 ps_instance;
140 	int			 ps_noaction;
141 
142 	/* Event and signal handlers */
143 	struct event		 ps_evsigint;
144 	struct event		 ps_evsigterm;
145 	struct event		 ps_evsigchld;
146 	struct event		 ps_evsighup;
147 	struct event		 ps_evsigpipe;
148 	struct event		 ps_evsigusr1;
149 
150 	void			*ps_env;
151 };
152 
153 struct privsep_proc {
154 	const char		*p_title;
155 	enum privsep_procid	 p_id;
156 	int			(*p_cb)(int, struct privsep_proc *,
157 				    struct imsg *);
158 	void			(*p_init)(struct privsep *,
159 				    struct privsep_proc *);
160 	void			(*p_shutdown)(void);
161 	const char		*p_chroot;
162 	struct privsep		*p_ps;
163 	struct passwd		*p_pw;
164 };
165 
166 struct privsep_fd {
167 	enum privsep_procid		 pf_procid;
168 	unsigned int			 pf_instance;
169 };
170 
171 #define PROC_PARENT_SOCK_FILENO	3
172 #define PROC_MAX_INSTANCES	32
173 
174 #if DEBUG
175 #define DPRINTF		log_debug
176 #else
177 #define DPRINTF(x...)	do {} while(0)
178 #endif
179 
180 /*
181  * kroute
182  */
183 
184 struct kroute_node;
185 struct kroute6_node;
186 RB_HEAD(kroute_tree, kroute_node);
187 RB_HEAD(kroute6_tree, kroute6_node);
188 
189 struct ktable {
190 	struct kroute_tree	 krt;
191 	struct kroute6_tree	 krt6;
192 	u_int			 rtableid;
193 	u_int			 rdomain;
194 };
195 
196 union kaddr {
197 	struct sockaddr		sa;
198 	struct sockaddr_in	sin;
199 	struct sockaddr_in6	sin6;
200 	struct sockaddr_dl	sdl;
201 	char			pad[32];
202 };
203 
204 struct kroute {
205 	struct in_addr	prefix;
206 	struct in_addr	nexthop;
207 	u_long		ticks;
208 	u_int16_t	flags;
209 	u_short		if_index;
210 	u_int8_t	prefixlen;
211 	u_int8_t	priority;
212 };
213 
214 struct kroute6 {
215 	struct in6_addr	prefix;
216 	struct in6_addr	nexthop;
217 	u_long		ticks;
218 	u_int16_t	flags;
219 	u_short		if_index;
220 	u_int8_t	prefixlen;
221 	u_int8_t	priority;
222 };
223 
224 struct kif_addr {
225 	u_short			 if_index;
226 	union kaddr		 addr;
227 	union kaddr		 mask;
228 	union kaddr		 dstbrd;
229 
230 	TAILQ_ENTRY(kif_addr)	 entry;
231 	RB_ENTRY(kif_addr)	 node;
232 };
233 
234 struct kif_arp {
235 	u_short			 flags;
236 	u_short			 if_index;
237 	union kaddr		 addr;
238 	union kaddr		 target;
239 
240 	TAILQ_ENTRY(kif_arp)	 entry;
241 };
242 
243 struct kif {
244 	char			 if_name[IF_NAMESIZE];
245 	char			 if_descr[IFDESCRSIZE];
246 	u_int8_t		 if_lladdr[ETHER_ADDR_LEN];
247 	struct if_data		 if_data;
248 	u_long			 if_ticks;
249 	int			 if_flags;
250 	u_short			 if_index;
251 };
252 #define	if_mtu		if_data.ifi_mtu
253 #define	if_type		if_data.ifi_type
254 #define	if_addrlen	if_data.ifi_addrlen
255 #define	if_hdrlen	if_data.ifi_hdrlen
256 #define	if_metric	if_data.ifi_metric
257 #define	if_link_state	if_data.ifi_link_state
258 #define	if_baudrate	if_data.ifi_baudrate
259 #define	if_ipackets	if_data.ifi_ipackets
260 #define	if_ierrors	if_data.ifi_ierrors
261 #define	if_opackets	if_data.ifi_opackets
262 #define	if_oerrors	if_data.ifi_oerrors
263 #define	if_collisions	if_data.ifi_collisions
264 #define	if_ibytes	if_data.ifi_ibytes
265 #define	if_obytes	if_data.ifi_obytes
266 #define	if_imcasts	if_data.ifi_imcasts
267 #define	if_omcasts	if_data.ifi_omcasts
268 #define	if_iqdrops	if_data.ifi_iqdrops
269 #define	if_oqdrops	if_data.ifi_oqdrops
270 #define	if_noproto	if_data.ifi_noproto
271 #define	if_lastchange	if_data.ifi_lastchange
272 #define	if_capabilities	if_data.ifi_capabilities
273 
274 #define F_CONNECTED		0x0001
275 #define F_STATIC		0x0002
276 #define F_BLACKHOLE		0x0004
277 #define F_REJECT		0x0008
278 #define F_DYNAMIC		0x0010
279 
280 /*
281  * Message Processing Subsystem (mps)
282  */
283 
284 struct oid {
285 	struct ber_oid		 o_id;
286 #define o_oid			 o_id.bo_id
287 #define o_oidlen		 o_id.bo_n
288 
289 	char			*o_name;
290 
291 	u_int			 o_flags;
292 
293 	int			 (*o_get)(struct oid *, struct ber_oid *,
294 				    struct ber_element **);
295 	int			 (*o_set)(struct oid *, struct ber_oid *,
296 				    struct ber_element **);
297 	struct ber_oid		*(*o_table)(struct oid *, struct ber_oid *,
298 				    struct ber_oid *);
299 
300 	long long		 o_val;
301 	void			*o_data;
302 
303 	struct ctl_conn		*o_session;
304 
305 	RB_ENTRY(oid)		 o_element;
306 	RB_ENTRY(oid)		 o_keyword;
307 	TAILQ_ENTRY(oid)	 o_list;
308 };
309 TAILQ_HEAD(oidlist, oid);
310 
311 #define OID_ROOT		0x00
312 #define OID_RD			0x01
313 #define OID_WR			0x02
314 #define OID_IFSET		0x04	/* only if user-specified value */
315 #define OID_DYNAMIC		0x08	/* free allocated data */
316 #define OID_TABLE		0x10	/* dynamic sub-elements */
317 #define OID_MIB			0x20	/* root-OID of a supported MIB */
318 #define OID_KEY			0x40	/* lookup tables */
319 #define	OID_REGISTERED		0x80	/* OID registered by subagent */
320 
321 #define OID_RS			(OID_RD|OID_IFSET)
322 #define OID_WS			(OID_WR|OID_IFSET)
323 #define OID_RW			(OID_RD|OID_WR)
324 #define OID_RWS			(OID_RW|OID_IFSET)
325 
326 #define OID_TRD			(OID_RD|OID_TABLE)
327 #define OID_TWR			(OID_WR|OID_TABLE)
328 #define OID_TRS			(OID_RD|OID_IFSET|OID_TABLE)
329 #define OID_TWS			(OID_WR|OID_IFSET|OID_TABLE)
330 #define OID_TRW			(OID_RD|OID_WR|OID_TABLE)
331 #define OID_TRWS		(OID_RW|OID_IFSET|OID_TABLE)
332 
333 #define OID_NOTSET(_oid)						\
334 	(((_oid)->o_flags & OID_IFSET) &&				\
335 	((_oid)->o_data == NULL) && ((_oid)->o_val == 0))
336 
337 #define OID(...)		{ { __VA_ARGS__ } }
338 #define MIBDECL(...)		{ { MIB_##__VA_ARGS__ } }, #__VA_ARGS__
339 #define MIB(...)		{ { MIB_##__VA_ARGS__ } }, NULL
340 #define MIBEND			{ { 0 } }, NULL
341 
342 struct ctl_conn {
343 	TAILQ_ENTRY(ctl_conn)	 entry;
344 	u_int8_t		 flags;
345 #define CTL_CONN_NOTIFY		 0x01
346 #define CTL_CONN_LOCKED		 0x02	/* restricted mode */
347 	struct imsgev		 iev;
348 	struct oidlist		 oids;
349 };
350 
351 /*
352  * pf
353  */
354 
355 enum {	PFRB_TABLES = 1, PFRB_TSTATS, PFRB_ADDRS, PFRB_ASTATS,
356 	PFRB_IFACES, PFRB_TRANS, PFRB_MAX };
357 
358 enum {  IN, OUT };
359 enum {  IPV4, IPV6 };
360 enum {  PASS, BLOCK };
361 
362 enum {  PFI_IFTYPE_GROUP, PFI_IFTYPE_INSTANCE };
363 
364 struct pfr_buffer {
365 	int	 pfrb_type;	/* type of content, see enum above */
366 	int	 pfrb_size;	/* number of objects in buffer */
367 	int	 pfrb_msize;	/* maximum number of objects in buffer */
368 	void	*pfrb_caddr;	/* malloc'ated memory area */
369 };
370 
371 #define PFRB_FOREACH(var, buf)				\
372 	for ((var) = pfr_buf_next((buf), NULL);		\
373 	    (var) != NULL;				\
374 	    (var) = pfr_buf_next((buf), (var)))
375 
376 /*
377  * daemon structures
378  */
379 
380 #define MSG_HAS_AUTH(m)		(((m)->sm_flags & SNMP_MSGFLAG_AUTH) != 0)
381 #define MSG_HAS_PRIV(m)		(((m)->sm_flags & SNMP_MSGFLAG_PRIV) != 0)
382 #define MSG_SECLEVEL(m)		((m)->sm_flags & SNMP_MSGFLAG_SECMASK)
383 #define MSG_REPORT(m)		(((m)->sm_flags & SNMP_MSGFLAG_REPORT) != 0)
384 
385 struct snmp_message {
386 	int			 sm_sock;
387 	struct sockaddr_storage	 sm_ss;
388 	socklen_t		 sm_slen;
389 	int			 sm_sock_tcp;
390 	int			 sm_aflags;
391 	enum snmp_pdutype	 sm_pdutype;
392 	struct event		 sm_sockev;
393 	char			 sm_host[HOST_NAME_MAX+1];
394 	in_port_t		 sm_port;
395 
396 	struct sockaddr_storage	 sm_local_ss;
397 	socklen_t		 sm_local_slen;
398 
399 	struct ber		 sm_ber;
400 	struct ber_element	*sm_req;
401 	struct ber_element	*sm_resp;
402 
403 	u_int8_t		 sm_data[READ_BUF_SIZE];
404 	size_t			 sm_datalen;
405 
406 	uint32_t		 sm_transactionid;
407 
408 	u_int			 sm_version;
409 
410 	/* V1, V2c */
411 	char			 sm_community[SNMPD_MAXCOMMUNITYLEN];
412 
413 	/* V3 */
414 	long long		 sm_msgid;
415 	long long		 sm_max_msg_size;
416 	u_int8_t		 sm_flags;
417 	long long		 sm_secmodel;
418 	u_int32_t		 sm_engine_boots;
419 	u_int32_t		 sm_engine_time;
420 	uint8_t			 sm_ctxengineid[SNMPD_MAXENGINEIDLEN];
421 	size_t			 sm_ctxengineid_len;
422 	char			 sm_ctxname[SNMPD_MAXCONTEXNAMELEN+1];
423 
424 	/* USM */
425 	char			 sm_username[SNMPD_MAXUSERNAMELEN+1];
426 	struct usmuser		*sm_user;
427 	size_t			 sm_digest_offs;
428 	char			 sm_salt[SNMP_USM_SALTLEN];
429 	int			 sm_usmerr;
430 
431 	long long		 sm_request;
432 
433 	const char		*sm_errstr;
434 	long long		 sm_error;
435 #define sm_nonrepeaters		 sm_error
436 	long long		 sm_errorindex;
437 #define sm_maxrepetitions	 sm_errorindex
438 
439 	struct ber_element	*sm_pdu;
440 	struct ber_element	*sm_pduend;
441 
442 	struct ber_element	*sm_varbind;
443 	struct ber_element	*sm_varbindresp;
444 
445 	RB_ENTRY(snmp_message)	 sm_entry;
446 };
447 RB_HEAD(snmp_messages, snmp_message);
448 extern struct snmp_messages snmp_messages;
449 
450 /* Defined in SNMPv2-MIB.txt (RFC 3418) */
451 struct snmp_stats {
452 	u_int32_t		snmp_inpkts;
453 	u_int32_t		snmp_outpkts;
454 	u_int32_t		snmp_inbadversions;
455 	u_int32_t		snmp_inbadcommunitynames;
456 	u_int32_t		snmp_inbadcommunityuses;
457 	u_int32_t		snmp_inasnparseerrs;
458 	u_int32_t		snmp_intoobigs;
459 	u_int32_t		snmp_innosuchnames;
460 	u_int32_t		snmp_inbadvalues;
461 	u_int32_t		snmp_inreadonlys;
462 	u_int32_t		snmp_ingenerrs;
463 	u_int32_t		snmp_intotalreqvars;
464 	u_int32_t		snmp_intotalsetvars;
465 	u_int32_t		snmp_ingetrequests;
466 	u_int32_t		snmp_ingetnexts;
467 	u_int32_t		snmp_insetrequests;
468 	u_int32_t		snmp_ingetresponses;
469 	u_int32_t		snmp_intraps;
470 	u_int32_t		snmp_outtoobigs;
471 	u_int32_t		snmp_outnosuchnames;
472 	u_int32_t		snmp_outbadvalues;
473 	u_int32_t		snmp_outgenerrs;
474 	u_int32_t		snmp_outgetrequests;
475 	u_int32_t		snmp_outgetnexts;
476 	u_int32_t		snmp_outsetrequests;
477 	u_int32_t		snmp_outgetresponses;
478 	u_int32_t		snmp_outtraps;
479 	int			snmp_enableauthentraps;
480 	u_int32_t		snmp_silentdrops;
481 	u_int32_t		snmp_proxydrops;
482 
483 	/* USM stats (RFC 3414) */
484 	u_int32_t		snmp_usmbadseclevel;
485 	u_int32_t		snmp_usmtimewindow;
486 	u_int32_t		snmp_usmnosuchuser;
487 	u_int32_t		snmp_usmnosuchengine;
488 	u_int32_t		snmp_usmwrongdigest;
489 	u_int32_t		snmp_usmdecrypterr;
490 };
491 
492 struct address {
493 	struct sockaddr_storage	 ss;
494 	in_port_t		 port;
495 	int			 type;
496 	int			 flags;
497 	int			 fd;
498 	struct event		 ev;
499 	struct event		 evt;
500 
501 	TAILQ_ENTRY(address)	 entry;
502 };
503 TAILQ_HEAD(addresslist, address);
504 
505 #define ADDRESS_FLAG_READ	0x01
506 #define ADDRESS_FLAG_WRITE	0x02
507 #define ADDRESS_FLAG_NOTIFY	0x04
508 #define ADDRESS_FLAG_PERM	\
509     (ADDRESS_FLAG_READ | ADDRESS_FLAG_WRITE | ADDRESS_FLAG_NOTIFY)
510 #define ADDRESS_FLAG_SNMPV1	0x10
511 #define ADDRESS_FLAG_SNMPV2	0x20
512 #define ADDRESS_FLAG_SNMPV3	0x40
513 #define ADDRESS_FLAG_MPS	\
514     (ADDRESS_FLAG_SNMPV1 | ADDRESS_FLAG_SNMPV2 | ADDRESS_FLAG_SNMPV3)
515 
516 struct trap_address {
517 	struct sockaddr_storage	 ta_ss;
518 	struct sockaddr_storage	 ta_sslocal;
519 	int			 ta_version;
520 	union {
521 		char		 ta_community[SNMPD_MAXCOMMUNITYLEN];
522 		struct {
523 			char		*ta_usmusername;
524 			struct usmuser	*ta_usmuser;
525 			int		 ta_seclevel;
526 		};
527 	};
528 	struct ber_oid		*ta_oid;
529 
530 	TAILQ_ENTRY(trap_address) entry;
531 };
532 TAILQ_HEAD(trap_addresslist, trap_address);
533 
534 enum usmauth {
535 	AUTH_NONE = 0,
536 	AUTH_MD5,	/* HMAC-MD5-96, RFC3414 */
537 	AUTH_SHA1,	/* HMAC-SHA-96, RFC3414 */
538 	AUTH_SHA224,	/* usmHMAC128SHA224AuthProtocol. RFC7860 */
539 	AUTH_SHA256,	/* usmHMAC192SHA256AuthProtocol. RFC7860 */
540 	AUTH_SHA384,	/* usmHMAC256SHA384AuthProtocol. RFC7860 */
541 	AUTH_SHA512	/* usmHMAC384SHA512AuthProtocol. RFC7860 */
542 };
543 
544 #define AUTH_DEFAULT	AUTH_SHA1	/* Default digest */
545 
546 enum usmpriv {
547 	PRIV_NONE = 0,
548 	PRIV_DES,	/* CBC-DES, RFC3414 */
549 	PRIV_AES	/* CFB128-AES-128, RFC3826 */
550 };
551 
552 #define PRIV_DEFAULT	PRIV_AES	/* Default cipher */
553 
554 struct usmuser {
555 	char			*uu_name;
556 	int			 uu_seclevel;
557 
558 	enum usmauth		 uu_auth;
559 	char			*uu_authkey;
560 	unsigned		 uu_authkeylen;
561 
562 
563 	enum usmpriv		 uu_priv;
564 	char			*uu_privkey;
565 	unsigned long long	 uu_salt;
566 
567 	SLIST_ENTRY(usmuser)	 uu_next;
568 };
569 
570 struct snmpd {
571 	u_int8_t		 sc_flags;
572 #define SNMPD_F_VERBOSE		 0x01
573 #define SNMPD_F_DEBUG		 0x02
574 #define SNMPD_F_NONAMES		 0x04
575 
576 	const char		*sc_confpath;
577 	struct addresslist	 sc_addresses;
578 	struct timeval		 sc_starttime;
579 	u_int32_t		 sc_engine_boots;
580 
581 	char			 sc_rdcommunity[SNMPD_MAXCOMMUNITYLEN];
582 	char			 sc_rwcommunity[SNMPD_MAXCOMMUNITYLEN];
583 	char			 sc_trcommunity[SNMPD_MAXCOMMUNITYLEN];
584 
585 	uint8_t			 sc_engineid[SNMPD_MAXENGINEIDLEN];
586 	size_t			 sc_engineid_len;
587 
588 	struct snmp_stats	 sc_stats;
589 
590 	struct trap_addresslist	 sc_trapreceivers;
591 
592 	int			 sc_ncpu;
593 	int64_t			*sc_cpustates;
594 	int			 sc_rtfilter;
595 	int			 sc_pfaddrfilter;
596 
597 	int			 sc_min_seclevel;
598 	int			 sc_traphandler;
599 
600 	struct privsep		 sc_ps;
601 };
602 
603 struct trapcmd {
604 	struct ber_oid		*cmd_oid;
605 		/* sideways return for intermediate lookups */
606 	struct trapcmd		*cmd_maybe;
607 
608 	int			 cmd_argc;
609 	char			**cmd_argv;
610 
611 	RB_ENTRY(trapcmd)	 cmd_entry;
612 };
613 RB_HEAD(trapcmd_tree, trapcmd);
614 extern	struct trapcmd_tree trapcmd_tree;
615 
616 extern struct snmpd *snmpd_env;
617 
618 /* parse.y */
619 struct snmpd	*parse_config(const char *, u_int);
620 int		 cmdline_symset(char *);
621 
622 /* kroute.c */
623 void		 kr_init(void);
624 void		 kr_shutdown(void);
625 
626 u_int		 kr_ifnumber(void);
627 u_long		 kr_iflastchange(void);
628 int		 kr_updateif(u_int);
629 u_long		 kr_routenumber(void);
630 
631 struct kif	*kr_getif(u_short);
632 struct kif	*kr_getnextif(u_short);
633 struct kif_addr *kr_getaddr(struct sockaddr *);
634 struct kif_addr *kr_getnextaddr(struct sockaddr *);
635 
636 struct kroute	*kroute_first(void);
637 struct kroute	*kroute_getaddr(in_addr_t, u_int8_t, u_int8_t, int);
638 
639 struct kif_arp	*karp_first(u_short);
640 struct kif_arp	*karp_getaddr(struct sockaddr *, u_short, int);
641 
642 /* snmpe.c */
643 void		 snmpe(struct privsep *, struct privsep_proc *);
644 void		 snmpe_shutdown(void);
645 void		 snmpe_dispatchmsg(struct snmp_message *);
646 void		 snmpe_response(struct snmp_message *);
647 int		 snmp_messagecmp(struct snmp_message *, struct snmp_message *);
648 RB_PROTOTYPE(snmp_messages, snmp_message, sm_entry, snmp_messagecmp)
649 
650 /* trap.c */
651 void		 trap_init(void);
652 int		 trap_imsg(struct imsgev *, pid_t);
653 int		 trap_send(struct ber_oid *, struct ber_element *);
654 
655 /* mps.c */
656 int		 mps_getreq(struct snmp_message *, struct ber_element *,
657 		    struct ber_oid *, u_int);
658 int		 mps_getnextreq(struct snmp_message *, struct ber_element *,
659 		    struct ber_oid *);
660 int		 mps_getbulkreq(struct snmp_message *, struct ber_element **,
661 		    struct ber_element **, struct ber_oid *, int);
662 int		 mps_setreq(struct snmp_message *, struct ber_element *,
663 		    struct ber_oid *);
664 int		 mps_set(struct ber_oid *, void *, long long);
665 int		 mps_getstr(struct oid *, struct ber_oid *,
666 		    struct ber_element **);
667 int		 mps_setstr(struct oid *, struct ber_oid *,
668 		    struct ber_element **);
669 int		 mps_getint(struct oid *, struct ber_oid *,
670 		    struct ber_element **);
671 int		 mps_setint(struct oid *, struct ber_oid *,
672 		    struct ber_element **);
673 int		 mps_getts(struct oid *, struct ber_oid *,
674 		    struct ber_element **);
675 void		 mps_encodeinaddr(struct ber_oid *, struct in_addr *, int);
676 int		 mps_decodeinaddr(struct ber_oid *, struct in_addr *, int);
677 struct ber_oid	*mps_table(struct oid *, struct ber_oid *, struct ber_oid *);
678 
679 /* pf.c */
680 void			 pf_init(void);
681 int			 pf_get_stats(struct pf_status *);
682 int			 pfr_get_astats(struct pfr_table *, struct pfr_astats *,
683 			    int *, int);
684 int			 pfr_get_tstats(struct pfr_table *, struct pfr_tstats *,
685 			    int *, int);
686 int			 pfr_buf_grow(struct pfr_buffer *, int);
687 const void		*pfr_buf_next(struct pfr_buffer *, const void *);
688 int			 pfi_get_ifaces(const char *, struct pfi_kif *, int *);
689 int			 pfi_get(struct pfr_buffer *, const char *);
690 int			 pfi_count(void);
691 int			 pfi_get_if(struct pfi_kif *, int);
692 int			 pft_get(struct pfr_buffer *, struct pfr_table *);
693 int			 pft_count(void);
694 int			 pft_get_table(struct pfr_tstats *, int);
695 int			 pfta_get(struct pfr_buffer *, struct pfr_table *);
696 int			 pfta_get_addr(struct pfr_astats *, int);
697 int			 pfta_get_nextaddr(struct pfr_astats *, int *);
698 int			 pfta_get_first(struct pfr_astats *);
699 
700 /* smi.c */
701 int		 smi_init(void);
702 void		 smi_mibtree(struct oid *);
703 struct oid	*smi_find(struct oid *);
704 struct oid	*smi_nfind(struct oid *);
705 struct oid	*smi_findkey(char *);
706 struct oid	*smi_next(struct oid *);
707 struct oid	*smi_foreach(struct oid *, u_int);
708 void		 smi_oidlen(struct ber_oid *);
709 void		 smi_scalar_oidlen(struct ber_oid *);
710 int		 smi_string2oid(const char *, struct ber_oid *);
711 void		 smi_delete(struct oid *);
712 int		 smi_insert(struct oid *);
713 int		 smi_oid_cmp(struct oid *, struct oid *);
714 int		 smi_key_cmp(struct oid *, struct oid *);
715 unsigned int	 smi_application(struct ber_element *);
716 void		 smi_debug_elements(struct ber_element *);
717 
718 /* timer.c */
719 void		 timer_init(void);
720 
721 /* snmpd.c */
722 int		 snmpd_socket_af(struct sockaddr_storage *, int);
723 u_long		 snmpd_engine_time(void);
724 
725 /* usm.c */
726 void		 usm_generate_keys(void);
727 struct usmuser	*usm_newuser(char *name, const char **);
728 struct usmuser	*usm_finduser(char *name);
729 int		 usm_checkuser(struct usmuser *, const char **);
730 struct ber_element *usm_decode(struct snmp_message *, struct ber_element *,
731 		    const char **);
732 struct ber_element *usm_encode(struct snmp_message *, struct ber_element *);
733 struct ber_element *usm_encrypt(struct snmp_message *, struct ber_element *);
734 void		 usm_finalize_digest(struct snmp_message *, char *, ssize_t);
735 void		 usm_make_report(struct snmp_message *);
736 const struct usmuser *usm_check_mincred(int, const char **);
737 
738 /* proc.c */
739 enum privsep_procid
740 	    proc_getid(struct privsep_proc *, unsigned int, const char *);
741 void	 proc_init(struct privsep *, struct privsep_proc *, unsigned int, int,
742 	    int, char **, enum privsep_procid);
743 void	 proc_kill(struct privsep *);
744 void	 proc_connect(struct privsep *);
745 void	 proc_dispatch(int, short event, void *);
746 void	 proc_run(struct privsep *, struct privsep_proc *,
747 	    struct privsep_proc *, u_int,
748 	    void (*)(struct privsep *, struct privsep_proc *, void *), void *);
749 void	 imsg_event_add(struct imsgev *);
750 int	 imsg_compose_event(struct imsgev *, u_int16_t, u_int32_t,
751 	    pid_t, int, void *, u_int16_t);
752 int	 imsg_composev_event(struct imsgev *, u_int16_t, u_int32_t,
753 	    pid_t, int, const struct iovec *, int);
754 void	 proc_range(struct privsep *, enum privsep_procid, int *, int *);
755 int	 proc_compose_imsg(struct privsep *, enum privsep_procid, int,
756 	    u_int16_t, u_int32_t, int, void *, u_int16_t);
757 int	 proc_compose(struct privsep *, enum privsep_procid,
758 	    uint16_t, void *, uint16_t);
759 int	 proc_composev_imsg(struct privsep *, enum privsep_procid, int,
760 	    u_int16_t, u_int32_t, int, const struct iovec *, int);
761 int	 proc_composev(struct privsep *, enum privsep_procid,
762 	    uint16_t, const struct iovec *, int);
763 int	 proc_forward_imsg(struct privsep *, struct imsg *,
764 	    enum privsep_procid, int);
765 struct imsgbuf *
766 	 proc_ibuf(struct privsep *, enum privsep_procid, int);
767 struct imsgev *
768 	 proc_iev(struct privsep *, enum privsep_procid, int);
769 int	 proc_flush_imsg(struct privsep *, enum privsep_procid, int);
770 
771 /* traphandler.c */
772 int	 traphandler_parse(struct snmp_message *);
773 int	 traphandler_priv_recvmsg(struct privsep_proc *, struct imsg *);
774 void	 trapcmd_free(struct trapcmd *);
775 int	 trapcmd_add(struct trapcmd *);
776 struct trapcmd *
777 	 trapcmd_lookup(struct ber_oid *);
778 
779 /* util.c */
780 ssize_t	 sendtofrom(int, void *, size_t, int, struct sockaddr *,
781 	    socklen_t, struct sockaddr *, socklen_t);
782 ssize_t	 recvfromto(int, void *, size_t, int, struct sockaddr *,
783 	    socklen_t *, struct sockaddr *, socklen_t *);
784 const char *log_in6addr(const struct in6_addr *);
785 const char *print_host(struct sockaddr_storage *, char *, size_t);
786 char	*tohexstr(u_int8_t *, int);
787 uint8_t *fromhexstr(uint8_t *, const char *, size_t);
788 
789 #endif /* SNMPD_H */
790