diff options
Diffstat (limited to 'contrib/tcpdump/print-snmp.c')
| -rw-r--r-- | contrib/tcpdump/print-snmp.c | 1904 |
1 files changed, 0 insertions, 1904 deletions
diff --git a/contrib/tcpdump/print-snmp.c b/contrib/tcpdump/print-snmp.c deleted file mode 100644 index 0686b6223074..000000000000 --- a/contrib/tcpdump/print-snmp.c +++ /dev/null @@ -1,1904 +0,0 @@ -/* - * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 - * John Robert LoVerso. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * - * This implementation has been influenced by the CMU SNMP release, - * by Steve Waldbusser. However, this shares no code with that system. - * Additional ASN.1 insight gained from Marshall T. Rose's _The_Open_Book_. - * Earlier forms of this implementation were derived and/or inspired by an - * awk script originally written by C. Philip Wood of LANL (but later - * heavily modified by John Robert LoVerso). The copyright notice for - * that work is preserved below, even though it may not rightly apply - * to this file. - * - * Support for SNMPv2c/SNMPv3 and the ability to link the module against - * the libsmi was added by J. Schoenwaelder, Copyright (c) 1999. - * - * This started out as a very simple program, but the incremental decoding - * (into the BE structure) complicated things. - * - # Los Alamos National Laboratory - # - # Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996, 1997 - # This software was produced under a U.S. Government contract - # (W-7405-ENG-36) by Los Alamos National Laboratory, which is - # operated by the University of California for the U.S. Department - # of Energy. The U.S. Government is licensed to use, reproduce, - # and distribute this software. Permission is granted to the - # public to copy and use this software without charge, provided - # that this Notice and any statement of authorship are reproduced - # on all copies. Neither the Government nor the University makes - # any warranty, express or implied, or assumes any liability or - # responsibility for the use of this software. - # @(#)snmp.awk.x 1.1 (LANL) 1/15/90 - */ - -#ifndef lint -static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-snmp.c,v 1.62.2.2 2005/05/06 07:57:19 guy Exp $ (LBL)"; -#endif - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include <tcpdump-stdinc.h> - -#include <stdio.h> -#include <string.h> - -#ifdef HAVE_SMI_H -#include <smi.h> -#endif - -#include "interface.h" -#include "addrtoname.h" - -#undef OPAQUE /* defined in <wingdi.h> */ - -/* - * Universal ASN.1 types - * (we only care about the tag values for those allowed in the Internet SMI) - */ -const char *Universal[] = { - "U-0", - "Boolean", - "Integer", -#define INTEGER 2 - "Bitstring", - "String", -#define STRING 4 - "Null", -#define ASN_NULL 5 - "ObjID", -#define OBJECTID 6 - "ObjectDes", - "U-8","U-9","U-10","U-11", /* 8-11 */ - "U-12","U-13","U-14","U-15", /* 12-15 */ - "Sequence", -#define SEQUENCE 16 - "Set" -}; - -/* - * Application-wide ASN.1 types from the Internet SMI and their tags - */ -const char *Application[] = { - "IpAddress", -#define IPADDR 0 - "Counter", -#define COUNTER 1 - "Gauge", -#define GAUGE 2 - "TimeTicks", -#define TIMETICKS 3 - "Opaque", -#define OPAQUE 4 - "C-5", - "Counter64" -#define COUNTER64 6 -}; - -/* - * Context-specific ASN.1 types for the SNMP PDUs and their tags - */ -const char *Context[] = { - "GetRequest", -#define GETREQ 0 - "GetNextRequest", -#define GETNEXTREQ 1 - "GetResponse", -#define GETRESP 2 - "SetRequest", -#define SETREQ 3 - "Trap", -#define TRAP 4 - "GetBulk", -#define GETBULKREQ 5 - "Inform", -#define INFORMREQ 6 - "V2Trap", -#define V2TRAP 7 - "Report" -#define REPORT 8 -}; - -#define NOTIFY_CLASS(x) (x == TRAP || x == V2TRAP || x == INFORMREQ) -#define READ_CLASS(x) (x == GETREQ || x == GETNEXTREQ || x == GETBULKREQ) -#define WRITE_CLASS(x) (x == SETREQ) -#define RESPONSE_CLASS(x) (x == GETRESP) -#define INTERNAL_CLASS(x) (x == REPORT) - -/* - * Context-specific ASN.1 types for the SNMP Exceptions and their tags - */ -const char *Exceptions[] = { - "noSuchObject", -#define NOSUCHOBJECT 0 - "noSuchInstance", -#define NOSUCHINSTANCE 1 - "endOfMibView", -#define ENDOFMIBVIEW 2 -}; - -/* - * Private ASN.1 types - * The Internet SMI does not specify any - */ -const char *Private[] = { - "P-0" -}; - -/* - * error-status values for any SNMP PDU - */ -const char *ErrorStatus[] = { - "noError", - "tooBig", - "noSuchName", - "badValue", - "readOnly", - "genErr", - "noAccess", - "wrongType", - "wrongLength", - "wrongEncoding", - "wrongValue", - "noCreation", - "inconsistentValue", - "resourceUnavailable", - "commitFailed", - "undoFailed", - "authorizationError", - "notWritable", - "inconsistentName" -}; -#define DECODE_ErrorStatus(e) \ - ( e >= 0 && (size_t)e < sizeof(ErrorStatus)/sizeof(ErrorStatus[0]) \ - ? ErrorStatus[e] \ - : (snprintf(errbuf, sizeof(errbuf), "err=%u", e), errbuf)) - -/* - * generic-trap values in the SNMP Trap-PDU - */ -const char *GenericTrap[] = { - "coldStart", - "warmStart", - "linkDown", - "linkUp", - "authenticationFailure", - "egpNeighborLoss", - "enterpriseSpecific" -#define GT_ENTERPRISE 6 -}; -#define DECODE_GenericTrap(t) \ - ( t >= 0 && (size_t)t < sizeof(GenericTrap)/sizeof(GenericTrap[0]) \ - ? GenericTrap[t] \ - : (snprintf(buf, sizeof(buf), "gt=%d", t), buf)) - -/* - * ASN.1 type class table - * Ties together the preceding Universal, Application, Context, and Private - * type definitions. - */ -#define defineCLASS(x) { "x", x, sizeof(x)/sizeof(x[0]) } /* not ANSI-C */ -struct { - const char *name; - const char **Id; - int numIDs; - } Class[] = { - defineCLASS(Universal), -#define UNIVERSAL 0 - defineCLASS(Application), -#define APPLICATION 1 - defineCLASS(Context), -#define CONTEXT 2 - defineCLASS(Private), -#define PRIVATE 3 - defineCLASS(Exceptions), -#define EXCEPTIONS 4 -}; - -/* - * defined forms for ASN.1 types - */ -const char *Form[] = { - "Primitive", -#define PRIMITIVE 0 - "Constructed", -#define CONSTRUCTED 1 -}; - -/* - * A structure for the OID tree for the compiled-in MIB. - * This is stored as a general-order tree. - */ -struct obj { - const char *desc; /* name of object */ - u_char oid; /* sub-id following parent */ - u_char type; /* object type (unused) */ - struct obj *child, *next; /* child and next sibling pointers */ -} *objp = NULL; - -/* - * Include the compiled in SNMP MIB. "mib.h" is produced by feeding - * RFC-1156 format files into "makemib". "mib.h" MUST define at least - * a value for `mibroot'. - * - * In particular, this is gross, as this is including initialized structures, - * and by right shouldn't be an "include" file. - */ -#include "mib.h" - -/* - * This defines a list of OIDs which will be abbreviated on output. - * Currently, this includes the prefixes for the Internet MIB, the - * private enterprises tree, and the experimental tree. - */ -struct obj_abrev { - const char *prefix; /* prefix for this abrev */ - struct obj *node; /* pointer into object table */ - const char *oid; /* ASN.1 encoded OID */ -} obj_abrev_list[] = { -#ifndef NO_ABREV_MIB - /* .iso.org.dod.internet.mgmt.mib */ - { "", &_mib_obj, "\53\6\1\2\1" }, -#endif -#ifndef NO_ABREV_ENTER - /* .iso.org.dod.internet.private.enterprises */ - { "E:", &_enterprises_obj, "\53\6\1\4\1" }, -#endif -#ifndef NO_ABREV_EXPERI - /* .iso.org.dod.internet.experimental */ - { "X:", &_experimental_obj, "\53\6\1\3" }, -#endif -#ifndef NO_ABBREV_SNMPMODS - /* .iso.org.dod.internet.snmpV2.snmpModules */ - { "S:", &_snmpModules_obj, "\53\6\1\6\3" }, -#endif - { 0,0,0 } -}; - -/* - * This is used in the OID print routine to walk down the object tree - * rooted at `mibroot'. - */ -#define OBJ_PRINT(o, suppressdot) \ -{ \ - if (objp) { \ - do { \ - if ((o) == objp->oid) \ - break; \ - } while ((objp = objp->next) != NULL); \ - } \ - if (objp) { \ - printf(suppressdot?"%s":".%s", objp->desc); \ - objp = objp->child; \ - } else \ - printf(suppressdot?"%u":".%u", (o)); \ -} - -/* - * This is the definition for the Any-Data-Type storage used purely for - * temporary internal representation while decoding an ASN.1 data stream. - */ -struct be { - u_int32_t asnlen; - union { - caddr_t raw; - int32_t integer; - u_int32_t uns; - const u_char *str; - struct { - u_int32_t high; - u_int32_t low; - } uns64; - } data; - u_short id; - u_char form, class; /* tag info */ - u_char type; -#define BE_ANY 255 -#define BE_NONE 0 -#define BE_NULL 1 -#define BE_OCTET 2 -#define BE_OID 3 -#define BE_INT 4 -#define BE_UNS 5 -#define BE_STR 6 -#define BE_SEQ 7 -#define BE_INETADDR 8 -#define BE_PDU 9 -#define BE_UNS64 10 -#define BE_NOSUCHOBJECT 128 -#define BE_NOSUCHINST 129 -#define BE_ENDOFMIBVIEW 130 -}; - -/* - * SNMP versions recognized by this module - */ -const char *SnmpVersion[] = { - "SNMPv1", -#define SNMP_VERSION_1 0 - "SNMPv2c", -#define SNMP_VERSION_2 1 - "SNMPv2u", -#define SNMP_VERSION_2U 2 - "SNMPv3" -#define SNMP_VERSION_3 3 -}; - -/* - * Defaults for SNMP PDU components - */ -#define DEF_COMMUNITY "public" - -/* - * constants for ASN.1 decoding - */ -#define OIDMUX 40 -#define ASNLEN_INETADDR 4 -#define ASN_SHIFT7 7 -#define ASN_SHIFT8 8 -#define ASN_BIT8 0x80 -#define ASN_LONGLEN 0x80 - -#define ASN_ID_BITS 0x1f -#define ASN_FORM_BITS 0x20 -#define ASN_FORM_SHIFT 5 -#define ASN_CLASS_BITS 0xc0 -#define ASN_CLASS_SHIFT 6 - -#define ASN_ID_EXT 0x1f /* extension ID in tag field */ - -/* - * This decodes the next ASN.1 object in the stream pointed to by "p" - * (and of real-length "len") and stores the intermediate data in the - * provided BE object. - * - * This returns -l if it fails (i.e., the ASN.1 stream is not valid). - * O/w, this returns the number of bytes parsed from "p". - */ -static int -asn1_parse(register const u_char *p, u_int len, struct be *elem) -{ - u_char form, class, id; - int i, hdr; - - elem->asnlen = 0; - elem->type = BE_ANY; - if (len < 1) { - fputs("[nothing to parse]", stdout); - return -1; - } - TCHECK(*p); - - /* - * it would be nice to use a bit field, but you can't depend on them. - * +---+---+---+---+---+---+---+---+ - * + class |frm| id | - * +---+---+---+---+---+---+---+---+ - * 7 6 5 4 3 2 1 0 - */ - id = *p & ASN_ID_BITS; /* lower 5 bits, range 00-1f */ -#ifdef notdef - form = (*p & 0xe0) >> 5; /* move upper 3 bits to lower 3 */ - class = form >> 1; /* bits 7&6 -> bits 1&0, range 0-3 */ - form &= 0x1; /* bit 5 -> bit 0, range 0-1 */ -#else - form = (u_char)(*p & ASN_FORM_BITS) >> ASN_FORM_SHIFT; - class = (u_char)(*p & ASN_CLASS_BITS) >> ASN_CLASS_SHIFT; -#endif - elem->form = form; - elem->class = class; - elem->id = id; - p++; len--; hdr = 1; - /* extended tag field */ - if (id == ASN_ID_EXT) { - /* - * The ID follows, as a sequence of octets with the - * 8th bit set and the remaining 7 bits being - * the next 7 bits of the value, terminated with - * an octet with the 8th bit not set. - * - * First, assemble all the octets with the 8th - * bit set. XXX - this doesn't handle a value - * that won't fit in 32 bits. - */ - for (id = 0; *p & ASN_BIT8; len--, hdr++, p++) { - if (len < 1) { - fputs("[Xtagfield?]", stdout); - return -1; - } - TCHECK(*p); - id = (id << 7) | (*p & ~ASN_BIT8); - } - if (len < 1) { - fputs("[Xtagfield?]", stdout); - return -1; - } - TCHECK(*p); - elem->id = id = (id << 7) | *p; - --len; - ++hdr; - ++p; - } - if (len < 1) { - fputs("[no asnlen]", stdout); - return -1; - } - TCHECK(*p); - elem->asnlen = *p; - p++; len--; hdr++; - if (elem->asnlen & ASN_BIT8) { - u_int32_t noct = elem->asnlen % ASN_BIT8; - elem->asnlen = 0; - if (len < noct) { - printf("[asnlen? %d<%d]", len, noct); - return -1; - } - TCHECK2(*p, noct); - for (; noct-- > 0; len--, hdr++) - elem->asnlen = (elem->asnlen << ASN_SHIFT8) | *p++; - } - if (len < elem->asnlen) { - printf("[len%d<asnlen%u]", len, elem->asnlen); - return -1; - } - if (form >= sizeof(Form)/sizeof(Form[0])) { - printf("[form?%d]", form); - return -1; - } - if (class >= sizeof(Class)/sizeof(Class[0])) { - printf("[class?%c/%d]", *Form[form], class); - return -1; - } - if ((int)id >= Class[class].numIDs) { - printf("[id?%c/%s/%d]", *Form[form], Class[class].name, id); - return -1; - } - - switch (form) { - case PRIMITIVE: - switch (class) { - case UNIVERSAL: - switch (id) { - case STRING: - elem->type = BE_STR; - elem->data.str = p; - break; - - case INTEGER: { - register int32_t data; - elem->type = BE_INT; - data = 0; - - TCHECK2(*p, elem->asnlen); - if (*p & ASN_BIT8) /* negative */ - data = -1; - for (i = elem->asnlen; i-- > 0; p++) - data = (data << ASN_SHIFT8) | *p; - elem->data.integer = data; - break; - } - - case OBJECTID: - elem->type = BE_OID; - elem->data.raw = (caddr_t)p; - break; - - case ASN_NULL: - elem->type = BE_NULL; - elem->data.raw = NULL; - break; - - default: - elem->type = BE_OCTET; - elem->data.raw = (caddr_t)p; - printf("[P/U/%s]", - Class[class].Id[id]); - break; - } - break; - - case APPLICATION: - switch (id) { - case IPADDR: - elem->type = BE_INETADDR; - elem->data.raw = (caddr_t)p; - break; - - case COUNTER: - case GAUGE: - case TIMETICKS: { - register u_int32_t data; - TCHECK2(*p, elem->asnlen); - elem->type = BE_UNS; - data = 0; - for (i = elem->asnlen; i-- > 0; p++) - data = (data << 8) + *p; - elem->data.uns = data; - break; - } - - case COUNTER64: { - register u_int32_t high, low; - TCHECK2(*p, elem->asnlen); - elem->type = BE_UNS64; - high = 0, low = 0; - for (i = elem->asnlen; i-- > 0; p++) { - high = (high << 8) | - ((low & 0xFF000000) >> 24); - low = (low << 8) | *p; - } - elem->data.uns64.high = high; - elem->data.uns64.low = low; - break; - } - - default: - elem->type = BE_OCTET; - elem->data.raw = (caddr_t)p; - printf("[P/A/%s]", - Class[class].Id[id]); - break; - } - break; - - case CONTEXT: - switch (id) { - case NOSUCHOBJECT: - elem->type = BE_NOSUCHOBJECT; - elem->data.raw = NULL; - break; - - case NOSUCHINSTANCE: - elem->type = BE_NOSUCHINST; - elem->data.raw = NULL; - break; - - case ENDOFMIBVIEW: - elem->type = BE_ENDOFMIBVIEW; - elem->data.raw = NULL; - break; - } - break; - - default: - printf("[P/%s/%s]", - Class[class].name, Class[class].Id[id]); - TCHECK2(*p, elem->asnlen); - elem->type = BE_OCTET; - elem->data.raw = (caddr_t)p; - break; - } - break; - - case CONSTRUCTED: - switch (class) { - case UNIVERSAL: - switch (id) { - case SEQUENCE: - elem->type = BE_SEQ; - elem->data.raw = (caddr_t)p; - break; - - default: - elem->type = BE_OCTET; - elem->data.raw = (caddr_t)p; - printf("C/U/%s", Class[class].Id[id]); - break; - } - break; - - case CONTEXT: - elem->type = BE_PDU; - elem->data.raw = (caddr_t)p; - break; - - default: - elem->type = BE_OCTET; - elem->data.raw = (caddr_t)p; - printf("C/%s/%s", - Class[class].name, Class[class].Id[id]); - break; - } - break; - } - p += elem->asnlen; - len -= elem->asnlen; - return elem->asnlen + hdr; - -trunc: - fputs("[|snmp]", stdout); - return -1; -} - -/* - * Display the ASN.1 object represented by the BE object. - * This used to be an integral part of asn1_parse() before the intermediate - * BE form was added. - */ -static int -asn1_print(struct be *elem) -{ - u_char *p = (u_char *)elem->data.raw; - u_int32_t asnlen = elem->asnlen; - u_int32_t i; - - switch (elem->type) { - - case BE_OCTET: - TCHECK2(*p, asnlen); - for (i = asnlen; i-- > 0; p++) - printf("_%.2x", *p); - break; - - case BE_NULL: - break; - - case BE_OID: { - int o = 0, first = -1, i = asnlen; - - if (!sflag && !nflag && asnlen > 2) { - struct obj_abrev *a = &obj_abrev_list[0]; - size_t a_len = strlen(a->oid); - for (; a->node; a++) { - TCHECK2(*p, a_len); - if (memcmp(a->oid, (char *)p, a_len) == 0) { - objp = a->node->child; - i -= strlen(a->oid); - p += strlen(a->oid); - fputs(a->prefix, stdout); - first = 1; - break; - } - } - } - - for (; !sflag && i-- > 0; p++) { - TCHECK(*p); - o = (o << ASN_SHIFT7) + (*p & ~ASN_BIT8); - if (*p & ASN_LONGLEN) - continue; - - /* - * first subitem encodes two items with 1st*OIDMUX+2nd - * (see X.690:1997 clause 8.19 for the details) - */ - if (first < 0) { - int s; - if (!nflag) - objp = mibroot; - first = 0; - s = o / OIDMUX; - if (s > 2) s = 2; - OBJ_PRINT(s, first); - o -= s * OIDMUX; - } - OBJ_PRINT(o, first); - if (--first < 0) - first = 0; - o = 0; - } - break; - } - - case BE_INT: - printf("%d", elem->data.integer); - break; - - case BE_UNS: - printf("%u", elem->data.uns); - break; - - case BE_UNS64: { /* idea borrowed from by Marshall Rose */ - double d; - int j, carry; - char *cpf, *cpl, last[6], first[30]; - if (elem->data.uns64.high == 0) { - printf("%u", elem->data.uns64.low); - break; - } - d = elem->data.uns64.high * 4294967296.0; /* 2^32 */ - if (elem->data.uns64.high <= 0x1fffff) { - d += elem->data.uns64.low; -#if 0 /*is looks illegal, but what is the intention?*/ - printf("%.f", d); -#else - printf("%f", d); -#endif - break; - } - d += (elem->data.uns64.low & 0xfffff000); -#if 0 /*is looks illegal, but what is the intention?*/ - snprintf(first, sizeof(first), "%.f", d); -#else - snprintf(first, sizeof(first), "%f", d); -#endif - snprintf(last, sizeof(last), "%5.5d", - elem->data.uns64.low & 0xfff); - for (carry = 0, cpf = first+strlen(first)-1, cpl = last+4; - cpl >= last; - cpf--, cpl--) { - j = carry + (*cpf - '0') + (*cpl - '0'); - if (j > 9) { - j -= 10; - carry = 1; - } else { - carry = 0; - } - *cpf = j + '0'; - } - fputs(first, stdout); - break; - } - - case BE_STR: { - register int printable = 1, first = 1; - const u_char *p = elem->data.str; - TCHECK2(*p, asnlen); - for (i = asnlen; printable && i-- > 0; p++) - printable = isprint(*p) || isspace(*p); - p = elem->data.str; - if (printable) { - putchar('"'); - if (fn_printn(p, asnlen, snapend)) { - putchar('"'); - goto trunc; - } - putchar('"'); - } else - for (i = asnlen; i-- > 0; p++) { - printf(first ? "%.2x" : "_%.2x", *p); - first = 0; - } - break; - } - - case BE_SEQ: - printf("Seq(%u)", elem->asnlen); - break; - - case BE_INETADDR: - if (asnlen != ASNLEN_INETADDR) - printf("[inetaddr len!=%d]", ASNLEN_INETADDR); - TCHECK2(*p, asnlen); - for (i = asnlen; i-- != 0; p++) { - printf((i == asnlen-1) ? "%u" : ".%u", *p); - } - break; - - case BE_NOSUCHOBJECT: - case BE_NOSUCHINST: - case BE_ENDOFMIBVIEW: - printf("[%s]", Class[EXCEPTIONS].Id[elem->id]); - break; - - case BE_PDU: - printf("%s(%u)", - Class[CONTEXT].Id[elem->id], elem->asnlen); - break; - - case BE_ANY: - fputs("[BE_ANY!?]", stdout); - break; - - default: - fputs("[be!?]", stdout); - break; - } - return 0; - -trunc: - fputs("[|snmp]", stdout); - return -1; -} - -#ifdef notdef -/* - * This is a brute force ASN.1 printer: recurses to dump an entire structure. - * This will work for any ASN.1 stream, not just an SNMP PDU. - * - * By adding newlines and spaces at the correct places, this would print in - * Rose-Normal-Form. - * - * This is not currently used. - */ -static void -asn1_decode(u_char *p, u_int length) -{ - struct be elem; - int i = 0; - - while (i >= 0 && length > 0) { - i = asn1_parse(p, length, &elem); - if (i >= 0) { - fputs(" ", stdout); - if (asn1_print(&elem) < 0) - return; - if (elem.type == BE_SEQ || elem.type == BE_PDU) { - fputs(" {", stdout); - asn1_decode(elem.data.raw, elem.asnlen); - fputs(" }", stdout); - } - length -= i; - p += i; - } - } -} -#endif - -#ifdef LIBSMI - -struct smi2be { - SmiBasetype basetype; - int be; -}; - -static struct smi2be smi2betab[] = { - { SMI_BASETYPE_INTEGER32, BE_INT }, - { SMI_BASETYPE_OCTETSTRING, BE_STR }, - { SMI_BASETYPE_OCTETSTRING, BE_INETADDR }, - { SMI_BASETYPE_OBJECTIDENTIFIER, BE_OID }, - { SMI_BASETYPE_UNSIGNED32, BE_UNS }, - { SMI_BASETYPE_INTEGER64, BE_NONE }, - { SMI_BASETYPE_UNSIGNED64, BE_UNS64 }, - { SMI_BASETYPE_FLOAT32, BE_NONE }, - { SMI_BASETYPE_FLOAT64, BE_NONE }, - { SMI_BASETYPE_FLOAT128, BE_NONE }, - { SMI_BASETYPE_ENUM, BE_INT }, - { SMI_BASETYPE_BITS, BE_STR }, - { SMI_BASETYPE_UNKNOWN, BE_NONE } -}; - -static int -smi_decode_oid(struct be *elem, unsigned int *oid, - unsigned int oidsize, unsigned int *oidlen) -{ - u_char *p = (u_char *)elem->data.raw; - u_int32_t asnlen = elem->asnlen; - int o = 0, first = -1, i = asnlen; - - for (*oidlen = 0; sflag && i-- > 0; p++) { - TCHECK(*p); - o = (o << ASN_SHIFT7) + (*p & ~ASN_BIT8); - if (*p & ASN_LONGLEN) - continue; - - /* - * first subitem encodes two items with 1st*OIDMUX+2nd - * (see X.690:1997 clause 8.19 for the details) - */ - if (first < 0) { - first = 0; - if (*oidlen < oidsize) { - oid[*oidlen] = o / OIDMUX; - if (oid[*oidlen] > 2) oid[*oidlen] = 2; - } - o -= oid[*oidlen] * OIDMUX; - if (*oidlen < oidsize) (*oidlen)++; - } - if (*oidlen < oidsize) { - oid[(*oidlen)++] = o; - } - o = 0; - } - return 0; - -trunc: - fputs("[|snmp]", stdout); - return -1; -} - -static int smi_check_type(SmiBasetype basetype, int be) -{ - int i; - - for (i = 0; smi2betab[i].basetype != SMI_BASETYPE_UNKNOWN; i++) { - if (smi2betab[i].basetype == basetype && smi2betab[i].be == be) { - return 1; - } - } - - return 0; -} - -static int smi_check_a_range(SmiType *smiType, SmiRange *smiRange, - struct be *elem) -{ - int ok = 1; - - switch (smiType->basetype) { - case SMI_BASETYPE_OBJECTIDENTIFIER: - case SMI_BASETYPE_OCTETSTRING: - if (smiRange->minValue.value.unsigned32 - == smiRange->maxValue.value.unsigned32) { - ok = (elem->asnlen == smiRange->minValue.value.unsigned32); - } else { - ok = (elem->asnlen >= smiRange->minValue.value.unsigned32 - && elem->asnlen <= smiRange->maxValue.value.unsigned32); - } - break; - - case SMI_BASETYPE_INTEGER32: - ok = (elem->data.integer >= smiRange->minValue.value.integer32 - && elem->data.integer <= smiRange->maxValue.value.integer32); - break; - - case SMI_BASETYPE_UNSIGNED32: - ok = (elem->data.uns >= smiRange->minValue.value.unsigned32 - && elem->data.uns <= smiRange->maxValue.value.unsigned32); - break; - - case SMI_BASETYPE_UNSIGNED64: - /* XXX */ - break; - - /* case SMI_BASETYPE_INTEGER64: SMIng */ - /* case SMI_BASETYPE_FLOAT32: SMIng */ - /* case SMI_BASETYPE_FLOAT64: SMIng */ - /* case SMI_BASETYPE_FLOAT128: SMIng */ - - case SMI_BASETYPE_ENUM: - case SMI_BASETYPE_BITS: - case SMI_BASETYPE_UNKNOWN: - ok = 1; - break; - - default: - ok = 0; - break; - } - - return ok; -} - -static int smi_check_range(SmiType *smiType, struct be *elem) -{ - SmiRange *smiRange; - int ok = 1; - - for (smiRange = smiGetFirstRange(smiType); - smiRange; - smiRange = smiGetNextRange(smiRange)) { - - ok = smi_check_a_range(smiType, smiRange, elem); - - if (ok) { - break; - } - } - - if (ok) { - SmiType *parentType; - parentType = smiGetParentType(smiType); - if (parentType) { - ok = smi_check_range(parentType, elem); - } - } - - return ok; -} - -static SmiNode *smi_print_variable(struct be *elem, int *status) -{ - unsigned int oid[128], oidlen; - SmiNode *smiNode = NULL; - unsigned int i; - - *status = smi_decode_oid(elem, oid, sizeof(oid)/sizeof(unsigned int), - &oidlen); - if (*status < 0) - return NULL; - smiNode = smiGetNodeByOID(oidlen, oid); - if (! smiNode) { - *status = asn1_print(elem); - return NULL; - } - if (vflag) { - fputs(smiGetNodeModule(smiNode)->name, stdout); - fputs("::", stdout); - } - fputs(smiNode->name, stdout); - if (smiNode->oidlen < oidlen) { - for (i = smiNode->oidlen; i < oidlen; i++) { - printf(".%u", oid[i]); - } - } - *status = 0; - return smiNode; -} - -static int -smi_print_value(SmiNode *smiNode, u_char pduid, struct be *elem) -{ - unsigned int i, oid[128], oidlen; - SmiType *smiType; - SmiNamedNumber *nn; - int done = 0; - - if (! smiNode || ! (smiNode->nodekind - & (SMI_NODEKIND_SCALAR | SMI_NODEKIND_COLUMN))) { - return asn1_print(elem); - } - - if (elem->type == BE_NOSUCHOBJECT - || elem->type == BE_NOSUCHINST - || elem->type == BE_ENDOFMIBVIEW) { - return asn1_print(elem); - } - - if (NOTIFY_CLASS(pduid) && smiNode->access < SMI_ACCESS_NOTIFY) { - fputs("[notNotifyable]", stdout); - } - - if (READ_CLASS(pduid) && smiNode->access < SMI_ACCESS_READ_ONLY) { - fputs("[notReadable]", stdout); - } - - if (WRITE_CLASS(pduid) && smiNode->access < SMI_ACCESS_READ_WRITE) { - fputs("[notWritable]", stdout); - } - - if (RESPONSE_CLASS(pduid) - && smiNode->access == SMI_ACCESS_NOT_ACCESSIBLE) { - fputs("[noAccess]", stdout); - } - - smiType = smiGetNodeType(smiNode); - if (! smiType) { - return asn1_print(elem); - } - - if (! smi_check_type(smiType->basetype, elem->type)) { - fputs("[wrongType]", stdout); - } - - if (! smi_check_range(smiType, elem)) { - fputs("[outOfRange]", stdout); - } - - /* resolve bits to named bits */ - - /* check whether instance identifier is valid */ - - /* apply display hints (integer, octetstring) */ - - /* convert instance identifier to index type values */ - - switch (elem->type) { - case BE_OID: - if (smiType->basetype == SMI_BASETYPE_BITS) { - /* print bit labels */ - } else { - smi_decode_oid(elem, oid, - sizeof(oid)/sizeof(unsigned int), - &oidlen); - smiNode = smiGetNodeByOID(oidlen, oid); - if (smiNode) { - if (vflag) { - fputs(smiGetNodeModule(smiNode)->name, stdout); - fputs("::", stdout); - } - fputs(smiNode->name, stdout); - if (smiNode->oidlen < oidlen) { - for (i = smiNode->oidlen; - i < oidlen; i++) { - printf(".%u", oid[i]); - } - } - done++; - } - } - break; - - case BE_INT: - if (smiType->basetype == SMI_BASETYPE_ENUM) { - for (nn = smiGetFirstNamedNumber(smiType); - nn; - nn = smiGetNextNamedNumber(nn)) { - if (nn->value.value.integer32 - == elem->data.integer) { - fputs(nn->name, stdout); - printf("(%d)", elem->data.integer); - done++; - break; - } - } - } - break; - } - - if (! done) { - return asn1_print(elem); - } - return 0; -} -#endif - -/* - * General SNMP header - * SEQUENCE { - * version INTEGER {version-1(0)}, - * community OCTET STRING, - * data ANY -- PDUs - * } - * PDUs for all but Trap: (see rfc1157 from page 15 on) - * SEQUENCE { - * request-id INTEGER, - * error-status INTEGER, - * error-index INTEGER, - * varbindlist SEQUENCE OF - * SEQUENCE { - * name ObjectName, - * value ObjectValue - * } - * } - * PDU for Trap: - * SEQUENCE { - * enterprise OBJECT IDENTIFIER, - * agent-addr NetworkAddress, - * generic-trap INTEGER, - * specific-trap INTEGER, - * time-stamp TimeTicks, - * varbindlist SEQUENCE OF - * SEQUENCE { - * name ObjectName, - * value ObjectValue - * } - * } - */ - -/* - * Decode SNMP varBind - */ -static void -varbind_print(u_char pduid, const u_char *np, u_int length) -{ - struct be elem; - int count = 0, ind; -#ifdef LIBSMI - SmiNode *smiNode = NULL; -#endif - int status; - - /* Sequence of varBind */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_SEQ) { - fputs("[!SEQ of varbind]", stdout); - asn1_print(&elem); - return; - } - if ((u_int)count < length) - printf("[%d extra after SEQ of varbind]", length - count); - /* descend */ - length = elem.asnlen; - np = (u_char *)elem.data.raw; - - for (ind = 1; length > 0; ind++) { - const u_char *vbend; - u_int vblength; - - fputs(" ", stdout); - - /* Sequence */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_SEQ) { - fputs("[!varbind]", stdout); - asn1_print(&elem); - return; - } - vbend = np + count; - vblength = length - count; - /* descend */ - length = elem.asnlen; - np = (u_char *)elem.data.raw; - - /* objName (OID) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_OID) { - fputs("[objName!=OID]", stdout); - asn1_print(&elem); - return; - } -#ifdef LIBSMI - smiNode = smi_print_variable(&elem, &status); -#else - status = asn1_print(&elem); -#endif - if (status < 0) - return; - length -= count; - np += count; - - if (pduid != GETREQ && pduid != GETNEXTREQ - && pduid != GETBULKREQ) - fputs("=", stdout); - - /* objVal (ANY) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (pduid == GETREQ || pduid == GETNEXTREQ - || pduid == GETBULKREQ) { - if (elem.type != BE_NULL) { - fputs("[objVal!=NULL]", stdout); - if (asn1_print(&elem) < 0) - return; - } - } else { - if (elem.type != BE_NULL) { -#ifdef LIBSMI - status = smi_print_value(smiNode, pduid, &elem); -#else - status = asn1_print(&elem); -#endif - } - if (status < 0) - return; - } - length = vblength; - np = vbend; - } -} - -/* - * Decode SNMP PDUs: GetRequest, GetNextRequest, GetResponse, SetRequest, - * GetBulk, Inform, V2Trap, and Report - */ -static void -snmppdu_print(u_short pduid, const u_char *np, u_int length) -{ - struct be elem; - int count = 0, error; - - /* reqId (Integer) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[reqId!=INT]", stdout); - asn1_print(&elem); - return; - } - if (vflag) - printf("R=%d ", elem.data.integer); - length -= count; - np += count; - - /* errorStatus (Integer) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[errorStatus!=INT]", stdout); - asn1_print(&elem); - return; - } - error = 0; - if ((pduid == GETREQ || pduid == GETNEXTREQ || pduid == SETREQ - || pduid == INFORMREQ || pduid == V2TRAP || pduid == REPORT) - && elem.data.integer != 0) { - char errbuf[20]; - printf("[errorStatus(%s)!=0]", - DECODE_ErrorStatus(elem.data.integer)); - } else if (pduid == GETBULKREQ) { - printf(" N=%d", elem.data.integer); - } else if (elem.data.integer != 0) { - char errbuf[20]; - printf(" %s", DECODE_ErrorStatus(elem.data.integer)); - error = elem.data.integer; - } - length -= count; - np += count; - - /* errorIndex (Integer) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[errorIndex!=INT]", stdout); - asn1_print(&elem); - return; - } - if ((pduid == GETREQ || pduid == GETNEXTREQ || pduid == SETREQ - || pduid == INFORMREQ || pduid == V2TRAP || pduid == REPORT) - && elem.data.integer != 0) - printf("[errorIndex(%d)!=0]", elem.data.integer); - else if (pduid == GETBULKREQ) - printf(" M=%d", elem.data.integer); - else if (elem.data.integer != 0) { - if (!error) - printf("[errorIndex(%d) w/o errorStatus]", - elem.data.integer); - else { - printf("@%d", elem.data.integer); - error = elem.data.integer; - } - } else if (error) { - fputs("[errorIndex==0]", stdout); - error = 0; - } - length -= count; - np += count; - - varbind_print(pduid, np, length); - return; -} - -/* - * Decode SNMP Trap PDU - */ -static void -trappdu_print(const u_char *np, u_int length) -{ - struct be elem; - int count = 0, generic; - - putchar(' '); - - /* enterprise (oid) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_OID) { - fputs("[enterprise!=OID]", stdout); - asn1_print(&elem); - return; - } - if (asn1_print(&elem) < 0) - return; - length -= count; - np += count; - - putchar(' '); - - /* agent-addr (inetaddr) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INETADDR) { - fputs("[agent-addr!=INETADDR]", stdout); - asn1_print(&elem); - return; - } - if (asn1_print(&elem) < 0) - return; - length -= count; - np += count; - - /* generic-trap (Integer) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[generic-trap!=INT]", stdout); - asn1_print(&elem); - return; - } - generic = elem.data.integer; - { - char buf[20]; - printf(" %s", DECODE_GenericTrap(generic)); - } - length -= count; - np += count; - - /* specific-trap (Integer) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[specific-trap!=INT]", stdout); - asn1_print(&elem); - return; - } - if (generic != GT_ENTERPRISE) { - if (elem.data.integer != 0) - printf("[specific-trap(%d)!=0]", elem.data.integer); - } else - printf(" s=%d", elem.data.integer); - length -= count; - np += count; - - putchar(' '); - - /* time-stamp (TimeTicks) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_UNS) { /* XXX */ - fputs("[time-stamp!=TIMETICKS]", stdout); - asn1_print(&elem); - return; - } - if (asn1_print(&elem) < 0) - return; - length -= count; - np += count; - - varbind_print (TRAP, np, length); - return; -} - -/* - * Decode arbitrary SNMP PDUs. - */ -static void -pdu_print(const u_char *np, u_int length, int version) -{ - struct be pdu; - int count = 0; - - /* PDU (Context) */ - if ((count = asn1_parse(np, length, &pdu)) < 0) - return; - if (pdu.type != BE_PDU) { - fputs("[no PDU]", stdout); - return; - } - if ((u_int)count < length) - printf("[%d extra after PDU]", length - count); - if (vflag) { - fputs("{ ", stdout); - } - if (asn1_print(&pdu) < 0) - return; - fputs(" ", stdout); - /* descend into PDU */ - length = pdu.asnlen; - np = (u_char *)pdu.data.raw; - - if (version == SNMP_VERSION_1 && - (pdu.id == GETBULKREQ || pdu.id == INFORMREQ || - pdu.id == V2TRAP || pdu.id == REPORT)) { - printf("[v2 PDU in v1 message]"); - return; - } - - if (version == SNMP_VERSION_2 && pdu.id == TRAP) { - printf("[v1 PDU in v2 message]"); - return; - } - - switch (pdu.id) { - case TRAP: - trappdu_print(np, length); - break; - case GETREQ: - case GETNEXTREQ: - case GETRESP: - case SETREQ: - case GETBULKREQ: - case INFORMREQ: - case V2TRAP: - case REPORT: - snmppdu_print(pdu.id, np, length); - break; - } - - if (vflag) { - fputs(" } ", stdout); - } -} - -/* - * Decode a scoped SNMP PDU. - */ -static void -scopedpdu_print(const u_char *np, u_int length, int version) -{ - struct be elem; - int i, count = 0; - - /* Sequence */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_SEQ) { - fputs("[!scoped PDU]", stdout); - asn1_print(&elem); - return; - } - length = elem.asnlen; - np = (u_char *)elem.data.raw; - - /* contextEngineID (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[contextEngineID!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - fputs("E= ", stdout); - for (i = 0; i < (int)elem.asnlen; i++) { - printf("0x%02X", elem.data.str[i]); - } - fputs(" ", stdout); - - /* contextName (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[contextName!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - printf("C=%.*s ", (int)elem.asnlen, elem.data.str); - - pdu_print(np, length, version); -} - -/* - * Decode SNMP Community Header (SNMPv1 and SNMPv2c) - */ -static void -community_print(const u_char *np, u_int length, int version) -{ - struct be elem; - int count = 0; - - /* Community (String) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[comm!=STR]", stdout); - asn1_print(&elem); - return; - } - /* default community */ - if (!(elem.asnlen == sizeof(DEF_COMMUNITY) - 1 && - strncmp((char *)elem.data.str, DEF_COMMUNITY, - sizeof(DEF_COMMUNITY) - 1) == 0)) - /* ! "public" */ - printf("C=%.*s ", (int)elem.asnlen, elem.data.str); - length -= count; - np += count; - - pdu_print(np, length, version); -} - -/* - * Decode SNMPv3 User-based Security Message Header (SNMPv3) - */ -static void -usm_print(const u_char *np, u_int length) -{ - struct be elem; - int count = 0; - - /* Sequence */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_SEQ) { - fputs("[!usm]", stdout); - asn1_print(&elem); - return; - } - length = elem.asnlen; - np = (u_char *)elem.data.raw; - - /* msgAuthoritativeEngineID (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[msgAuthoritativeEngineID!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - /* msgAuthoritativeEngineBoots (INTEGER) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[msgAuthoritativeEngineBoots!=INT]", stdout); - asn1_print(&elem); - return; - } - if (vflag) - printf("B=%d ", elem.data.integer); - length -= count; - np += count; - - /* msgAuthoritativeEngineTime (INTEGER) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[msgAuthoritativeEngineTime!=INT]", stdout); - asn1_print(&elem); - return; - } - if (vflag) - printf("T=%d ", elem.data.integer); - length -= count; - np += count; - - /* msgUserName (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[msgUserName!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - printf("U=%.*s ", (int)elem.asnlen, elem.data.str); - - /* msgAuthenticationParameters (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[msgAuthenticationParameters!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - /* msgPrivacyParameters (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[msgPrivacyParameters!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - if ((u_int)count < length) - printf("[%d extra after usm SEQ]", length - count); -} - -/* - * Decode SNMPv3 Message Header (SNMPv3) - */ -static void -v3msg_print(const u_char *np, u_int length) -{ - struct be elem; - int count = 0; - u_char flags; - int model; - const u_char *xnp = np; - int xlength = length; - - /* Sequence */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_SEQ) { - fputs("[!message]", stdout); - asn1_print(&elem); - return; - } - length = elem.asnlen; - np = (u_char *)elem.data.raw; - - if (vflag) { - fputs("{ ", stdout); - } - - /* msgID (INTEGER) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[msgID!=INT]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - /* msgMaxSize (INTEGER) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[msgMaxSize!=INT]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - /* msgFlags (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[msgFlags!=STR]", stdout); - asn1_print(&elem); - return; - } - if (elem.asnlen != 1) { - printf("[msgFlags size %d]", elem.asnlen); - return; - } - flags = elem.data.str[0]; - if (flags != 0x00 && flags != 0x01 && flags != 0x03 - && flags != 0x04 && flags != 0x05 && flags != 0x07) { - printf("[msgFlags=0x%02X]", flags); - return; - } - length -= count; - np += count; - - fputs("F=", stdout); - if (flags & 0x01) fputs("a", stdout); - if (flags & 0x02) fputs("p", stdout); - if (flags & 0x04) fputs("r", stdout); - fputs(" ", stdout); - - /* msgSecurityModel (INTEGER) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[msgSecurityModel!=INT]", stdout); - asn1_print(&elem); - return; - } - model = elem.data.integer; - length -= count; - np += count; - - if ((u_int)count < length) - printf("[%d extra after message SEQ]", length - count); - - if (vflag) { - fputs("} ", stdout); - } - - if (model == 3) { - if (vflag) { - fputs("{ USM ", stdout); - } - } else { - printf("[security model %d]", model); - return; - } - - np = xnp + (np - xnp); - length = xlength - (np - xnp); - - /* msgSecurityParameters (OCTET STRING) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_STR) { - fputs("[msgSecurityParameters!=STR]", stdout); - asn1_print(&elem); - return; - } - length -= count; - np += count; - - if (model == 3) { - usm_print(elem.data.str, elem.asnlen); - if (vflag) { - fputs("} ", stdout); - } - } - - if (vflag) { - fputs("{ ScopedPDU ", stdout); - } - - scopedpdu_print(np, length, 3); - - if (vflag) { - fputs("} ", stdout); - } -} - -/* - * Decode SNMP header and pass on to PDU printing routines - */ -void -snmp_print(const u_char *np, u_int length) -{ - struct be elem; - int count = 0; - int version = 0; - - putchar(' '); - - /* initial Sequence */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_SEQ) { - fputs("[!init SEQ]", stdout); - asn1_print(&elem); - return; - } - if ((u_int)count < length) - printf("[%d extra after iSEQ]", length - count); - /* descend */ - length = elem.asnlen; - np = (u_char *)elem.data.raw; - - /* Version (INTEGER) */ - if ((count = asn1_parse(np, length, &elem)) < 0) - return; - if (elem.type != BE_INT) { - fputs("[version!=INT]", stdout); - asn1_print(&elem); - return; - } - - switch (elem.data.integer) { - case SNMP_VERSION_1: - case SNMP_VERSION_2: - case SNMP_VERSION_3: - if (vflag) - printf("{ %s ", SnmpVersion[elem.data.integer]); - break; - default: - printf("[version = %d]", elem.data.integer); - return; - } - version = elem.data.integer; - length -= count; - np += count; - - switch (version) { - case SNMP_VERSION_1: - case SNMP_VERSION_2: - community_print(np, length, version); - break; - case SNMP_VERSION_3: - v3msg_print(np, length); - break; - default: - printf("[version = %d]", elem.data.integer); - break; - } - - if (vflag) { - fputs("} ", stdout); - } -} |