|
|
be70f2 |
diff -up net-snmp-5.7.2/include/net-snmp/library/snmpusm.h.bz1809076 net-snmp-5.7.2/include/net-snmp/library/snmpusm.h
|
|
|
be70f2 |
--- net-snmp-5.7.2/include/net-snmp/library/snmpusm.h.bz1809076 2020-03-02 14:11:34.000000000 +0100
|
|
|
be70f2 |
+++ net-snmp-5.7.2/include/net-snmp/library/snmpusm.h 2020-03-02 14:05:12.000000000 +0100
|
|
|
be70f2 |
@@ -34,6 +34,7 @@ extern "C" {
|
|
|
be70f2 |
* Structures.
|
|
|
be70f2 |
*/
|
|
|
be70f2 |
struct usmStateReference {
|
|
|
be70f2 |
+ int refcnt;
|
|
|
be70f2 |
char *usr_name;
|
|
|
be70f2 |
size_t usr_name_length;
|
|
|
be70f2 |
u_char *usr_engine_id;
|
|
|
be70f2 |
diff -up net-snmp-5.7.2/snmplib/snmp_client.c.bz1809076 net-snmp-5.7.2/snmplib/snmp_client.c
|
|
|
be70f2 |
--- net-snmp-5.7.2/snmplib/snmp_client.c.bz1809076 2020-03-02 14:11:27.000000000 +0100
|
|
|
be70f2 |
+++ net-snmp-5.7.2/snmplib/snmp_client.c 2020-03-02 14:03:40.000000000 +0100
|
|
|
be70f2 |
@@ -391,27 +391,16 @@ _clone_pdu_header(netsnmp_pdu *pdu)
|
|
|
be70f2 |
return NULL;
|
|
|
be70f2 |
}
|
|
|
be70f2 |
|
|
|
be70f2 |
- if (pdu != NULL && pdu->securityStateRef &&
|
|
|
be70f2 |
- pdu->command == SNMP_MSG_TRAP2) {
|
|
|
be70f2 |
-
|
|
|
be70f2 |
- ret = usm_clone_usmStateReference((struct usmStateReference *) pdu->securityStateRef,
|
|
|
be70f2 |
- (struct usmStateReference **) &newpdu->securityStateRef );
|
|
|
be70f2 |
-
|
|
|
be70f2 |
- if (ret)
|
|
|
be70f2 |
- {
|
|
|
be70f2 |
+ sptr = find_sec_mod(newpdu->securityModel);
|
|
|
be70f2 |
+ if (sptr && sptr->pdu_clone) {
|
|
|
be70f2 |
+ /* call security model if it needs to know about this */
|
|
|
be70f2 |
+ ret = sptr->pdu_clone(pdu, newpdu);
|
|
|
be70f2 |
+ if (ret) {
|
|
|
be70f2 |
snmp_free_pdu(newpdu);
|
|
|
be70f2 |
return 0;
|
|
|
be70f2 |
}
|
|
|
be70f2 |
}
|
|
|
be70f2 |
|
|
|
be70f2 |
- if ((sptr = find_sec_mod(newpdu->securityModel)) != NULL &&
|
|
|
be70f2 |
- sptr->pdu_clone != NULL) {
|
|
|
be70f2 |
- /*
|
|
|
be70f2 |
- * call security model if it needs to know about this
|
|
|
be70f2 |
- */
|
|
|
be70f2 |
- (*sptr->pdu_clone) (pdu, newpdu);
|
|
|
be70f2 |
- }
|
|
|
be70f2 |
-
|
|
|
be70f2 |
return newpdu;
|
|
|
be70f2 |
}
|
|
|
be70f2 |
|
|
|
be70f2 |
diff -up net-snmp-5.7.2/snmplib/snmpusm.c.bz1809076 net-snmp-5.7.2/snmplib/snmpusm.c
|
|
|
be70f2 |
--- net-snmp-5.7.2/snmplib/snmpusm.c.bz1809076 2020-03-02 14:11:20.000000000 +0100
|
|
|
be70f2 |
+++ net-snmp-5.7.2/snmplib/snmpusm.c 2020-03-02 14:08:30.000000000 +0100
|
|
|
be70f2 |
@@ -192,43 +192,63 @@ free_enginetime_on_shutdown(int majorid,
|
|
|
be70f2 |
struct usmStateReference *
|
|
|
be70f2 |
usm_malloc_usmStateReference(void)
|
|
|
be70f2 |
{
|
|
|
be70f2 |
- struct usmStateReference *retval = (struct usmStateReference *)
|
|
|
be70f2 |
- calloc(1, sizeof(struct usmStateReference));
|
|
|
be70f2 |
+ struct usmStateReference *retval;
|
|
|
be70f2 |
+
|
|
|
be70f2 |
+ retval = calloc(1, sizeof(struct usmStateReference));
|
|
|
be70f2 |
+ if (retval)
|
|
|
be70f2 |
+ retval->refcnt = 1;
|
|
|
be70f2 |
|
|
|
be70f2 |
return retval;
|
|
|
be70f2 |
} /* end usm_malloc_usmStateReference() */
|
|
|
be70f2 |
|
|
|
be70f2 |
+static int
|
|
|
be70f2 |
+usm_clone(netsnmp_pdu *pdu, netsnmp_pdu *new_pdu)
|
|
|
be70f2 |
+{
|
|
|
be70f2 |
+ struct usmStateReference *ref = pdu->securityStateRef;
|
|
|
be70f2 |
+ struct usmStateReference **new_ref =
|
|
|
be70f2 |
+ (struct usmStateReference **)&new_pdu->securityStateRef;
|
|
|
be70f2 |
+ int ret = 0;
|
|
|
be70f2 |
+
|
|
|
be70f2 |
+ if (!ref)
|
|
|
be70f2 |
+ return ret;
|
|
|
be70f2 |
+
|
|
|
be70f2 |
+ if (pdu->command == SNMP_MSG_TRAP2) {
|
|
|
be70f2 |
+ netsnmp_assert(pdu->securityModel == SNMP_DEFAULT_SECMODEL);
|
|
|
be70f2 |
+ ret = usm_clone_usmStateReference(ref, new_ref);
|
|
|
be70f2 |
+ } else {
|
|
|
be70f2 |
+ netsnmp_assert(ref == *new_ref);
|
|
|
be70f2 |
+ ref->refcnt++;
|
|
|
be70f2 |
+ }
|
|
|
be70f2 |
+
|
|
|
be70f2 |
+ return ret;
|
|
|
be70f2 |
+}
|
|
|
be70f2 |
|
|
|
be70f2 |
void
|
|
|
be70f2 |
usm_free_usmStateReference(void *old)
|
|
|
be70f2 |
{
|
|
|
be70f2 |
- struct usmStateReference *old_ref = (struct usmStateReference *) old;
|
|
|
be70f2 |
+ struct usmStateReference *ref = old;
|
|
|
be70f2 |
|
|
|
be70f2 |
- if (old_ref) {
|
|
|
be70f2 |
+ if (!ref)
|
|
|
be70f2 |
+ return;
|
|
|
be70f2 |
|
|
|
be70f2 |
- if (old_ref->usr_name_length)
|
|
|
be70f2 |
- SNMP_FREE(old_ref->usr_name);
|
|
|
be70f2 |
- if (old_ref->usr_engine_id_length)
|
|
|
be70f2 |
- SNMP_FREE(old_ref->usr_engine_id);
|
|
|
be70f2 |
- if (old_ref->usr_auth_protocol_length)
|
|
|
be70f2 |
- SNMP_FREE(old_ref->usr_auth_protocol);
|
|
|
be70f2 |
- if (old_ref->usr_priv_protocol_length)
|
|
|
be70f2 |
- SNMP_FREE(old_ref->usr_priv_protocol);
|
|
|
be70f2 |
-
|
|
|
be70f2 |
- if (old_ref->usr_auth_key_length && old_ref->usr_auth_key) {
|
|
|
be70f2 |
- SNMP_ZERO(old_ref->usr_auth_key, old_ref->usr_auth_key_length);
|
|
|
be70f2 |
- SNMP_FREE(old_ref->usr_auth_key);
|
|
|
be70f2 |
- }
|
|
|
be70f2 |
- if (old_ref->usr_priv_key_length && old_ref->usr_priv_key) {
|
|
|
be70f2 |
- SNMP_ZERO(old_ref->usr_priv_key, old_ref->usr_priv_key_length);
|
|
|
be70f2 |
- SNMP_FREE(old_ref->usr_priv_key);
|
|
|
be70f2 |
- }
|
|
|
be70f2 |
+ if (--ref->refcnt > 0)
|
|
|
be70f2 |
+ return;
|
|
|
be70f2 |
|
|
|
be70f2 |
- SNMP_ZERO(old_ref, sizeof(*old_ref));
|
|
|
be70f2 |
- SNMP_FREE(old_ref);
|
|
|
be70f2 |
+ SNMP_FREE(ref->usr_name);
|
|
|
be70f2 |
+ SNMP_FREE(ref->usr_engine_id);
|
|
|
be70f2 |
+ SNMP_FREE(ref->usr_auth_protocol);
|
|
|
be70f2 |
+ SNMP_FREE(ref->usr_priv_protocol);
|
|
|
be70f2 |
|
|
|
be70f2 |
+ if (ref->usr_auth_key_length && ref->usr_auth_key) {
|
|
|
be70f2 |
+ SNMP_ZERO(ref->usr_auth_key, ref->usr_auth_key_length);
|
|
|
be70f2 |
+ SNMP_FREE(ref->usr_auth_key);
|
|
|
be70f2 |
+ }
|
|
|
be70f2 |
+ if (ref->usr_priv_key_length && ref->usr_priv_key) {
|
|
|
be70f2 |
+ SNMP_ZERO(ref->usr_priv_key, ref->usr_priv_key_length);
|
|
|
be70f2 |
+ SNMP_FREE(ref->usr_priv_key);
|
|
|
be70f2 |
}
|
|
|
be70f2 |
|
|
|
be70f2 |
+ SNMP_FREE(ref);
|
|
|
be70f2 |
} /* end usm_free_usmStateReference() */
|
|
|
be70f2 |
|
|
|
be70f2 |
struct usmUser *
|
|
|
be70f2 |
@@ -3184,6 +3204,7 @@ init_usm(void)
|
|
|
be70f2 |
def->encode_reverse = usm_secmod_rgenerate_out_msg;
|
|
|
be70f2 |
def->encode_forward = usm_secmod_generate_out_msg;
|
|
|
be70f2 |
def->decode = usm_secmod_process_in_msg;
|
|
|
be70f2 |
+ def->pdu_clone = usm_clone;
|
|
|
be70f2 |
def->pdu_free_state_ref = usm_free_usmStateReference;
|
|
|
be70f2 |
def->session_setup = usm_session_init;
|
|
|
be70f2 |
def->handle_report = usm_handle_report;
|