snmp_authentication -- SNMP authentication operations


cc ... -lsnmp

#include <snmp/snmp.h>

short build_authentication(auth_ptr, pdu_ptr); AuthHeader *auth_ptr; /* AuthHeader returned by */ /* make_authentication(SLIB) */ PDU * pdu_ptr; /* pointer to PDU structure returned */ /* by make_pdu(SLIB) */ void free_authentication(auth_ptr); AuthHeader *auth_ptr;

AuthHeader * make_authentication(community_ptr); OctetString *community_ptr /* contains the community string */

AuthHeader * parse_authentication(packet, packet_len); u_char *packet; /* pointer to inbound SNMP packet */ long packet_len; /* length of packet */

long build_v1_mesg_from_pdu(out_mesg, community, pdu); u_char *out_mesg; /* pointer to out_going V1 message */ OctetString *community; /* pointer to the community string */ Pdu *pdu; /* pointer to the serialized PDU */ Pdu * get_pdu_from_v1_mesg(in_packet, in_packet_len); u_char *in_packet; /* pointer to in_coming V1 packet */ long in_packet_len; /* length of the in_coming packet */

#include <snmp/snmp.h> #include <snmp/snmpuser.h>

void print_packet_out(packet, length) u_char *packet; /* buffer to be displayed */ long length; /* length of buffer */


build_authentication takes the PDU and the authentication information and using those builds the actual SNMPv1 packet in the authentication data structure's packlet octet string area. auth_ptr->packlet->octet_ptr points to the packet and auth_ptr->packlet->length points to the packet's length. This packlet is freed when free_authentication(SLIB) is called, so it should be copied (using bcopy (see bstring(S)) to a holding area; alternatively, the authentication should not be freed until the packet is actually sent. Once this has been done, the authentication can be freed with a call to free_authentication.

free_authentication frees all memory associated with a trivial authentication header data structure, including the actual SNMPv1 packet that build_authentication(SLIB) creates and the octet string associated with make_authentication(SLIB). The PDU structure pointed to by the pdu_ptr passed to make_authentication is NOT touched.

make_authentication is used to create a library format authentication header data structure for use by build_authentication(SLIB). This particular implementation of the library creates an authentication header based on the ``trivial'' authentication put forth by RFC 1098, which calls for a community octet string usually based on text. The header and the octet string associated with the header are freed when free_authentication(SLIB) is called with the authentication pointer.

parse_authentication is used to create a library format authentication header data structure from an incoming SNMPv1 packet. If parsing errors occur, a message is output to standard error and the routine returns NULL. Otherwise, the community_ptr part of the structure should be checked for authentication and the pointer passed on to parse_pdu(SLIB) for further ASN.1 parsing. It should be noted that the state of the authentication header created during the building phase after a call to build_authentication(SLIB) is nearly symmetrical to the state of the authentication header after this call on the parsing side.

build_v1_mesg_from_pdu is used to create an outgoing SNMPv1 packet for an outgoing PDU. If any errors occur during the building, an error message is output, all the structures allocated are freed, and it returns with a NOTOK. Otherwise, the ``community'' and the ``pdu'' are used in building the ASN.1 encoding of the outgoing SNMPv1 message.

get_pdu_from_v1_mesg is used to extract an encapsulated PDU from an incoming SNMPv1 packet. All the authentication information which is present in the packet is also extracted, but it is discarded.

print_packet_out prints out the contents of a buffer, in hex at 20 bytes per line. It is called with a pointer to the buffer to be displayed, and the number of buffer bytes to be displayed. This call is frequently used in debugging code to display the actual SNMP message that has been received; this allows hand parsing of the message. It is generally unsuitable for a production user interface.

See also

octetstring(SLIB), snmp_pdu(SLIB), varbind(SLIB)
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003