/usr/include/net-snmp/library/vacm.h

/*
 * vacm.h
 *
 * SNMPv3 View-based Access Control Model
 */

#ifndef VACM_H
#define VACM_H

#ifdef __cplusplus
extern          "C" {
#endif

#define VACM_SUCCESS       0
#define VACM_NOSECNAME     1
#define VACM_NOGROUP       2
#define VACM_NOACCESS      3
#define VACM_NOVIEW        4
#define VACM_NOTINVIEW     5
#define VACM_NOSUCHCONTEXT 6
#define VACM_SUBTREE_UNKNOWN 7

#define SECURITYMODEL	1
#define SECURITYNAME	2
#define SECURITYGROUP	3
#define SECURITYSTORAGE	4
#define SECURITYSTATUS	5

#define ACCESSPREFIX	1
#define ACCESSMODEL	2
#define ACCESSLEVEL	3
#define ACCESSMATCH	4
#define ACCESSREAD	5
#define ACCESSWRITE	6
#define ACCESSNOTIFY	7
#define ACCESSSTORAGE	8
#define ACCESSSTATUS	9

#define VACMVIEWSPINLOCK 1
#define VIEWNAME	2
#define VIEWSUBTREE	3
#define VIEWMASK	4
#define VIEWTYPE	5
#define VIEWSTORAGE	6
#define VIEWSTATUS	7

#define VACM_MAX_STRING 32
#define VACMSTRINGLEN   34      /* VACM_MAX_STRING + 2 */

    struct vacm_groupEntry {
        int             securityModel;
        char            securityName[VACMSTRINGLEN];
        char            groupName[VACMSTRINGLEN];
        int             storageType;
        int             status;

        u_long          bitMask;
        struct vacm_groupEntry *reserved;
        struct vacm_groupEntry *next;
    };

#define CONTEXT_MATCH_EXACT  1
#define CONTEXT_MATCH_PREFIX 2

/* VIEW ENUMS ---------------------------------------- */

/* SNMPD usage: get/set/send-notification views */
#define VACM_VIEW_READ     0
#define VACM_VIEW_WRITE    1
#define VACM_VIEW_NOTIFY   2

/* SNMPTRAPD usage: log execute and net-access (forward) usage */
#define VACM_VIEW_LOG      3
#define VACM_VIEW_EXECUTE  4
#define VACM_VIEW_NET      5

/* VIEW BIT MASK VALUES-------------------------------- */

/* SNMPD usage: get/set/send-notification views */
#define VACM_VIEW_READ_BIT      (1 << VACM_VIEW_READ)
#define VACM_VIEW_WRITE_BIT     (1 << VACM_VIEW_WRITE)
#define VACM_VIEW_NOTIFY_BIT    (1 << VACM_VIEW_NOTIFY)

/* SNMPTRAPD usage: log execute and net-access (forward) usage */
#define VACM_VIEW_LOG_BIT      (1 << VACM_VIEW_LOG)
#define VACM_VIEW_EXECUTE_BIT  (1 << VACM_VIEW_EXECUTE)
#define VACM_VIEW_NET_BIT      (1 << VACM_VIEW_NET)
    
#define VACM_VIEW_NO_BITS      0

/* Maximum number of views in the view array */
#define VACM_MAX_VIEWS     8

#define VACM_VIEW_ENUM_NAME "vacmviews"
    
    void init_vacm(void);
    
    struct vacm_accessEntry {
        char            groupName[VACMSTRINGLEN];
        char            contextPrefix[VACMSTRINGLEN];
        int             securityModel;
        int             securityLevel;
        int             contextMatch;
        char            views[VACM_MAX_VIEWS][VACMSTRINGLEN];
        int             storageType;
        int             status;

        u_long          bitMask;
        struct vacm_accessEntry *reserved;
        struct vacm_accessEntry *next;
    };

    struct vacm_viewEntry {
        char            viewName[VACMSTRINGLEN];
        oid             viewSubtree[MAX_OID_LEN];
        size_t          viewSubtreeLen;
        u_char          viewMask[VACMSTRINGLEN];
        size_t          viewMaskLen;
        int             viewType;
        int             viewStorageType;
        int             viewStatus;

        u_long          bitMask;

        struct vacm_viewEntry *reserved;
        struct vacm_viewEntry *next;
    };

    NETSNMP_IMPORT
    void            vacm_destroyViewEntry(const char *, oid *, size_t);
    NETSNMP_IMPORT
    void            vacm_destroyAllViewEntries(void);

#define VACM_MODE_FIND                0
#define VACM_MODE_IGNORE_MASK         1
#define VACM_MODE_CHECK_SUBTREE       2
    NETSNMP_IMPORT
    struct vacm_viewEntry *vacm_getViewEntry(const char *, oid *, size_t,
                                             int);
    /*
     * Returns a pointer to the viewEntry with the
     * same viewName and viewSubtree
     * Returns NULL if that entry does not exist.
     */

    NETSNMP_IMPORT
    int vacm_checkSubtree(const char *, oid *, size_t);

    /*
     * Check to see if everything within a subtree is in view, not in view,
     * or possibly both.
     *
     * Returns:
     *   VACM_SUCCESS          The OID is included in the view.
     *   VACM_NOTINVIEW        If no entry in the view list includes the
     *                         provided OID, or the OID is explicitly excluded
     *                         from the view. 
     *   VACM_SUBTREE_UNKNOWN  The entire subtree has both allowed and
     *                         disallowed portions.
     */

    NETSNMP_IMPORT
    void
                    vacm_scanViewInit(void);
    /*
     * Initialized the scan routines so that they will begin at the
     * beginning of the list of viewEntries.
     *
     */


    NETSNMP_IMPORT
    struct vacm_viewEntry *vacm_scanViewNext(void);
    /*
     * Returns a pointer to the next viewEntry.
     * These entries are returned in no particular order,
     * but if N entries exist, N calls to view_scanNext() will
     * return all N entries once.
     * Returns NULL if all entries have been returned.
     * view_scanInit() starts the scan over.
     */

    NETSNMP_IMPORT
    struct vacm_viewEntry *vacm_createViewEntry(const char *, oid *,
                                                size_t);
    /*
     * Creates a viewEntry with the given index
     * and returns a pointer to it.
     * The status of this entry is created as invalid.
     */

    NETSNMP_IMPORT
    void            vacm_destroyGroupEntry(int, const char *);
    NETSNMP_IMPORT
    void            vacm_destroyAllGroupEntries(void);
    NETSNMP_IMPORT
    struct vacm_groupEntry *vacm_createGroupEntry(int, const char *);
    NETSNMP_IMPORT
    struct vacm_groupEntry *vacm_getGroupEntry(int, const char *);
    NETSNMP_IMPORT
    void            vacm_scanGroupInit(void);
    NETSNMP_IMPORT
    struct vacm_groupEntry *vacm_scanGroupNext(void);

    NETSNMP_IMPORT
    void            vacm_destroyAccessEntry(const char *, const char *,
                                            int, int);
    NETSNMP_IMPORT
    void            vacm_destroyAllAccessEntries(void);
    NETSNMP_IMPORT
    struct vacm_accessEntry *vacm_createAccessEntry(const char *,
                                                    const char *, int,
                                                    int);
    NETSNMP_IMPORT
    struct vacm_accessEntry *vacm_getAccessEntry(const char *,
                                                 const char *, int, int);
    NETSNMP_IMPORT
    void            vacm_scanAccessInit(void);
    NETSNMP_IMPORT
    struct vacm_accessEntry *vacm_scanAccessNext(void);

    void            vacm_destroySecurityEntry(const char *);
    struct vacm_securityEntry *vacm_createSecurityEntry(const char *);
    struct vacm_securityEntry *vacm_getSecurityEntry(const char *);
    void            vacm_scanSecurityInit(void);
    struct vacm_securityEntry *vacm_scanSecurityEntry(void);
    NETSNMP_IMPORT
    int             vacm_is_configured(void);

    void            vacm_save(const char *token, const char *type);
    void            vacm_save_view(struct vacm_viewEntry *view,
                                   const char *token, const char *type);
    void            vacm_save_access(struct vacm_accessEntry *access_entry,
                                     const char *token, const char *type);
    void            vacm_save_auth_access(struct vacm_accessEntry *access_entry,
                                     const char *token, const char *type, int authtype);
    void            vacm_save_group(struct vacm_groupEntry *group_entry,
                                    const char *token, const char *type);

    NETSNMP_IMPORT
    void            vacm_parse_config_view(const char *token, const char *line);
    NETSNMP_IMPORT
    void            vacm_parse_config_group(const char *token,
                                            const char *line);
    NETSNMP_IMPORT
    void            vacm_parse_config_access(const char *token,
                                             const char *line);
    NETSNMP_IMPORT
    void            vacm_parse_config_auth_access(const char *token,
                                                  const char *line);

    NETSNMP_IMPORT
    int             store_vacm(int majorID, int minorID, void *serverarg,
                               void *clientarg);

    NETSNMP_IMPORT
    struct vacm_viewEntry *netsnmp_view_get(struct vacm_viewEntry *head,
                                            const char *viewName,
                                            oid * viewSubtree,
                                            size_t viewSubtreeLen, int mode);


#ifdef __cplusplus
}
#endif
#endif                          /* VACM_H */
libsnmp-dev 5.7.2~dfsg-8.1ubuntu3 / usr / include / net-snmp / library / vacm.h
