summaryrefslogtreecommitdiff
path: root/pysnmp/proto/acmod
diff options
context:
space:
mode:
authorelie <elie>2013-01-05 20:25:51 +0000
committerelie <elie>2013-01-05 20:25:51 +0000
commitd91859555152f060f2305265ff235cc2c2513afa (patch)
treefd5f06fa028469a75b454c119eb5c8a61f097620 /pysnmp/proto/acmod
parent24d1327c26299d29b45390c437e57d26fd5c1234 (diff)
downloadpysnmp-git-d91859555152f060f2305265ff235cc2c2513afa.tar.gz
VACM modules converted from a function into an object to let it keep
state (caches) in the future
Diffstat (limited to 'pysnmp/proto/acmod')
-rw-r--r--pysnmp/proto/acmod/rfc3415.py178
-rw-r--r--pysnmp/proto/acmod/void.py26
2 files changed, 101 insertions, 103 deletions
diff --git a/pysnmp/proto/acmod/rfc3415.py b/pysnmp/proto/acmod/rfc3415.py
index 02cd269d..05386b0f 100644
--- a/pysnmp/proto/acmod/rfc3415.py
+++ b/pysnmp/proto/acmod/rfc3415.py
@@ -3,111 +3,109 @@ from pysnmp.smi.error import NoSuchInstanceError
from pysnmp.proto import errind, error
from pysnmp import debug
-accessModelID = 3
-
__powOfTwoSeq = [128, 64, 32, 16, 8, 4, 2, 1]
# 3.2
-def isAccessAllowed(
- snmpEngine,
- securityModel,
- securityName,
- securityLevel,
- viewType,
- contextName,
- variableName):
- mibInstrumController = snmpEngine.msgAndPduDsp.mibInstrumController
+class Vacm:
+ accessModelID = 3
+ def isAccessAllowed(self,
+ snmpEngine,
+ securityModel,
+ securityName,
+ securityLevel,
+ viewType,
+ contextName,
+ variableName):
+ mibInstrumController = snmpEngine.msgAndPduDsp.mibInstrumController
- debug.logger & debug.flagACL and debug.logger('isAccessAllowed: securityModel %s, securityName %s, securityLevel %s, viewType %s, contextName %s for variableName %s' % (securityModel, securityName, securityLevel, viewType, contextName, variableName))
+ debug.logger & debug.flagACL and debug.logger('isAccessAllowed: securityModel %s, securityName %s, securityLevel %s, viewType %s, contextName %s for variableName %s' % (securityModel, securityName, securityLevel, viewType, contextName, variableName))
- # 3.2.1
- vacmContextEntry, = mibInstrumController.mibBuilder.importSymbols('SNMP-VIEW-BASED-ACM-MIB', 'vacmContextEntry')
- tblIdx = vacmContextEntry.getInstIdFromIndices(contextName)
- try:
- vacmContextName = vacmContextEntry.getNode(
- vacmContextEntry.name + (1,) + tblIdx
+ # 3.2.1
+ vacmContextEntry, = mibInstrumController.mibBuilder.importSymbols('SNMP-VIEW-BASED-ACM-MIB', 'vacmContextEntry')
+ tblIdx = vacmContextEntry.getInstIdFromIndices(contextName)
+ try:
+ vacmContextName = vacmContextEntry.getNode(
+ vacmContextEntry.name + (1,) + tblIdx
).syntax
- except NoSuchInstanceError:
- raise error.StatusInformation(errorIndication=errind.noSuchContext)
+ except NoSuchInstanceError:
+ raise error.StatusInformation(errorIndication=errind.noSuchContext)
- # 3.2.2
- vacmSecurityToGroupEntry, = mibInstrumController.mibBuilder.importSymbols(
- 'SNMP-VIEW-BASED-ACM-MIB', 'vacmSecurityToGroupEntry'
- )
- tblIdx = vacmSecurityToGroupEntry.getInstIdFromIndices(
- securityModel, securityName
+ # 3.2.2
+ vacmSecurityToGroupEntry, = mibInstrumController.mibBuilder.importSymbols('SNMP-VIEW-BASED-ACM-MIB', 'vacmSecurityToGroupEntry')
+ tblIdx = vacmSecurityToGroupEntry.getInstIdFromIndices(
+ securityModel, securityName
)
- try:
- vacmGroupName = vacmSecurityToGroupEntry.getNode(
- vacmSecurityToGroupEntry.name + (3,) + tblIdx
+ try:
+ vacmGroupName = vacmSecurityToGroupEntry.getNode(
+ vacmSecurityToGroupEntry.name + (3,) + tblIdx
).syntax
- except NoSuchInstanceError:
- raise error.StatusInformation(errorIndication=errind.noGroupName)
+ except NoSuchInstanceError:
+ raise error.StatusInformation(errorIndication=errind.noGroupName)
- # 3.2.3
- vacmAccessEntry, = mibInstrumController.mibBuilder.importSymbols(
- 'SNMP-VIEW-BASED-ACM-MIB', 'vacmAccessEntry'
+ # 3.2.3
+ vacmAccessEntry, = mibInstrumController.mibBuilder.importSymbols(
+ 'SNMP-VIEW-BASED-ACM-MIB', 'vacmAccessEntry'
)
- # XXX partial context name match
- tblIdx = vacmAccessEntry.getInstIdFromIndices(
- vacmGroupName, contextName, securityModel, securityLevel
+ # XXX partial context name match
+ tblIdx = vacmAccessEntry.getInstIdFromIndices(
+ vacmGroupName, contextName, securityModel, securityLevel
)
- # 3.2.4
- if viewType == 'read':
- entryIdx = vacmAccessEntry.name + (5,) + tblIdx
- elif viewType == 'write':
- entryIdx = vacmAccessEntry.name + (6,) + tblIdx
- elif viewType == 'notify':
- entryIdx = vacmAccessEntry.name + (7,) + tblIdx
- else:
- raise error.ProtocolError('Unknown view type %s' % viewType)
+ # 3.2.4
+ if viewType == 'read':
+ entryIdx = vacmAccessEntry.name + (5,) + tblIdx
+ elif viewType == 'write':
+ entryIdx = vacmAccessEntry.name + (6,) + tblIdx
+ elif viewType == 'notify':
+ entryIdx = vacmAccessEntry.name + (7,) + tblIdx
+ else:
+ raise error.ProtocolError('Unknown view type %s' % viewType)
- try:
- viewName = vacmAccessEntry.getNode(entryIdx).syntax
- except NoSuchInstanceError:
- raise error.StatusInformation(errorIndication=errind.noAccessEntry)
- if not len(viewName):
- raise error.StatusInformation(errorIndication=errind.noSuchView)
+ try:
+ viewName = vacmAccessEntry.getNode(entryIdx).syntax
+ except NoSuchInstanceError:
+ raise error.StatusInformation(errorIndication=errind.noAccessEntry)
+ if not len(viewName):
+ raise error.StatusInformation(errorIndication=errind.noSuchView)
- # XXX split onto object & instance ?
-
- # 3.2.5a
- vacmViewTreeFamilyEntry, = mibInstrumController.mibBuilder.importSymbols('SNMP-VIEW-BASED-ACM-MIB', 'vacmViewTreeFamilyEntry')
- tblIdx = vacmViewTreeFamilyEntry.getInstIdFromIndices(viewName)
+ # XXX split onto object & instance ?
+
+ # 3.2.5a
+ vacmViewTreeFamilyEntry, = mibInstrumController.mibBuilder.importSymbols('SNMP-VIEW-BASED-ACM-MIB', 'vacmViewTreeFamilyEntry')
+ tblIdx = vacmViewTreeFamilyEntry.getInstIdFromIndices(viewName)
- # Walk over entries
- initialTreeName = treeName = vacmViewTreeFamilyEntry.name + (2,) + tblIdx
- maskName = vacmViewTreeFamilyEntry.name + (3,) + tblIdx
- while 1:
- vacmViewTreeFamilySubtree = vacmViewTreeFamilyEntry.getNextNode(
- treeName
+ # Walk over entries
+ initialTreeName = treeName = vacmViewTreeFamilyEntry.name + (2,) + tblIdx
+ maskName = vacmViewTreeFamilyEntry.name + (3,) + tblIdx
+ while 1:
+ vacmViewTreeFamilySubtree = vacmViewTreeFamilyEntry.getNextNode(
+ treeName
)
- vacmViewTreeFamilyMask = vacmViewTreeFamilyEntry.getNextNode(
- maskName
+ vacmViewTreeFamilyMask = vacmViewTreeFamilyEntry.getNextNode(
+ maskName
)
- treeName = vacmViewTreeFamilySubtree.name
- maskName = vacmViewTreeFamilyMask.name
- if initialTreeName != treeName[:len(initialTreeName)]:
- # 3.2.5b
- raise error.StatusInformation(errorIndication=errind.notInView)
- l = len(vacmViewTreeFamilySubtree.syntax)
- if l > len(variableName):
- continue
- if vacmViewTreeFamilyMask.syntax:
- mask = []
- for c in vacmViewTreeFamilyMask.syntax.asNumbers():
- mask = mask + [ b&c for b in __powOfTwoSeq ]
- m = len(mask)-1
- idx = l-1
- while idx:
- if idx > m or mask[idx] and \
- vacmViewTreeFamilySubtree.syntax[idx] != variableName[idx]:
- break
- idx = idx - 1
- if idx: continue # no match
- else: # no mask
- if vacmViewTreeFamilySubtree.syntax != variableName[:l]:
- continue # no match
- # 3.2.5c
- return error.StatusInformation(errorIndication=errind.accessAllowed)
+ treeName = vacmViewTreeFamilySubtree.name
+ maskName = vacmViewTreeFamilyMask.name
+ if initialTreeName != treeName[:len(initialTreeName)]:
+ # 3.2.5b
+ raise error.StatusInformation(errorIndication=errind.notInView)
+ l = len(vacmViewTreeFamilySubtree.syntax)
+ if l > len(variableName):
+ continue
+ if vacmViewTreeFamilyMask.syntax:
+ mask = []
+ for c in vacmViewTreeFamilyMask.syntax.asNumbers():
+ mask = mask + [ b&c for b in __powOfTwoSeq ]
+ m = len(mask)-1
+ idx = l-1
+ while idx:
+ if idx > m or mask[idx] and \
+ vacmViewTreeFamilySubtree.syntax[idx] != variableName[idx]:
+ break
+ idx = idx - 1
+ if idx: continue # no match
+ else: # no mask
+ if vacmViewTreeFamilySubtree.syntax != variableName[:l]:
+ continue # no match
+ # 3.2.5c
+ return error.StatusInformation(errorIndication=errind.accessAllowed)
diff --git a/pysnmp/proto/acmod/void.py b/pysnmp/proto/acmod/void.py
index 19055f24..dfd7da61 100644
--- a/pysnmp/proto/acmod/void.py
+++ b/pysnmp/proto/acmod/void.py
@@ -1,19 +1,19 @@
# Void Access Control Model
from pysnmp.proto import errind, error
-accessModelID = 0
-
# rfc3415 3.2
-def isAccessAllowed(
- snmpEngine,
- securityModel,
- securityName,
- securityLevel,
- viewType,
- contextName,
- variableName):
+class Vacm:
+ accessModelID = 0
+ def isAccessAllowed(self,
+ snmpEngine,
+ securityModel,
+ securityName,
+ securityLevel,
+ viewType,
+ contextName,
+ variableName):
- debug.logger & debug.flagACL and debug.logger('isAccessAllowed: viewType %s for variableName %s - OK' % (viewType, variableName))
+ debug.logger & debug.flagACL and debug.logger('isAccessAllowed: viewType %s for variableName %s - OK' % (viewType, variableName))
- # rfc3415 3.2.5c
- return error.StatusInformation(errorIndication=errind.accessAllowed)
+ # rfc3415 3.2.5c
+ return error.StatusInformation(errorIndication=errind.accessAllowed)
View Lorry Controller Status