summaryrefslogtreecommitdiff
path: root/pysnmp/proto/secmod/rfc2576.py
diff options
context:
space:
mode:
Diffstat (limited to 'pysnmp/proto/secmod/rfc2576.py')
-rw-r--r--pysnmp/proto/secmod/rfc2576.py349
1 files changed, 206 insertions, 143 deletions
diff --git a/pysnmp/proto/secmod/rfc2576.py b/pysnmp/proto/secmod/rfc2576.py
index ba11b0fe..92b5eac2 100644
--- a/pysnmp/proto/secmod/rfc2576.py
+++ b/pysnmp/proto/secmod/rfc2576.py
@@ -4,9 +4,6 @@
# Copyright (c) 2005-2019, Ilya Etingof <etingof@gmail.com>
# License: http://snmplabs.com/pysnmp/license.html
#
-from pyasn1.codec.ber import encoder
-from pyasn1.error import PyAsn1Error
-
from pysnmp import debug
from pysnmp.carrier.asyncore.dgram import udp
from pysnmp.carrier.asyncore.dgram import udp6
@@ -15,6 +12,9 @@ from pysnmp.proto import error
from pysnmp.proto.secmod import base
from pysnmp.smi.error import NoSuchInstanceError
+from pyasn1.codec.ber import encoder
+from pyasn1.error import PyAsn1Error
+
class SnmpV1SecurityModel(base.AbstractSecurityModel):
SECURITY_MODEL_ID = 1
@@ -26,60 +26,69 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
# in here.
def __init__(self):
- self.__transportBranchId = self.__paramsBranchId = self.__communityBranchId = self.__securityBranchId = -1
+ self._transportBranchId = -1
+ self._paramsBranchId = -1
+ self._communityBranchId = -1
+ self._securityBranchId = -1
+
base.AbstractSecurityModel.__init__(self)
def _sec2com(self, snmpEngine, securityName, contextEngineId, contextName):
- snmpTargetParamsSecurityName, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ mibBuilder = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder
+
+ snmpTargetParamsSecurityName, = mibBuilder.importSymbols(
'SNMP-TARGET-MIB', 'snmpTargetParamsSecurityName')
- if self.__paramsBranchId != snmpTargetParamsSecurityName.branchVersionId:
- snmpTargetParamsSecurityModel, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+
+ if self._paramsBranchId != snmpTargetParamsSecurityName.branchVersionId:
+ snmpTargetParamsSecurityModel, = mibBuilder.importSymbols(
'SNMP-TARGET-MIB', 'snmpTargetParamsSecurityModel')
- self.__nameToModelMap = {}
+ self._nameToModelMap = {}
nextMibNode = snmpTargetParamsSecurityName
while True:
try:
- nextMibNode = snmpTargetParamsSecurityName.getNextNode(nextMibNode.name)
+ nextMibNode = snmpTargetParamsSecurityName.getNextNode(
+ nextMibNode.name)
except NoSuchInstanceError:
break
instId = nextMibNode.name[len(snmpTargetParamsSecurityName.name):]
- mibNode = snmpTargetParamsSecurityModel.getNode(snmpTargetParamsSecurityModel.name + instId)
+ mibNode = snmpTargetParamsSecurityModel.getNode(
+ snmpTargetParamsSecurityModel.name + instId)
try:
- if mibNode.syntax not in self.__nameToModelMap:
- self.__nameToModelMap[nextMibNode.syntax] = set()
+ if mibNode.syntax not in self._nameToModelMap:
+ self._nameToModelMap[nextMibNode.syntax] = set()
- self.__nameToModelMap[nextMibNode.syntax].add(mibNode.syntax)
+ self._nameToModelMap[nextMibNode.syntax].add(mibNode.syntax)
except PyAsn1Error:
debug.logger & debug.FLAG_SM and debug.logger(
- '_sec2com: table entries %r/%r hashing failed' % (
- nextMibNode.syntax, mibNode.syntax)
- )
+ '_sec2com: table entries %r/%r hashing '
+ 'failed' % (nextMibNode.syntax, mibNode.syntax))
continue
- self.__paramsBranchId = snmpTargetParamsSecurityName.branchVersionId
+ self._paramsBranchId = snmpTargetParamsSecurityName.branchVersionId
# invalidate next map as it include this one
- self.__securityBranchId = -1
+ self._securityBranchId = -1
- snmpCommunityName, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('SNMP-COMMUNITY-MIB',
- 'snmpCommunityName')
- if self.__securityBranchId != snmpCommunityName.branchVersionId:
+ snmpCommunityName, = mibBuilder.importSymbols(
+ 'SNMP-COMMUNITY-MIB', 'snmpCommunityName')
+
+ if self._securityBranchId != snmpCommunityName.branchVersionId:
(snmpCommunitySecurityName,
snmpCommunityContextEngineId,
- snmpCommunityContextName) = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ snmpCommunityContextName) = mibBuilder.importSymbols(
'SNMP-COMMUNITY-MIB', 'snmpCommunitySecurityName',
'snmpCommunityContextEngineID', 'snmpCommunityContextName'
)
- self.__securityMap = {}
+ self._securityMap = {}
nextMibNode = snmpCommunityName
@@ -92,54 +101,55 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
instId = nextMibNode.name[len(snmpCommunityName.name):]
- _securityName = snmpCommunitySecurityName.getNode(snmpCommunitySecurityName.name + instId).syntax
+ _securityName = snmpCommunitySecurityName.getNode(
+ snmpCommunitySecurityName.name + instId).syntax
_contextEngineId = snmpCommunityContextEngineId.getNode(
snmpCommunityContextEngineId.name + instId).syntax
- _contextName = snmpCommunityContextName.getNode(snmpCommunityContextName.name + instId).syntax
+ _contextName = snmpCommunityContextName.getNode(
+ snmpCommunityContextName.name + instId).syntax
+
+ key = _securityName, _contextEngineId, _contextName
try:
- self.__securityMap[(_securityName,
- _contextEngineId,
- _contextName)] = nextMibNode.syntax
+ self._securityMap[key] = nextMibNode.syntax
except PyAsn1Error:
debug.logger & debug.FLAG_SM and debug.logger(
- '_sec2com: table entries %r/%r/%r hashing failed' % (
- _securityName, _contextEngineId, _contextName)
- )
+ '_sec2com: table entries %r/%r/%r hashing failed' % key)
continue
- self.__securityBranchId = snmpCommunityName.branchVersionId
+ self._securityBranchId = snmpCommunityName.branchVersionId
debug.logger & debug.FLAG_SM and debug.logger(
- '_sec2com: built securityName to communityName map, version %s: %s' % (
- self.__securityBranchId, self.__securityMap))
+ '_sec2com: built securityName to communityName map, version '
+ '%s: %s' % (self._securityBranchId, self._securityMap))
+
+ key = securityName, contextEngineId, contextName
try:
- return self.__securityMap[(securityName,
- contextEngineId,
- contextName)]
+ return self._securityMap[key]
except KeyError:
raise error.StatusInformation(
- errorIndication=errind.unknownCommunityName
- )
+ errorIndication=errind.unknownCommunityName)
def _com2sec(self, snmpEngine, communityName, transportInformation):
- snmpTargetAddrTAddress, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ mibBuilder = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder
+
+ snmpTargetAddrTAddress, = mibBuilder.importSymbols(
'SNMP-TARGET-MIB', 'snmpTargetAddrTAddress')
- if self.__transportBranchId != snmpTargetAddrTAddress.branchVersionId:
+
+ if self._transportBranchId != snmpTargetAddrTAddress.branchVersionId:
(SnmpTagValue, snmpTargetAddrTDomain,
- snmpTargetAddrTagList) = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ snmpTargetAddrTagList) = mibBuilder.importSymbols(
'SNMP-TARGET-MIB', 'SnmpTagValue', 'snmpTargetAddrTDomain',
- 'snmpTargetAddrTagList'
- )
+ 'snmpTargetAddrTagList')
- self.__emptyTag = SnmpTagValue('')
+ self._emptyTag = SnmpTagValue('')
- self.__transportToTagMap = {}
+ self._transportToTagMap = {}
nextMibNode = snmpTargetAddrTagList
@@ -151,56 +161,64 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
break
instId = nextMibNode.name[len(snmpTargetAddrTagList.name):]
- targetAddrTDomain = snmpTargetAddrTDomain.getNode(snmpTargetAddrTDomain.name + instId).syntax
- targetAddrTAddress = snmpTargetAddrTAddress.getNode(snmpTargetAddrTAddress.name + instId).syntax
+
+ targetAddrTDomain = snmpTargetAddrTDomain.getNode(
+ snmpTargetAddrTDomain.name + instId).syntax
+ targetAddrTAddress = snmpTargetAddrTAddress.getNode(
+ snmpTargetAddrTAddress.name + instId).syntax
targetAddrTDomain = tuple(targetAddrTDomain)
- if targetAddrTDomain[:len(udp.SNMP_UDP_DOMAIN)] == udp.SNMP_UDP_DOMAIN:
- SnmpUDPAddress, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('SNMPv2-TM',
- 'SnmpUDPAddress')
+ if (targetAddrTDomain[:len(udp.SNMP_UDP_DOMAIN)] ==
+ udp.SNMP_UDP_DOMAIN):
+ SnmpUDPAddress, = mibBuilder.importSymbols(
+ 'SNMPv2-TM', 'SnmpUDPAddress')
targetAddrTAddress = tuple(SnmpUDPAddress(targetAddrTAddress))
- elif targetAddrTDomain[:len(udp6.SNMP_UDP6_DOMAIN)] == udp6.SNMP_UDP6_DOMAIN:
- TransportAddressIPv6, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+
+ elif (targetAddrTDomain[:len(udp6.SNMP_UDP6_DOMAIN)] ==
+ udp6.SNMP_UDP6_DOMAIN):
+ TransportAddressIPv6, = mibBuilder.importSymbols(
'TRANSPORT-ADDRESS-MIB', 'TransportAddressIPv6')
+
targetAddrTAddress = tuple(TransportAddressIPv6(targetAddrTAddress))
targetAddr = targetAddrTDomain, targetAddrTAddress
- targetAddrTagList = snmpTargetAddrTagList.getNode(snmpTargetAddrTagList.name + instId).syntax
- if targetAddr not in self.__transportToTagMap:
- self.__transportToTagMap[targetAddr] = set()
+ targetAddrTagList = snmpTargetAddrTagList.getNode(
+ snmpTargetAddrTagList.name + instId).syntax
+
+ if targetAddr not in self._transportToTagMap:
+ self._transportToTagMap[targetAddr] = set()
try:
if targetAddrTagList:
- self.__transportToTagMap[targetAddr].update(
+ self._transportToTagMap[targetAddr].update(
[SnmpTagValue(x)
- for x in targetAddrTagList.asOctets().split()]
- )
+ for x in targetAddrTagList.asOctets().split()])
else:
- self.__transportToTagMap[targetAddr].add(self.__emptyTag)
+ self._transportToTagMap[targetAddr].add(self._emptyTag)
except PyAsn1Error:
debug.logger & debug.FLAG_SM and debug.logger(
'_com2sec: table entries %r/%r hashing failed' % (
- targetAddr, targetAddrTagList)
- )
+ targetAddr, targetAddrTagList))
continue
- self.__transportBranchId = snmpTargetAddrTAddress.branchVersionId
+ self._transportBranchId = snmpTargetAddrTAddress.branchVersionId
- debug.logger & debug.FLAG_SM and debug.logger('_com2sec: built transport-to-tag map version %s: %s' % (
- self.__transportBranchId, self.__transportToTagMap))
+ debug.logger & debug.FLAG_SM and debug.logger(
+ '_com2sec: built transport-to-tag map version %s: '
+ '%s' % (self._transportBranchId, self._transportToTagMap))
- snmpTargetParamsSecurityName, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ snmpTargetParamsSecurityName, = mibBuilder.importSymbols(
'SNMP-TARGET-MIB', 'snmpTargetParamsSecurityName')
- if self.__paramsBranchId != snmpTargetParamsSecurityName.branchVersionId:
- snmpTargetParamsSecurityModel, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ if self._paramsBranchId != snmpTargetParamsSecurityName.branchVersionId:
+ snmpTargetParamsSecurityModel, = mibBuilder.importSymbols(
'SNMP-TARGET-MIB', 'snmpTargetParamsSecurityModel')
- self.__nameToModelMap = {}
+ self._nameToModelMap = {}
nextMibNode = snmpTargetParamsSecurityName
@@ -213,43 +231,44 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
instId = nextMibNode.name[len(snmpTargetParamsSecurityName.name):]
- mibNode = snmpTargetParamsSecurityModel.getNode(snmpTargetParamsSecurityModel.name + instId)
+ mibNode = snmpTargetParamsSecurityModel.getNode(
+ snmpTargetParamsSecurityModel.name + instId)
try:
- if nextMibNode.syntax not in self.__nameToModelMap:
- self.__nameToModelMap[nextMibNode.syntax] = set()
+ if nextMibNode.syntax not in self._nameToModelMap:
+ self._nameToModelMap[nextMibNode.syntax] = set()
- self.__nameToModelMap[nextMibNode.syntax].add(mibNode.syntax)
+ self._nameToModelMap[nextMibNode.syntax].add(mibNode.syntax)
except PyAsn1Error:
debug.logger & debug.FLAG_SM and debug.logger(
- '_com2sec: table entries %r/%r hashing failed' % (
- nextMibNode.syntax, mibNode.syntax)
- )
+ '_com2sec: table entries %r/%r hashing '
+ 'failed' % (nextMibNode.syntax, mibNode.syntax))
continue
- self.__paramsBranchId = snmpTargetParamsSecurityName.branchVersionId
+ self._paramsBranchId = snmpTargetParamsSecurityName.branchVersionId
# invalidate next map as it include this one
- self.__communityBranchId = -1
+ self._communityBranchId = -1
debug.logger & debug.FLAG_SM and debug.logger(
- '_com2sec: built securityName to securityModel map, version %s: %s' % (
- self.__paramsBranchId, self.__nameToModelMap))
+ '_com2sec: built securityName to securityModel map, version '
+ '%s: %s' % (self._paramsBranchId, self._nameToModelMap))
+
+ snmpCommunityName, = mibBuilder.importSymbols(
+ 'SNMP-COMMUNITY-MIB', 'snmpCommunityName')
- snmpCommunityName, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('SNMP-COMMUNITY-MIB',
- 'snmpCommunityName')
- if self.__communityBranchId != snmpCommunityName.branchVersionId:
+ if self._communityBranchId != snmpCommunityName.branchVersionId:
(snmpCommunitySecurityName, snmpCommunityContextEngineId,
snmpCommunityContextName,
- snmpCommunityTransportTag) = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ snmpCommunityTransportTag) = mibBuilder.importSymbols(
'SNMP-COMMUNITY-MIB', 'snmpCommunitySecurityName',
'snmpCommunityContextEngineID', 'snmpCommunityContextName',
'snmpCommunityTransportTag'
)
- self.__communityToTagMap = {}
- self.__tagAndCommunityToSecurityMap = {}
+ self._communityToTagMap = {}
+ self._tagAndCommunityToSecurityMap = {}
nextMibNode = snmpCommunityName
@@ -262,100 +281,125 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
instId = nextMibNode.name[len(snmpCommunityName.name):]
- securityName = snmpCommunitySecurityName.getNode(snmpCommunitySecurityName.name + instId).syntax
+ securityName = snmpCommunitySecurityName.getNode(
+ snmpCommunitySecurityName.name + instId).syntax
contextEngineId = snmpCommunityContextEngineId.getNode(
snmpCommunityContextEngineId.name + instId).syntax
- contextName = snmpCommunityContextName.getNode(snmpCommunityContextName.name + instId).syntax
+ contextName = snmpCommunityContextName.getNode(
+ snmpCommunityContextName.name + instId).syntax
- transportTag = snmpCommunityTransportTag.getNode(snmpCommunityTransportTag.name + instId).syntax
+ transportTag = snmpCommunityTransportTag.getNode(
+ snmpCommunityTransportTag.name + instId).syntax
_tagAndCommunity = transportTag, nextMibNode.syntax
try:
- if _tagAndCommunity not in self.__tagAndCommunityToSecurityMap:
- self.__tagAndCommunityToSecurityMap[_tagAndCommunity] = set()
+ if _tagAndCommunity not in self._tagAndCommunityToSecurityMap:
+ self._tagAndCommunityToSecurityMap[_tagAndCommunity] = set()
- self.__tagAndCommunityToSecurityMap[_tagAndCommunity].add(
- (securityName, contextEngineId, contextName)
- )
+ self._tagAndCommunityToSecurityMap[_tagAndCommunity].add(
+ (securityName, contextEngineId, contextName))
- if nextMibNode.syntax not in self.__communityToTagMap:
- self.__communityToTagMap[nextMibNode.syntax] = set()
+ if nextMibNode.syntax not in self._communityToTagMap:
+ self._communityToTagMap[nextMibNode.syntax] = set()
- self.__communityToTagMap[nextMibNode.syntax].add(transportTag)
+ self._communityToTagMap[nextMibNode.syntax].add(transportTag)
except PyAsn1Error:
debug.logger & debug.FLAG_SM and debug.logger(
- '_com2sec: table entries %r/%r hashing failed' % (
- _tagAndCommunity, nextMibNode.syntax)
- )
+ '_com2sec: table entries %r/%r hashing '
+ 'failed' % (_tagAndCommunity, nextMibNode.syntax))
continue
- self.__communityBranchId = snmpCommunityName.branchVersionId
+ self._communityBranchId = snmpCommunityName.branchVersionId
debug.logger & debug.FLAG_SM and debug.logger(
- '_com2sec: built communityName to tag map (securityModel %s), version %s: %s' % (
- self.SECURITY_MODEL_ID, self.__communityBranchId, self.__communityToTagMap))
+ '_com2sec: built communityName to tag map '
+ '(securityModel %s), version %s: '
+ '%s' % (self.SECURITY_MODEL_ID, self._communityBranchId,
+ self._communityToTagMap))
debug.logger & debug.FLAG_SM and debug.logger(
- '_com2sec: built tag & community to securityName map (securityModel %s), version %s: %s' % (
- self.SECURITY_MODEL_ID, self.__communityBranchId, self.__tagAndCommunityToSecurityMap))
-
- if communityName in self.__communityToTagMap:
- if transportInformation in self.__transportToTagMap:
- tags = self.__transportToTagMap[transportInformation].intersection(
- self.__communityToTagMap[communityName])
- elif self.__emptyTag in self.__communityToTagMap[communityName]:
- tags = [self.__emptyTag]
+ '_com2sec: built tag & community to securityName map '
+ '(securityModel %s), version %s: '
+ '%s' % (self.SECURITY_MODEL_ID, self._communityBranchId,
+ self._tagAndCommunityToSecurityMap))
+
+ if communityName in self._communityToTagMap:
+ if transportInformation in self._transportToTagMap:
+ tags = self._transportToTagMap[transportInformation].intersection(
+ self._communityToTagMap[communityName])
+
+ elif self._emptyTag in self._communityToTagMap[communityName]:
+ tags = [self._emptyTag]
+
else:
- raise error.StatusInformation(errorIndication=errind.unknownCommunityName)
+ raise error.StatusInformation(
+ errorIndication=errind.unknownCommunityName)
candidateSecurityNames = []
- for x in [self.__tagAndCommunityToSecurityMap[(t, communityName)] for t in tags]:
+ securityNamesSets = [
+ self._tagAndCommunityToSecurityMap[(t, communityName)]
+ for t in tags
+ ]
+
+ for x in securityNamesSets:
candidateSecurityNames.extend(list(x))
- # 5.2.1 (row selection in snmpCommunityTable)
- # Picks first match but favors entries already in targets table
if candidateSecurityNames:
- candidateSecurityNames.sort(
- key=lambda x, m=self.__nameToModelMap, v=self.SECURITY_MODEL_ID: (
- not int(x[0] in m and v in m[x[0]]), str(x[0]))
- )
+ candidateSecurityNames.sort(key=self._orderSecurityNames)
+
chosenSecurityName = candidateSecurityNames[0] # min()
+
debug.logger & debug.FLAG_SM and debug.logger(
- '_com2sec: securityName candidates for communityName \'%s\' are %s; choosing securityName \'%s\'' % (
- communityName, candidateSecurityNames, chosenSecurityName[0]))
+ '_com2sec: securityName candidates for communityName %s '
+ 'are %s; choosing securityName '
+ '%s' % (communityName, candidateSecurityNames,
+ chosenSecurityName[0]))
+
return chosenSecurityName
- raise error.StatusInformation(errorIndication=errind.unknownCommunityName)
+ raise error.StatusInformation(
+ errorIndication=errind.unknownCommunityName)
+
+ # 5.2.1 (row selection in snmpCommunityTable)
+ # Picks first match but favors entries already in targets table
+ def _orderSecurityNames(self, securityName):
+ return (not int(securityName[0] in self._nameToModelMap and
+ self.SECURITY_MODEL_ID in self._nameToModelMap[securityName[0]]),
+ str(securityName[0]))
def generateRequestMsg(self, snmpEngine, messageProcessingModel,
globalData, maxMessageSize, securityModel,
securityEngineId, securityName, securityLevel,
scopedPDU):
msg, = globalData
+
contextEngineId, contextName, pdu = scopedPDU
# rfc2576: 5.2.3
- communityName = self._sec2com(snmpEngine, securityName,
- contextEngineId, contextName)
+ communityName = self._sec2com(
+ snmpEngine, securityName, contextEngineId, contextName)
debug.logger & debug.FLAG_SM and debug.logger(
- 'generateRequestMsg: using community %r for securityModel %r, securityName %r, contextEngineId %r contextName %r' % (
- communityName, securityModel, securityName, contextEngineId, contextName))
+ 'generateRequestMsg: using community %r for securityModel %r, '
+ 'securityName %r, contextEngineId %r contextName '
+ '%r' % (communityName, securityModel, securityName,
+ contextEngineId, contextName))
securityParameters = communityName
msg.setComponentByPosition(1, securityParameters)
msg.setComponentByPosition(2)
msg.getComponentByPosition(2).setComponentByType(
- pdu.tagSet, pdu, verifyConstraints=False, matchTags=False, matchConstraints=False
- )
+ pdu.tagSet, pdu, verifyConstraints=False, matchTags=False,
+ matchConstraints=False)
- debug.logger & debug.FLAG_MP and debug.logger('generateRequestMsg: %s' % (msg.prettyPrint(),))
+ debug.logger & debug.FLAG_MP and debug.logger(
+ 'generateRequestMsg: %s' % (msg.prettyPrint(),))
try:
return securityParameters, encoder.encode(msg)
@@ -363,7 +407,9 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
except PyAsn1Error as exc:
debug.logger & debug.FLAG_MP and debug.logger(
'generateRequestMsg: serialization failure: %s' % exc)
- raise error.StatusInformation(errorIndication=errind.serializationError)
+
+ raise error.StatusInformation(
+ errorIndication=errind.serializationError)
def generateResponseMsg(self, snmpEngine, messageProcessingModel,
globalData, maxMessageSize, securityModel,
@@ -371,21 +417,26 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
scopedPDU, securityStateReference):
# rfc2576: 5.2.2
msg, = globalData
+
contextEngineId, contextName, pdu = scopedPDU
+
cachedSecurityData = self._cache.pop(securityStateReference)
+
communityName = cachedSecurityData['communityName']
debug.logger & debug.FLAG_SM and debug.logger(
- 'generateResponseMsg: recovered community %r by securityStateReference %s' % (
- communityName, securityStateReference))
+ 'generateResponseMsg: recovered community %r by '
+ 'securityStateReference '
+ '%s' % (communityName, securityStateReference))
msg.setComponentByPosition(1, communityName)
msg.setComponentByPosition(2)
msg.getComponentByPosition(2).setComponentByType(
- pdu.tagSet, pdu, verifyConstraints=False, matchTags=False, matchConstraints=False
- )
+ pdu.tagSet, pdu, verifyConstraints=False, matchTags=False,
+ matchConstraints=False)
- debug.logger & debug.FLAG_MP and debug.logger('generateResponseMsg: %s' % (msg.prettyPrint(),))
+ debug.logger & debug.FLAG_MP and debug.logger(
+ 'generateResponseMsg: %s' % (msg.prettyPrint(),))
try:
return communityName, encoder.encode(msg)
@@ -393,11 +444,14 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
except PyAsn1Error as exc:
debug.logger & debug.FLAG_MP and debug.logger(
'generateResponseMsg: serialization failure: %s' % exc)
+
raise error.StatusInformation(errorIndication=errind.serializationError)
def processIncomingMsg(self, snmpEngine, messageProcessingModel,
maxMessageSize, securityParameters, securityModel,
securityLevel, wholeMsg, msg):
+ mibBuilder = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder
+
# rfc2576: 5.2.1
communityName, transportInformation = securityParameters
@@ -407,6 +461,7 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
snmpEngine.observer.storeExecutionContext(
snmpEngine, 'rfc2576.processIncomingMsg:writable', scope
)
+
snmpEngine.observer.clearExecutionContext(
snmpEngine, 'rfc2576.processIncomingMsg:writable'
)
@@ -418,16 +473,17 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
)
except error.StatusInformation:
- snmpInBadCommunityNames, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols(
+ snmpInBadCommunityNames, = mibBuilder.importSymbols(
'__SNMPv2-MIB', 'snmpInBadCommunityNames')
snmpInBadCommunityNames.syntax += 1
+
raise error.StatusInformation(
errorIndication=errind.unknownCommunityName,
communityName=communityName
)
- snmpEngineID, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('__SNMP-FRAMEWORK-MIB',
- 'snmpEngineID')
+ snmpEngineID, = mibBuilder.importSymbols(
+ '__SNMP-FRAMEWORK-MIB', 'snmpEngineID')
securityEngineID = snmpEngineID.syntax
@@ -440,24 +496,31 @@ class SnmpV1SecurityModel(base.AbstractSecurityModel):
contextEngineId=contextEngineId,
contextName=contextName)
)
+
snmpEngine.observer.clearExecutionContext(
snmpEngine, 'rfc2576.processIncomingMsg'
)
debug.logger & debug.FLAG_SM and debug.logger(
- 'processIncomingMsg: looked up securityName %r securityModel %r contextEngineId %r contextName %r by communityName %r AND transportInformation %r' % (
- securityName, self.SECURITY_MODEL_ID, contextEngineId, contextName, communityName, transportInformation))
+ 'processIncomingMsg: looked up securityName %r securityModel %r '
+ 'contextEngineId %r contextName %r by communityName %r '
+ 'AND transportInformation '
+ '%r' % (securityName, self.SECURITY_MODEL_ID, contextEngineId,
+ contextName, communityName, transportInformation))
stateReference = self._cache.push(communityName=communityName)
scopedPDU = (contextEngineId, contextName,
msg.getComponentByPosition(2).getComponent())
+
maxSizeResponseScopedPDU = maxMessageSize - 128
+
securityStateReference = stateReference
debug.logger & debug.FLAG_SM and debug.logger(
- 'processIncomingMsg: generated maxSizeResponseScopedPDU %s securityStateReference %s' % (
- maxSizeResponseScopedPDU, securityStateReference))
+ 'processIncomingMsg: generated maxSizeResponseScopedPDU '
+ '%s securityStateReference '
+ '%s' % (maxSizeResponseScopedPDU, securityStateReference))
return (securityEngineID, securityName, scopedPDU,
maxSizeResponseScopedPDU, securityStateReference)
View Lorry Controller Status