diff options
| author | elie <elie> | 2010-12-01 17:58:21 +0000 |
|---|---|---|
| committer | elie <elie> | 2010-12-01 17:58:21 +0000 |
| commit | b43f9decac781a7be576fa98afc727bd7eaa8205 (patch) | |
| tree | 252671c7a22f97d3c43e7e4839be9e6e54df1459 | |
| parent | cce9a8f99a9dc5af5b7533a5536b9241e37d6434 (diff) | |
| download | pysnmp-b43f9decac781a7be576fa98afc727bd7eaa8205.tar.gz | |
void access control module implemented
| -rw-r--r-- | CHANGES | 1 | ||||
| -rw-r--r-- | pysnmp/entity/engine.py | 3 | ||||
| -rw-r--r-- | pysnmp/proto/acmod/void.py | 20 |
3 files changed, 23 insertions, 1 deletions
@@ -21,6 +21,7 @@ Revision 4.1.15a to speedup by-value search. - SNMPv2-CONF::AgentCapabilities macro implemented. - The libsmi2pysnmp tool handles some more MACROs. +- Void access control module implemented to let apps disabling [default] VACM. - Fix to SNMPv3 security module to store peer SNMP engine timeline only if taken from an authenticated message. Prior to this fix SNMP engine was not been protected from spoofing. diff --git a/pysnmp/entity/engine.py b/pysnmp/entity/engine.py index fefcf58..bd957af 100644 --- a/pysnmp/entity/engine.py +++ b/pysnmp/entity/engine.py @@ -6,7 +6,7 @@ from pysnmp.proto.mpmod.rfc3412 import SnmpV3MessageProcessingModel from pysnmp.proto.secmod.rfc2576 import SnmpV1SecurityModel, \ SnmpV2cSecurityModel from pysnmp.proto.secmod.rfc3414 import SnmpUSMSecurityModel -from pysnmp.proto.acmod import rfc3415 +from pysnmp.proto.acmod import rfc3415, void from pysnmp import error class SnmpEngine: @@ -30,6 +30,7 @@ class SnmpEngine: SnmpUSMSecurityModel.securityModelID: SnmpUSMSecurityModel() } self.accessControlModel = { + void.accessModelID: void, rfc3415.accessModelID: rfc3415 } diff --git a/pysnmp/proto/acmod/void.py b/pysnmp/proto/acmod/void.py new file mode 100644 index 0000000..eab5809 --- /dev/null +++ b/pysnmp/proto/acmod/void.py @@ -0,0 +1,20 @@ +# Void Access Control Model +from pysnmp.smi.error import NoSuchObjectError +from pysnmp.proto import error + +accessModelID = 0 + +# rfc3415 3.2 +def isAccessAllowed( + snmpEngine, + securityModel, + securityName, + securityLevel, + viewType, + contextName, + variableName): + + debug.logger & debug.flagACL and debug.logger('isAccessAllowed: viewType %s for variableName %s - OK' % (viewType, variableName)) + + # rfc3415 3.2.5c + return error.StatusInformation(errorIndication='accessAllowed') |