From b43f9decac781a7be576fa98afc727bd7eaa8205 Mon Sep 17 00:00:00 2001
From: elie <elie>
Date: Wed, 1 Dec 2010 17:58:21 +0000
Subject: void access control module implemented

---
 CHANGES                    |  1 +
 pysnmp/entity/engine.py    |  3 ++-
 pysnmp/proto/acmod/void.py | 20 ++++++++++++++++++++
 3 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 pysnmp/proto/acmod/void.py

diff --git a/CHANGES b/CHANGES
index 1d24cbd..8b2db72 100644
--- a/CHANGES
+++ b/CHANGES
@@ -21,6 +21,7 @@ Revision 4.1.15a
   to speedup by-value search.
 - SNMPv2-CONF::AgentCapabilities macro implemented.
 - The libsmi2pysnmp tool handles some more MACROs.
+- Void access control module implemented to let apps disabling [default] VACM.
 - Fix to SNMPv3 security module to store peer SNMP engine timeline
   only if taken from an authenticated message. Prior to this fix
   SNMP engine was not been protected from spoofing.
diff --git a/pysnmp/entity/engine.py b/pysnmp/entity/engine.py
index fefcf58..bd957af 100644
--- a/pysnmp/entity/engine.py
+++ b/pysnmp/entity/engine.py
@@ -6,7 +6,7 @@ from pysnmp.proto.mpmod.rfc3412 import SnmpV3MessageProcessingModel
 from pysnmp.proto.secmod.rfc2576 import SnmpV1SecurityModel, \
      SnmpV2cSecurityModel
 from pysnmp.proto.secmod.rfc3414 import SnmpUSMSecurityModel
-from pysnmp.proto.acmod import rfc3415
+from pysnmp.proto.acmod import rfc3415, void
 from pysnmp import error
 
 class SnmpEngine:
@@ -30,6 +30,7 @@ class SnmpEngine:
             SnmpUSMSecurityModel.securityModelID: SnmpUSMSecurityModel()
             }
         self.accessControlModel = {
+            void.accessModelID: void,
             rfc3415.accessModelID: rfc3415
             }
         
diff --git a/pysnmp/proto/acmod/void.py b/pysnmp/proto/acmod/void.py
new file mode 100644
index 0000000..eab5809
--- /dev/null
+++ b/pysnmp/proto/acmod/void.py
@@ -0,0 +1,20 @@
+# Void Access Control Model
+from pysnmp.smi.error import NoSuchObjectError
+from pysnmp.proto import error
+
+accessModelID = 0
+
+# rfc3415 3.2
+def isAccessAllowed(
+    snmpEngine,
+    securityModel,
+    securityName,
+    securityLevel,
+    viewType,
+    contextName,
+    variableName):
+
+    debug.logger & debug.flagACL and debug.logger('isAccessAllowed: viewType %s for variableName %s - OK' % (viewType, variableName))
+
+    # rfc3415 3.2.5c
+    return error.StatusInformation(errorIndication='accessAllowed')
-- 
cgit v1.2.1