SNMP version 3 packet implementation class.
Available packet classes are:
  • SnmpV1Packet
  • SnmpV1TrapPacket
  • SnmpV2Packet
  • SnmpV3Packet
This class is provided to simplify encoding and decoding of packets and to provide consistent interface for users who wish to handle transport part of protocol on their own without using the UdpTarget class. SnmpPacket and derived classes have been developed to implement SNMP version 1, 2 and 3 packet support. For SNMP version 1 and 2 packet, SnmpV1Packet and SnmpV2Packet classes provide sufficient support for encoding and decoding data to/from BER buffers to satisfy requirements of most applications. SNMP version 3 on the other hand requires a lot more information to be passed to the encoder method and returned by the decode method. While using SnmpV3Packet class for full packet handling is possible, transport specific class UdpTarget uses SecureAgentParameters class to store protocol version 3 specific information that carries over from request to request when used on the same SNMP agent and therefore simplifies both initial definition of agents configuration (mostly security) as well as removes the need for repeated initialization of the packet class for subsequent requests. If you decide not to use transport helper class(es) like UdpTarget, BER encoding and decoding and packets is easily done with SnmpPacket derived classes. Example, SNMP version 1 packet encoding: SnmpV1Packet packetv1 = new SnmpV1Packet(); packetv1.Community.Set("public"); packetv1.Pdu.Set(mypdu); byte[] berpacket = packetv1.encode(); Example, SNMP version 3 noAuthNoPriv encoding: SnmpV3Packet packetv3 = new SnmpV3Packet(); packetv3.noAuthNoPriv("myusername"); packetv3.SetEngineTime(engineTime, engineBoots); // See SNMPv3 discovery process for details packetv3.SetEngineId(engineId); // See SNMPv3 discovery process for details packetv3.IsReportable = true; packetv3.Pdu.Set(mypdu); byte[] berpacket = packetv3.encode(); Example, SNMP version 3 authNoPriv using MD5 authentication packet encoding: SnmpV3Packet packetv3 = new SnmpV3Packet(); packetv3.authNoPriv("myusername", "myAuthenticationPassword", AuthenticationDigests.MD5); packetv3.SetEngineTime(engineTime, engineBoots); // See SNMPv3 discovery process for details packetv3.SetEngineId(engineId); // See SNMPv3 discovery process for details packetv3.IsReportable = true; packetv3.Pdu.Set(mypdu); byte[] berpacket = packetv3.encode(); Example, SNMP version 3 authPriv using MD5 authentication and DES encryption packet encoding: SnmpV3Packet packetv3 = new SnmpV3Packet(); packetv3.authPriv("myusername", "myAuthenticationPassword", AuthenticationDigests.MD5, "myPrivacyPassword", PrivacyProtocols.DES); packetv3.SetEngineTime(engineTime, engineBoots); // See SNMPv3 discovery process for details packetv3.SetEngineId(engineId); // See SNMPv3 discovery process for details packetv3.IsReportable = true; packetv3.Pdu.Set(mypdu); byte[] berpacket = packetv3.encode(); When decoding SNMP version 3 packets, SnmpV3Packet class needs to be initialized with the same values security values as a request does. This includes, authoritative engine id, engine boots and engine time, if authentication is used, authentication digest and password and for encryption, password and privacy protocol used. Without these parameters packet class will not be able to verify the incoming packet and responses will be discarded even if they are valid.
Наследование: SnmpPacket
Пример #1
0
        /// <summary>
        /// Perform SNMP version 3 discovery operation. This is the first operation that needs to be
        /// performed on a newly accessed agent to retrieve agentId, agentBoots and agentTime values, critical
        /// for further authentication and privacy operations.
        /// </summary>
        /// <param name="param"><see cref="SecureAgentParameters"/> class instance that will be updated
        /// with discovered agent values. This class with be reset to its defaults prior to agent
        /// discovered values so do not store any critical information in it prior to calling the
        /// discovery method</param>
        /// <returns>True if discovery operation was a success, otherwise false</returns>
        public bool Discovery(SecureAgentParameters param)
        {
            param.Reset();
            param.SecurityName.Set("");
            param.Reportable = true;
            Pdu          pdu   = new Pdu();  // just leave everything at default.
            SnmpV3Packet inpkt = (SnmpV3Packet)Request(pdu, param);

            if (inpkt != null)
            {
                if (inpkt.USM.EngineBoots == 0 && inpkt.USM.EngineTime == 0)
                {
                    inpkt = (SnmpV3Packet)Request(pdu, param);
                    if (inpkt != null)
                    {
                        return(true);
                    }
                }
                else
                {
                    return(true);
                }
            }
            return(false);
        }
        /// <summary>
        /// Validate that incoming packet has arrived from the correct engine id and is using a correct
        /// combination of privacy and authentication values.
        /// </summary>
        /// <param name="packet">Received and parsed SNMP version 3 packet.</param>
        /// <returns>True if packet is valid, otherwise false.</returns>
        /// <exception cref="SnmpException">Thrown on following errors with ErrorCode:
        /// * ErrorCode = 0: SecureAgentParameters was updated after request was made but before reply was received (this is not allowed)
        /// * SnmpException.InvalidAuthoritativeEngineId: engine id in the reply does not match request
        /// * SnmpException.InvalidSecurityName: security name mismatch between request and reply packets
        /// * SnmpException.ReportOnNoReports: report packet received when we had reportable set to false in the request
        /// * SnmpException.UnsupportedNoAuthPriv: noAuthPriv is not supported
        /// </exception>
        /// <exception cref="SnmpPrivacyException">Thrown when configured privacy passwords in this class and in the packet class do not match</exception>
        /// <exception cref="SnmpAuthenticationException">Thrown when configured authentication passwords in this class and in the packet class do not match</exception>
        public bool ValidateIncomingPacket(SnmpV3Packet packet)
        {
            // First check if this is a report packet.
            if (packet.Pdu.Type == PduType.Report)
            {
                if (!_reportable)
                {
                    // we do not expect report packets so dump it
                    throw new SnmpException(SnmpException.ReportOnNoReports, "Unexpected report packet received.");
                    // return false;
                }
                if (packet.MsgFlags.Authentication == false && packet.MsgFlags.Privacy)
                {
                    // no authentication and no privacy allowed in report packets
                    throw new SnmpException(SnmpException.UnsupportedNoAuthPriv, "Authentication and privacy combination is not supported.");
                    // return false;
                }
                // the rest will not be checked, there is no point
            }
            else
            {
                if (packet.USM.EngineId != _engineId)
                {
                    // different engine id is not allowed
                    throw new SnmpException(SnmpException.InvalidAuthoritativeEngineId, "EngineId mismatch.");
                    // return false;
                }

                if (packet.USM.Authentication != _authenticationProtocol || packet.USM.Privacy != _privacyProtocol)
                {
                    // we have to have the same authentication and privacy protocol - no last minute changes
                    throw new SnmpException("Agent parameters updated after request was made.");
                    // return false;
                }
                if (packet.USM.Authentication != AuthenticationDigests.None)
                {
                    if (packet.USM.AuthenticationSecret != _authenticationSecret)
                    {
                        // authentication secret has to match
                        throw new SnmpAuthenticationException("Authentication secret in the packet class does not match the IAgentParameter secret.");
                        // return false;
                    }
                }
                if (packet.USM.Privacy != PrivacyProtocols.None)
                {
                    if (packet.USM.PrivacySecret != _privacySecret)
                    {
                        // privacy secret has to match
                        throw new SnmpPrivacyException("Privacy secret in the packet class does not match the IAgentParameters secret.");
                        // return false;
                    }
                }
                if (packet.USM.SecurityName != _securityName)
                {
                    throw new SnmpException(SnmpException.InvalidSecurityName, "Security name mismatch.");
                    // return false;
                }
            }
            return(true);
        }
Пример #3
0
        /// <summary>
        /// Build SNMP RESPONSE packet for the INFORM packet class.
        /// </summary>
        /// <param name="informPacket">SNMP INFORM packet</param>
        /// <returns>SNMP version 3 packet containing RESPONSE to the INFORM packet contained in the parameter.</returns>
        /// <exception cref="SnmpInvalidPduTypeException">Parameter is not an INFORM SNMP version 3 packet class</exception>
        /// <exception cref="SnmpInvalidVersionException">Parameter is not a SNMP version 3 packet</exception>
        public static SnmpV3Packet BuildInformResponse(SnmpV3Packet informPacket)
        {
            if (informPacket.Version != SnmpVersion.Ver3)
                throw new SnmpInvalidVersionException("INFORM packet can only be parsed from an SNMP version 3 packet.");
            if (informPacket.Pdu.Type != PduType.Inform)
                throw new SnmpInvalidPduTypeException("Inform response can only be built for INFORM packets.");

            SnmpV3Packet response = new SnmpV3Packet(informPacket.ScopedPdu);
            response.MessageId = informPacket.MessageId;
            response.USM.SecurityName.Set(informPacket.USM.SecurityName);
            response.USM.EngineTime = informPacket.USM.EngineTime;
            response.USM.EngineBoots = informPacket.USM.EngineBoots;
            response.USM.EngineId.Set(informPacket.USM.EngineId);
            response.USM.Authentication = informPacket.USM.Authentication;
            if (response.USM.Authentication != AuthenticationDigests.None)
                response.USM.AuthenticationSecret.Set(informPacket.USM.AuthenticationSecret);
            else
                response.USM.AuthenticationSecret.Reset();
            response.USM.Privacy = informPacket.USM.Privacy;
            if (response.USM.Privacy != PrivacyProtocols.None)
                response.USM.PrivacySecret.Set(informPacket.USM.PrivacySecret);
            else
                response.USM.PrivacySecret.Reset();
            response.MsgFlags.Authentication = informPacket.MsgFlags.Authentication;
            response.MsgFlags.Privacy = informPacket.MsgFlags.Privacy;
            response.MsgFlags.Reportable = informPacket.MsgFlags.Reportable;
            response.ScopedPdu.ContextEngineId.Set(informPacket.ScopedPdu.ContextEngineId);
            response.ScopedPdu.ContextName.Set(informPacket.ScopedPdu.ContextName);
            response.Pdu.Type = PduType.Response;
            response.Pdu.TrapObjectID.Set(informPacket.Pdu.TrapObjectID);
            response.Pdu.TrapSysUpTime.Value = informPacket.Pdu.TrapSysUpTime.Value;
            response.Pdu.RequestId = informPacket.Pdu.RequestId;

            return response;
        }
Пример #4
0
 /// <summary>
 /// Build an SNMP version 3 packet suitable for use in discovery process.
 /// </summary>
 /// <returns>Discovery process prepared SNMP version 3 packet.</returns>
 public static SnmpV3Packet DiscoveryRequest()
 {
     SnmpV3Packet packet = new SnmpV3Packet(new ScopedPdu()); // with a blank scoped pdu
                                                              // looking through other implementation, null (length 0) user name is used
                                                              // packet.USM.SecurityName.Set("initial"); // set user name to initial, as described in RFCs
     return packet; // return packet
 }
Пример #5
0
        /// <summary>Construct and send SNMP v3 authPriv Trap</summary>
        /// <param name="receiver">Trap receiver IP address</param>
        /// <param name="receiverPort">Trap receiver UDP port number</param>
        /// <param name="engineId">Sender SNMP engineId</param>
        /// <param name="senderEngineBoots">Sender SNMP engine boots</param>
        /// <param name="senderEngineTime">Sender SNMP engine time</param>
        /// <param name="senderUserName">Security (user) name</param>
        /// <param name="senderUpTime">Sender upTime</param>
        /// <param name="trapObjectID">Trap object ID</param>
        /// <param name="varList">Variable binding list</param>
        /// <param name="authDigest">
        /// Authentication digest. See <see cref="AuthenticationDigests"/> enumeration for
        /// available digests
        /// </param>
        /// <param name="authSecret">Authentication secret</param>
        /// <param name="privProtocol">
        /// Privacy protocol. See <see cref="EPrivacyProtocols"/> enumeration for
        /// available privacy protocols.
        /// </param>
        /// <param name="privSecret">Privacy secret</param>
        public void SendV3Trap(
            IpAddress receiver,
            int receiverPort,
            byte[] engineId,
            int senderEngineBoots,
            int senderEngineTime,
            string senderUserName,
            uint senderUpTime,
            Oid trapObjectID,
            VbCollection varList,
            AuthenticationDigests authDigest,
            byte[] authSecret,
            EPrivacyProtocols privProtocol,
            byte[] privSecret
            )
        {
            SnmpV3Packet packet = new SnmpV3Packet();

            packet.Pdu.Type = EPduType.V2Trap;
            packet.AuthPriv(Encoding.UTF8.GetBytes(senderUserName), authSecret, authDigest, privSecret, privProtocol);
            packet.SetEngineId(engineId);
            packet.SetEngineTime(senderEngineBoots, senderEngineTime);
            packet.ScopedPdu.TrapObjectID.Set(trapObjectID);
            packet.ScopedPdu.TrapSysUpTime.Value = senderUpTime;
            packet.ScopedPdu.VbList.Add(varList);
            packet.MessageFlags.Reportable = false;
            SendV3Trap(packet, receiver, receiverPort);
        }
 /// <summary>
 /// Send SNMP version 3 Trap notification
 /// </summary>
 /// <param name="packet">SNMP v3 Trap packet class</param>
 /// <param name="peer">Manager (receiver) IP address</param>
 /// <param name="port">Manager (receiver) UDP port number</param>
 public void SendV3Trap(SnmpV3Packet packet, IpAddress peer, int port)
 {
     if (packet.Pdu.Type != PduType.V2Trap)
     {
         throw new SnmpInvalidPduTypeException("Invalid Pdu type.");
     }
     byte[] outBuffer = packet.encode();
     _sock.SendTo(outBuffer, new IPEndPoint((IPAddress)peer, port));
 }
Пример #7
0
 /// <summary>
 /// Build SNMP discovery response packet.
 /// </summary>
 /// <remarks>
 /// Manager application has to be able to respond to discovery requests to be able to handle
 /// SNMPv3 INFORM notifications.
 /// 
 /// In an INFORM packet, engineId value is set to the manager stations id (unlike all other requests
 /// where agent is the authoritative SNMP engine). For the agent to discover appropriate manager engine
 /// id, boots and time values (required for authentication and privacy packet handling), manager has to
 /// be able to respond to the discovery request.
 /// </remarks>
 /// <param name="messageId">Message id from the received discovery packet</param>
 /// <param name="requestId">Request id from the received discovery packets Pdu</param>
 /// <param name="engineId">Local engine id</param>
 /// <param name="engineBoots">Number of times local SNMP engine has been restarted</param>
 /// <param name="engineTime">Time since the engine was started in seconds</param>
 /// <param name="unknownEngineIdCount">Number of discovery packets received by the local SNMP engine</param>
 /// <returns>SNMP v3 packet properly formatted as a response to a discovery request</returns>
 public static SnmpV3Packet DiscoveryResponse(int messageId, int requestId, OctetString engineId, int engineBoots, int engineTime, int unknownEngineIdCount)
 {
     SnmpV3Packet packet = new SnmpV3Packet();
     packet.Pdu.Type = PduType.Report;
     packet.Pdu.RequestId = requestId;
     packet.Pdu.VbList.Add(SnmpConstants.usmStatsUnknownEngineIDs, new Integer32(unknownEngineIdCount));
     // discovery response is a report packet. We don't want to receive reports about a report
     packet.MsgFlags.Reportable = false;
     packet.SetEngineId(engineId);
     packet.MessageId = messageId;
     packet.USM.EngineBoots = engineBoots;
     packet.USM.EngineTime = engineTime;
     return packet;
 }
        /// <summary>
        /// Construct and send SNMP v3 noAuthNoPriv Trap
        /// </summary>
        /// <param name="receiver">Trap receiver IP address</param>
        /// <param name="receiverPort">Trap receiver UDP port number</param>
        /// <param name="engineId">Sender SNMP engineId</param>
        /// <param name="senderEngineBoots">Sender SNMP engine boots</param>
        /// <param name="senderEngineTime">Sender SNMP engine time</param>
        /// <param name="senderUserName">Security (user) name</param>
        /// <param name="senderUpTime">Sender upTime</param>
        /// <param name="trapObjectID">Trap object ID</param>
        /// <param name="varList">Variable binding list</param>
        public void SendV3Trap(IpAddress receiver, int receiverPort, byte[] engineId, Int32 senderEngineBoots,
                               Int32 senderEngineTime, string senderUserName, UInt32 senderUpTime, Oid trapObjectID, VbCollection varList)
        {
            SnmpV3Packet packet = new SnmpV3Packet();

            packet.Pdu.Type = PduType.V2Trap;
            packet.NoAuthNoPriv(ASCIIEncoding.UTF8.GetBytes(senderUserName));
            packet.SetEngineId(engineId);
            packet.SetEngineTime(senderEngineBoots, senderEngineTime);
            packet.ScopedPdu.TrapObjectID.Set(trapObjectID);
            packet.ScopedPdu.TrapSysUpTime.Value = senderUpTime;
            packet.ScopedPdu.VbList.Add(varList);
            packet.MsgFlags.Reportable = false;
            SendV3Trap(packet, receiver, receiverPort);
        }
Пример #9
0
 /// <summary>
 /// Update class values with SNMP version 3 discovery values from the supplied <see cref="SnmpV3Packet"/>
 /// class. Values updated are EngineId, EngineTime and EngineBoots.
 /// </summary>
 /// <param name="packet"><see cref="SnmpV3Packet"/> class cast as <see cref="SnmpPacket"/></param>
 /// <exception cref="SnmpInvalidVersionException">Thrown when SNMP packet class other then version 3
 /// is passed as parameter</exception>
 public void UpdateDiscoveryValues(SnmpPacket packet)
 {
     if (packet is SnmpV3Packet)
     {
         SnmpV3Packet pkt = (SnmpV3Packet)packet;
         _engineId.Set(pkt.USM.EngineId);
         _engineTime.Value  = pkt.USM.EngineTime;
         _engineBoots.Value = pkt.USM.EngineBoots;
         UpdateTimeStamp();
         _contextEngineId.Set(pkt.ScopedPdu.ContextEngineId);
         _contextName.Set(pkt.ScopedPdu.ContextName);
     }
     else
     {
         throw new SnmpInvalidVersionException("Invalid SNMP version.");
     }
 }
Пример #10
0
 /// <summary>
 /// InitializePacket SNMP packet with values from this class. Works only on SNMP version 3 packets.
 /// </summary>
 /// <param name="packet">Instance of <see cref="SnmpV3Packet"/></param>
 /// <exception cref="SnmpInvalidVersionException">Thrown when parameter packet is not SnmpV3Packet</exception>
 public void InitializePacket(SnmpPacket packet)
 {
     if (packet is SnmpV3Packet)
     {
         SnmpV3Packet pkt    = (SnmpV3Packet)packet;
         bool         isAuth = (_authenticationProtocol == AuthenticationDigests.None) ? false : true;
         bool         isPriv = (_privacyProtocol == PrivacyProtocols.None) ? false : true;
         if (isAuth && isPriv)
         {
             pkt.authPriv(_securityName, _authenticationSecret, _authenticationProtocol, _privacySecret, _privacyProtocol);
         }
         else if (isAuth && !isPriv)
         {
             pkt.authNoPriv(_securityName, _authenticationSecret, _authenticationProtocol);
         }
         else
         {
             pkt.NoAuthNoPriv(_securityName);
         }
         pkt.USM.EngineId.Set(_engineId);
         pkt.USM.EngineBoots     = _engineBoots.Value;
         pkt.USM.EngineTime      = GetCurrentEngineTime();
         pkt.MaxMessageSize      = _maxMessageSize.Value;
         pkt.MsgFlags.Reportable = _reportable;
         if (_contextEngineId.Length > 0)
         {
             pkt.ScopedPdu.ContextEngineId.Set(_contextEngineId);
         }
         else
         {
             pkt.ScopedPdu.ContextEngineId.Set(_engineId);
         }
         if (_contextName.Length > 0)
         {
             pkt.ScopedPdu.ContextName.Set(_contextName);
         }
         else
         {
             pkt.ScopedPdu.ContextName.Reset();
         }
     }
     else
     {
         throw new SnmpInvalidVersionException("Invalid SNMP version.");
     }
 }
Пример #11
0
 /// <summary>
 /// Prepare packet for transmission by filling target specific information in the packet.
 /// </summary>
 /// <param name="packet">SNMP packet class for the required version</param>
 /// <returns>True if packet values are correctly set, otherwise false.</returns>
 public bool PreparePacketForTransmission(SnmpPacket packet)
 {
     if (packet is SnmpV3Packet)
     {
         SnmpV3Packet pkt    = (SnmpV3Packet)packet;
         bool         isAuth = (_authenticationProtocol == AuthenticationDigests.None) ? false : true;
         bool         isPriv = (_privacyProtocol == PrivacyProtocols.None) ? false : true;
         if (isAuth && isPriv)
         {
             pkt.authPriv(_securityName, _authenticationSecret, _authenticationProtocol, _privacySecret, _privacyProtocol);
         }
         else if (isAuth && !isPriv)
         {
             pkt.authNoPriv(_securityName, _authenticationSecret, _authenticationProtocol);
         }
         else
         {
             pkt.NoAuthNoPriv(_securityName);
         }
         pkt.USM.EngineId.Set(_engineId);
         pkt.USM.EngineBoots     = _engineBoots.Value;
         pkt.USM.EngineTime      = GetCurrentEngineTime();
         pkt.MaxMessageSize      = _maxMessageSize.Value;
         pkt.MsgFlags.Reportable = _reportable;
         if (_contextEngineId.Length > 0)
         {
             pkt.ScopedPdu.ContextEngineId.Set(_contextEngineId);
         }
         else
         {
             pkt.ScopedPdu.ContextEngineId.Set(_engineId);
         }
         if (_contextName.Length > 0)
         {
             pkt.ScopedPdu.ContextName.Set(_contextName);
         }
         else
         {
             pkt.ScopedPdu.ContextName.Reset();
         }
     }
     return(false);
 }
Пример #12
0
 /// <summary>
 /// Copy all relevant values from the SnmpV3Packet class. Do not use this class for
 /// updating the SNMP version 3 discovery process results because secret name, authentication
 /// and privacy values are updated as well which discovery process doesn't use.
 /// </summary>
 /// <param name="packet"><see cref="SnmpV3Packet"/> cast as <see cref="SnmpPacket"/></param>
 /// <exception cref="SnmpInvalidVersionException">Thrown when SNMP packet class other then version 3
 /// is passed as parameter</exception>
 public void UpdateValues(SnmpPacket packet)
 {
     if (packet is SnmpV3Packet)
     {
         SnmpV3Packet pkt = (SnmpV3Packet)packet;
         _authenticationProtocol = pkt.USM.Authentication;
         _privacyProtocol        = pkt.USM.Privacy;
         _authenticationSecret.Set(pkt.USM.AuthenticationSecret);
         _privacySecret.Set(pkt.USM.PrivacySecret);
         _securityName.Set(pkt.USM.SecurityName);
         if (pkt.MaxMessageSize < _maxMessageSize.Value)
         {
             _maxMessageSize.Value = pkt.MaxMessageSize;
         }
         UpdateDiscoveryValues(pkt);
     }
     else
     {
         throw new SnmpInvalidVersionException("Invalid SNMP version.");
     }
 }
Пример #13
0
        internal void AsyncResponse(AsyncRequestResult result, IPEndPoint peer, byte[] buffer, int buflen)
        {
            if (result != AsyncRequestResult.NoError)
            {
                _response(result, null);
            }
            else
            {
                if (buffer == null || buffer.Length <= 0 || buflen <= 0)
                {
                    _response(AsyncRequestResult.NoDataReceived, null);
                    return;
                }
                // verify packet
                if (_agentParameters.Version == (int)SnmpVersion.Ver1)
                {
                    SnmpV1Packet packet = new SnmpV1Packet();
                    try
                    {
                        packet.decode(buffer, buflen);
                    }
                    catch (Exception ex)
                    {
                        ex.GetType();
                        // Console.WriteLine("Exception while decoding SNMP packet: " + ex.ToString());
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }
                    _response(AsyncRequestResult.NoError, packet);
                    return;
                }
                else if (_agentParameters.Version == SnmpVersion.Ver2)
                {
                    SnmpV2Packet packet = new SnmpV2Packet();
                    try
                    {
                        packet.decode(buffer, buflen);
                    }
                    catch (Exception ex)
                    {
                        ex.GetType();
                        // Console.WriteLine("Exception while decoding SNMP packet: " + ex.ToString());
                        // MutableByte b = new MutableByte(buffer, buflen);
                        // Console.WriteLine("Buffer length {0}", buflen);
                        // SnmpConstants.DumpHex(b);
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }

                    _response(AsyncRequestResult.NoError, packet);
                }
                else if (_agentParameters.Version == SnmpVersion.Ver3)
                {
                    SnmpV3Packet          packet    = new SnmpV3Packet();
                    SecureAgentParameters secparams = (SecureAgentParameters)_agentParameters;
                    secparams.InitializePacket(packet);
                    try {
                        if (secparams.HasCachedKeys)
                        {
                            packet.decode(buffer, buflen, secparams.AuthenticationKey, secparams.PrivacyKey);
                        }
                        else
                        {
                            packet.decode(buffer, buflen);
                        }
                    }
                    catch
                    {
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }
                    if (!secparams.ValidateIncomingPacket(packet))
                    {
                        _response(AsyncRequestResult.AuthenticationError, packet);
                    }
                    else
                    {
                        secparams.UpdateDiscoveryValues(packet);                         // update time, etc. values
                        _response(AsyncRequestResult.NoError, packet);
                    }
                }
            }
        }
Пример #14
0
        /// <summary>Make SNMP Request</summary>
        /// <remarks>
        /// Make SNMP request. With this method you can make blocked SNMP version 1, 2 and 3 requests of type GET,
        /// GET-NEXT, GET-BULK, SET and REPORT (request types have to compatible with the SNMP protocol version you
        /// are using).
        /// 
        /// This method will pass through any exceptions thrown by parsing classes/methods so see individual packet
        /// classes, ASN.1 type classes, authentication, privacy, etc. classes for exceptions thrown.
        /// </remarks>
        /// <param name="pdu">Pdu class (do not pass ScopedPdu)</param>
        /// <param name="agentParameters">Security information for the request. Use <see cref="AgentParameters"/>
        /// for SNMP versions 1 and 2 requests. Use <see cref="SecureAgentParameters"/> for SNMP version 3
        /// requests.</param>
        /// <returns>Appropriate SNMP packet class for the reply received (<see cref="SnmpV1Packet"/>, 
        /// <see cref="SnmpV2Packet"/>, or <see cref="SnmpV3Packet"/>. Null value if there was an error
        /// with the request.</returns>
        /// <exception cref="SnmpAuthenticationException">Thrown on SNMPv3 requests when authentication password
        /// is not specified on authNoPriv or authPriv requests in SecureAgentParameters or if incoming packet 
        /// authentication check failed.
        /// 
        /// With SNMP ver1 and ver2c, authentication check fails when invalid community name is parsed in the reply.</exception>
        /// <exception cref="SnmpPrivacyException">Thrown on SNMPv3 requests when privacy password is not
        /// specified in SecureAgentParameters on authPriv requests.</exception>
        /// <exception cref="SnmpException">Thrown in following cases:
        /// 
        /// * IAgentParameters.Valid() returned false. SnmpException.ErrorCode is set to SnmpException.InvalidIAgentParameters
        /// * No data received on request. SnmpException.ErrorCode is set to SnmpException.NoDataReceived
        /// * Invalid RequestId in reply. SnmpException.ErrorCode is set to SnmpException.InvalidRequestId
        /// </exception>
        public SnmpPacket Request(Pdu pdu, IAgentParameters agentParameters)
        {
            byte[] outPacket;
            if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                if (secparams.Authentication != AuthenticationDigests.None && secparams.AuthenticationSecret.Length <= 0)
                    throw new SnmpAuthenticationException("Authentication password not specified.");
                if (secparams.Privacy != PrivacyProtocols.None && secparams.PrivacySecret.Length <= 0)
                    throw new SnmpPrivacyException("Privacy password not specified.");
                _noSourceCheck = false; // this option is not valid for SNMP v3 requests
                ScopedPdu outPdu = new ScopedPdu(pdu);
                SnmpV3Packet packet = new SnmpV3Packet(outPdu);
                secparams.InitializePacket(packet);
                if (secparams.HasCachedKeys)
                    outPacket = packet.encode(secparams.AuthenticationKey, secparams.PrivacyKey);
                else
                    outPacket = packet.encode();
            }
            else if (agentParameters.Version == SnmpVersion.Ver1)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                if (!param.Valid())
                    throw new SnmpException(SnmpException.InvalidIAgentParameters,"Invalid AgentParameters. Unable to process request.");
                SnmpV1Packet packet = new SnmpV1Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                outPacket = packet.encode();
                _noSourceCheck = param.DisableReplySourceCheck;
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                if (!param.Valid())
                    throw new SnmpException(SnmpException.InvalidIAgentParameters, "Invalid AgentParameters. Unable to process request.");
                SnmpV2Packet packet = new SnmpV2Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                _noSourceCheck = param.DisableReplySourceCheck;
                outPacket = packet.encode();
            }
            else
            {
                throw new SnmpInvalidVersionException("Unsupported SNMP version.");
            }

            byte[] inBuffer = base.Request(_address, _port, outPacket, outPacket.Length, _timeout, _retry);

            if (inBuffer == null || inBuffer.Length <= 0)
            {
                return null;
            }
            // verify packet
            if (agentParameters.Version == SnmpVersion.Ver1)
            {
                SnmpV1Packet packet = new SnmpV1Packet();
                AgentParameters param = (AgentParameters)agentParameters;
                packet.decode(inBuffer, inBuffer.Length);
                if (packet.Community != param.Community)
                {
                    // invalid community name received. Ignore the rest of the packet
                    throw new SnmpAuthenticationException("Invalid community name in reply.");
                }
                if (packet.Pdu.RequestId != pdu.RequestId)
                {
                    // invalid request id. unmatched response ignored
                    throw new SnmpException(SnmpException.InvalidRequestId, "Invalid request id in reply.");
                }
                return packet;
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                SnmpV2Packet packet = new SnmpV2Packet();
                AgentParameters param = (AgentParameters)agentParameters;
                packet.decode(inBuffer, inBuffer.Length);
                if (packet.Community != param.Community)
                {
                    // invalid community name received. Ignore the rest of the packet
                    throw new SnmpAuthenticationException("Invalid community name in reply.");
                }
                if (packet.Pdu.RequestId != pdu.RequestId)
                {
                    // invalid request id. unmatched response ignored
                    throw new SnmpException(SnmpException.InvalidRequestId, "Invalid request id in reply.");
                }
                return packet;
            }
            else if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SnmpV3Packet packet = new SnmpV3Packet();
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                secparams.InitializePacket(packet);
                if (secparams.HasCachedKeys)
                    packet.decode(inBuffer, inBuffer.Length, secparams.AuthenticationKey, secparams.PrivacyKey);
                else
                    packet.decode(inBuffer, inBuffer.Length);
                // first check if packet is a discovery response and process it
                if (packet.Pdu.Type == PduType.Report && packet.Pdu.VbCount > 0 && packet.Pdu.VbList[0].Oid.Equals(SnmpConstants.usmStatsUnknownEngineIDs))
                {
                    secparams.UpdateDiscoveryValues(packet);
                    return packet;
                }
                else
                {
                    if (!secparams.ValidateIncomingPacket(packet))
                    {
                        return null;
                    }
                    else
                    {
                        secparams.UpdateDiscoveryValues(packet); // update time, etc. values
                        return packet;
                    }
                }
            }
            return null;
        }
Пример #15
0
        /// <summary>
        /// Make SNMP request. With this method you can make blocked SNMP version 1, 2 and 3 requests of type GET,
        /// GET-NEXT, GET-BULK, SET and REPORT (request types have to compatible with the SNMP protocol version you
        /// are using).
        ///
        /// This method will pass through any exceptions thrown by parsing classes/methods so see individual packet
        /// classes, ASN.1 type classes, authentication, privacy, etc. classes for exceptions thrown.
        /// </summary>
        /// <param name="pdu">Pdu class (do not pass ScopedPdu)</param>
        /// <param name="agentParameters">Security information for the request. Use <see cref="AgentParameters"/>
        /// for SNMP versions 1 and 2 requests. Use <see cref="SecureAgentParameters"/> for SNMP version 3
        /// requests.</param>
        /// <param name="responseCallback">Callback that receives the result of the async operation.</param>
        /// <returns>True if async request was successfully initiated, otherwise false.</returns>
        public bool RequestAsync(Pdu pdu, IAgentParameters agentParameters, SnmpAsyncResponse responseCallback)
        {
            if (IsBusy)
            {
                return(false);                // class is busy
            }
            _response        = null;
            _response       += responseCallback;
            _agentParameters = agentParameters;
            byte[] outPacket;
            if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                if (secparams.Authentication != AuthenticationDigests.None && secparams.AuthenticationSecret.Length <= 0)
                {
                    // _response(AsyncRequestResult.AuthenticationError, null);
                    return(false);
                }
                if (secparams.Privacy != PrivacyProtocols.None && secparams.PrivacySecret.Length <= 0)
                {
                    // _response(AsyncRequestResult.PrivacyError, null);
                    return(false);
                }
                _noSourceCheck = false;                 // this option is not valid for SNMP v3 requests
                ScopedPdu outPdu = new ScopedPdu(pdu);
                outPdu.ContextEngineId.Set(secparams.EngineId);
                outPdu.ContextName.Set(secparams.ContextName);
                SnmpV3Packet packet = new SnmpV3Packet(outPdu);
                secparams.InitializePacket(packet);
                try
                {
                    if (secparams.HasCachedKeys)
                    {
                        outPacket = packet.encode(secparams.AuthenticationKey, secparams.PrivacyKey);
                    }
                    else
                    {
                        outPacket = packet.encode();
                    }
                }
                catch (Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return(false);
                }
            }
            else if (agentParameters.Version == (int)SnmpVersion.Ver1)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                _noSourceCheck = param.DisableReplySourceCheck;
                SnmpV1Packet packet = new SnmpV1Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                try
                {
                    outPacket = packet.encode();
                }
                catch (Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return(false);
                }
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                _noSourceCheck = param.DisableReplySourceCheck;
                SnmpV2Packet packet = new SnmpV2Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                try
                {
                    outPacket = packet.encode();
                }
                catch (Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return(false);
                }
            }
            else
            {
                throw new SnmpInvalidVersionException("Unsupported SNMP version.");
            }

            if (!base.RequestAsync(_address, _port, outPacket, outPacket.Length, _timeout, _retry, new SnmpAsyncCallback(AsyncResponse)))
            {
                return(false);
            }
            return(true);
        }
Пример #16
0
        /// <summary>Make SNMP Request</summary>
        /// <remarks>
        /// Make SNMP request. With this method you can make blocked SNMP version 1, 2 and 3 requests of type GET,
        /// GET-NEXT, GET-BULK, SET and REPORT (request types have to compatible with the SNMP protocol version you
        /// are using).
        ///
        /// This method will pass through any exceptions thrown by parsing classes/methods so see individual packet
        /// classes, ASN.1 type classes, authentication, privacy, etc. classes for exceptions thrown.
        /// </remarks>
        /// <param name="pdu">Pdu class (do not pass ScopedPdu)</param>
        /// <param name="agentParameters">Security information for the request. Use <see cref="AgentParameters"/>
        /// for SNMP versions 1 and 2 requests. Use <see cref="SecureAgentParameters"/> for SNMP version 3
        /// requests.</param>
        /// <returns>Appropriate SNMP packet class for the reply received (<see cref="SnmpV1Packet"/>,
        /// <see cref="SnmpV2Packet"/>, or <see cref="SnmpV3Packet"/>. Null value if there was an error
        /// with the request.</returns>
        /// <exception cref="SnmpAuthenticationException">Thrown on SNMPv3 requests when authentication password
        /// is not specified on authNoPriv or authPriv requests in SecureAgentParameters or if incoming packet
        /// authentication check failed.
        ///
        /// With SNMP ver1 and ver2c, authentication check fails when invalid community name is parsed in the reply.</exception>
        /// <exception cref="SnmpPrivacyException">Thrown on SNMPv3 requests when privacy password is not
        /// specified in SecureAgentParameters on authPriv requests.</exception>
        /// <exception cref="SnmpException">Thrown in following cases:
        ///
        /// * IAgentParameters.Valid() returned false. SnmpException.ErrorCode is set to SnmpException.InvalidIAgentParameters
        /// * No data received on request. SnmpException.ErrorCode is set to SnmpException.NoDataReceived
        /// * Invalid RequestId in reply. SnmpException.ErrorCode is set to SnmpException.InvalidRequestId
        /// </exception>
        public SnmpPacket Request(Pdu pdu, IAgentParameters agentParameters)
        {
            byte[] outPacket;
            if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                if (secparams.Authentication != AuthenticationDigests.None && secparams.AuthenticationSecret.Length <= 0)
                {
                    throw new SnmpAuthenticationException("Authentication password not specified.");
                }
                if (secparams.Privacy != PrivacyProtocols.None && secparams.PrivacySecret.Length <= 0)
                {
                    throw new SnmpPrivacyException("Privacy password not specified.");
                }
                _noSourceCheck = false;                 // this option is not valid for SNMP v3 requests
                ScopedPdu    outPdu = new ScopedPdu(pdu);
                SnmpV3Packet packet = new SnmpV3Packet(outPdu);
                secparams.InitializePacket(packet);
                if (secparams.HasCachedKeys)
                {
                    outPacket = packet.encode(secparams.AuthenticationKey, secparams.PrivacyKey);
                }
                else
                {
                    outPacket = packet.encode();
                }
            }
            else if (agentParameters.Version == SnmpVersion.Ver1)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                if (!param.Valid())
                {
                    throw new SnmpException(SnmpException.InvalidIAgentParameters, "Invalid AgentParameters. Unable to process request.");
                }
                SnmpV1Packet packet = new SnmpV1Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                outPacket      = packet.encode();
                _noSourceCheck = param.DisableReplySourceCheck;
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                if (!param.Valid())
                {
                    throw new SnmpException(SnmpException.InvalidIAgentParameters, "Invalid AgentParameters. Unable to process request.");
                }
                SnmpV2Packet packet = new SnmpV2Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                _noSourceCheck = param.DisableReplySourceCheck;
                outPacket      = packet.encode();
            }
            else
            {
                throw new SnmpInvalidVersionException("Unsupported SNMP version.");
            }

            byte[] inBuffer = base.Request(_address, _port, outPacket, outPacket.Length, _timeout, _retry);

            if (inBuffer == null || inBuffer.Length <= 0)
            {
                throw new SnmpException(SnmpException.NoDataReceived, "No data received on request.");
            }
            // verify packet
            if (agentParameters.Version == SnmpVersion.Ver1)
            {
                SnmpV1Packet    packet = new SnmpV1Packet();
                AgentParameters param  = (AgentParameters)agentParameters;
                packet.decode(inBuffer, inBuffer.Length);
                if (packet.Community != param.Community)
                {
                    // invalid community name received. Ignore the rest of the packet
                    throw new SnmpAuthenticationException("Invalid community name in reply.");
                }
                if (packet.Pdu.RequestId != pdu.RequestId)
                {
                    // invalid request id. unmatched response ignored
                    throw new SnmpException(SnmpException.InvalidRequestId, "Invalid request id in reply.");
                }
                return(packet);
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                SnmpV2Packet    packet = new SnmpV2Packet();
                AgentParameters param  = (AgentParameters)agentParameters;
                packet.decode(inBuffer, inBuffer.Length);
                if (packet.Community != param.Community)
                {
                    // invalid community name received. Ignore the rest of the packet
                    throw new SnmpAuthenticationException("Invalid community name in reply.");
                }
                if (packet.Pdu.RequestId != pdu.RequestId)
                {
                    // invalid request id. unmatched response ignored
                    throw new SnmpException(SnmpException.InvalidRequestId, "Invalid request id in reply.");
                }
                return(packet);
            }
            else if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SnmpV3Packet          packet    = new SnmpV3Packet();
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                secparams.InitializePacket(packet);
                if (secparams.HasCachedKeys)
                {
                    packet.decode(inBuffer, inBuffer.Length, secparams.AuthenticationKey, secparams.PrivacyKey);
                }
                else
                {
                    packet.decode(inBuffer, inBuffer.Length);
                }
                // first check if packet is a discovery response and process it
                if (packet.Pdu.Type == PduType.Report && packet.Pdu.VbCount > 0 && packet.Pdu.VbList[0].Oid.Equals(SnmpConstants.usmStatsUnknownEngineIDs))
                {
                    secparams.UpdateDiscoveryValues(packet);
                    return(packet);
                }
                else
                {
                    if (!secparams.ValidateIncomingPacket(packet))
                    {
                        return(null);
                    }
                    else
                    {
                        secparams.UpdateDiscoveryValues(packet);                         // update time, etc. values
                        return(packet);
                    }
                }
            }
            return(null);
        }
Пример #17
0
 /// <summary>
 /// Send SNMP version 3 Trap notification
 /// </summary>
 /// <param name="packet">SNMP v3 Trap packet class</param>
 /// <param name="peer">Manager (receiver) IP address</param>
 /// <param name="port">Manager (receiver) UDP port number</param>
 public void SendV3Trap(SnmpV3Packet packet, IpAddress peer, int port)
 {
     if( packet.Pdu.Type != PduType.V2Trap )
         throw new SnmpInvalidPduTypeException("Invalid Pdu type.");
     byte[] outBuffer = packet.encode();
     _sock.SendTo(outBuffer, new IPEndPoint((IPAddress)peer, port));
 }
Пример #18
0
        /// <summary>
        /// Make SNMP request. With this method you can make blocked SNMP version 1, 2 and 3 requests of type GET,
        /// GET-NEXT, GET-BULK, SET and REPORT (request types have to compatible with the SNMP protocol version you
        /// are using).
        /// 
        /// This method will pass through any exceptions thrown by parsing classes/methods so see individual packet
        /// classes, ASN.1 type classes, authentication, privacy, etc. classes for exceptions thrown.
        /// </summary>
        /// <param name="pdu">Pdu class (do not pass ScopedPdu)</param>
        /// <param name="agentParameters">Security information for the request. Use <see cref="AgentParameters"/>
        /// for SNMP versions 1 and 2 requests. Use <see cref="SecureAgentParameters"/> for SNMP version 3
        /// requests.</param>
        /// <param name="responseCallback">Callback that receives the result of the async operation.</param>
        /// <returns>True if async request was successfully initiated, otherwise false.</returns>
        public bool RequestAsync(Pdu pdu, IAgentParameters agentParameters, SnmpAsyncResponse responseCallback)
        {
            if (IsBusy)
            {
                return false; // class is busy
            }
            _response = null;
            _response += responseCallback;
            _agentParameters = agentParameters;
            byte[] outPacket;
            if (agentParameters.Version == SnmpVersion.Ver3)
            {
                SecureAgentParameters secparams = (SecureAgentParameters)agentParameters;
                if (secparams.Authentication != AuthenticationDigests.None && secparams.AuthenticationSecret.Length <= 0)
                {
                    // _response(AsyncRequestResult.AuthenticationError, null);
                    return false;
                }
                if (secparams.Privacy != PrivacyProtocols.None && secparams.PrivacySecret.Length <= 0)
                {
                    // _response(AsyncRequestResult.PrivacyError, null);
                    return false;
                }
                _noSourceCheck = false; // this option is not valid for SNMP v3 requests
                ScopedPdu outPdu = new ScopedPdu(pdu);
                outPdu.ContextEngineId.Set(secparams.EngineId);
                outPdu.ContextName.Set(secparams.ContextName);
                SnmpV3Packet packet = new SnmpV3Packet(outPdu);
                secparams.InitializePacket(packet);
                try
                {
                    if (secparams.HasCachedKeys)
                        outPacket = packet.encode(secparams.AuthenticationKey, secparams.PrivacyKey);
                    else
                        outPacket = packet.encode();
                }
                catch( Exception ex )
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return false;
                }
            }
            else if (agentParameters.Version == (int)SnmpVersion.Ver1)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                _noSourceCheck = param.DisableReplySourceCheck;
                SnmpV1Packet packet = new SnmpV1Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                try
                {
                    outPacket = packet.encode();
                }
                catch( Exception ex)
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return false;
                }
            }
            else if (agentParameters.Version == SnmpVersion.Ver2)
            {
                AgentParameters param = (AgentParameters)agentParameters;
                _noSourceCheck = param.DisableReplySourceCheck;
                SnmpV2Packet packet = new SnmpV2Packet();
                packet.Pdu.Set(pdu);
                packet.Community.Set(param.Community);
                try
                {
                    outPacket = packet.encode();
                }
                catch( Exception ex )
                {
                    ex.GetType();
                    _response(AsyncRequestResult.EncodeError, packet);
                    return false;
                }
            }
            else
            {
                throw new SnmpInvalidVersionException("Unsupported SNMP version.");
            }

            if( ! base.RequestAsync(_address, _port, outPacket, outPacket.Length, _timeout, _retry, new SnmpAsyncCallback(AsyncResponse) ) ) {
                return false;
            }
            return true;
        }
Пример #19
0
 /// <summary>
 /// Build an SNMP version 3 packet suitable for use in discovery process.
 /// </summary>
 /// <returns>Discovery process prepared SNMP version 3 packet.</returns>
 public static SnmpV3Packet DiscoveryRequest()
 {
     SnmpV3Packet packet = new SnmpV3Packet(new ScopedPdu()); // with a blank scoped pdu
     // looking through other implementation, null (length 0) user name is used
     // packet.USM.SecurityName.Set("initial"); // set user name to initial, as described in RFCs
     return packet; // return packet
 }
Пример #20
0
        /// <summary>
        /// Build SNMP RESPONSE packet for the INFORM packet class.
        /// </summary>
        /// <param name="informPacket">SNMP INFORM packet</param>
        /// <returns>SNMP version 3 packet containing RESPONSE to the INFORM packet contained in the parameter.</returns>
        /// <exception cref="SnmpInvalidPduTypeException">Parameter is not an INFORM SNMP version 3 packet class</exception>
        /// <exception cref="SnmpInvalidVersionException">Parameter is not a SNMP version 3 packet</exception>
        public static SnmpV3Packet BuildInformResponse(SnmpV3Packet informPacket)
        {
            if (informPacket.Version != SnmpVersion.Ver3)
                throw new SnmpInvalidVersionException("INFORM packet can only be parsed from an SNMP version 3 packet.");
            if (informPacket.Pdu.Type != PduType.Inform)
                throw new SnmpInvalidPduTypeException("Inform response can only be built for INFORM packets.");

            SnmpV3Packet response = new SnmpV3Packet(informPacket.ScopedPdu);
            response.MessageId = informPacket.MessageId;
            response.USM.SecurityName.Set(informPacket.USM.SecurityName);
            response.USM.EngineTime = informPacket.USM.EngineTime;
            response.USM.EngineBoots = informPacket.USM.EngineBoots;
            response.USM.EngineId.Set(informPacket.USM.EngineId);
            response.USM.Authentication = informPacket.USM.Authentication;
            if( response.USM.Authentication != AuthenticationDigests.None )
                response.USM.AuthenticationSecret.Set(informPacket.USM.AuthenticationSecret);
            else
                response.USM.AuthenticationSecret.Reset();
            response.USM.Privacy = informPacket.USM.Privacy;
            if (response.USM.Privacy != PrivacyProtocols.None)
                response.USM.PrivacySecret.Set(informPacket.USM.PrivacySecret);
            else
                response.USM.PrivacySecret.Reset();
            response.MsgFlags.Authentication = informPacket.MsgFlags.Authentication;
            response.MsgFlags.Privacy = informPacket.MsgFlags.Privacy;
            response.MsgFlags.Reportable = informPacket.MsgFlags.Reportable;
            response.ScopedPdu.ContextEngineId.Set(informPacket.ScopedPdu.ContextEngineId);
            response.ScopedPdu.ContextName.Set(informPacket.ScopedPdu.ContextName);
            response.Pdu.Type = PduType.Response;
            response.Pdu.TrapObjectID.Set(informPacket.Pdu.TrapObjectID);
            response.Pdu.TrapSysUpTime.Value = informPacket.Pdu.TrapSysUpTime.Value;
            response.Pdu.RequestId = informPacket.Pdu.RequestId;

            return response;
        }
Пример #21
0
        /// <summary>
        /// Construct and send SNMP v3 authPriv Trap
        /// </summary>
        /// <param name="receiver">Trap receiver IP address</param>
        /// <param name="receiverPort">Trap receiver UDP port number</param>
        /// <param name="engineId">Sender SNMP engineId</param>
        /// <param name="senderEngineBoots">Sender SNMP engine boots</param>
        /// <param name="senderEngineTime">Sender SNMP engine time</param>
        /// <param name="senderUserName">Security (user) name</param>
        /// <param name="senderUpTime">Sender upTime</param>
        /// <param name="trapObjectID">Trap object ID</param>
        /// <param name="varList">Variable binding list</param>
        /// <param name="authDigest">Authentication digest. See <see cref="AuthenticationDigests"/> enumeration for
        /// available digests</param>
        /// <param name="authSecret">Authentication secret</param>
        /// <param name="privProtocol">Privacy protocol. See <see cref="PrivacyProtocols"/> enumeration for
        /// available privacy protocols.</param>
        /// <param name="privSecret">Privacy secret</param>
        public void SendV3Trap(IpAddress receiver, int receiverPort, byte[] engineId, Int32 senderEngineBoots,
			Int32 senderEngineTime, string senderUserName, UInt32 senderUpTime, Oid trapObjectID, VbCollection varList,
			AuthenticationDigests authDigest, byte[] authSecret, PrivacyProtocols privProtocol, byte[] privSecret)
        {
            SnmpV3Packet packet = new SnmpV3Packet();
            packet.Pdu.Type = PduType.V2Trap;
            packet.authPriv(ASCIIEncoding.UTF8.GetBytes(senderUserName), authSecret, authDigest,privSecret, privProtocol);
            packet.SetEngineId(engineId);
            packet.SetEngineTime(senderEngineBoots, senderEngineTime);
            packet.ScopedPdu.TrapObjectID.Set(trapObjectID);
            packet.ScopedPdu.TrapSysUpTime.Value = senderUpTime;
            packet.ScopedPdu.VbList.Add(varList);
            packet.MsgFlags.Reportable = false;
            SendV3Trap(packet, receiver, receiverPort);
        }
Пример #22
0
        /// <summary>
        /// Construct and send SNMP v3 noAuthNoPriv Trap
        /// </summary>
        /// <param name="receiver">Trap receiver IP address</param>
        /// <param name="receiverPort">Trap receiver UDP port number</param>
        /// <param name="engineId">Sender SNMP engineId</param>
        /// <param name="senderEngineBoots">Sender SNMP engine boots</param>
        /// <param name="senderEngineTime">Sender SNMP engine time</param>
        /// <param name="senderUserName">Security (user) name</param>
        /// <param name="senderUpTime">Sender upTime</param>
        /// <param name="trapObjectID">Trap object ID</param>
        /// <param name="varList">Variable binding list</param>
        public void SendV3Trap(IpAddress receiver, int receiverPort, byte[] engineId, Int32 senderEngineBoots,
			Int32 senderEngineTime, string senderUserName, UInt32 senderUpTime, Oid trapObjectID, VbCollection varList)
        {
            SnmpV3Packet packet = new SnmpV3Packet();
            packet.Pdu.Type = PduType.V2Trap;
            packet.NoAuthNoPriv(ASCIIEncoding.UTF8.GetBytes(senderUserName));
            packet.SetEngineId(engineId);
            packet.SetEngineTime(senderEngineBoots, senderEngineTime);
            packet.ScopedPdu.TrapObjectID.Set(trapObjectID);
            packet.ScopedPdu.TrapSysUpTime.Value = senderUpTime;
            packet.ScopedPdu.VbList.Add(varList);
            packet.MsgFlags.Reportable = false;
            SendV3Trap(packet, receiver, receiverPort);
        }
Пример #23
0
 /// <summary>
 /// Build SNMP discovery response packet.
 /// </summary>
 /// <remarks>
 /// Manager application has to be able to respond to discovery requests to be able to handle
 /// SNMPv3 INFORM notifications.
 /// 
 /// In an INFORM packet, engineId value is set to the manager stations id (unlike all other requests
 /// where agent is the authoritative SNMP engine). For the agent to discover appropriate manager engine
 /// id, boots and time values (required for authentication and privacy packet handling), manager has to
 /// be able to respond to the discovery request.
 /// </remarks>
 /// <param name="messageId">Message id from the received discovery packet</param>
 /// <param name="requestId">Request id from the received discovery packets Pdu</param>
 /// <param name="engineId">Local engine id</param>
 /// <param name="engineBoots">Number of times local SNMP engine has been restarted</param>
 /// <param name="engineTime">Time since the engine was started in seconds</param>
 /// <param name="unknownEngineIdCount">Number of discovery packets received by the local SNMP engine</param>
 /// <returns>SNMP v3 packet properly formatted as a response to a discovery request</returns>
 public static SnmpV3Packet DiscoveryResponse(Int32 messageId, Int32 requestId, OctetString engineId, Int32 engineBoots, Int32 engineTime, Int32 unknownEngineIdCount)
 {
     SnmpV3Packet packet = new SnmpV3Packet();
     packet.Pdu.Type = PduType.Report;
     packet.Pdu.RequestId = requestId;
     packet.Pdu.VbList.Add(SnmpConstants.usmStatsUnknownEngineIDs, new Integer32(unknownEngineIdCount));
     // discovery response is a report packet. We don't want to receive reports about a report
     packet.MsgFlags.Reportable = false;
     packet.SetEngineId(engineId);
     packet.MessageId = messageId;
     packet.USM.EngineBoots = engineBoots;
     packet.USM.EngineTime = engineTime;
     return packet;
 }
Пример #24
0
        internal void AsyncResponse(AsyncRequestResult result, IPEndPoint peer, byte[] buffer, int buflen)
        {
            if (result != AsyncRequestResult.NoError)
            {
                _response(result, null);
            }
            else
            {
                if (buffer == null || buffer.Length <= 0 || buflen <= 0)
                {
                    _response(AsyncRequestResult.NoDataReceived, null);
                    return;
                }
                // verify packet
                if (_agentParameters.Version == (int)SnmpVersion.Ver1)
                {
                    SnmpV1Packet packet = new SnmpV1Packet();
                    try
                    {
                        packet.decode(buffer, buflen);
                    }
                    catch(Exception ex)
                    {
                        ex.GetType();
                        // Console.WriteLine("Exception while decoding SNMP packet: " + ex.ToString());
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }
                    _response(AsyncRequestResult.NoError, packet);
                    return;
                }
                else if (_agentParameters.Version == SnmpVersion.Ver2)
                {
                    SnmpV2Packet packet = new SnmpV2Packet();
                    try
                    {
                        packet.decode(buffer, buflen);
                    }
                    catch (Exception ex)
                    {
                        ex.GetType();
                        // Console.WriteLine("Exception while decoding SNMP packet: " + ex.ToString());
                        // MutableByte b = new MutableByte(buffer, buflen);
                        // Console.WriteLine("Buffer length {0}", buflen);
                        // SnmpConstants.DumpHex(b);
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }

                    _response(AsyncRequestResult.NoError, packet);
                }
                else if (_agentParameters.Version == SnmpVersion.Ver3)
                {
                    SnmpV3Packet packet = new SnmpV3Packet();
                    SecureAgentParameters secparams = (SecureAgentParameters)_agentParameters;
                    secparams.InitializePacket(packet);
                    try {
                        if (secparams.HasCachedKeys)
                            packet.decode(buffer, buflen, secparams.AuthenticationKey, secparams.PrivacyKey);
                        else
                            packet.decode(buffer, buflen);
                    }
                    catch
                    {
                        _response(AsyncRequestResult.DecodeError, packet);
                        return;
                    }
                    if (!secparams.ValidateIncomingPacket(packet))
                    {
                        _response(AsyncRequestResult.AuthenticationError, packet);
                    }
                    else
                    {
                        secparams.UpdateDiscoveryValues(packet); // update time, etc. values
                        _response(AsyncRequestResult.NoError, packet);
                    }
                }
            }
        }
Пример #25
0
        /// <summary>
        /// Validate that incoming packet has arrived from the correct engine id and is using a correct
        /// combination of privacy and authentication values.
        /// </summary>
        /// <param name="packet">Received and parsed SNMP version 3 packet.</param>
        /// <returns>True if packet is valid, otherwise false.</returns>
        /// <exception cref="SnmpException">Thrown on following errors with ErrorCode:
        /// * ErrorCode = 0: SecureAgentParameters was updated after request was made but before reply was received (this is not allowed)
        /// * SnmpException.InvalidAuthoritativeEngineId: engine id in the reply does not match request
        /// * SnmpException.InvalidSecurityName: security name mismatch between request and reply packets
        /// * SnmpException.ReportOnNoReports: report packet received when we had reportable set to false in the request
        /// * SnmpException.UnsupportedNoAuthPriv: noAuthPriv is not supported
        /// </exception>
        /// <exception cref="SnmpPrivacyException">Thrown when configured privacy passwords in this class and in the packet class do not match</exception>
        /// <exception cref="SnmpAuthenticationException">Thrown when configured authentication passwords in this class and in the packet class do not match</exception>
        public bool ValidateIncomingPacket(SnmpV3Packet packet)
        {
            // First check if this is a report packet.
            if (packet.Pdu.Type == PduType.Report)
            {
                if (!_reportable)
                {
                    // we do not expect report packets so dump it
                    throw new SnmpException(SnmpException.ReportOnNoReports, "Unexpected report packet received.");
                    // return false;
                }
                if (packet.MsgFlags.Authentication == false && packet.MsgFlags.Privacy)
                {
                    // no authentication and no privacy allowed in report packets
                    throw new SnmpException(SnmpException.UnsupportedNoAuthPriv, "Authentication and privacy combination is not supported.");
                    // return false;
                }
                // the rest will not be checked, there is no point
            }
            else
            {
                if (packet.USM.EngineId != _engineId)
                {
                    // different engine id is not allowed
                    throw new SnmpException(SnmpException.InvalidAuthoritativeEngineId, "EngineId mismatch.");
                    // return false;
                }

                if (packet.USM.Authentication != _authenticationProtocol || packet.USM.Privacy != _privacyProtocol)
                {
                    // we have to have the same authentication and privacy protocol - no last minute changes
                    throw new SnmpException("Agent parameters updated after request was made.");
                    // return false;
                }
                if (packet.USM.Authentication != AuthenticationDigests.None)
                {
                    if (packet.USM.AuthenticationSecret != _authenticationSecret)
                    {
                        // authentication secret has to match
                        throw new SnmpAuthenticationException("Authentication secret in the packet class does not match the IAgentParameter secret.");
                        // return false;
                    }
                }
                if (packet.USM.Privacy != PrivacyProtocols.None)
                {
                    if (packet.USM.PrivacySecret != _privacySecret)
                    {
                        // privacy secret has to match
                        throw new SnmpPrivacyException("Privacy secret in the packet class does not match the IAgentParameters secret.");
                        // return false;
                    }
                }
                if (packet.USM.SecurityName != _securityName)
                {
                    throw new SnmpException(SnmpException.InvalidSecurityName, "Security name mismatch.");
                    // return false;
                }
            }
            return true;
        }
Пример #26
0
 /// <summary>
 /// Build SNMP RESPONSE packet for the received INFORM packet.
 /// </summary>
 /// <returns>SNMP version 3 packet containing RESPONSE to the INFORM packet contained in the class instance.</returns>
 public SnmpV3Packet BuildInformResponse()
 {
     return(SnmpV3Packet.BuildInformResponse(this));
 }