1 /*
2 * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.jmx.snmp.agent;
27
28 import java.io.Serializable;
29 import java.util.Enumeration;
30 import java.util.logging.Level;
31 import java.util.Vector;
32
33 import javax.management.ObjectName;
34 import javax.management.MBeanServer;
35 import javax.management.MalformedObjectNameException;
36 import javax.management.InstanceAlreadyExistsException;
37 import javax.management.MBeanRegistrationException;
38 import javax.management.NotCompliantMBeanException;
39
40 import static com.sun.jmx.defaults.JmxProperties.SNMP_ADAPTOR_LOGGER;
41 import com.sun.jmx.snmp.SnmpOid;
42 import com.sun.jmx.snmp.SnmpVarBind;
43 import com.sun.jmx.snmp.SnmpDefinitions;
44 import com.sun.jmx.snmp.SnmpStatusException;
45 import com.sun.jmx.snmp.SnmpEngine;
46 import com.sun.jmx.snmp.SnmpUnknownModelException;
47 import com.sun.jmx.snmp.internal.SnmpAccessControlModel;
48 import com.sun.jmx.snmp.internal.SnmpEngineImpl;
49
50 /**
51 * Oid Checker makes use of ACM to check each OID during the getnext process.
52 */
53 class AcmChecker {
54
55
56 SnmpAccessControlModel model = null;
57 String principal = null;
58 int securityLevel = -1;
59 int version = -1;
60 int pduType = -1;
61 int securityModel = -1;
62 byte[] contextName = null;
63 SnmpEngineImpl engine = null;
64 LongList l = null;
65 AcmChecker(SnmpMibRequest req) {
66 engine = (SnmpEngineImpl) req.getEngine();
67 //We are in V3 architecture, ACM is in the picture.
68 if(engine != null) {
69 if(engine.isCheckOidActivated()) {
70 try {
71 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) {
72 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST,
73 SnmpMib.class.getName(),
74 "AcmChecker(SnmpMibRequest)",
75 "SNMP V3 Access Control to be done");
76 }
77 model = (SnmpAccessControlModel)
78 engine.getAccessControlSubSystem().
79 getModel(SnmpDefinitions.snmpVersionThree);
80 principal = req.getPrincipal();
81 securityLevel = req.getSecurityLevel();
82 pduType = req.getPdu().type;
83 version = req.getRequestPduVersion();
84 securityModel = req.getSecurityModel();
85 contextName = req.getAccessContextName();
86 l = new LongList();
87 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) {
88 final StringBuilder strb = new StringBuilder()
89 .append("Will check oid for : principal : ")
90 .append(principal)
91 .append("; securityLevel : ").append(securityLevel)
92 .append("; pduType : ").append(pduType)
93 .append("; version : ").append(version)
94 .append("; securityModel : ").append(securityModel)
95 .append("; contextName : ").append(contextName);
96 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST,
97 SnmpMib.class.getName(),
98 "AcmChecker(SnmpMibRequest)", strb.toString());
99 }
100
101 }catch(SnmpUnknownModelException e) {
102 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) {
103 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST,
104 SnmpMib.class.getName(),
105 "AcmChecker(SnmpMibRequest)",
106 "Unknown Model, no ACM check.");
107 }
108 }
109 }
110 }
111 }
112
113 void add(int index, long arc) {
114 if(model != null)
115 l.add(index, arc);
116 }
117
118 void remove(int index) {
119 if(model != null)
120 l.remove(index);
121 }
122
123 void add(final int at,final long[] src, final int from,
124 final int count) {
125 if(model != null)
126 l.add(at,src,from,count);
127 }
128
129 void remove(final int from, final int count) {
130 if(model != null)
131 l.remove(from,count);
132 }
133
134 void checkCurrentOid() throws SnmpStatusException {
135 if(model != null) {
136 SnmpOid oid = new SnmpOid(l.toArray());
137 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) {
138 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST, SnmpMib.class.getName(),
139 "checkCurrentOid", "Checking access for : " + oid);
140 }
141 model.checkAccess(version,
142 principal,
143 securityLevel,
144 pduType,
145 securityModel,
146 contextName,
147 oid);
148 }
149 }
150
151 }