1 /* 2 * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.jmx.snmp.agent; 27 28 import java.io.Serializable; 29 import java.util.Enumeration; 30 import java.util.logging.Level; 31 import java.util.Vector; 32 33 import javax.management.ObjectName; 34 import javax.management.MBeanServer; 35 import javax.management.MalformedObjectNameException; 36 import javax.management.InstanceAlreadyExistsException; 37 import javax.management.MBeanRegistrationException; 38 import javax.management.NotCompliantMBeanException; 39 40 import static com.sun.jmx.defaults.JmxProperties.SNMP_ADAPTOR_LOGGER; 41 import com.sun.jmx.snmp.SnmpOid; 42 import com.sun.jmx.snmp.SnmpVarBind; 43 import com.sun.jmx.snmp.SnmpDefinitions; 44 import com.sun.jmx.snmp.SnmpStatusException; 45 import com.sun.jmx.snmp.SnmpEngine; 46 import com.sun.jmx.snmp.SnmpUnknownModelException; 47 import com.sun.jmx.snmp.internal.SnmpAccessControlModel; 48 import com.sun.jmx.snmp.internal.SnmpEngineImpl; 49 50 /** 51 * Oid Checker makes use of ACM to check each OID during the getnext process. 52 */ 53 class AcmChecker { 54 55 56 SnmpAccessControlModel model = null; 57 String principal = null; 58 int securityLevel = -1; 59 int version = -1; 60 int pduType = -1; 61 int securityModel = -1; 62 byte[] contextName = null; 63 SnmpEngineImpl engine = null; 64 LongList l = null; 65 AcmChecker(SnmpMibRequest req) { 66 engine = (SnmpEngineImpl) req.getEngine(); 67 //We are in V3 architecture, ACM is in the picture. 68 if(engine != null) { 69 if(engine.isCheckOidActivated()) { 70 try { 71 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) { 72 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST, 73 SnmpMib.class.getName(), 74 "AcmChecker(SnmpMibRequest)", 75 "SNMP V3 Access Control to be done"); 76 } 77 model = (SnmpAccessControlModel) 78 engine.getAccessControlSubSystem(). 79 getModel(SnmpDefinitions.snmpVersionThree); 80 principal = req.getPrincipal(); 81 securityLevel = req.getSecurityLevel(); 82 pduType = req.getPdu().type; 83 version = req.getRequestPduVersion(); 84 securityModel = req.getSecurityModel(); 85 contextName = req.getAccessContextName(); 86 l = new LongList(); 87 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) { 88 final StringBuilder strb = new StringBuilder() 89 .append("Will check oid for : principal : ") 90 .append(principal) 91 .append("; securityLevel : ").append(securityLevel) 92 .append("; pduType : ").append(pduType) 93 .append("; version : ").append(version) 94 .append("; securityModel : ").append(securityModel) 95 .append("; contextName : ").append(contextName); 96 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST, 97 SnmpMib.class.getName(), 98 "AcmChecker(SnmpMibRequest)", strb.toString()); 99 } 100 101 }catch(SnmpUnknownModelException e) { 102 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) { 103 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST, 104 SnmpMib.class.getName(), 105 "AcmChecker(SnmpMibRequest)", 106 "Unknown Model, no ACM check."); 107 } 108 } 109 } 110 } 111 } 112 113 void add(int index, long arc) { 114 if(model != null) 115 l.add(index, arc); 116 } 117 118 void remove(int index) { 119 if(model != null) 120 l.remove(index); 121 } 122 123 void add(final int at,final long[] src, final int from, 124 final int count) { 125 if(model != null) 126 l.add(at,src,from,count); 127 } 128 129 void remove(final int from, final int count) { 130 if(model != null) 131 l.remove(from,count); 132 } 133 134 void checkCurrentOid() throws SnmpStatusException { 135 if(model != null) { 136 SnmpOid oid = new SnmpOid(l.toArray()); 137 if (SNMP_ADAPTOR_LOGGER.isLoggable(Level.FINEST)) { 138 SNMP_ADAPTOR_LOGGER.logp(Level.FINEST, SnmpMib.class.getName(), 139 "checkCurrentOid", "Checking access for : " + oid); 140 } 141 model.checkAccess(version, 142 principal, 143 securityLevel, 144 pduType, 145 securityModel, 146 contextName, 147 oid); 148 } 149 } 150 151 }