/** * Constructs the Java Dynamic Management(TM) Access Control List based on IP addresses. The ACL * will take the given owner name. The current IP address will be the owner of the ACL. * * @param Owner The name of the ACL Owner. * @param aclFileName The name of the ACL File. * @exception UnknownHostException If the local host is unknown. * @exception IllegalArgumentException If the ACL file doesn't exist. */ public SnmpAcl(String Owner, String aclFileName) throws UnknownHostException, IllegalArgumentException { trapDestList = new Hashtable<InetAddress, Vector<String>>(); informDestList = new Hashtable<InetAddress, Vector<String>>(); // PrincipalImpl() take the current host as entry owner = new PrincipalImpl(); try { acl = new AclImpl(owner, Owner); AclEntry ownEntry = new AclEntryImpl(owner); ownEntry.addPermission(READ); ownEntry.addPermission(WRITE); acl.addEntry(owner, ownEntry); } catch (NotOwnerException ex) { if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpAcl.class.getName(), "SnmpAcl(String,String)", "Should never get NotOwnerException as the owner " + "is built in this constructor"); } } if (aclFileName == null) setDefaultFileName(); else setAuthorizedListFile(aclFileName); readAuthorizedListFile(); }
/** * Sets the full path of the file containing the ACL information. * * @param filename The full path of the file containing the ACL information. * @throws IllegalArgumentException If the passed ACL file doesn't exist. */ public void setAuthorizedListFile(String filename) throws IllegalArgumentException { File file = new File(filename); if (!file.isFile()) { if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpAcl.class.getName(), "setAuthorizedListFile", "ACL file not found: " + filename); } throw new IllegalArgumentException( "The specified file [" + file + "] " + "doesn't exist or is not a file, " + "no configuration loaded"); } if (SNMP_LOGGER.isLoggable(Level.FINER)) { SNMP_LOGGER.logp( Level.FINER, SnmpAcl.class.getName(), "setAuthorizedListFile", "Default file set to " + filename); } authorizedListFile = filename; }
/** * Returns an enumeration of inform communities for a given host. * * @param i The address of the host. * @return An enumeration of inform communities for a given host (enumeration of <CODE>String * </CODE>). */ public Enumeration<String> getInformCommunities(InetAddress i) { Vector<String> list = null; if ((list = informDestList.get(i)) != null) { if (SNMP_LOGGER.isLoggable(Level.FINER)) { SNMP_LOGGER.logp( Level.FINER, SnmpAcl.class.getName(), "getInformCommunities", "[" + i.toString() + "] is in list"); } return list.elements(); } else { list = new Vector<>(); if (SNMP_LOGGER.isLoggable(Level.FINER)) { SNMP_LOGGER.logp( Level.FINER, SnmpAcl.class.getName(), "getInformCommunities", "[" + i.toString() + "] is not in list"); } return list.elements(); } }
/** * Gets the PDU encoded in this message. * * <p>This method decodes the data field and returns the resulting PDU. * * @return The resulting PDU. * @exception SnmpStatusException If the encoding is not valid. * @since 1.5 */ public SnmpPdu decodeSnmpPdu() throws SnmpStatusException { // // Decode the pdu // SnmpPduPacket pdu = null; BerDecoder bdec = new BerDecoder(data); try { int type = bdec.getTag(); bdec.openSequence(type); switch (type) { case pduGetRequestPdu: case pduGetNextRequestPdu: case pduInformRequestPdu: case pduGetResponsePdu: case pduSetRequestPdu: case pduV2TrapPdu: case pduReportPdu: SnmpPduRequest reqPdu = new SnmpPduRequest(); reqPdu.requestId = bdec.fetchInteger(); reqPdu.errorStatus = bdec.fetchInteger(); reqPdu.errorIndex = bdec.fetchInteger(); pdu = reqPdu; break; case pduGetBulkRequestPdu: SnmpPduBulk bulkPdu = new SnmpPduBulk(); bulkPdu.requestId = bdec.fetchInteger(); bulkPdu.nonRepeaters = bdec.fetchInteger(); bulkPdu.maxRepetitions = bdec.fetchInteger(); pdu = bulkPdu; break; case pduV1TrapPdu: SnmpPduTrap trapPdu = new SnmpPduTrap(); trapPdu.enterprise = new SnmpOid(bdec.fetchOid()); byte[] b = bdec.fetchOctetString(SnmpValue.IpAddressTag); if (b.length != 0) trapPdu.agentAddr = new SnmpIpAddress(b); else trapPdu.agentAddr = null; trapPdu.genericTrap = bdec.fetchInteger(); trapPdu.specificTrap = bdec.fetchInteger(); trapPdu.timeStamp = bdec.fetchInteger(SnmpValue.TimeticksTag); pdu = trapPdu; break; default: throw new SnmpStatusException(snmpRspWrongEncoding); } pdu.type = type; pdu.varBindList = decodeVarBindList(bdec); bdec.closeSequence(); } catch (BerException e) { if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpMessage.class.getName(), "decodeSnmpPdu", "BerException", e); } throw new SnmpStatusException(snmpRspWrongEncoding); } catch (IllegalArgumentException e) { // bug id 4654066 if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpMessage.class.getName(), "decodeSnmpPdu", "IllegalArgumentException", e); } throw new SnmpStatusException(snmpRspWrongEncoding); } // // The easy work // pdu.version = version; pdu.community = community; pdu.address = address; pdu.port = port; return pdu; }
/** Converts the input configuration file into ACL. */ private void readAuthorizedListFile() { alwaysAuthorized = false; if (authorizedListFile == null) { if (SNMP_LOGGER.isLoggable(Level.FINER)) { SNMP_LOGGER.logp( Level.FINER, SnmpAcl.class.getName(), "readAuthorizedListFile", "alwaysAuthorized set to true"); } alwaysAuthorized = true; } else { // Read the file content Parser parser = null; try { parser = new Parser(new FileInputStream(getAuthorizedListFile())); } catch (FileNotFoundException e) { if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpAcl.class.getName(), "readAuthorizedListFile", "The specified file was not found, authorize everybody"); } alwaysAuthorized = true; return; } try { JDMSecurityDefs n = parser.SecurityDefs(); n.buildAclEntries(owner, acl); n.buildTrapEntries(trapDestList); n.buildInformEntries(informDestList); } catch (ParseException e) { if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpAcl.class.getName(), "readAuthorizedListFile", "Got parsing exception", e); } throw new IllegalArgumentException(e.getMessage()); } catch (Error err) { if (SNMP_LOGGER.isLoggable(Level.FINEST)) { SNMP_LOGGER.logp( Level.FINEST, SnmpAcl.class.getName(), "readAuthorizedListFile", "Got unexpected error", err); } throw new IllegalArgumentException(err.getMessage()); } for (Enumeration<AclEntry> e = acl.entries(); e.hasMoreElements(); ) { AclEntryImpl aa = (AclEntryImpl) e.nextElement(); if (SNMP_LOGGER.isLoggable(Level.FINER)) { SNMP_LOGGER.logp( Level.FINER, SnmpAcl.class.getName(), "readAuthorizedListFile", "===> " + aa.getPrincipal().toString()); } for (Enumeration<java.security.acl.Permission> eee = aa.permissions(); eee.hasMoreElements(); ) { java.security.acl.Permission perm = eee.nextElement(); if (SNMP_LOGGER.isLoggable(Level.FINER)) { SNMP_LOGGER.logp( Level.FINER, SnmpAcl.class.getName(), "readAuthorizedListFile", "perm = " + perm); } } } } }