// // This file is part of the OpenNMS(R) Application. // // OpenNMS(R) is Copyright (C) 2005 The OpenNMS Group, Inc. All rights reserved. // OpenNMS(R) is a derivative work, containing both original code, included code and modified // code that was published under the GNU General Public License. Copyrights for modified // and included code are below. // // OpenNMS(R) is a registered trademark of The OpenNMS Group, Inc. // // Modifications: // // 2007 Jun 23: Format code, move SNMP session creation, PDU creation, // and version string into this class. - dj@opennms.org // // Original code base Copyright (C) 1999-2001 Oculan Corp. All rights reserved. // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation; either version 2 of the License, or // (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // // For more information contact: // OpenNMS Licensing <license@opennms.org> // http://www.opennms.org/ // http://www.opennms.com/ // // Tab Size = 8 package org.infosec.ismp.snmp.snmp4j; import java.io.IOException; import java.net.InetAddress; import org.infosec.ismp.snmp.SnmpAgentConfig; import org.snmp4j.CommunityTarget; import org.snmp4j.PDU; import org.snmp4j.ScopedPDU; import org.snmp4j.Snmp; import org.snmp4j.Target; import org.snmp4j.TransportMapping; import org.snmp4j.UserTarget; import org.snmp4j.mp.SnmpConstants; import org.snmp4j.security.AuthMD5; import org.snmp4j.security.AuthSHA; import org.snmp4j.security.PrivAES128; import org.snmp4j.security.PrivAES192; import org.snmp4j.security.PrivAES256; import org.snmp4j.security.PrivDES; import org.snmp4j.security.SecurityLevel; import org.snmp4j.security.UsmUser; import org.snmp4j.smi.Address; import org.snmp4j.smi.OID; import org.snmp4j.smi.OctetString; import org.snmp4j.smi.UdpAddress; import org.snmp4j.transport.DefaultUdpTransportMapping; public class Snmp4JAgentConfig { private SnmpAgentConfig m_config; public Snmp4JAgentConfig(SnmpAgentConfig config) { m_config = config; } public InetAddress getInetAddress() { return m_config.getAddress(); } public OctetString getAuthPassPhrase() { return createOctetString(m_config.getAuthPassPhrase()); } public OID getAuthProtocol() { return convertAuthProtocol(m_config.getAuthProtocol()); } public int getMaxRequestSize() { return m_config.getMaxRequestSize(); } public int getMaxVarsPerPdu() { return m_config.getMaxVarsPerPdu(); } public int getMaxRepetitions() { return m_config.getMaxRepetitions(); } public int getPort() { return m_config.getPort(); } public int getRetries() { return m_config.getRetries(); } public int getSecurityLevel() { return convertSecurityLevel(m_config.getSecurityLevel()); } public OctetString getSecurityName() { return convertSecurityName(m_config.getSecurityName()); } public int getTimeout() { return m_config.getTimeout(); } public int getVersion() { return convertVersion(m_config.getVersion()); } /** * Returns a string representation of the SNMP4J version constant * @param version * @return */ public String getVersionString() { switch (getVersion()) { case SnmpConstants.version1: return "SNMPv1"; case SnmpConstants.version2c: return "SNMPv2c"; case SnmpConstants.version3: return "SNMPv3"; default: return "unknown: " + getVersion(); } } public String getWriteCommunity() { return m_config.getWriteCommunity(); } public String toString() { return m_config.toString(); } /** * This method converts an InetAddress to an implementation of an SNMP4J Address * (UdpAddress or TcpAddress) * * TODO: This needs to be updated when the protocol flag is added to the SNMP Config * so that UDP or TCP can be used in v3 operations. */ private Address convertAddress(InetAddress address, int port) { String transportAddress = address.getHostAddress(); transportAddress += "/" + port; Address targetAddress = new UdpAddress(transportAddress); return targetAddress; } /** * This method adapts the OpenNMS SNMP version constants * to SNMP4J defined constants. * * @param version * @return */ private int convertVersion(int version) { switch (version) { case SnmpAgentConfig.VERSION3: return SnmpConstants.version3; case SnmpAgentConfig.VERSION2C: return SnmpConstants.version2c; default: return SnmpConstants.version1; } } private OctetString createOctetString(String s) { if (s == null) { return null; } OctetString octetString; if (s.startsWith("0x")) { octetString = OctetString.fromHexString(s.substring(2), ':'); } else { octetString = new OctetString(s); } return octetString; } /** * Adapts the OpenNMS SNMPv3 security name to an SNMP4J compatible * security name (String -> OctetString) * * @param securityName * @return */ private OctetString convertSecurityName(String securityName) { return new OctetString(securityName); } private OID convertPrivProtocol(String privProtocol) { /* * Returning null here is okay because the SNMP4J library supports * this value as null when creating the Snmp session. */ if (privProtocol == null) { return null; } if (privProtocol.equals("DES")) { return PrivDES.ID; } else if ((privProtocol.equals("AES128")) || (privProtocol.equals("AES"))) { return PrivAES128.ID; } else if (privProtocol.equals("AES192")) { return PrivAES192.ID; } else if (privProtocol.equals("AES256")) { return PrivAES256.ID; } else { throw new IllegalArgumentException("Privacy protocol " + privProtocol + " not supported"); } } /** * Adapts the OpenNMS SNMPv3 community name to an SNMP4J compatible * community name (String -> OctetString) * * @param agentConfig * @return */ private OctetString convertCommunity(String community) { return new OctetString(community); } private OID convertAuthProtocol(String authProtocol) { /* * Returning null here is okay because the SNMP4J library supports * this value as null when creating the Snmp session. */ if (authProtocol == null) { return null; } if (authProtocol.equals("MD5")) { return AuthMD5.ID; } else if (authProtocol.equals("SHA")) { return AuthSHA.ID; } else { throw new IllegalArgumentException("Authentication protocol unsupported: " + authProtocol); } } public Target getTarget() { Target target = createTarget(); target.setVersion(getVersion()); target.setRetries(getRetries()); target.setTimeout(getTimeout()); target.setAddress(getAddress()); target.setMaxSizeRequestPDU(getMaxRequestSize()); return target; } private Target createTarget() { return (isSnmpV3() ? createUserTarget() : createCommunityTarget()); } boolean isSnmpV3() { return m_config.getVersion() == SnmpConstants.version3; } private Target createCommunityTarget() { CommunityTarget target = new CommunityTarget(); target.setCommunity(getReadCommunity()); return target; } private Target createUserTarget() { UserTarget target = new UserTarget(); target.setSecurityLevel(getSecurityLevel()); target.setSecurityName(getSecurityName()); return target; } private OctetString getReadCommunity() { return convertCommunity(m_config.getReadCommunity()); } private Address getAddress() { return convertAddress(getInetAddress(), getPort()); } public OID getPrivProtocol() { return convertPrivProtocol(m_config.getPrivProtocol()); } public OctetString getPrivPassPhrase() { return createOctetString(m_config.getPrivPassPhrase()); } /** * This method adapts the OpenNMS SNMPv3 security level constants * to SNMP4J defined constants. * * @param securityLevel * @return */ private int convertSecurityLevel(int securityLevel) { switch (securityLevel) { case SnmpAgentConfig.AUTH_NOPRIV : securityLevel = SecurityLevel.AUTH_NOPRIV; break; case SnmpAgentConfig.AUTH_PRIV : securityLevel = SecurityLevel.AUTH_PRIV; break; case SnmpAgentConfig.NOAUTH_NOPRIV : securityLevel = SecurityLevel.NOAUTH_NOPRIV; break; default : securityLevel = SecurityLevel.NOAUTH_NOPRIV; } return securityLevel; } public Snmp createSnmpSession() throws IOException { TransportMapping transport = new DefaultUdpTransportMapping(); Snmp session = new Snmp(transport); if (isSnmpV3()) { session.getUSM().addUser(getSecurityName(), new UsmUser(getSecurityName(), getAuthProtocol(), getAuthPassPhrase(), getPrivProtocol(), getPrivPassPhrase())); } return session; } /** * Creates an SNMP4J PDU based on the SNMP4J version constants. * A v3 request requires a ScopedPDU. * * @param type * @return */ public PDU createPdu(int type) { PDU pdu = getVersion() == SnmpConstants.version3 ? new ScopedPDU() : new PDU(); pdu.setType(type); return pdu; } }