View Source snmp_user_based_sm_mib (snmp v5.16)

Instrumentation Functions for SNMP-USER-BASED-SM-MIB

The module snmp_user_based_sm_mib implements the instrumentation functions for the SNMP-USER-BASED-SM-MIB, and functions for configuring the database.

Note that authentication has been extended according to RFC 7860 (SNMP-USM-HMAC-SHA2-MIB).

The configuration files are described in the SNMP User's Manual.

Summary

Types

The size/length of the list depends on auth protocol

Note

"An indication of whether messages sent on behalf of this user to/from the SNMP engine identified by usmUserEngineID, can be authenticated, and if so, the type of authentication protocol which is used."

Note

"A pointer to another conceptual row in this usmUserTable. The user in this other conceptual row is called the clone-from user."

Note

"Every definition of an object with this syntax must identify a protocol P, a secret key K, and a hash algorithm H that produces output of L octets."

Note

"A human readable string representing the name of the user. This is the (User-based Security) Model dependent security ID."

The size/length of the list depends on priv protocol

Note

"An indication of whether messages sent on behalf of this user to/from the SNMP engine identified by usmUserEngineID, can be protected from disclosure, and if so, the type of privacy protocol which is used."

OCTET STRING (SIZE(0..32))

Functions

Adds a USM security data (user) to the agent config. Equivalent to one line in the usm.conf file.

This function is called from the supervisor at system start-up.

Delete a USM security data (user) from the agent config.

Inserts all data in the configuration files into the database and destroys all old data, including the rows with StorageType nonVolatile. The rows created from the configuration file will have StorageType nonVolatile.

Types

-type auth_key() :: snmp:octet_string().

The size/length of the list depends on auth protocol:

               Size any for usmNoAuthProtocol
               Size 16  for usmHMACMD5AuthProtocol
               Size 20  for usmHMACSHAAuthProtocol
               Size 28  for usmHMAC128SHA224AuthProtocol
               Size 32  for usmHMAC192SHA256AuthProtocol
               Size 48  for usmHMAC256SHA384AuthProtocol
	       Size 64  for usmHMAC384SHA512AuthProtocol
-type auth_protocol() ::
    usmNoAuthProtocol | usmHMACMD5AuthProtocol | usmHMACSHAAuthProtocol |
    usmHMAC128SHA224AuthProtocol | usmHMAC192SH256AuthProtocol | usmHMAC256SHA384AuthProtocol |
    usmHMAC384SHA512AuthProtocol.

Note

"An indication of whether messages sent on behalf of this user to/from the SNMP engine identified by usmUserEngineID, can be authenticated, and if so, the type of authentication protocol which is used."

Note

Some of the entries of this tyype are actually defined by the SNMP-USM-HMAC-SHA2-MIB mib.

AutonomousType

-type clone_from() :: zeroDotZero | snmp:row_pointer().

Note

"A pointer to another conceptual row in this usmUserTable. The user in this other conceptual row is called the clone-from user."

RowPointer

-type key_change() :: snmp:octet_string().

Note

"Every definition of an object with this syntax must identify a protocol P, a secret key K, and a hash algorithm H that produces output of L octets."

OCTET STRING

-type name() :: snmp_framework_mib:admin_string().

Note

"A human readable string representing the name of the user. This is the (User-based Security) Model dependent security ID."

SnmpAdminString (SIZE(1..32))

-type priv_key() :: snmp:octet_string().

The size/length of the list depends on priv protocol:

	       Size any for usmNoPrivProtocol
               Size 16  for usmDESPrivProtocol
               Size 16  for usmAesCfb128Protocol
-type priv_protocol() :: usmNoPrivProtocol | usmDESPrivProtocol | usmAesCfb128Protocol.

Note

"An indication of whether messages sent on behalf of this user to/from the SNMP engine identified by usmUserEngineID, can be protected from disclosure, and if so, the type of privacy protocol which is used."

Note

Some of the entries of this tyype are actually defined by the SNMP-USM-AES-MIB mib.

AutonomousType

-type public() :: string().

OCTET STRING (SIZE(0..32))

-type usm_entry() ::
    {EngineID :: snmp_framework_mib:engine_id(),
     UserName :: name(),
     SecName :: snmp_framework_mib:admin_string(),
     Clone :: clone_from(),
     AuthP :: auth_protocol(),
     AuthKeyC :: key_change(),
     OwnAuthKeyC :: key_change(),
     PrivP :: priv_protocol(),
     PrivKeyC :: key_change(),
     OwnPrivKeyC :: key_change(),
     Public :: public(),
     AuthKey :: auth_key(),
     PrivKey :: priv_key()}.

Functions

Link to this function

add_user(EngineID, Name, SecName, Clone, AuthP, AuthKeyC, OwnAuthKeyC, PrivP, PrivKeyC, OwnPrivKeyC, Public, AuthKey, PrivKey)

View Source
-spec add_user(EngineID, Name, SecName, Clone, AuthP, AuthKeyC, OwnAuthKeyC, PrivP, PrivKeyC,
         OwnPrivKeyC, Public, AuthKey, PrivKey) ->
            {ok, Key} | {error, Reason}
            when
                EngineID :: snmp_framework_mib:engine_id(),
                Name :: name(),
                SecName :: snmp_framework_mib:admin_string(),
                Clone :: clone_from(),
                AuthP :: auth_protocol(),
                AuthKeyC :: key_change(),
                OwnAuthKeyC :: key_change(),
                PrivP :: priv_protocol(),
                PrivKeyC :: key_change(),
                OwnPrivKeyC :: key_change(),
                Public :: public(),
                AuthKey :: auth_key(),
                PrivKey :: priv_key(),
                Key :: term(),
                Reason :: term().

Adds a USM security data (user) to the agent config. Equivalent to one line in the usm.conf file.

-spec configure(ConfDir) -> snmp:void() when ConfDir :: string().

This function is called from the supervisor at system start-up.

Inserts all data in the configuration files into the database and destroys all old rows with StorageType volatile. The rows created from the configuration file will have StorageType nonVolatile.

All snmp counters are set to zero.

If an error is found in the configuration file, it is reported using the function config_err/2 of the error report module, and the function fails with the reason configuration_error.

ConfDir is a string which points to the directory where the configuration files are found.

The configuration file read is: usm.conf.

-spec delete_user(Key) -> ok | {error, Reason} when Key :: term(), Reason :: term().

Delete a USM security data (user) from the agent config.

-spec reconfigure(ConfDir) -> snmp:void() when ConfDir :: string().

Inserts all data in the configuration files into the database and destroys all old data, including the rows with StorageType nonVolatile. The rows created from the configuration file will have StorageType nonVolatile.

Thus, the data in the SNMP-USER-BASED-SM-MIB, after this function has been called, is the data from the configuration files.

All snmp counters are set to zero.

If an error is found in the configuration file, it is reported using the function config_err/2 of the error report module, and the function fails with the reason configuration_error.

ConfDir is a string which points to the directory where the configuration files are found.

The configuration file read is: usm.conf.