|
Packit |
022b05 |
/*
|
|
Packit |
022b05 |
* dump-boilerplate.c --
|
|
Packit |
022b05 |
*
|
|
Packit |
022b05 |
* Operations to dump security considerations boilerplates SMI modules.
|
|
Packit |
022b05 |
*
|
|
Packit |
022b05 |
* Copyright (c) 2008 J. Schoenwaelder, Technical University of Braunschweig.
|
|
Packit |
022b05 |
*
|
|
Packit |
022b05 |
* See the file "COPYING" for information on usage and redistribution
|
|
Packit |
022b05 |
* of this file, and for a DISCLAIMER OF ALL WARRANTIES.
|
|
Packit |
022b05 |
*
|
|
Packit |
022b05 |
* @(#) $Id: dump-identifiers.c 5758 2006-08-16 21:10:05Z schoenw $
|
|
Packit |
022b05 |
*/
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
#include <config.h>
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
#include <stdlib.h>
|
|
Packit |
022b05 |
#include <stdio.h>
|
|
Packit |
022b05 |
#include <stdarg.h>
|
|
Packit |
022b05 |
#include <string.h>
|
|
Packit |
022b05 |
#include <ctype.h>
|
|
Packit |
022b05 |
#include <time.h>
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
#include "smi.h"
|
|
Packit |
022b05 |
#include "smidump.h"
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
static int moduleLen = 0;
|
|
Packit |
022b05 |
static int identifierLen = 0;
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
static void fprintBoilerplate(FILE *f, int modc, SmiModule **modv)
|
|
Packit |
022b05 |
{
|
|
Packit |
022b05 |
SmiNode *smiNode;
|
|
Packit |
022b05 |
int i, roobjs = 0, rwobjs = 0;
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
for (i = 0; i < modc; i++) {
|
|
Packit |
022b05 |
for (smiNode = smiGetFirstNode(modv[i], SMI_NODEKIND_ANY);
|
|
Packit |
022b05 |
smiNode;
|
|
Packit |
022b05 |
smiNode = smiGetNextNode(smiNode, SMI_NODEKIND_ANY)) {
|
|
Packit |
022b05 |
if (!smiNode->name) continue;
|
|
Packit |
022b05 |
if (smiNode->access == SMI_ACCESS_READ_WRITE) {
|
|
Packit |
022b05 |
rwobjs++;
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
if (smiNode->access == SMI_ACCESS_READ_WRITE
|
|
Packit |
022b05 |
|| smiNode->access == SMI_ACCESS_READ_ONLY
|
|
Packit |
022b05 |
|| smiNode->access == SMI_ACCESS_NOTIFY) {
|
|
Packit |
022b05 |
roobjs++;
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (roobjs == 0 && rwobjs == 0) {
|
|
Packit |
022b05 |
fprintf(f,
|
|
Packit |
022b05 |
"This module does not define any management objects. Instead, it\n"
|
|
Packit |
022b05 |
"defines a set of textual conventions which may be used by other MIB\n"
|
|
Packit |
022b05 |
"modules to define management objects.\n"
|
|
Packit |
022b05 |
"\n"
|
|
Packit |
022b05 |
"Meaningful security considerations can only be written in the MIB\n"
|
|
Packit |
022b05 |
"modules that define management objects. This document has therefore\n"
|
|
Packit |
022b05 |
"no impact on the security of the Internet.\n");
|
|
Packit |
022b05 |
return;
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (rwobjs) {
|
|
Packit |
022b05 |
fprintf(f,
|
|
Packit |
022b05 |
"# if you have any read-write and/or read-create objects, please\n"
|
|
Packit |
022b05 |
"# describe their specific sensitivity or vulnerability.\n"
|
|
Packit |
022b05 |
"# RFC 2669 has a very good example.\n"
|
|
Packit |
022b05 |
"\n"
|
|
Packit |
022b05 |
"There are a number of management objects defined in this MIB module\n"
|
|
Packit |
022b05 |
"with a MAX-ACCESS clause of read-write and/or read-create. Such\n"
|
|
Packit |
022b05 |
"objects may be considered sensitive or vulnerable in some network\n"
|
|
Packit |
022b05 |
"environments. The support for SET operations in a non-secure\n"
|
|
Packit |
022b05 |
"environment without proper protection can have a negative effect on\n"
|
|
Packit |
022b05 |
"network operations. These are the tables and objects and their\n"
|
|
Packit |
022b05 |
"sensitivity/vulnerability:\n"
|
|
Packit |
022b05 |
"\n");
|
|
Packit |
022b05 |
for (i = 0; i < modc; i++) {
|
|
Packit |
022b05 |
for (smiNode = smiGetFirstNode(modv[i], SMI_NODEKIND_ANY);
|
|
Packit |
022b05 |
smiNode;
|
|
Packit |
022b05 |
smiNode = smiGetNextNode(smiNode, SMI_NODEKIND_ANY)) {
|
|
Packit |
022b05 |
if (smiNode->access == SMI_ACCESS_READ_WRITE
|
|
Packit |
022b05 |
&& smiNode->name) {
|
|
Packit |
022b05 |
fprintf(f, " %-*s # explain sensitivity\n",
|
|
Packit |
022b05 |
identifierLen, smiNode->name);
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
fprintf(f, "\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
} else {
|
|
Packit |
022b05 |
fprintf(f,
|
|
Packit |
022b05 |
"There are no management objects defined in this MIB module that have\n"
|
|
Packit |
022b05 |
"a MAX-ACCESS clause of read-write and/or read-create. So, if this\n"
|
|
Packit |
022b05 |
"MIB module is implemented correctly, then there is no risk that an\n"
|
|
Packit |
022b05 |
"intruder can alter or create any management objects of this MIB\n"
|
|
Packit |
022b05 |
"module via direct SNMP SET operations.\n"
|
|
Packit |
022b05 |
"\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (roobjs) {
|
|
Packit |
022b05 |
fprintf(f,
|
|
Packit |
022b05 |
"# for all MIB modules you must evaluate whether any readable objects\n"
|
|
Packit |
022b05 |
"# are sensitive or vulnerable (for instance, if they might reveal\n"
|
|
Packit |
022b05 |
"# customer information or violate personal privacy laws such as\n"
|
|
Packit |
022b05 |
"# those of the European Union if exposed to unathorized parties)\n"
|
|
Packit |
022b05 |
"\n"
|
|
Packit |
022b05 |
"Some of the readable objects in this MIB module (i.e., objects with a\n"
|
|
Packit |
022b05 |
"MAX-ACCESS other than not-accessible) may be considered sensitive or\n"
|
|
Packit |
022b05 |
"vulnerable in some network environments. It is thus important to\n"
|
|
Packit |
022b05 |
"control even GET and/or NOTIFY access to these objects and possibly\n"
|
|
Packit |
022b05 |
"to even encrypt the values of these objects when sending them over\n"
|
|
Packit |
022b05 |
"the network via SNMP. These are the tables and objects and their\n"
|
|
Packit |
022b05 |
"sensitivity/vulnerability:\n"
|
|
Packit |
022b05 |
"\n");
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
for (i = 0; i < modc; i++) {
|
|
Packit |
022b05 |
for (smiNode = smiGetFirstNode(modv[i], SMI_NODEKIND_ANY);
|
|
Packit |
022b05 |
smiNode;
|
|
Packit |
022b05 |
smiNode = smiGetNextNode(smiNode, SMI_NODEKIND_ANY)) {
|
|
Packit |
022b05 |
if ((smiNode->access == SMI_ACCESS_READ_WRITE
|
|
Packit |
022b05 |
|| smiNode->access == SMI_ACCESS_READ_ONLY
|
|
Packit |
022b05 |
|| smiNode->access == SMI_ACCESS_NOTIFY)
|
|
Packit |
022b05 |
&& smiNode->name) {
|
|
Packit |
022b05 |
fprintf(f, " %-*s # explain sensitivity\n",
|
|
Packit |
022b05 |
identifierLen, smiNode->name);
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
fprintf(f, "\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
fprintf(f,
|
|
Packit |
022b05 |
"SNMP versions prior to SNMPv3 did not include adequate security.\n"
|
|
Packit |
022b05 |
"Even if the network itself is secure (for example by using IPsec),\n"
|
|
Packit |
022b05 |
"even then, there is no control as to who on the secure network is\n"
|
|
Packit |
022b05 |
"allowed to access and GET/SET (read/change/create/delete) the objects\n"
|
|
Packit |
022b05 |
"in this MIB module.\n"
|
|
Packit |
022b05 |
"\n"
|
|
Packit |
022b05 |
"It is RECOMMENDED that implementers consider the security features as\n"
|
|
Packit |
022b05 |
"provided by the SNMPv3 framework (see [RFC3410], section 8),\n"
|
|
Packit |
022b05 |
"including full support for the SNMPv3 cryptographic mechanisms (for\n"
|
|
Packit |
022b05 |
"authentication and privacy).\n"
|
|
Packit |
022b05 |
"\n"
|
|
Packit |
022b05 |
"Further, deployment of SNMP versions prior to SNMPv3 is NOT\n"
|
|
Packit |
022b05 |
"RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to\n"
|
|
Packit |
022b05 |
"enable cryptographic security. It is then a customer/operator\n"
|
|
Packit |
022b05 |
"responsibility to ensure that the SNMP entity giving access to an\n"
|
|
Packit |
022b05 |
"instance of this MIB module is properly configured to give access to\n"
|
|
Packit |
022b05 |
"the objects only to those principals (users) that have legitimate\n"
|
|
Packit |
022b05 |
"rights to indeed GET or SET (change/create/delete) them.\n"
|
|
Packit |
022b05 |
"\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
static void dumpBoilerplate(int modc, SmiModule **modv, int flags,
|
|
Packit |
022b05 |
char *output)
|
|
Packit |
022b05 |
{
|
|
Packit |
022b05 |
SmiNode *smiNode;
|
|
Packit |
022b05 |
int i, len;
|
|
Packit |
022b05 |
FILE *f = stdout;
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (output) {
|
|
Packit |
022b05 |
f = fopen(output, "w");
|
|
Packit |
022b05 |
if (!f) {
|
|
Packit |
022b05 |
fprintf(stderr, "smidump: cannot open %s for writing: ", output);
|
|
Packit |
022b05 |
perror(NULL);
|
|
Packit |
022b05 |
exit(1);
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
for (moduleLen = 0, identifierLen = 0, i = 0; i < modc; i++) {
|
|
Packit |
022b05 |
for (smiNode = smiGetFirstNode(modv[i], SMI_NODEKIND_ANY);
|
|
Packit |
022b05 |
smiNode;
|
|
Packit |
022b05 |
smiNode = smiGetNextNode(smiNode, SMI_NODEKIND_ANY)) {
|
|
Packit |
022b05 |
if (smiNode->name) {
|
|
Packit |
022b05 |
len = strlen(smiNode->name);
|
|
Packit |
022b05 |
if (len > identifierLen) identifierLen = len;
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (flags & SMIDUMP_FLAG_UNITE) {
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (! (flags & SMIDUMP_FLAG_SILENT)) {
|
|
Packit |
022b05 |
fprintf(f, "# united security considerations boilerplate (generated by smidump "
|
|
Packit |
022b05 |
SMI_VERSION_STRING ")\n\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (! (flags & SMIDUMP_FLAG_SILENT) && (flags & SMIDUMP_FLAG_ERROR)) {
|
|
Packit |
022b05 |
fprintf(f, "# WARNING: this output may be incorrect due to "
|
|
Packit |
022b05 |
"significant parse errors\n\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
fprintBoilerplate(f, modc, modv);
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
} else {
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
for (i = 0; i < modc; i++) {
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (! (flags & SMIDUMP_FLAG_SILENT)) {
|
|
Packit |
022b05 |
fprintf(f, "# %s security considerations boilerplate (generated by smidump "
|
|
Packit |
022b05 |
SMI_VERSION_STRING ")\n\n",
|
|
Packit |
022b05 |
modv[i]->name);
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (! (flags & SMIDUMP_FLAG_SILENT) && (flags & SMIDUMP_FLAG_ERROR)) {
|
|
Packit |
022b05 |
fprintf(f, "# WARNING: this output may be incorrect due to "
|
|
Packit |
022b05 |
"significant parse errors\n\n");
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
fprintBoilerplate(f, 1, &(modv[i]));
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (fflush(f) || ferror(f)) {
|
|
Packit |
022b05 |
perror("smidump: write error");
|
|
Packit |
022b05 |
exit(1);
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
if (output) {
|
|
Packit |
022b05 |
fclose(f);
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
}
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
void initBoilerplate()
|
|
Packit |
022b05 |
{
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
static SmidumpDriver driver = {
|
|
Packit |
022b05 |
"boilerplate",
|
|
Packit |
022b05 |
dumpBoilerplate,
|
|
Packit |
022b05 |
SMI_FLAG_NODESCR,
|
|
Packit |
022b05 |
0,
|
|
Packit |
022b05 |
"generate security considerations boilerplate text",
|
|
Packit |
022b05 |
NULL,
|
|
Packit |
022b05 |
NULL
|
|
Packit |
022b05 |
};
|
|
Packit |
022b05 |
|
|
Packit |
022b05 |
smidumpRegisterDriver(&driver);
|
|
Packit |
022b05 |
}
|