send_v3trap context value - net-snmp

I am developing shared library and subagent for net-snmp. I need to send v3 traps for specific hardware events. I would like to know what value need to be filled in the context value of send_v3trap API.
void send_v3trap(netsnmp_variable_list * vars,const char * context )
Is this context value, same as user defined engine id ? i.e., the one which needs to be configured in snmptrapd.conf as below ?
createUser -e ENGINEID myuser SHA "my authentication pass" AES "my encryption pass"
More on configuring in this link
There is an example source code available for sending
v2traps
By looking at the net-snmp source code, send_v3trap calls internally send_v2trap and eventually,
/* A context name was provided, so copy it and its length to the v2 pdu
* template. */
if (context != NULL)
{
template_v2pdu->contextName = strdup(context);
template_v2pdu->contextNameLen = strlen(context);
}

Answering my own question.
"context" value can be filled with
value returned by "snmpv3_get_engineID"
NULL
As long as, configurations are proper in terms of v3 i.e., trapsess -v3 specified in the host and on the target, engineid of net-snmp is specified, then everything works fine.
Only unclear part still is, if someone is able to send v3 traps without specifying "context", in which scenario would it be useful really !

Related

C OpenSSL: How to get X509_STORE_CTX from X509_STORE?

I have a X509_STORE* pointer, my goal is to get its associated X509_STORE_CTX* pointer. May I know how to do this? I cannot get access to where initialize the X509_STORE_CTX*.
probably this is a simple question, but I check the OpenSSL manual API and its related header file again and again, not find any API could do this. Thanks.
A single X509_STORE can be used/shared by an unlimited number of X509_STORE_CTX, but most of the time isn't used/referenced by any, so an API to get "its ... pointer" makes no sense and does not exist.
This (not at all coincidentally) reflects a similar, but inversely named, difference at the SSL module (libssl) level. An SSL_CTX object defines security parameters that can be used by any number of connections each implemented as an SSL object. In the original design, the SSL_CTX owns an X509_STORE representing the truststore -- the set of roots (or other anchors if PARTIAL_CHAIN is used) used to validate peer certs and potentially to build out 'own' chains -- which you can modify using the CTX APIs like SSL_CTX_load_verify_locations or you can get the (automatically created) store with SSL_CTX_get_cert_store and modify it or create your own and install it with SSL_CTX_set_cert_store. OTOH each SSL dynamically creates its own X509_STORE_CTX while validating or sending a cert; no X509_STORE_CTX exists at other times. In 1.0.2 up an SSL by default uses the SSL_CTX store but you can override with SSL_set[01]_{verify,chain}_cert_store.
When you create an X509_STORE_CTX you identify the X509_STORE to use with X509_STORE_CTX_init. When you _free it this use/reference is terminated.

BlueNRG Bluetooth: read central device name

I'm using the STM BlueNRG-MS chip on my peripheral device and after connection I'd like to read the name of the connected central device (android phone).
I thought I can do this directly in my user_notify routine which is registered as hci callback
/* Initialize the Host-Controller Interface */
hci_init(user_notify, NULL);
So on the EVT_LE_CONN_COMPLETE event, I take the provided handle for the central device and I use aci_gatt_read_using_charac_uuid() to read what I thought is the characteristic with the device name (uuid 0x2a00).
case EVT_LE_META_EVENT:
{
evt_le_meta_event *evt = (void *)event_pckt->data;
switch(evt->subevent){
case EVT_LE_CONN_COMPLETE:
{
evt_le_connection_complete *cc = (void *)evt->data;
GAP_ConnectionComplete_CB(cc->peer_bdaddr, cc->handle);
uint16_t uuid = 0x2a00;
resp = aci_gatt_read_using_charac_uuid(cc->handle, 0, 1, UUID_TYPE_16, (uint8_t*)&uuid);
LOG("GATT read status: %d", resp);
enqueEvent(EVENT_BLE_CONNECTED);
}
break;
}
}
Long story short, it doesn't work. First thing I'm not sure about is, what is the start_handle and end_handle parameter of aci_gatt_read_using_charac_uuid(), it returns ERR_INVALID_HCI_CMD_PARAMS.
Can someone shed some light here?
update
What also puzzles me is that the function aci_gatt_read_using_charac_uuid() is nowehere referenced in the BlueNRG-MS Programming Guidelines.
update2
I changed the function call to aci_gatt_read_using_charac_uuid(cc->handle, 0x0001, 0xffff, UUID_TYPE_16, (uint8_t*)&uuid); but I still get the ERR_INVALID_HCI_CMD_PARAMS. What which paramter could even be invalid? The uuid exists, I can read the device name if I use the BlueNRG GUI with a bluetooth dongle.
update3
Has anyone ever used this function or somehow managed to read a characteristic from a central device? I'd highly appreciate any help or hint.
Here you go, The BlueNRG-MS Bluetooth® LE stack application command interface (ACI) - User manual
page 75 - 4.6.25 Aci_Gatt_Read_Charac_Using_UUID()
and make sure you have called Aci_Gatt_Init()
The user manual is last revised July 2019, the document you link to is from 2018, don't know if this is why ?
The start_handle and end_handle is the range of handles in your service as pictured here -
Here is a discussion to the closest thing I could find to match your question.
As it turned out there are two bugs in the BlueNRG API.
In bluenrg_aci_const.h file the OCF code OCF_GATT_READ_USING_CHARAC_UUID shall be 0x119 instead of 0x109.
And in the implementation of the aci_gatt_read_using_charac_uuid() function, there is a missing setting on event:
rq.event = EVT_CMD_STATUS;
Patching them fixed the issue.

Hapi API: how to modify the Message ACK ID behaviour

I am using the following code to generate a message ACK:
public static Message process(Message in) throws Exception {
ADTReceiverQueue.getInstance().submit(in);
Message out = in.generateACK();
return out;
}
}
This generates the following warning:
FileBasedGenerator - Could not write ID to file /var/lib/tomcat7/./id_file, going to use internal ID generator. /var/lib/tomcat7/./id_file (Permission denied)
I can obviously set permissions to remove the warning, however I am wondering how to tell Hapi to use the internal ID generator or possibly a generator where the ID is stored in a database?
HAPI provides the IDGenerator interface to provide different implementations of ID generation. If you look at the JavaDoc for that class you'll find a bunch of different options for doing ID generation and you could certainly roll your own too.
To actually set the ID generator is easy enough, you just need to set it on the ParserConfiguration which is stored in the context.
HapiContext ctx = new DefaultHapiContext();
ctx.getParserConfiguration().setIdGenerator(new FileBasedHiLoGenerator());
If you use that context object to create your server then you're done, or if you didn't you can explicitly set it on the received message before generating an ACK.
in.setParser(ctx.getPipeParser());
-James

UEFI programming EFI_USER_MANAGER_PROTOCOL

I use following command to locate EFI_USER_MANAGER_PROTOCOL:
Status = gBS->LocateHandle(ByProtocol, &gEfiUserManagerProtocolGuid, NULL, &bufferSizeu, handlesu);
I get EFI_ERROR - EFI_NOT_FOUND.
Now i try to install protocol and then open protocol:
Status = gBS->InstallMultipleProtocolInterfaces (&ImageHandle, &gEfiUserManagerProtocolGuid, NULL, NULL);
Protocol open successfully and i try to call function current():
Status = users->Current(users, &User);
Computer freezes and no show any errors.
How can I fix it?
To fix the problem you need to check how you call InstallMultipleProtocolInterfaces - it looks like you did not provide the protocol instance (actually you provided NULL). Therefore when you locate the protocol instance you locate what you placed there, i.e. NULL, so your "users" variable is NULL and the system hangs when you use it.
Please find in UEFI spec the description of InstallMultipleProtocolInterfaces:
The first item (after Handle) is always a pointer to the protocol’s GUID, and the second item is always a pointer to the protocol’s interface. These pairs are used to call the boot service InstallProtocolInterface() to add a protocol interface to Handle.
I would do something like:
Status = gBS->InstallMultipleProtocolInterfaces (
&ImageHandle,
&gEfiUserManagerProtocolGuid,
&mUserManager,
NULL);
where mUserManager would be your protocol interface structure. Since you own the protocol interface, you can verify if the address of the located protocol points to the actual location of the structure.

Sharing a DNSServiceRef using kDNSServiceFlagsShareConnection stalls my program

I'm building a client using dns-sd api from Bonjour. I notice that there is a flag called kDNSServiceFlagsShareConnection that it is used to share the connection of one DNSServiceRef.
Apple site says
For efficiency, clients that perform many concurrent operations may want to use a single Unix Domain Socket connection with the background daemon, instead of having a separate connection for each independent operation. To use this mode, clients first call DNSServiceCreateConnection(&MainRef) to initialize the main DNSServiceRef. For each subsequent operation that is to share that same connection, the client copies the MainRef, and then passes the address of that copy, setting the ShareConnection flag to tell the library that this DNSServiceRef is not a typical uninitialized DNSServiceRef; it's a copy of an existing DNSServiceRef whose connection information should be reused.
There is even an example that shows how to use the flag. The problem i'm having is when I run the program it stays like waiting for something whenever I call a function with the flag. Here is the code:
DNSServiceErrorType error;
DNSServiceRef MainRef, BrowseRef;
error = DNSServiceCreateConnection(&MainRef);
BrowseRef = MainRef;
//I'm omitting when I check for errors
error = DNSServiceBrowse(&MainRef, kDNSServiceFlagsShareConnection, 0, "_http._tcp", "local", browse_reply, NULL);
// After this call the program stays waiting for I don't know what
//I'm omitting when I check for errors
error = DNSServiceBrowse(&BrowseRef, kDNSServiceFlagsShareConnection, 0, "_http._tcp", "local", browse_reply, NULL);
//I'm omitting when i check for errors
DNSServiceRefDeallocate(BrowseRef); // Terminate the browse operation
DNSServiceRefDeallocate(MainRef); // Terminate the shared connection
Any ideas? thoughts? suggestion?
Since there are conflicting answers, I dug up the source - annotations by me.
// If sharing...
if (flags & kDNSServiceFlagsShareConnection)
{
// There must be something to share (can't use this on the first call)
if (!*ref)
{
return kDNSServiceErr_BadParam;
}
// Ref must look valid (specifically, ref->fd)
if (!DNSServiceRefValid(*ref) ||
// Most operations cannot be shared.
((*ref)->op != connection_request &&
(*ref)->op != connection_delegate_request) ||
// When sharing, pass the ref from the original call.
(*ref)->primary)
{
return kDNSServiceErr_BadReference;
}
The primary fiels is explained elsewhere:
// When using kDNSServiceFlagsShareConnection, there is one primary _DNSServiceOp_t, and zero or more subordinates
// For the primary, the 'next' field points to the first subordinate, and its 'next' field points to the next, and so on.
// For the primary, the 'primary' field is NULL; for subordinates the 'primary' field points back to the associated primary
The problem with the question is that DNSServiceBrowse maps to ref->op==browse_request which causes a kDNSServiceErr_BadReference.
It looks like kDNSServiceFlagsShareConnection is half-implemented, because I've also seen cases in which it works - this source was found by tracing back when it didn't work.
Service referenses for browsing and resolving may unfortunately not be shared. See the comments in the Bonjour documentation for the kDNSServiceFlagsShareConnection-flag. Since you only browse twice I would just let them have separate service-refs instead.
So both DNSServiceBrowse() and DNSServiceResolve() require an unallocated service-ref as first parameter.
I can't explain why your program chokes though. The first DNSServiceBrowse() call in your example should return immediately with an error code.
Although an old question, but it should help people looking around for answers now.
The answer by vidtige is incorrect, the may be shared for any operation, provided you pass the 'kDNSServiceFlagsShareConnection' flag along with the arguments. Sample below -
m_dnsrefsearch = m_dnsservice;
DNSServiceErrorType mdnserr = DNSServiceBrowse(&m_dnsrefsearch,kDNSServiceFlagsShareConnection,0,
"_workstation._tcp",NULL,
DNSServiceBrowseReplyCallback,NULL);
Reference - http://osxr.org/android/source/external/mdnsresponder/mDNSShared/dns_sd.h#0267

Resources