From 22f30b6860b9577b8d3709013e1af9fb621a1895 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Mon, 5 Sep 2011 16:41:02 +0300
Subject: auth-snmp: fix q-bridge-mib vlan queries

The queries use Q-BRIDGE-MIB's qVlanId which is switch specific
mapping. Exception seems to be 1810G's which use the real VLAN
index.
---
 src/squark-auth-snmp.c | 46 +++++++++++++++++++++++++++++++++++-----------
 1 file changed, 35 insertions(+), 11 deletions(-)

diff --git a/src/squark-auth-snmp.c b/src/squark-auth-snmp.c
index d9631a0..3681ea5 100644
--- a/src/squark-auth-snmp.c
+++ b/src/squark-auth-snmp.c
@@ -61,9 +61,9 @@
 #define FORMAT_PORT_WEBAUTH		0x80 /* %w */
 
 /* Some info about the switch which we need */
-#define SWITCHF_NO_LLDP_MIB		0x01
-#define SWITCHF_NO_Q_BRIDGE_MIB		0x02
-#define SWITCHF_BRIDGE_MIB_HAS_VLAN	0x04
+#define SWITCHF_NO_LLDP_MIB			0x01
+#define SWITCHF_QBRIDGE_MIB_HAS_VLAN_NUMBER	0x02
+#define SWITCHF_BRIDGE_MIB_HAS_VLAN		0x04
 
 /* IANA-AddressFamilyNumbers */
 #define IANA_AFN_OTHER			0
@@ -87,8 +87,8 @@ static const oid IP_MIB_ipNetToPhysicalPhysAddress[] =
 	{ SNMP_OID_MIB2, 4, 35, 1, 4 };
 static const oid BRIDGE_MIB_dot1dTpFdbPort[] =
 	{ SNMP_OID_MIB2, 17, 4, 3, 1, 2 };
-static const oid Q_BRIDGE_MIB_dot1qVlanVersionNumber_0[] =
-	{ SNMP_OID_MIB2, 17, 7, 1, 1, 1, 0 };
+static const oid Q_BRIDGE_MIB_dot1qVlanCurrentEntry_FdbId[] =
+	{ SNMP_OID_MIB2, 17, 7, 1, 4, 2, 1, 3, 0 };
 static const oid Q_BRIDGE_MIB_dot1qTpFdbPort[] =
 	{ SNMP_OID_MIB2, 17, 7, 1, 2, 2, 1, 2 };
 static const oid LLDP_lldpLocSysName[] =
@@ -260,6 +260,7 @@ struct switch_info {
 	struct cache_control		cache_control;
 	int				flags;
 	int				info_available;
+	int				q_vlan_fdb_id;
 	char *				system_name;
 	char *				system_location;
 	char *				system_version;
@@ -631,6 +632,17 @@ static void cache_talk_snmp(struct cache_control *cc, netsnmp_session *s, netsnm
 	}
 }
 
+static int var_parse_int(netsnmp_variable_list **varptr, int default_value)
+{
+	netsnmp_variable_list *var = *varptr;
+	if (var == NULL)
+		return default_value;
+	*varptr = var->next_variable;
+	if (var->type != ASN_INTEGER && var->type != ASN_GAUGE)
+		return default_value;
+	return *var->val.integer;
+}
+
 static blob_t var_parse_type(netsnmp_variable_list **varptr, int asn_tag)
 {
 	netsnmp_variable_list *var = *varptr;
@@ -903,7 +915,7 @@ static void auth_query_fib(struct auth_context *auth)
 	auth->info_available |= si->info_available;
 
 	pdu = snmp_pdu_create(SNMP_MSG_GET);
-	if (si->flags & SWITCHF_NO_Q_BRIDGE_MIB) {
+	if (si->q_vlan_fdb_id < 0) {
 		/* BRIDGE-MIB::dot1dTpFdbPort.<MAC> = INTEGER: port */
 		query = BLOB_OID(query_oids);
 		blob_push(&query, BLOB_OID(BRIDGE_MIB_dot1dTpFdbPort));
@@ -916,7 +928,10 @@ static void auth_query_fib(struct auth_context *auth)
 		/* Q-BRIDGE-MIB::dot1qTpFdbPort.<VLAN>.<MAC> = INTEGER: port */
 		query = BLOB_OID(query_oids);
 		blob_push(&query, BLOB_OID(Q_BRIDGE_MIB_dot1qTpFdbPort));
-		blob_push_oid(&query, l2_vlan_ndx);
+		if (si->flags & SWITCHF_QBRIDGE_MIB_HAS_VLAN_NUMBER)
+			blob_push_oid(&query, l2_vlan_ndx);
+		else
+			blob_push_oid(&query, si->q_vlan_fdb_id);
 		blob_push_oid_dump(&query, BLOB_BUF(auth->mac));
 		query = blob_pushed(BLOB_OID(query_oids), query);
 		snmp_add_null_var(pdu, oid_blob(query));
@@ -924,7 +939,7 @@ static void auth_query_fib(struct auth_context *auth)
 	snprintf(auth->status_msg, sizeof(auth->status_msg)-1,
 		 "%s: probe FIB (%sBRIDGE-MIB)",
 		 si->session->peername,
-		 (si->flags & SWITCHF_NO_Q_BRIDGE_MIB) ? "" : "Q-");
+		 si->q_vlan_fdb_id>=0 ? "Q-" : "");
 	dbg_printf("%s\n", auth->status_msg);
 	auth_talk_snmp(auth, si->session, pdu, auth_handle_fib_reply);
 }
@@ -946,8 +961,8 @@ static int auth_handle_switch_info_reply(int oper, netsnmp_session *s, int reqid
 	si->system_version	= blob_cstr_dup(var_parse_type(&var, ASN_OCTET_STR));
 	if (blob_is_null(var_parse_type(&var, ASN_OCTET_STR)))
 		si->flags |= SWITCHF_NO_LLDP_MIB;
-	if (blob_is_null(var_parse_type(&var, ASN_INTEGER)))
-		si->flags |= SWITCHF_NO_Q_BRIDGE_MIB;
+	si->q_vlan_fdb_id = var_parse_int(&var, -1);
+
 	if (si->system_name)
 		si->info_available |= FORMAT_SWITCH_NAME;
 	if (si->system_location)
@@ -964,6 +979,7 @@ static int auth_handle_switch_info_reply(int oper, netsnmp_session *s, int reqid
 			    si->system_version[1] == '.' &&
 			    si->system_version[2] <= '1')
 			    si->flags |= SWITCHF_BRIDGE_MIB_HAS_VLAN;
+			si->flags |= SWITCHF_QBRIDGE_MIB_HAS_VLAN_NUMBER;
 			break;
 		}
 	}
@@ -974,6 +990,8 @@ static int auth_handle_switch_info_reply(int oper, netsnmp_session *s, int reqid
 static void auth_query_switch_info(struct auth_context *auth)
 {
 	struct switch_info *si = auth->current_switch;
+	oid query_oids[MAX_OID_LEN];
+	blob_t query;
 	netsnmp_pdu *pdu;
 
 	auth->info_available &=
@@ -997,7 +1015,13 @@ static void auth_query_switch_info(struct auth_context *auth)
 	snmp_add_null_var(pdu, oid_const(SNMPv2_MIB_sysObjectID));
 	snmp_add_null_var(pdu, oid_const(SEMI_MIB_hpHttpMgVersion));
 	snmp_add_null_var(pdu, oid_const(LLDP_lldpLocSysName));
-	snmp_add_null_var(pdu, oid_const(Q_BRIDGE_MIB_dot1qVlanVersionNumber_0));
+
+	query = BLOB_OID(query_oids);
+	blob_push(&query, BLOB_OID(Q_BRIDGE_MIB_dot1qVlanCurrentEntry_FdbId));
+	blob_push_oid(&query, l2_vlan_ndx);
+	query = blob_pushed(BLOB_OID(query_oids), query);
+	snmp_add_null_var(pdu, oid_blob(query));
+
 	cache_talk_snmp(&si->cache_control, si->session, pdu, auth_handle_switch_info_reply, auth);
 }
 
-- 
cgit v1.2.3