[Git][NTPsec/ntpsec][master] 2 commits: branch change

Ian Bruene gitlab at mg.gitlab.com
Sun Oct 29 20:16:58 UTC 2017 

Ian Bruene pushed to branch master at NTPsec / ntpsec


Commits:
4e3434fc by Ian Bruene at 2017-10-29T14:36:23-05:00
branch change

- - - - -
ca83d4ec by Ian Bruene at 2017-10-29T15:15:51-05:00
Expanded error checking for SNMP

- - - - -


2 changed files:

- ntpclients/ntpsnmpd
- pylib/agentx.py


Changes:

=====================================
ntpclients/ntpsnmpd
=====================================
--- a/ntpclients/ntpsnmpd
+++ b/ntpclients/ntpsnmpd
@@ -506,8 +506,21 @@ class PacketControl:
                 self.recievedData = extraData
                 self.recievedPackets.append(pkt)
                 dolog("\npacketEater got a full packet: %s\n" % repr(pkt), 3)
-            except IndexError:
+            except ax.ParseDataLengthError:
                 return None  # this happens if we don't have all of a packet
+            except (ax.ParseVersionError, ax.ParsePDUTypeError,
+                    ax.ParseError) as e:
+                if e.header["type"] != ax.PDU_RESPONSE:
+                    # Response errors are silently dropped
+                    # Everything else sends an error response
+                    resp = ax.ResponsePDU(e.header["flags"]["bigEndian"],
+                                          e.header["session_id"],
+                                          e.header["transaction_id"],
+                                          e.header["packet_id"],
+                                          0, ax.RSPERR_PARSE_ERROR, 0)
+                    self.sendPacket(resp, False)
+                # *Hopefully* the packet length was correct.....
+                self.receivedData = e.remainingData
 
     def sendPacket(self, packet, expectsReply):
         encoded = packet.encode()


=====================================
pylib/agentx.py
=====================================
--- a/pylib/agentx.py
+++ b/pylib/agentx.py
@@ -98,12 +98,17 @@ prefixCount = len(internetPrefix)
 # ==========================================================================
 
 class ParseError(Exception):
-    def __init__(self, message, packetData="", remainingData=""):
+    def __init__(self, message, header=None, packetData="", remainingData=""):
         Exception.__init__(self)
         self.message = message
+        self.header = header
         self.packetData = packetData
         self.remainingData = remainingData
 
+class ParseDataLengthError(ParseError): pass
+class ParseVersionError(ParseError): pass
+class ParsePDUTypeError(ParseError): pass
+
 # ==========================================================================
 #
 # Packet encoders / decoders
@@ -1273,28 +1278,24 @@ def decode_context(data, header):
 
 def decode_packet(data):
     if len(data) < 20:
-        raise ParseError("Data too short for header")
+        raise ParseDataLengthError("Data too short for header")
     header, newData = slicedata(data, 20)
     header = decode_pduheader(header)
     if header["length"] > len(newData):
-        raise ParseError("Packet data too short")
+        raise ParseDataLengthError("Packet data too short", header)
     packetSlice, newData = slicedata(newData, header["length"])
     if header["version"] != 1:
-        err = ParseError("Unknown packet version %i" % header["version"])
-        err.packetData = packetSlice
-        err.remainingData = newData
-        raise err
+        raise ParseVersionError("Unknown packet version %i" % header["version"],
+                                header, packetSlice, newData)
     pktType = header["type"]
     if pktType not in definedPDUTypes.keys():
-        raise ParseError("PDU type %s not in defined types" % pktType)
+        raise ParsePDUTypeError("PDU type %s not in defined types" % pktType,
+                                header, packetSlice, newData)
     decoder = definedPDUTypes[pktType]
     try:
         parsedPkt = decoder(packetSlice, header)
     except Exception as e:
-        err = ParseError("Body parsing error")
-        err.originalError = e
-        err.packetData = packetSlice
-        err.remainingData = newData
+        err = ParseError("Body parsing error", header, packetSlice, newData)
         raise err
     return parsedPkt, newData
 
@@ -1461,3 +1462,25 @@ definedErrors = (ERR_NOERROR, ERR_GENERR, ERR_NO_ACCESS, ERR_WRONG_TYPE,
                  ERR_NO_CREATION, ERR_INCONSISTENT_VALUE,
                  ERR_RESOURCE_UNAVAILABLE, ERR_NOT_WRITABLE,
                  ERR_INCONSISTENT_NAME)
+
+RSPERR_NO_AGENTX = 0
+RSPERR_OPEN_FAILED = 265
+RSPERR_NOT_OPEN = 257
+RSPERR_INDEX_WRONG_TYPE = 258
+RSPERR_INDEX_ALREADY_ALLOCATED = 259
+RSPERR_INDEX_NONE_AVAILABLE = 260
+RSPERR_INDEX_NOT_ALLOCATED = 261
+RSPERR_UNSUPPORTED_CONTEXT = 262
+RSPERR_DUPLICATE_REGISTRATION = 263
+RSPERR_UNKNOWN_REGISTRATION = 264
+RSPERR_UNKNOWN_AGENT_CAPS = 265
+RSPERR_PARSE_ERROR = 266
+RSPERR_REQUEST_DENIED = 267
+RSPERR_PROCESSING_ERROR = 268
+responseErrors = (RSPERR_NO_AGENTX, RSPERR_OPEN_FAILED, RSPERR_NOT_OPEN,
+                  RSPERR_INDEX_WRONG_TYPE, RSPERR_INDEX_ALREADY_ALLOCATED,
+                  RSPERR_INDEX_NONE_AVAILABLE, RSPERR_INDEX_NOT_ALLOCATED,
+                  RSPERR_UNSUPPORTED_CONTEXT, RSPERR_DUPLICATE_REGISTRATION,
+                  RSPERR_UNKNOWN_REGISTRATION, RSPERR_UNKNOWN_AGENT_CAPS,
+                  RSPERR_PARSE_ERROR, RSPERR_REQUEST_DENIED,
+                  RSPERR_PROCESSING_ERROR)



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/8820e1750d5f3b06ec504c219331da93cd5c83db...ca83d4ecde8e47a178bc9713ce01ec48cbcaa4f5

---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/compare/8820e1750d5f3b06ec504c219331da93cd5c83db...ca83d4ecde8e47a178bc9713ce01ec48cbcaa4f5
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20171029/b18884a4/attachment.html>

More information about the vc mailing list