--- snmpusm.c 2006-11-01 10:15:31.260215824 -0300 +++ snmpusm.c.orig 2006-11-01 10:10:45.613640704 -0300 @@ -125,8 +125,6 @@ int doauthkey = 0, doprivkey = 0, uselocalizedkey = 0; size_t usmUserEngineIDLen = 0; u_char *usmUserEngineID = NULL; -int clonePass = 0; - void @@ -148,8 +146,6 @@ fprintf(stderr, " [-CE ENGINE-ID] (-Ca|-Cx) -Ck passwd OLD-KEY-OR-PASSPHRASE NEW-KEY-OR-PASSPHRASE [USER]\n"); fprintf(stderr, "\t\t-CE ENGINE-ID\tSet usmUserEngineID (e.g. 800000020109840301).\n"); - fprintf(stderr, "\t\t-Ce ENGINE-ID\tSet usmUserEngineID (used only when changing the passphrase \n"); - fprintf(stderr, "\t\t\t\tafter cloning a user with a different engineID than the template).\n"); fprintf(stderr, "\t\t-Cx\t\tChange the privacy key.\n"); fprintf(stderr, "\t\t-Ca\t\tChange the authentication key.\n"); fprintf(stderr, "\t\t-Ck\t\tAllows to use localized key (must start with 0x)\n"); @@ -269,9 +265,6 @@ uselocalizedkey = 1; break; - case 'e': - clonePass = 1; - case 'E': { size_t ebuf_len = 32; /* XXX: MAX_ENGINEID_LENGTH */ u_char *ebuf; @@ -280,13 +273,13 @@ ebuf = (u_char *)malloc(ebuf_len); if (ebuf == NULL) { fprintf(stderr, - "malloc failure processing -CE or -Ce option.\n"); + "malloc failure processing -CE option.\n"); exit(1); } if (!snmp_hex_to_binary(&ebuf, &ebuf_len, &usmUserEngineIDLen, 1, argv[optind])) { fprintf(stderr, - "Bad usmUserEngineID value after -CE or -Ce option.\n"); + "Bad usmUserEngineID value after -CE option.\n"); free(ebuf); exit(1); } @@ -297,14 +290,14 @@ } } else { - fprintf(stderr, "Bad -CE or -Ce option: no argument given\n"); + fprintf(stderr, "Bad -CE option: no argument given\n"); exit(1); } optind++; break; } - default: + default: fprintf(stderr, "Unknown flag passed to -C: %c\n", optarg[-1]); exit(1); @@ -438,9 +431,7 @@ * Change the user supplied on command line. */ if ((passwd_user != NULL) && (strlen(passwd_user) > 0)) { - if(NULL != session.securityName) /*it was already allocated by snmp_parse_args */ - free(session.securityName); - session.securityName = strdup(passwd_user); + session.securityName = passwd_user; } else { /* * Use own key object if no user was supplied. @@ -519,51 +510,35 @@ SNMP_FREE(buf); } else { - /* - * the old Ku is in the session, but we need the new one - */ - rval = generate_Ku(session.securityAuthProto, - session.securityAuthProtoLen, - (u_char *) oldpass, strlen(oldpass), - oldKu, &oldKu_len); - - if (rval != SNMPERR_SUCCESS) { - snmp_perror(argv[0]); - fprintf(stderr, "generating the new Ku failed\n"); - exit(1); - } - - /* - * generate the two Kul's - */ - if(!clonePass) - { - rval = generate_kul(session.securityAuthProto, - session.securityAuthProtoLen, - usmUserEngineID, usmUserEngineIDLen, - oldKu, oldKu_len, oldkul, &oldkul_len); + /* + * the old Ku is in the session, but we need the new one + */ + rval = generate_Ku(session.securityAuthProto, + session.securityAuthProtoLen, + (u_char *) oldpass, strlen(oldpass), + oldKu, &oldKu_len); - if (rval != SNMPERR_SUCCESS) { - snmp_perror(argv[0]); - fprintf(stderr, "generating the old Kul failed\n"); - exit(1); - } - } - else - { - rval = generate_kul(session.securityAuthProto, - session.securityAuthProtoLen, - ss->contextEngineID, ss->contextEngineIDLen, - oldKu, oldKu_len, oldkul, &oldkul_len); + if (rval != SNMPERR_SUCCESS) { + snmp_perror(argv[0]); + fprintf(stderr, "generating the new Ku failed\n"); + exit(1); + } + + /* + * generate the two Kul's + */ + rval = generate_kul(session.securityAuthProto, + session.securityAuthProtoLen, + usmUserEngineID, usmUserEngineIDLen, + oldKu, oldKu_len, oldkul, &oldkul_len); - if (rval != SNMPERR_SUCCESS) { - snmp_perror(argv[0]); - fprintf(stderr, "generating the old Kul failed\n"); - exit(1); - } - } + if (rval != SNMPERR_SUCCESS) { + snmp_perror(argv[0]); + fprintf(stderr, "generating the old Kul failed\n"); + exit(1); } - if (uselocalizedkey && (strncmp(newpass, "0x", 2) == 0)) { + } + if (uselocalizedkey && (strncmp(newpass, "0x", 2) == 0)) { /* * use the localized key from the command line */ @@ -658,14 +633,14 @@ /* * add the keychange string to the outgoing packet */ - if (doauthkey && NULL != session.securityName) { + if (doauthkey) { setup_oid(authKeyChange, &name_length, usmUserEngineID, usmUserEngineIDLen, session.securityName); snmp_pdu_add_variable(pdu, authKeyChange, name_length, ASN_OCTET_STR, keychange, keychange_len); } - if (doprivkey && NULL != session.securityName) { + if (doprivkey) { setup_oid(privKeyChange, &name_length2, usmUserEngineID, usmUserEngineIDLen, session.securityName); @@ -704,11 +679,9 @@ setup_oid(usmUserCloneFrom, &name_length, usmUserEngineID, usmUserEngineIDLen, argv[arg - 1]); - setup_oid(usmUserSecurityName, &name_length2, - ss->contextEngineID, ss->contextEngineIDLen, /* Using the discovered engineID */ + usmUserEngineID, usmUserEngineIDLen, argv[arg]); - snmp_pdu_add_variable(pdu, usmUserCloneFrom, name_length, ASN_OBJECT_ID, (u_char *) usmUserSecurityName, @@ -841,9 +814,7 @@ * Change the user supplied on command line. */ if ((passwd_user != NULL) && (strlen(passwd_user) > 0)) { - if(NULL != session.securityName) /*it was already allocated by snmp_parse_args */ - free(session.securityName); - session.securityName = strdup(passwd_user); + session.securityName = passwd_user; } else { /* * Use own key object if no user was supplied. @@ -856,8 +827,6 @@ * do we have a securityName? If not, copy the default */ if (session.securityName == NULL) { - if(NULL != session.securityName) /*it was already allocated by snmp_parse_args */ - free(session.securityName); session.securityName = strdup(netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_SECNAME)); @@ -986,6 +955,5 @@ snmp_free_pdu(response); snmp_close(ss); SOCK_CLEANUP; - free(session.securityName); return exitval; }