Merge pull request #27 from jwillikers/feature/authentication-enhancements-doc

RincewindsHat · web-flow · commit a708e554d07e · 2024-01-15T08:18:10.000+01:00
Add additional SHA authentication algorithms
diff --git a/README.md b/README.md
@@ -59,7 +59,7 @@ make install
      -s|--speed         override speed detection with this value (bits per sec)
      -x|--trim          cut this number of characters from the start of interface descriptions
                             Useful for nortel switches
-     -j|--auth-proto    SNMPv3 Auth Protocol (SHA|MD5)
+     -j|--auth-proto    SNMPv3 Auth Protocol (SHA|SHA-224|SHA-256|SHA-384|SHA-512|MD5)
      -J|--auth-phrase   SNMPv3 Auth Phrase
      -k|--priv-proto    SNMPv3 Privacy Protocol (AES|DES) (optional)
      -K|--priv-phrase   SNMPv3 Privacy Phrase
diff --git a/check_interfaces.c b/check_interfaces.c
@@ -1477,7 +1477,7 @@ int usage(char *progname) {
 		printf("%s%s", i ? "," : "", modes[i]);
 	}
 	printf(")\n");
-	printf(" -j|--auth-proto\tSNMPv3 Auth Protocol (SHA|MD5)\n");
+	printf(" -j|--auth-proto\tSNMPv3 Auth Protocol (SHA|SHA-224|SHA-256|SHA-384|SHA-512|MD5)\n");
 	printf(" -J|--auth-phrase\tSNMPv3 Auth Phrase\n");
 #ifdef usmDESPrivProtocol
 	printf(
diff --git a/snmp_bulkget.c b/snmp_bulkget.c
@@ -48,14 +48,16 @@
  *
  */
 
+#include <net-snmp/net-snmp-config.h>
+
 /* asprintf and getopt_long */
 #ifndef _GNU_SOURCE
 #define _GNU_SOURCE
+#include <net-snmp/library/transform_oids.h>
 #endif
 #include <stdio.h>
 
 #include <limits.h>
-#include <net-snmp/net-snmp-config.h>
 #include <stdarg.h>
 #include <string.h>
 #include <unistd.h>
@@ -227,6 +229,22 @@ netsnmp_session *start_session_v3(netsnmp_session *session, char *user,
 			session->securityAuthProto = snmp_duplicate_objid(
 				usmHMACSHA1AuthProtocol, USM_AUTH_PROTO_SHA_LEN);
 			session->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
+		} else if (!strcmp(auth_proto, "SHA-224")) {
+			session->securityAuthProto = snmp_duplicate_objid(
+				usmHMAC128SHA224AuthProtocol, USM_AUTH_PROTO_SHA_LEN);
+			session->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
+		} else if (!strcmp(auth_proto, "SHA-256")) {
+			session->securityAuthProto = snmp_duplicate_objid(
+				usmHMAC192SHA256AuthProtocol, USM_AUTH_PROTO_SHA_LEN);
+			session->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
+		} else if (!strcmp(auth_proto, "SHA-384")) {
+			session->securityAuthProto = snmp_duplicate_objid(
+				usmHMAC256SHA384AuthProtocol, USM_AUTH_PROTO_SHA_LEN);
+			session->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
+		} else if (!strcmp(auth_proto, "SHA-512")) {
+			session->securityAuthProto = snmp_duplicate_objid(
+				usmHMAC384SHA512AuthProtocol, USM_AUTH_PROTO_SHA_LEN);
+			session->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
 		} else if (!strcmp(auth_proto, "MD5")) {
 			session->securityAuthProto = snmp_duplicate_objid(
 				usmHMACMD5AuthProtocol, USM_AUTH_PROTO_MD5_LEN);

Original file line number	Diff line number	Diff line change
`@@ -1477,7 +1477,7 @@ int usage(char *progname) {`
`1477`	`1477`	`printf("%s%s", i ? "," : "", modes[i]);`
`1478`	`1478`	`}`
`1479`	`1479`	`printf(")\n");`
`1480`		`- printf(" -j\|--auth-proto\tSNMPv3 Auth Protocol (SHA\|MD5)\n");`
	`1480`	`+ printf(" -j\|--auth-proto\tSNMPv3 Auth Protocol (SHA\|SHA-224\|SHA-256\|SHA-384\|SHA-512\|MD5)\n");`
`1481`	`1481`	`printf(" -J\|--auth-phrase\tSNMPv3 Auth Phrase\n");`
`1482`	`1482`	`#ifdef usmDESPrivProtocol`
`1483`	`1483`	`printf(`