Current release: 5.4.1

skip to page content

About
Download
Tutorials
Documentation
Wiki
Support
Development

·	Projects
·	Release Schedule
·	Helping Out
·	SVN
·	Release Policy
·	API

Related Info/SW

Archive Search: Users Coders Announce Bugs Patches SVN (named "CVS")

Require all words?

Site Search:

snmp_agent.c

/*
 * snmp_agent.c
 *
 * Simple Network Management Protocol (RFC 1067).
 */
/* Portions of this file are subject to the following copyright(s).  See
 * the Net-SNMP's COPYING file for more details and other copyrights
 * that may apply:
 */
/* Portions of this file are subject to the following copyrights.  See
 * the Net-SNMP's COPYING file for more details and other copyrights
 * that may apply:
 */
/***********************************************************
        Copyright 1988, 1989 by Carnegie Mellon University

                      All Rights Reserved

Permission to use, copy, modify, and distribute this software and its 
documentation for any purpose and without fee is hereby granted, 
provided that the above copyright notice appear in all copies and that
both that copyright notice and this permission notice appear in 
supporting documentation, and that the name of CMU not be
used in advertising or publicity pertaining to distribution of the
software without specific, written prior permission.  

CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
SOFTWARE.
******************************************************************/
/*
 * Portions of this file are copyrighted by:
 * Copyright © 2003 Sun Microsystems, Inc. All rights 
 * reserved.  Use is subject to license terms specified in the 
 * COPYING file distributed with the Net-SNMP package.
 */
#include <net-snmp/net-snmp-config.h>

#include <sys/types.h>
#ifdef HAVE_LIMITS_H
#include <limits.h>
#endif
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_STRING_H
#include <string.h>
#endif
#if TIME_WITH_SYS_TIME
# ifdef WIN32
#  include <sys/timeb.h>
# else
#  include <sys/time.h>
# endif
# include <time.h>
#else
# if HAVE_SYS_TIME_H
#  include <sys/time.h>
# else
#  include <time.h>
# endif
#endif
#if HAVE_SYS_SELECT_H
#include <sys/select.h>
#endif
#if HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#include <errno.h>
#if HAVE_WINSOCK_H
#include <winsock.h>
#endif

#define SNMP_NEED_REQUEST_LIST
#include <net-snmp/net-snmp-includes.h>
#include <net-snmp/agent/net-snmp-agent-includes.h>
#include <net-snmp/library/snmp_assert.h>

#if HAVE_SYSLOG_H
#include <syslog.h>
#endif

#ifdef USE_LIBWRAP
#include <tcpd.h>
int             allow_severity = LOG_INFO;
int             deny_severity = LOG_WARNING;
#endif

#include "snmpd.h"
#include "mibgroup/struct.h"
#include "mibgroup/util_funcs.h"
#include <net-snmp/agent/mib_module_config.h>
#include <net-snmp/agent/mib_modules.h>

#ifdef USING_AGENTX_PROTOCOL_MODULE
#include "agentx/protocol.h"
#endif

#ifdef USING_AGENTX_MASTER_MODULE
#include "agentx/master.h"
#endif

#ifdef USING_SMUX_MODULE
#include "smux/smux.h"
#endif

oid      version_sysoid[] = { SYSTEM_MIB };
int      version_sysoid_len = OID_LENGTH(version_sysoid);

#define SNMP_ADDRCACHE_SIZE 10
#define SNMP_ADDRCACHE_MAXAGE 300 /* in seconds */

enum {
    SNMP_ADDRCACHE_UNUSED = 0,
    SNMP_ADDRCACHE_USED = 1
};

struct addrCache {
    char           *addr;
    int            status;
    struct timeval lastHit;
};

static struct addrCache addrCache[SNMP_ADDRCACHE_SIZE];
int             log_addresses = 0;



typedef struct _agent_nsap {
    int             handle;
    netsnmp_transport *t;
    void           *s;          /*  Opaque internal session pointer.  */
    struct _agent_nsap *next;
} agent_nsap;

static agent_nsap *agent_nsap_list = NULL;
static netsnmp_agent_session *agent_session_list = NULL;
static netsnmp_agent_session *netsnmp_processing_set = NULL;
netsnmp_agent_session *agent_delegated_list = NULL;
netsnmp_agent_session *netsnmp_agent_queued_list = NULL;


int             netsnmp_agent_check_packet(netsnmp_session *,
                                           struct netsnmp_transport_s *,
                                           void *, int);
int             netsnmp_agent_check_parse(netsnmp_session *, netsnmp_pdu *,
                                          int);
void            delete_subnetsnmp_tree_cache(netsnmp_agent_session *asp);
int             handle_pdu(netsnmp_agent_session *asp);
int             netsnmp_handle_request(netsnmp_agent_session *asp,
                                       int status);
int             netsnmp_wrap_up_request(netsnmp_agent_session *asp,
                                        int status);
int             check_delayed_request(netsnmp_agent_session *asp);
int             handle_getnext_loop(netsnmp_agent_session *asp);
int             handle_set_loop(netsnmp_agent_session *asp);

int             netsnmp_check_queued_chain_for(netsnmp_agent_session *asp);
int             netsnmp_add_queued(netsnmp_agent_session *asp);
int             netsnmp_remove_from_delegated(netsnmp_agent_session *asp);


static int      current_globalid = 0;

int      netsnmp_running = 1;

int
netsnmp_allocate_globalcacheid(void)
{
    return ++current_globalid;
}

int
netsnmp_get_local_cachid(netsnmp_cachemap *cache_store, int globalid)
{
    while (cache_store != NULL) {
        if (cache_store->globalid == globalid)
            return cache_store->cacheid;
        cache_store = cache_store->next;
    }
    return -1;
}

netsnmp_cachemap *
netsnmp_get_or_add_local_cachid(netsnmp_cachemap **cache_store,
                                int globalid, int localid)
{
    netsnmp_cachemap *tmpp;

    tmpp = SNMP_MALLOC_TYPEDEF(netsnmp_cachemap);
    if (*cache_store) {
        tmpp->next = *cache_store;
        *cache_store = tmpp;
    } else {
        *cache_store = tmpp;
    }

    tmpp->globalid = globalid;
    tmpp->cacheid = localid;
    return tmpp;
}

void
netsnmp_free_cachemap(netsnmp_cachemap *cache_store)
{
    netsnmp_cachemap *tmpp;
    while (cache_store) {
        tmpp = cache_store;
        cache_store = cache_store->next;
        SNMP_FREE(tmpp);
    }
}


typedef struct agent_set_cache_s {
    /*
     * match on these 2 
     */
    int             transID;
    netsnmp_session *sess;

    /*
     * store this info 
     */
    netsnmp_tree_cache *treecache;
    int             treecache_len;
    int             treecache_num;

    int             vbcount;
    netsnmp_request_info *requests;
    netsnmp_variable_list *saved_vars;
    netsnmp_data_list *agent_data;

    /*
     * list 
     */
    struct agent_set_cache_s *next;
} agent_set_cache;

static agent_set_cache *Sets = NULL;

agent_set_cache *
save_set_cache(netsnmp_agent_session *asp)
{
    agent_set_cache *ptr;

    if (!asp || !asp->reqinfo || !asp->pdu)
        return NULL;

    ptr = SNMP_MALLOC_TYPEDEF(agent_set_cache);
    if (ptr == NULL)
        return NULL;

    /*
     * Save the important information 
     */
    DEBUGMSGTL(("verbose:asp", "asp %p reqinfo %p saved in cache (mode %d)\n",
                asp, asp->reqinfo, asp->pdu->command));
    ptr->transID = asp->pdu->transid;
    ptr->sess = asp->session;
    ptr->treecache = asp->treecache;
    ptr->treecache_len = asp->treecache_len;
    ptr->treecache_num = asp->treecache_num;
    ptr->agent_data = asp->reqinfo->agent_data;
    ptr->requests = asp->requests;
    ptr->saved_vars = asp->pdu->variables; /* requests contains pointers to variables */
    ptr->vbcount = asp->vbcount;

    /*
     * make the agent forget about what we've saved 
     */
    asp->treecache = NULL;
    asp->reqinfo->agent_data = NULL;
    asp->pdu->variables = NULL;
    asp->requests = NULL;

    ptr->next = Sets;
    Sets = ptr;

    return ptr;
}

int
get_set_cache(netsnmp_agent_session *asp)
{
    agent_set_cache *ptr, *prev = NULL;

    for (ptr = Sets; ptr != NULL; ptr = ptr->next) {
        if (ptr->sess == asp->session && ptr->transID == asp->pdu->transid) {
            /*
             * remove this item from list
             */
            if (prev)
                prev->next = ptr->next;
            else
                Sets = ptr->next;

            /*
             * found it.  Get the needed data 
             */
            asp->treecache = ptr->treecache;
            asp->treecache_len = ptr->treecache_len;
            asp->treecache_num = ptr->treecache_num;

            /*
             * Free previously allocated requests before overwriting by
             * cached ones, otherwise memory leaks!
             */
            if (asp->requests) {
                /*
                 * I don't think this case should ever happen. Please email
                 * the net-snmp-coders@lists.sourceforge.net if you have
                 * a test case that hits this assert. -- rstory
                 */
                int i;
                netsnmp_assert(NULL == asp->requests); /* see note above */
                for (i = 0; i < asp->vbcount; i++) {
                    netsnmp_free_request_data_sets(&asp->requests[i]);
                }
                free(asp->requests);
            }
            /*
             * If we replace asp->requests with the info from the set cache,
             * we should replace asp->pdu->variables also with the cached
             * info, as asp->requests contains pointers to them.  And we
             * should also free the current asp->pdu->variables list...
             */
            if (ptr->saved_vars) {
                if (asp->pdu->variables)
                    snmp_free_varbind(asp->pdu->variables);
                asp->pdu->variables = ptr->saved_vars;
                asp->vbcount = ptr->vbcount;
            } else {
                /*
                 * when would we not have saved variables? someone
                 * let me know if they hit this assert. -- rstory
                 */
                netsnmp_assert(NULL != ptr->saved_vars);
            }
            asp->requests = ptr->requests;

            netsnmp_assert(NULL != asp->reqinfo);
            asp->reqinfo->asp = asp;
            asp->reqinfo->agent_data = ptr->agent_data;
            
            /*
             * update request reqinfo, if it's out of date.
             * yyy-rks: investigate when/why sometimes they match,
             * sometimes they don't.
             */
            if(asp->requests->agent_req_info != asp->reqinfo) {
                /*
                 * - one don't match case: agentx subagents. prev asp & reqinfo
                 *   freed, request reqinfo ptrs not cleared.
                 */
                netsnmp_request_info *tmp = asp->requests;
                DEBUGMSGTL(("verbose:asp",
                            "  reqinfo %p doesn't match cached reqinfo %p\n",
                            asp->reqinfo, asp->requests->agent_req_info));
                for(; tmp; tmp = tmp->next)
                    tmp->agent_req_info = asp->reqinfo;
            } else {
                /*
                 * - match case: ?
                 */
                DEBUGMSGTL(("verbose:asp",
                            "  reqinfo %p matches cached reqinfo %p\n",
                            asp->reqinfo, asp->requests->agent_req_info));
            }

            SNMP_FREE(ptr);
            return SNMP_ERR_NOERROR;
        }
        prev = ptr;
    }
    return SNMP_ERR_GENERR;
}

/* Bulkcache holds the values for the *repeating* varbinds (only),
 *   but ordered "by column" - i.e. the repetitions for each
 *   repeating varbind follow on immediately from one another,
 *   rather than being interleaved, as required by the protocol.
 *
 * So we need to rearrange the varbind list so it's ordered "by row".
 *
 * In the following code chunk:
 *     n            = # non-repeating varbinds
 *     r            = # repeating varbinds
 *     asp->vbcount = # varbinds in the incoming PDU
 *         (So asp->vbcount = n+r)
 *
 *     repeats = Desired # of repetitions (of 'r' varbinds)
 */
NETSNMP_STATIC_INLINE void
_reorder_getbulk(netsnmp_agent_session *asp)
{
    int             i, n = 0, r = 0;
    int             repeats = asp->pdu->errindex;
    int             j;
    int             all_eoMib;
    netsnmp_variable_list *prev = NULL;
            
    if (asp->vbcount == 0)  /* Nothing to do! */
        return;

    if (asp->pdu->errstat < asp->vbcount) {
        n = asp->pdu->errstat;
    } else {
        n = asp->vbcount;
    }
    if ((r = asp->vbcount - n) < 0) {
        r = 0;
    }

    /* we do nothing if there is nothing repeated */
    if (r == 0)
        return;
            
    /*
     * For each of the original repeating varbinds (except the last),
     *  go through the block of results for that varbind,
     *  and link each instance to the corresponding instance
     *  in the next block.
     */
    for (i = 0; i < r - 1; i++) {
        prev = NULL;
        for (j = 0; j < repeats; j++) {
            /*
             *  If we don't have a valid name for a given repetition
             *   (and probably for all the ones that follow as well),
             *   extend the previous result to indicate 'endOfMibView'
             */
            if (asp->bulkcache[i * repeats + j]->name_length == 0
                && prev) {
                snmp_set_var_objid(
                    asp->bulkcache[i * repeats + j],
                    prev->name, prev->name_length);
                snmp_set_var_typed_value(
                    asp->bulkcache[i * repeats + j],
                    SNMP_ENDOFMIBVIEW, NULL, 0);
            }
            prev = asp->bulkcache[i * repeats + j];

            asp->bulkcache[i * repeats + j]->next_variable =
                asp->bulkcache[(i + 1) * repeats + j];
        }
    }
    /*
     * For the last of the original repeating varbinds,
     *  go through that block of results, and link each
     *  instance to the *next* instance in the *first* block.
     *
     * The very last instance of this block is left untouched
     *  since it (correctly) points to the end of the list.
     */
    if (r > 0) {
        prev = NULL;
        for (j = 0; j < repeats - 1; j++) {
            /*
             *  Fill in missing names with 'endOfMibView' as above...
             */
            if (asp->bulkcache[(r - 1) * repeats + j]->name_length == 0
                && prev) {
                snmp_set_var_objid(
                    asp->bulkcache[(r - 1) * repeats + j],
                    prev->name, prev->name_length);
                snmp_set_var_typed_value(
                    asp->bulkcache[(r - 1) * repeats + j],
                    SNMP_ENDOFMIBVIEW, NULL, 0);
            }
            prev = asp->bulkcache[(r - 1) * repeats + j];
            asp->bulkcache[(r - 1) * repeats + j]->next_variable =
                asp->bulkcache[j + 1];
        }
        /*
         *  ... Not forgetting the very last entry
         */
        if (asp->bulkcache[r * repeats - 1]->name_length == 0
            && prev) {
            snmp_set_var_objid(
                asp->bulkcache[r * repeats - 1],
                prev->name, prev->name_length);
            snmp_set_var_typed_value(
                asp->bulkcache[r * repeats - 1],
                SNMP_ENDOFMIBVIEW, NULL, 0);
        }
    }

    /*
     * If we've got a full row of endOfMibViews, then we
     *  can truncate the result varbind list after that.
     *
     * Look for endOfMibView exception values in the list of
     *  repetitions for the first varbind, and check the 
     *  corresponding instances for the other varbinds
     *  (following the next_variable links).
     *
     * If they're all endOfMibView too, then we can terminate
     *  the linked list there, and free any redundant varbinds.
     */
    all_eoMib = 0;
    for (i = 0; i < repeats; i++) {
        if (asp->bulkcache[i]->type == SNMP_ENDOFMIBVIEW) {
            all_eoMib = 1;
            for (j = 1, prev=asp->bulkcache[i];
                 j < r;
                 j++, prev=prev->next_variable) {
                if (prev->type != SNMP_ENDOFMIBVIEW) {
                    all_eoMib = 0;
                    break;      /* Found a real value */
                }
            }
            if (all_eoMib) {
                /*
                 * This is indeed a full endOfMibView row.
                 * Terminate the list here & free the rest.
                 */
                snmp_free_varbind( prev->next_variable );
                prev->next_variable = NULL;
                break;
            }
        }
    }
}


int
getNextSessID()
{
    static int      SessionID = 0;

    return ++SessionID;
}

int
agent_check_and_process(int block)
{
    int             numfds;
    fd_set          fdset;
    struct timeval  timeout = { LONG_MAX, 0 }, *tvp = &timeout;
    int             count;
    int             fakeblock = 0;

    numfds = 0;
    FD_ZERO(&fdset);
    snmp_select_info(&numfds, &fdset, tvp, &fakeblock);
    if (block != 0 && fakeblock != 0) {
        /*
         * There are no alarms registered, and the caller asked for blocking, so
         * let select() block forever.  
         */

        tvp = NULL;
    } else if (block != 0 && fakeblock == 0) {
        /*
         * The caller asked for blocking, but there is an alarm due sooner than
         * LONG_MAX seconds from now, so use the modified timeout returned by
         * snmp_select_info as the timeout for select().  
         */

    } else if (block == 0) {
        /*
         * The caller does not want us to block at all.  
         */

        tvp->tv_sec = 0;
        tvp->tv_usec = 0;
    }

    count = select(numfds, &fdset, 0, 0, tvp);

    if (count > 0) {
        /*
         * packets found, process them 
         */
        snmp_read(&fdset);
    } else
        switch (count) {
        case 0:
            snmp_timeout();
            break;
        case -1:
            if (errno != EINTR) {
                snmp_log_perror("select");
            }
            return -1;
        default:
            snmp_log(LOG_ERR, "select returned %d\n", count);
            return -1;
        }                       /* endif -- count>0 */

    /*
     * Run requested alarms.  
     */
    run_alarms();

    netsnmp_check_outstanding_agent_requests();

    return count;
}


/*
 * Set up the address cache.  
 */
void
netsnmp_addrcache_initialise(void)
{
    int             i = 0;

    for (i = 0; i < SNMP_ADDRCACHE_SIZE; i++) {
        addrCache[i].addr = NULL;
        addrCache[i].status = SNMP_ADDRCACHE_UNUSED;
    }
}

/*
 * Adds a new entry to the cache of addresses that
 * have recently made connections to the agent.
 * Returns 0 if the entry already exists (but updates
 * the entry with a new timestamp) and 1 if the
 * entry did not previously exist.
 *
 * Implements a simple LRU cache replacement
 * policy. Uses a linear search, which should be
 * okay, as long as SNMP_ADDRCACHE_SIZE remains
 * relatively small.
 *
 * @retval 0 : updated existing entry
 * @retval 1 : added new entry
 */
int
netsnmp_addrcache_add(const char *addr)
{
    int oldest = -1; /* Index of the oldest cache entry */
    int unused = -1; /* Index of the first free cache entry */
    int i; /* Looping variable */
    int rc = -1;
    struct timeval now; /* What time is it now? */
    struct timeval aged; /* Oldest allowable cache entry */

    /*
     * First get the current and oldest allowable timestamps
     */
    gettimeofday(&now, (struct timezone*) NULL);
    aged.tv_sec = now.tv_sec - SNMP_ADDRCACHE_MAXAGE;
    aged.tv_usec = now.tv_usec;

    /*
     * Now look for a place to put this thing
     */
    for(i = 0; i < SNMP_ADDRCACHE_SIZE; i++) {
        if (addrCache[i].status == SNMP_ADDRCACHE_UNUSED) { /* If unused */
            /*
             * remember this location, in case addr isn't in the cache
             */
            if (unused < 0)
                unused = i;
        }
        else { /* If used */
            if ((NULL != addr) && (strcmp(addrCache[i].addr, addr) == 0)) {
                /*
                 * found a match
                 */
                memcpy(&addrCache[i].lastHit, &now, sizeof(struct timeval));
                if (timercmp(&addrCache[i].lastHit, &aged, <))
                    rc = 1; /* should have expired, so is new */
                else
                    rc = 0; /* not expired, so is existing entry */
                break;
            }
            else {
                /*
                 * Used, but not this address. check if it's stale.
                 */
                if (timercmp(&addrCache[i].lastHit, &aged, <)) {
                    /*
                     * Stale, reuse
                     */
                    SNMP_FREE(addrCache[i].addr);
                    addrCache[i].status = SNMP_ADDRCACHE_UNUSED;
                    /*
                     * remember this location, in case addr isn't in the cache
                     */
                    if (unused < 0)
                        unused = i;
                }
                else {
                    /*
                     * Still fresh, but a candidate for LRU replacement
                     */
                    if (oldest < 0)
                        oldest = i;
                    else if (timercmp(&addrCache[i].lastHit,
                                      &addrCache[oldest].lastHit, <))
                        oldest = i;
                } /* fresh */
            } /* used, no match */
        } /* used */
    } /* for loop */

    if ((-1 == rc) && (NULL != addr)) {
        /*
         * We didn't find the entry in the cache
         */
        if (unused >= 0) {
            /*
             * If we have a slot free anyway, use it
             */
            addrCache[unused].addr = strdup(addr);
            addrCache[unused].status = SNMP_ADDRCACHE_USED;
            memcpy(&addrCache[unused].lastHit, &now, sizeof(struct timeval));
        }
        else { /* Otherwise, replace oldest entry */
            if (netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID,
                                       NETSNMP_DS_AGENT_VERBOSE))
                snmp_log(LOG_INFO, "Purging address from address cache: %s",
                         addrCache[oldest].addr);
            
            free(addrCache[oldest].addr);
            addrCache[oldest].addr = strdup(addr);
            memcpy(&addrCache[oldest].lastHit, &now, sizeof(struct timeval));
        }
        rc = 1;
    }
    if ((log_addresses && (1 == rc)) ||
        netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID,
                               NETSNMP_DS_AGENT_VERBOSE)) {
        snmp_log(LOG_INFO, "Received SNMP packet(s) from %s\n", addr);
     }

    return rc;
}

/*
 * Age the entries in the address cache.  
 *
 * backwards compatability; not used anywhere
 */
void
netsnmp_addrcache_age(void)
{
    (void)netsnmp_addrcache_add(NULL);
}

/*******************************************************************-o-******
 * netsnmp_agent_check_packet
 *
 * Parameters:
 *      session, transport, transport_data, transport_data_length
 *      
 * Returns:
 *      1       On success.
 *      0       On error.
 *
 * Handler for all incoming messages (a.k.a. packets) for the agent.  If using
 * the libwrap utility, log the connection and deny/allow the access. Print
 * output when appropriate, and increment the incoming counter.
 *
 */

int
netsnmp_agent_check_packet(netsnmp_session * session,
                           netsnmp_transport *transport,
                           void *transport_data, int transport_data_length)
{
    char           *addr_string = NULL;
#ifdef  USE_LIBWRAP
    char *tcpudpaddr, *name;

    name = netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID, 
                                 NETSNMP_DS_LIB_APPTYPE);
#endif

    /*
     * Log the message and/or dump the message.
     * Optionally cache the network address of the sender.
     */

    if (transport != NULL && transport->f_fmtaddr != NULL) {
        /*
         * Okay I do know how to format this address for logging.  
         */
        addr_string = transport->f_fmtaddr(transport, transport_data,
                                           transport_data_length);
        /*
         * Don't forget to free() it.  
         */
    }
#ifdef  USE_LIBWRAP
    /* Catch udp,udp6,tcp,tcp6 transports using "[" */
    tcpudpaddr = strstr(addr_string, "[");
    if ( tcpudpaddr != 0 ) {
        char sbuf[64];
        char *xp;
        strncpy(sbuf, tcpudpaddr + 1, sizeof(sbuf));
        sbuf[sizeof(sbuf)-1] = '\0';
        xp = strstr(sbuf, "]");
        if (xp)
            *xp = '\0';
 
        if (hosts_ctl(name, STRING_UNKNOWN, sbuf, STRING_UNKNOWN)) {
            snmp_log(allow_severity, "Connection from %s\n", addr_string);
        } else {
            snmp_log(deny_severity, "Connection from %s REFUSED\n",
                     addr_string);
            SNMP_FREE(addr_string);
            return 0;
        }
    } else {
        /*
         * don't log callback connections.
         * What about 'Local IPC', 'IPX' and 'AAL5 PVC'?
         */
        if (0 == strncmp(addr_string, "callback", 8))
            ;
        else if (hosts_ctl(name, STRING_UNKNOWN, STRING_UNKNOWN, STRING_UNKNOWN)){
            snmp_log(allow_severity, "Connection from <UNKNOWN> (%s)\n", addr_string);
            addr_string = strdup("<UNKNOWN>");
        } else {
            snmp_log(deny_severity, "Connection from <UNKNOWN> (%s) REFUSED\n", addr_string);
            return 0;
        }
    }
#endif                          /*USE_LIBWRAP */

    snmp_increment_statistic(STAT_SNMPINPKTS);

    if (addr_string != NULL) {
        netsnmp_addrcache_add(addr_string);
        SNMP_FREE(addr_string);
    }
    return 1;
}


int
netsnmp_agent_check_parse(netsnmp_session * session, netsnmp_pdu *pdu,
                          int result)
{
    if (result == 0) {
        if (snmp_get_do_logging() &&
            netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, 
                                   NETSNMP_DS_AGENT_VERBOSE)) {
            netsnmp_variable_list *var_ptr;

            switch (pdu->command) {
            case SNMP_MSG_GET:
                snmp_log(LOG_DEBUG, "  GET message\n");
                break;
            case SNMP_MSG_GETNEXT:
                snmp_log(LOG_DEBUG, "  GETNEXT message\n");
                break;
            case SNMP_MSG_RESPONSE:
                snmp_log(LOG_DEBUG, "  RESPONSE message\n");
                break;
            case SNMP_MSG_SET:
                snmp_log(LOG_DEBUG, "  SET message\n");
                break;
            case SNMP_MSG_TRAP:
                snmp_log(LOG_DEBUG, "  TRAP message\n");
                break;
            case SNMP_MSG_GETBULK:
                snmp_log(LOG_DEBUG, "  GETBULK message, non-rep=%ld, max_rep=%ld\n",
                         pdu->errstat, pdu->errindex);
                break;
            case SNMP_MSG_INFORM:
                snmp_log(LOG_DEBUG, "  INFORM message\n");
                break;
            case SNMP_MSG_TRAP2:
                snmp_log(LOG_DEBUG, "  TRAP2 message\n");
                break;
            case SNMP_MSG_REPORT:
                snmp_log(LOG_DEBUG, "  REPORT message\n");
                break;

            case SNMP_MSG_INTERNAL_SET_RESERVE1:
                snmp_log(LOG_DEBUG, "  INTERNAL RESERVE1 message\n");
                break;

            case SNMP_MSG_INTERNAL_SET_RESERVE2:
                snmp_log(LOG_DEBUG, "  INTERNAL RESERVE2 message\n");
                break;

            case SNMP_MSG_INTERNAL_SET_ACTION:
                snmp_log(LOG_DEBUG, "  INTERNAL ACTION message\n");
                break;

            case SNMP_MSG_INTERNAL_SET_COMMIT:
                snmp_log(LOG_DEBUG, "  INTERNAL COMMIT message\n");
                break;

            case SNMP_MSG_INTERNAL_SET_FREE:
                snmp_log(LOG_DEBUG, "  INTERNAL FREE message\n");
                break;

            case SNMP_MSG_INTERNAL_SET_UNDO:
                snmp_log(LOG_DEBUG, "  INTERNAL UNDO message\n");
                break;

            default:
                snmp_log(LOG_DEBUG, "  UNKNOWN message, type=%02X\n",
                         pdu->command);
                snmp_increment_statistic(STAT_SNMPINASNPARSEERRS);
                return 0;
            }

            for (var_ptr = pdu->variables; var_ptr != NULL;
                 var_ptr = var_ptr->next_variable) {
                size_t          c_oidlen = 256, c_outlen = 0;
                u_char         *c_oid = (u_char *) malloc(c_oidlen);

                if (c_oid) {
                    if (!sprint_realloc_objid
                        (&c_oid, &c_oidlen, &c_outlen, 1, var_ptr->name,
                         var_ptr->name_length)) {
                        snmp_log(LOG_DEBUG, "    -- %s [TRUNCATED]\n",
                                 c_oid);
                    } else {
                        snmp_log(LOG_DEBUG, "    -- %s\n", c_oid);
                    }
                    SNMP_FREE(c_oid);
                }
            }
        }
        return 1;
    }
    return 0;                   /* XXX: does it matter what the return value
                                 * is?  Yes: if we return 0, then the PDU is
                                 * dumped.  */
}


/*
 * Global access to the primary session structure for this agent.
 * for Index Allocation use initially. 
 */

/*
 * I don't understand what this is for at the moment.  AFAICS as long as it
 * gets set and points at a session, that's fine.  ???  
 */

netsnmp_session *main_session = NULL;



/*
 * Set up an agent session on the given transport.  Return a handle
 * which may later be used to de-register this transport.  A return
 * value of -1 indicates an error.  
 */

int
netsnmp_register_agent_nsap(netsnmp_transport *t)
{
    netsnmp_session *s, *sp = NULL;
    agent_nsap     *a = NULL, *n = NULL, **prevNext = &agent_nsap_list;
    int             handle = 0;
    void           *isp = NULL;

    if (t == NULL) {
        return -1;
    }

    DEBUGMSGTL(("netsnmp_register_agent_nsap", "fd %d\n", t->sock));

    n = (agent_nsap *) malloc(sizeof(agent_nsap));
    if (n == NULL) {
        return -1;
    }
    s = (netsnmp_session *) malloc(sizeof(netsnmp_session));
    if (s == NULL) {
        SNMP_FREE(n);
        return -1;
    }
    memset(s, 0, sizeof(netsnmp_session));
    snmp_sess_init(s);

    /*
     * Set up the session appropriately for an agent.  
     */

    s->version = SNMP_DEFAULT_VERSION;
    s->callback = handle_snmp_packet;
    s->authenticator = NULL;
    s->flags = netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, 
                                  NETSNMP_DS_AGENT_FLAGS);
    s->isAuthoritative = SNMP_SESS_AUTHORITATIVE;

    sp = snmp_add(s, t, netsnmp_agent_check_packet,
                  netsnmp_agent_check_parse);
    if (sp == NULL) {
        SNMP_FREE(s);
        SNMP_FREE(n);
        return -1;
    }

    isp = snmp_sess_pointer(sp);
    if (isp == NULL) {          /*  over-cautious  */
        SNMP_FREE(s);
        SNMP_FREE(n);
        return -1;
    }

    n->s = isp;
    n->t = t;

    if (main_session == NULL) {
        main_session = snmp_sess_session(isp);
    }

    for (a = agent_nsap_list; a != NULL && handle + 1 >= a->handle;
         a = a->next) {
        handle = a->handle;
        prevNext = &(a->next);
    }

    if (handle < INT_MAX) {
        n->handle = handle + 1;
        n->next = a;
        *prevNext = n;
        SNMP_FREE(s);
        return n->handle;
    } else {
        SNMP_FREE(s);
        SNMP_FREE(n);
        return -1;
    }
}

void
netsnmp_deregister_agent_nsap(int handle)
{
    agent_nsap     *a = NULL, **prevNext = &agent_nsap_list;
    int             main_session_deregistered = 0;

    DEBUGMSGTL(("netsnmp_deregister_agent_nsap", "handle %d\n", handle));

    for (a = agent_nsap_list; a != NULL && a->handle < handle; a = a->next) {
        prevNext = &(a->next);
    }

    if (a != NULL && a->handle == handle) {
        *prevNext = a->next;
        if (main_session == snmp_sess_session(a->s)) {
            main_session_deregistered = 1;
        }
        snmp_close(snmp_sess_session(a->s));
        /*
         * The above free()s the transport and session pointers.  
         */
        SNMP_FREE(a);
    }

    /*
     * If we've deregistered the session that main_session used to point to,
     * then make it point to another one, or in the last resort, make it equal
     * to NULL.  Basically this shouldn't ever happen in normal operation
     * because main_session starts off pointing at the first session added by
     * init_master_agent(), which then discards the handle.  
     */

    if (main_session_deregistered) {
        if (agent_nsap_list != NULL) {
            DEBUGMSGTL(("snmp_agent",
                        "WARNING: main_session ptr changed from %p to %p\n",
                        main_session, snmp_sess_session(agent_nsap_list->s)));
            main_session = snmp_sess_session(agent_nsap_list->s);
        } else {
            DEBUGMSGTL(("snmp_agent",
                        "WARNING: main_session ptr changed from %p to NULL\n",
                        main_session));
            main_session = NULL;
        }
    }
}



/*
 * 
 * This function has been modified to use the experimental
 * netsnmp_register_agent_nsap interface.  The major responsibility of this
 * function now is to interpret a string specified to the agent (via -p on the
 * command line, or from a configuration file) as a list of agent NSAPs on
 * which to listen for SNMP packets.  Typically, when you add a new transport
 * domain "foo", you add code here such that if the "foo" code is compiled
 * into the agent (SNMP_TRANSPORT_FOO_DOMAIN is defined), then a token of the
 * form "foo:bletch-3a0054ef%wob&wob" gets turned into the appropriate
 * transport descriptor.  netsnmp_register_agent_nsap is then called with that
 * transport descriptor and sets up a listening agent session on it.
 * 
 * Everything then works much as normal: the agent runs in an infinite loop
 * (in the snmpd.c/receive()routine), which calls snmp_read() when a request
 * is readable on any of the given transports.  This routine then traverses
 * the library 'Sessions' list to identify the relevant session and eventually
 * invokes '_sess_read'.  This then processes the incoming packet, calling the
 * pre_parse, parse, post_parse and callback routines in turn.
 * 
 * JBPN 20001117
 */

int
init_master_agent(void)
{
    netsnmp_transport *transport;
    char           *cptr;
    char            buf[SPRINT_MAX_LEN];
    char           *st;

    /* default to a default cache size */
    netsnmp_set_lookup_cache_size(-1);

    if (netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, 
                               NETSNMP_DS_AGENT_ROLE) != MASTER_AGENT) {
        DEBUGMSGTL(("snmp_agent",
                    "init_master_agent; not master agent\n"));

        netsnmp_assert("agent role !master && !sub_agent");
        
        return 0;               /*  No error if ! MASTER_AGENT  */
    }
#ifdef USING_AGENTX_MASTER_MODULE
    if (netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, 
                               NETSNMP_DS_AGENT_AGENTX_MASTER) == 1)
        real_init_master();
#endif
#ifdef USING_SMUX_MODULE
    if(should_init("smux"))
    real_init_smux();
#endif

    /*
     * Have specific agent ports been specified?  
     */
    cptr = netsnmp_ds_get_string(NETSNMP_DS_APPLICATION_ID, 
                                 NETSNMP_DS_AGENT_PORTS);

    if (cptr) {
        snprintf(buf, sizeof(buf), "%s", cptr);
        buf[ sizeof(buf)-1 ] = 0;
    } else {
        /*
         * No, so just specify the default port.  
         */
        if (netsnmp_ds_get_int(NETSNMP_DS_APPLICATION_ID, NETSNMP_DS_AGENT_FLAGS) & SNMP_FLAGS_STREAM_SOCKET) {
            sprintf(buf, "tcp:%d", SNMP_PORT);
        } else {
            sprintf(buf, "udp:%d", SNMP_PORT);
        }
    }

    DEBUGMSGTL(("snmp_agent", "final port spec: %s\n", buf));
    cptr = strtok_r(buf, ",", &st);
    while (cptr) {
        /*
         * Specification format: 
         * 
         * NONE:                      (a pseudo-transport)
         * UDP:[address:]port        (also default if no transport is specified)
         * TCP:[address:]port         (if supported)
         * Unix:pathname              (if supported)
         * AAL5PVC:itf.vpi.vci        (if supported)
         * IPX:[network]:node[/port] (if supported)
         * 
         */

        DEBUGMSGTL(("snmp_agent", "installing master agent on port %s\n",
                    cptr));

        if (!cptr || !(*cptr)) {
            snmp_log(LOG_ERR, "improper port specification\n");
            return 1;
        }

        if (strncasecmp(cptr, "none", 4) == 0) {
            DEBUGMSGTL(("snmp_agent",
                        "init_master_agent; pseudo-transport \"none\" requested\n"));
            return 0;
        }
        transport = netsnmp_tdomain_transport(cptr, 1, "udp");

        if (transport == NULL) {
            snmp_log(LOG_ERR, "Error opening specified endpoint \"%s\"\n",
                     cptr);
            return 1;
        }

        if (netsnmp_register_agent_nsap(transport) == 0) {
            snmp_log(LOG_ERR,
                     "Error registering specified transport \"%s\" as an agent NSAP\n",
                     cptr);
            return 1;
        } else {
            DEBUGMSGTL(("snmp_agent",
                        "init_master_agent; \"%s\" registered as an agent NSAP\n",
                        cptr));
        }

        /*
         * Next transport please...  
         */
        cptr = strtok_r(NULL, ",", &st);
    }

    return 0;
}

void
clear_nsap_list(void)
{
    DEBUGMSGTL(("clear_nsap_list", "clear the nsap list\n"));

    while (agent_nsap_list != NULL)
        netsnmp_deregister_agent_nsap(agent_nsap_list->handle);
}

void
shutdown_master_agent(void)
{
    clear_nsap_list();
}


netsnmp_agent_session *
init_agent_snmp_session(netsnmp_session * session, netsnmp_pdu *pdu)
{
    netsnmp_agent_session *asp = (netsnmp_agent_session *)
        calloc(1, sizeof(netsnmp_agent_session));

    if (asp == NULL) {
        return NULL;
    }

    DEBUGMSGTL(("snmp_agent","agent_sesion %08p created\n", asp));
    asp->session = session;
    asp->pdu = snmp_clone_pdu(pdu);
    asp->orig_pdu = snmp_clone_pdu(pdu);
    asp->rw = READ;
    asp->exact = TRUE;
    asp->next = NULL;
    asp->mode = RESERVE1;
    asp->status = SNMP_ERR_NOERROR;
    asp->index = 0;
    asp->oldmode = 0;
    asp->treecache_num = -1;
    asp->treecache_len = 0;
    asp->reqinfo = SNMP_MALLOC_TYPEDEF(netsnmp_agent_request_info);
    DEBUGMSGTL(("verbose:asp", "asp %p reqinfo %p created\n",
                asp, asp->reqinfo));

    return asp;
}

void
free_agent_snmp_session(netsnmp_agent_session *asp)
{
    if (!asp)
        return;

    DEBUGMSGTL(("snmp_agent","agent_session %08p released\n", asp));

    netsnmp_remove_from_delegated(asp);
    
    DEBUGMSGTL(("verbose:asp", "asp %p reqinfo %p freed\n",
                asp, asp->reqinfo));
    if (asp->orig_pdu)
        snmp_free_pdu(asp->orig_pdu);
    if (asp->pdu)
        snmp_free_pdu(asp->pdu);
    if (asp->reqinfo)
        netsnmp_free_agent_request_info(asp->reqinfo);
    if (asp->treecache) {
        SNMP_FREE(asp->treecache);
    }
    if (asp->bulkcache) {
        SNMP_FREE(asp->bulkcache);
    }
    if (asp->requests) {
        int             i;
        for (i = 0; i < asp->vbcount; i++) {
            netsnmp_free_request_data_sets(&asp->requests[i]);
        }
        SNMP_FREE(asp->requests);
    }
    if (asp->cache_store) {
        netsnmp_free_cachemap(asp->cache_store);
        asp->cache_store = NULL;
    }
    SNMP_FREE(asp);
}

int
netsnmp_check_for_delegated(netsnmp_agent_session *asp)
{
    int             i;
    netsnmp_request_info *request;

    if (NULL == asp->treecache)
        return 0;
    
    for (i = 0; i <= asp->treecache_num; i++) {
        for (request = asp->treecache[i].requests_begin; request;
             request = request->next) {
            if (request->delegated)
                return 1;
        }
    }
    return 0;
}

int
netsnmp_check_delegated_chain_for(netsnmp_agent_session *asp)
{
    netsnmp_agent_session *asptmp;
    for (asptmp = agent_delegated_list; asptmp; asptmp = asptmp->next) {
        if (asptmp == asp)
            return 1;
    }
    return 0;
}

int
netsnmp_check_for_delegated_and_add(netsnmp_agent_session *asp)
{
    if (netsnmp_check_for_delegated(asp)) {
        if (!netsnmp_check_delegated_chain_for(asp)) {
            /*
             * add to delegated request chain 
             */
            asp->next = agent_delegated_list;
            agent_delegated_list = asp;
            DEBUGMSGTL(("snmp_agent", "delegate session == %08p\n", asp));
        }
        return 1;
    }
    return 0;
}

int
netsnmp_remove_from_delegated(netsnmp_agent_session *asp)
{
    netsnmp_agent_session *curr, *prev = NULL;
    
    for (curr = agent_delegated_list; curr; prev = curr, curr = curr->next) {
        /*
         * is this us?
         */
        if (curr != asp)
            continue;
        
        /*
         * remove from queue 
         */
        if (prev != NULL)
            prev->next = asp->next;
        else
            agent_delegated_list = asp->next;

        DEBUGMSGTL(("snmp_agent", "remove delegated session == %08p\n", asp));

        return 1;
    }

    return 0;
}

/*
 * netsnmp_remove_delegated_requests_for_session
 *
 * called when a session is being closed. Check all delegated requests to
 * see if the are waiting on this session, and if set, set the status for
 * that request to GENERR.
 */
int
netsnmp_remove_delegated_requests_for_session(netsnmp_session *sess)
{
    netsnmp_agent_session *asp;
    int count = 0;
    
    for (asp = agent_delegated_list; asp; asp = asp->next) {
        /*
         * check each request
         */
        netsnmp_request_info *request;
        for(request = asp->requests; request; request = request->next) {
            /*
             * check session
             */
            netsnmp_assert(NULL!=request->subtree);
            if(request->subtree->session != sess)
                continue;

            /*
             * matched! mark request as done
             */
            netsnmp_request_set_error(request, SNMP_ERR_GENERR);
            ++count;
        }
    }

    /*
     * if we found any, that request may be finished now
     */
    if(count) {
        DEBUGMSGTL(("snmp_agent", "removed %d delegated request(s) for session "
                    "%08p\n", count, sess));
        netsnmp_check_outstanding_agent_requests();
    }
    
    return count;
}

int
netsnmp_check_queued_chain_for(netsnmp_agent_session *asp)
{
    netsnmp_agent_session *asptmp;
    for (asptmp = netsnmp_agent_queued_list; asptmp; asptmp = asptmp->next) {
        if (asptmp == asp)
            return 1;
    }
    return 0;
}

int
netsnmp_add_queued(netsnmp_agent_session *asp)
{
    netsnmp_agent_session *asp_tmp;

    /*
     * first item?
     */
    if (NULL == netsnmp_agent_queued_list) {
        netsnmp_agent_queued_list = asp;
        return 1;
    }


    /*
     * add to end of queued request chain 
     */
    asp_tmp = netsnmp_agent_queued_list;
    for (; asp_tmp; asp_tmp = asp_tmp->next) {
        /*
         * already in queue?
         */
        if (asp_tmp == asp)
            break;

        /*
         * end of queue?
         */
        if (NULL == asp_tmp->next)
            asp_tmp->next = asp;
    }
    return 1;
}


int
netsnmp_wrap_up_request(netsnmp_agent_session *asp, int status)
{
    netsnmp_variable_list *var_ptr;
    int             i;

    /*
     * if this request was a set, clear the global now that we are
     * done.
     */
    if (asp == netsnmp_processing_set) {
        DEBUGMSGTL(("snmp_agent", "SET request complete, asp = %08p\n",
                    asp));
        netsnmp_processing_set = NULL;
    }

    if (asp->pdu) {
        /*
         * If we've got an error status, then this needs to be
         *  passed back up to the higher levels....
         */
        if ( status != 0  && asp->status == 0 )
            asp->status = status;

        switch (asp->pdu->command) {
            case SNMP_MSG_INTERNAL_SET_BEGIN:
            case SNMP_MSG_INTERNAL_SET_RESERVE1:
            case SNMP_MSG_INTERNAL_SET_RESERVE2:
            case SNMP_MSG_INTERNAL_SET_ACTION:
                /*
                 * some stuff needs to be saved in special subagent cases 
                 */
                save_set_cache(asp);
                break;

            case SNMP_MSG_GETBULK:
                /*
                 * for a GETBULK response we need to rearrange the varbinds 
                 */
                _reorder_getbulk(asp);
                break;
        }

        /*
         * May need to "dumb down" a SET error status for a
         * v1 query.  See RFC2576 - section 4.3
         */
#ifndef DISABLE_SNMPV1
        if ((asp->pdu->command == SNMP_MSG_SET) &&
            (asp->pdu->version == SNMP_VERSION_1)) {
            switch (asp->status) {
                case SNMP_ERR_WRONGVALUE:
                case SNMP_ERR_WRONGENCODING:
                case SNMP_ERR_WRONGTYPE:
                case SNMP_ERR_WRONGLENGTH:
                case SNMP_ERR_INCONSISTENTVALUE:
                    status = SNMP_ERR_BADVALUE;
                    asp->status = SNMP_ERR_BADVALUE;
                    break;
                case SNMP_ERR_NOACCESS:
                case SNMP_ERR_NOTWRITABLE:
                case SNMP_ERR_NOCREATION:
                case SNMP_ERR_INCONSISTENTNAME:
                case SNMP_ERR_AUTHORIZATIONERROR:
                    status = SNMP_ERR_NOSUCHNAME;
                    asp->status = SNMP_ERR_NOSUCHNAME;
                    break;
                case SNMP_ERR_RESOURCEUNAVAILABLE:
                case SNMP_ERR_COMMITFAILED:
                case SNMP_ERR_UNDOFAILED:
                    status = SNMP_ERR_GENERR;
                    asp->status = SNMP_ERR_GENERR;
                    break;
            }
        }
        /*
         * Similarly we may need to "dumb down" v2 exception
         *  types to throw an error for a v1 query.
         *  See RFC2576 - section 4.1.2.3
         */
        if ((asp->pdu->command != SNMP_MSG_SET) &&
            (asp->pdu->version == SNMP_VERSION_1)) {
            for (var_ptr = asp->pdu->variables, i = 1;
                 var_ptr != NULL; var_ptr = var_ptr->next_variable, i++) {
                switch (var_ptr->type) {
                    case SNMP_NOSUCHOBJECT:
                    case SNMP_NOSUCHINSTANCE:
                    case SNMP_ENDOFMIBVIEW:
                    case ASN_COUNTER64:
                        status = SNMP_ERR_NOSUCHNAME;
                        asp->status = SNMP_ERR_NOSUCHNAME;
                        asp->index = i;
                        break;
                }
            }
        }
#endif /* snmpv1 support */
    } 
    /*
     * Update the snmp error-count statistics
     *   XXX - should we include the V2 errors in this or not?
     */
#define INCLUDE_V2ERRORS_IN_V1STATS

    switch (status) {
#ifdef INCLUDE_V2ERRORS_IN_V1STATS
    case SNMP_ERR_WRONGVALUE:
    case SNMP_ERR_WRONGENCODING:
    case SNMP_ERR_WRONGTYPE:
    case SNMP_ERR_WRONGLENGTH:
    case SNMP_ERR_INCONSISTENTVALUE:
#endif
    case SNMP_ERR_BADVALUE:
        snmp_increment_statistic(STAT_SNMPOUTBADVALUES);
        break;
#ifdef INCLUDE_V2ERRORS_IN_V1STATS
    case SNMP_ERR_NOACCESS:
    case SNMP_ERR_NOTWRITABLE:
    case SNMP_ERR_NOCREATION:
    case SNMP_ERR_INCONSISTENTNAME:
    case SNMP_ERR_AUTHORIZATIONERROR:
#endif
    case SNMP_ERR_NOSUCHNAME:
        snmp_increment_statistic(STAT_SNMPOUTNOSUCHNAMES);
        break;
#ifdef INCLUDE_V2ERRORS_IN_V1STATS
    case SNMP_ERR_RESOURCEUNAVAILABLE:
    case SNMP_ERR_COMMITFAILED:
    case SNMP_ERR_UNDOFAILED:
#endif
    case SNMP_ERR_GENERR:
        snmp_increment_statistic(STAT_SNMPOUTGENERRS);
        break;

    case SNMP_ERR_TOOBIG:
        snmp_increment_statistic(STAT_SNMPOUTTOOBIGS);
        break;
    }

    if ((status == SNMP_ERR_NOERROR) && (asp->pdu)) {
        snmp_increment_statistic_by((asp->pdu->command == SNMP_MSG_SET ?
                                     STAT_SNMPINTOTALSETVARS :
                                     STAT_SNMPINTOTALREQVARS),
                                    count_varbinds(asp->pdu->variables));
    } else {
        /*
         * Use a copy of the original request
         *   to report failures.
         */
        snmp_free_pdu(asp->pdu);
        asp->pdu = asp->orig_pdu;
        asp->orig_pdu = NULL;
    }
    if (asp->pdu) {
        asp->pdu->command = SNMP_MSG_RESPONSE;
        asp->pdu->errstat = asp->status;
        asp->pdu->errindex = asp->index;
        if (!snmp_send(asp->session, asp->pdu)) {
            netsnmp_variable_list *var_ptr;
            snmp_perror("send response");
            for (var_ptr = asp->pdu->variables; var_ptr != NULL;
                     var_ptr = var_ptr->next_variable) {
                size_t  c_oidlen = 256, c_outlen = 0;
                u_char *c_oid = (u_char *) malloc(c_oidlen);

                if (c_oid) {
                    if (!sprint_realloc_objid (&c_oid, &c_oidlen, &c_outlen, 1,
                                               var_ptr->name,
                                               var_ptr->name_length)) {
                        snmp_log(LOG_ERR, "    -- %s [TRUNCATED]\n", c_oid);
                    } else {
                        snmp_log(LOG_ERR, "    -- %s\n", c_oid);
                    }
                    SNMP_FREE(c_oid);
                }
            }
            snmp_free_pdu(asp->pdu);
            asp->pdu = NULL;
        }
        snmp_increment_statistic(STAT_SNMPOUTPKTS);
        snmp_increment_statistic(STAT_SNMPOUTGETRESPONSES);
        asp->pdu = NULL; /* yyy-rks: redundant, no? */
        netsnmp_remove_and_free_agent_snmp_session(asp);
    }
    return 1;
}

void
dump_sess_list(void)
{
    netsnmp_agent_session *a;

    DEBUGMSGTL(("snmp_agent", "DUMP agent_sess_list -> "));
    for (a = agent_session_list; a != NULL; a = a->next) {
        DEBUGMSG(("snmp_agent", "%08p[session %08p] -> ", a, a->session));
    }
    DEBUGMSG(("snmp_agent", "[NIL]\n"));
}

void
netsnmp_remove_and_free_agent_snmp_session(netsnmp_agent_session *asp)
{
    netsnmp_agent_session *a, **prevNext = &agent_session_list;

    DEBUGMSGTL(("snmp_agent", "REMOVE session == %08p\n", asp));

    for (a = agent_session_list; a != NULL; a = *prevNext) {
        if (a == asp) {
            *prevNext = a->next;
            a->next = NULL;
            free_agent_snmp_session(a);
            asp = NULL;
            break;
        } else {
            prevNext = &(a->next);
        }
    }

    if (a == NULL && asp != NULL) {
        /*
         * We coulnd't find it on the list, so free it anyway.  
         */
        free_agent_snmp_session(asp);
    }
}

void
netsnmp_free_agent_snmp_session_by_session(netsnmp_session * sess,
                                           void (*free_request)
                                           (netsnmp_request_list *))
{
    netsnmp_agent_session *a, *next, **prevNext = &agent_session_list;

    DEBUGMSGTL(("snmp_agent", "REMOVE session == %08p\n", sess));

    for (a = agent_session_list; a != NULL; a = next) {
        if (a->session == sess) {
            *prevNext = a->next;
            next = a->next;
            free_agent_snmp_session(a);
        } else {
            prevNext = &(a->next);
            next = a->next;
        }
    }
}

int
handle_snmp_packet(int op, netsnmp_session * session, int reqid,
                   netsnmp_pdu *pdu, void *magic)
{
    netsnmp_agent_session *asp;
    int             status, access_ret, rc;

    /*
     * We only support receiving here.  
     */
    if (op != NETSNMP_CALLBACK_OP_RECEIVED_MESSAGE) {
        return 1;
    }

    /*
     * RESPONSE messages won't get this far, but TRAP-like messages
     * might.  
     */
    if (pdu->command == SNMP_MSG_TRAP || pdu->command == SNMP_MSG_INFORM ||
        pdu->command == SNMP_MSG_TRAP2) {
        DEBUGMSGTL(("snmp_agent", "received trap-like PDU (%02x)\n",
                    pdu->command));
        pdu->command = SNMP_MSG_TRAP2;
        snmp_increment_statistic(STAT_SNMPUNKNOWNPDUHANDLERS);
        return 1;
    }

    /*
     * send snmpv3 authfail trap.
     */
    if (pdu->version  == SNMP_VERSION_3 && 
        session->s_snmp_errno == SNMPERR_USM_AUTHENTICATIONFAILURE) {
           send_easy_trap(SNMP_TRAP_AUTHFAIL, 0);
           return 1;
    } 
        
    if (magic == NULL) {
        asp = init_agent_snmp_session(session, pdu);
        status = SNMP_ERR_NOERROR;
    } else {
        asp = (netsnmp_agent_session *) magic;
        status = asp->status;
    }

    if ((access_ret = check_access(asp->pdu)) != 0) {
        if (access_ret == VACM_NOSUCHCONTEXT) {
            /*
             * rfc3413 section 3.2, step 5 says that we increment the
             * counter but don't return a response of any kind 
             */

            /*
             * we currently don't support unavailable contexts, as
             * there is no reason to that I currently know of 
             */
            snmp_increment_statistic(STAT_SNMPUNKNOWNCONTEXTS);

            /*
             * drop the request 
             */
            netsnmp_remove_and_free_agent_snmp_session(asp);
            return 0;
        } else {
            /*
             * access control setup is incorrect 
             */
            send_easy_trap(SNMP_TRAP_AUTHFAIL, 0);
#if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C)
#if defined(DISABLE_SNMPV1)
            if (asp->pdu->version != SNMP_VERSION_2c) {
#else
#if defined(DISABLE_SNMPV2C)
            if (asp->pdu->version != SNMP_VERSION_1) {
#else
            if (asp->pdu->version != SNMP_VERSION_1
                && asp->pdu->version != SNMP_VERSION_2c) {
#endif
#endif
                asp->pdu->errstat = SNMP_ERR_AUTHORIZATIONERROR;
                asp->pdu->command = SNMP_MSG_RESPONSE;
                snmp_increment_statistic(STAT_SNMPOUTPKTS);
                if (!snmp_send(asp->session, asp->pdu))
                    snmp_free_pdu(asp->pdu);
                asp->pdu = NULL;
                netsnmp_remove_and_free_agent_snmp_session(asp);
                return 1;
            } else {
#endif /* support for community based SNMP */
                /*
                 * drop the request 
                 */
                netsnmp_remove_and_free_agent_snmp_session(asp);
                return 0;
#if !defined(DISABLE_SNMPV1) || !defined(DISABLE_SNMPV2C)
            }
#endif /* support for community based SNMP */
        }
    }

    rc = netsnmp_handle_request(asp, status);

    /*
     * done 
     */
    DEBUGMSGTL(("snmp_agent", "end of handle_snmp_packet, asp = %08p\n",
                asp));
    return rc;
}

netsnmp_request_info *
netsnmp_add_varbind_to_cache(netsnmp_agent_session *asp, int vbcount,
                             netsnmp_variable_list * varbind_ptr,
                             netsnmp_subtree *tp)
{
    netsnmp_request_info *request = NULL;
    int             cacheid;

    DEBUGMSGTL(("snmp_agent", "add_vb_to_cache(%8p, %d, ", asp, vbcount));
    DEBUGMSGOID(("snmp_agent", varbind_ptr->name,
                 varbind_ptr->name_length));
    DEBUGMSG(("snmp_agent", ", %8p)\n", tp));

    if (tp &&
        (asp->pdu->command == SNMP_MSG_GETNEXT ||
         asp->pdu->command == SNMP_MSG_GETBULK)) {
        int result;
        int prefix_len;

        prefix_len = netsnmp_oid_find_prefix(tp->start_a,
                                             tp->start_len,
                                             tp->end_a, tp->end_len);
        result =
            netsnmp_acm_check_subtree(asp->pdu, tp->start_a, prefix_len);

        while (result == VACM_NOTINVIEW) {
            /* the entire subtree is not in view. Skip it. */
            tp = tp->next;
            if (tp) {
                prefix_len = netsnmp_oid_find_prefix(tp->start_a,
                                                     tp->start_len,
                                                     tp->end_a,
                                                     tp->end_len);
                result =
                    netsnmp_acm_check_subtree(asp->pdu,
                                              tp->start_a, prefix_len);
            }
            else
                break;
        }
    }
    if (tp == NULL) {
        /*
         * no appropriate registration found 
         */
        /*
         * make up the response ourselves 
         */
        switch (asp->pdu->command) {
        case SNMP_MSG_GETNEXT:
        case SNMP_MSG_GETBULK:
            varbind_ptr->type = SNMP_ENDOFMIBVIEW;
            break;

        case SNMP_MSG_SET:
        case SNMP_MSG_GET:
            varbind_ptr->type = SNMP_NOSUCHOBJECT;
            break;

        default:
            return NULL;        /* shouldn't get here */
        }
    } else {
        DEBUGMSGTL(("snmp_agent", "tp->start "));
        DEBUGMSGOID(("snmp_agent", tp->start_a, tp->start_len));
        DEBUGMSG(("snmp_agent", ", tp->end "));
        DEBUGMSGOID(("snmp_agent", tp->end_a, tp->end_len));
        DEBUGMSG(("snmp_agent", ", \n"));

        /*
         * malloc the request structure 
         */
        request = &(asp->requests[vbcount - 1]);
        request->index = vbcount;
        request->delegated = 0;
        request->processed = 0;
        request->status = 0;
        request->subtree = tp;
        request->agent_req_info = asp->reqinfo;
        if (request->parent_data) {
            netsnmp_free_request_data_sets(request);
        }
        DEBUGMSGTL(("verbose:asp", "asp %p reqinfo %p assigned to request\n",
                    asp, asp->reqinfo));

        /*
         * for non-SET modes, set the type to NULL 
         */
        if (!MODE_IS_SET(asp->pdu->command)) {
        DEBUGMSGTL(("verbose:asp", "asp %p reqinfo %p assigned to request\n",
                    asp, asp->reqinfo));
            if (varbind_ptr->type == ASN_PRIV_INCL_RANGE) {
                DEBUGMSGTL(("snmp_agent", "varbind %d is inclusive\n",
                            request->index));
                request->inclusive = 1;
            }
            varbind_ptr->type = ASN_NULL;
        }

        /*
         * place them in a cache 
         */
        if (tp->global_cacheid) {
            /*
             * we need to merge all marked subtrees together 
             */
            if (asp->cache_store && -1 !=
                (cacheid = netsnmp_get_local_cachid(asp->cache_store,
                                                    tp->global_cacheid))) {
            } else {
                cacheid = ++(asp->treecache_num);
                netsnmp_get_or_add_local_cachid(&asp->cache_store,
                                                tp->global_cacheid,
                                                cacheid);
                goto mallocslot;        /* XXX: ick */
            }
        } else if (tp->cacheid > -1 && tp->cacheid <= asp->treecache_num &&
                   asp->treecache[tp->cacheid].subtree == tp) {
            /*
             * we have already added a request to this tree
             * pointer before 
             */
            cacheid = tp->cacheid;
        } else {
            cacheid = ++(asp->treecache_num);
          mallocslot:
            /*
             * new slot needed 
             */
            if (asp->treecache_num >= asp->treecache_len) {
                /*
                 * exapand cache array 
                 */
                /*
                 * WWW: non-linear expansion needed (with cap) 
                 */
#define CACHE_GROW_SIZE 16
                asp->treecache_len =
                    (asp->treecache_len + CACHE_GROW_SIZE);
                asp->treecache =
                    realloc(asp->treecache,
                            sizeof(netsnmp_tree_cache) *
                            asp->treecache_len);
                if (asp->treecache == NULL)
                    return NULL;
                memset(&(asp->treecache[cacheid]), 0x00,
                       sizeof(netsnmp_tree_cache) * (CACHE_GROW_SIZE));
            }
            asp->treecache[cacheid].subtree = tp;
            asp->treecache[cacheid].requests_begin = request;
            tp->cacheid = cacheid;
        }

        /*
         * if this is a search type, get the ending range oid as well 
         */
        if (asp->pdu->command == SNMP_MSG_GETNEXT ||
            asp->pdu->command == SNMP_MSG_GETBULK) {
            request->range_end = tp->end_a;
            request->range_end_len = tp->end_len;
        } else {
            request->range_end = NULL;
            request->range_end_len = 0;
        }

        /*
         * link into chain 
         */
        if (asp->treecache[cacheid].requests_end)
            asp->treecache[cacheid].requests_end->next = request;
        request->