Refactored usm.py and security.py modules into a usm package.

zenoss · Nov 20, 2024 · 88b5a1b · 88b5a1b
1 parent 2042209
commit 88b5a1b
Show file tree

Hide file tree

Showing 13 changed files with 663 additions and 609 deletions.
diff --git a/pynetsnmp/security.py b/pynetsnmp/security.py
diff --git a/pynetsnmp/usm/__init__.py b/pynetsnmp/usm/__init__.py
@@ -0,0 +1,43 @@
+from __future__ import absolute_import
+
+from .auth import Authentication
+from .community import Community
+from .priv import Privacy
+from .user import User
+from .protocols import (
+    AUTH_MD5,
+    AUTH_NOAUTH,
+    auth_protocols,
+    AUTH_SHA,
+    AUTH_SHA_224,
+    AUTH_SHA_256,
+    AUTH_SHA_384,
+    AUTH_SHA_512,
+    PRIV_AES,
+    PRIV_AES_192,
+    PRIV_AES_256,
+    PRIV_DES,
+    PRIV_NOPRIV,
+    priv_protocols,
+)
+
+__all__ = (
+    "Authentication",
+    "AUTH_MD5",
+    "AUTH_NOAUTH",
+    "auth_protocols",
+    "AUTH_SHA",
+    "AUTH_SHA_224",
+    "AUTH_SHA_256",
+    "AUTH_SHA_384",
+    "AUTH_SHA_512",
+    "Community",
+    "Privacy",
+    "PRIV_AES",
+    "PRIV_AES_192",
+    "PRIV_AES_256",
+    "PRIV_DES",
+    "PRIV_NOPRIV",
+    "priv_protocols",
+    "User",
+)
diff --git a/pynetsnmp/usm/auth.py b/pynetsnmp/usm/auth.py
@@ -0,0 +1,50 @@
+from __future__ import absolute_import
+
+from .protocols import AUTH_NOAUTH, auth_protocols
+
+
+class Authentication(object):
+    """
+    Provides the authentication data for User objects.
+    """
+
+    __slots__ = ("protocol", "passphrase")
+
+    @classmethod
+    def new_noauth(cls):
+        return cls(None, None)
+
+    def __init__(self, protocol, passphrase):
+        if (
+            not protocol
+            or protocol is AUTH_NOAUTH
+            or protocol == "AUTH_NOAUTH"
+        ):
+            self.protocol = AUTH_NOAUTH
+            self.passphrase = None
+        else:
+            self.protocol = auth_protocols[protocol]
+            if not passphrase:
+                raise ValueError(
+                    "Authentication protocol requires a passphrase"
+                )
+            self.passphrase = passphrase
+
+    def __eq__(self, other):
+        if not isinstance(other, Authentication):
+            return NotImplemented
+        return (
+            self.protocol == other.protocol
+            and self.passphrase == other.passphrase
+        )
+
+    def __nonzero__(self):
+        return self.protocol is not AUTH_NOAUTH
+
+    def __repr__(self):
+        return (
+            "<{0.__module__}.{0.__class__.__name__} protocol={0.protocol}>"
+        ).format(self)
+
+    def __str__(self):
+        return "{0.__class__.__name__}(protocol={0.protocol})".format(self)
diff --git a/pynetsnmp/usm/common.py b/pynetsnmp/usm/common.py
@@ -0,0 +1,19 @@
+from __future__ import absolute_import
+
+from ..CONSTANTS import (
+    SNMP_VERSION_1 as _V1,
+    SNMP_VERSION_2c as _V2C,
+    SNMP_VERSION_3 as _V3,
+)
+
+version_map = {
+    "1": "1",
+    "2c": "2c",
+    "3": "3",
+    _V1: "1",
+    _V2C: "2c",
+    _V3: "3",
+    "v1": "1",
+    "v2c": "2c",
+    "v3": "3",
+}
diff --git a/pynetsnmp/usm/community.py b/pynetsnmp/usm/community.py
@@ -0,0 +1,23 @@
+from __future__ import absolute_import
+
+from ..CONSTANTS import SNMP_VERSION_2c as _V2C
+from .common import version_map
+
+
+class Community(object):
+    """
+    Provides the community based security model for SNMP v1/V2c.
+    """
+
+    def __init__(self, name, version=_V2C):
+        mapped = version_map.get(version)
+        if mapped is None or mapped == "3":
+            raise ValueError(
+                "SNMP version '{}' not supported for Community".format(version)
+            )
+        self.name = name
+        self.version = mapped
+
+    def getArguments(self):
+        community = ("-c", str(self.name)) if self.name else ()
+        return ("-v", self.version) + community
diff --git a/pynetsnmp/usm/priv.py b/pynetsnmp/usm/priv.py
@@ -0,0 +1,48 @@
+from __future__ import absolute_import
+
+from .protocols import PRIV_NOPRIV, priv_protocols
+
+
+class Privacy(object):
+    """
+    Provides the privacy data for User objects.
+    """
+
+    __slots__ = ("protocol", "passphrase")
+
+    @classmethod
+    def new_nopriv(cls):
+        return cls(None, None)
+
+    def __init__(self, protocol, passphrase):
+        if (
+            not protocol
+            or protocol is PRIV_NOPRIV
+            or protocol == "PRIV_NOPRIV"
+        ):
+            self.protocol = PRIV_NOPRIV
+            self.passphrase = None
+        else:
+            self.protocol = priv_protocols[protocol]
+            if not passphrase:
+                raise ValueError("Privacy protocol requires a passphrase")
+            self.passphrase = passphrase
+
+    def __eq__(self, other):
+        if not isinstance(other, Privacy):
+            return NotImplemented
+        return (
+            self.protocol == other.protocol
+            and self.passphrase == other.passphrase
+        )
+
+    def __nonzero__(self):
+        return self.protocol is not PRIV_NOPRIV
+
+    def __repr__(self):
+        return (
+            "<{0.__module__}.{0.__class__.__name__} protocol={0.protocol}>"
+        ).format(self)
+
+    def __str__(self):
+        return "{0.__class__.__name__}(protocol={0.protocol})".format(self)