From 6fcdf79cd851f467a803b30135deba682f726b6c Mon Sep 17 00:00:00 2001
From: Jason Peacock <jpeacock@zenoss.com>
Date: Thu, 12 Sep 2024 10:40:08 -0500
Subject: [PATCH] Enable new SNMP cryptographic protocols.

ZEN-28951
---
 Products/ZenModel/Device.py                 | 18 --------------
 Products/ZenModel/DeviceClass.py            | 23 ------------------
 Products/ZenRelations/ZenPropertyManager.py | 27 ++++++++++++++++-----
 Products/ZenUtils/snmp.py                   |  6 +++++
 Products/Zuul/interfaces/actions.py         | 12 +++++----
 5 files changed, 34 insertions(+), 52 deletions(-)

diff --git a/Products/ZenModel/Device.py b/Products/ZenModel/Device.py
index f11c7f21ed..729b8a5c0b 100644
--- a/Products/ZenModel/Device.py
+++ b/Products/ZenModel/Device.py
@@ -2474,24 +2474,6 @@ def exportXmlHook(self, ofile, ignorerels):
         """
         map(lambda o: o.exportXml(ofile, ignorerels), (self.hw, self.os))
 
-    def zenPropertyOptions(self, propname):
-        """
-        Returns a list of possible options for a given zProperty
-        """
-        if propname == "zCollectorPlugins":
-            from Products.DataCollector.Plugins import loadPlugins
-
-            return sorted(ldr.pluginName for ldr in loadPlugins(self.dmd))
-        if propname == "zCommandProtocol":
-            return ["ssh", "telnet"]
-        if propname == "zSnmpVer":
-            return ["v1", "v2c", "v3"]
-        if propname == "zSnmpAuthType":
-            return ["", "MD5", "SHA"]
-        if propname == "zSnmpPrivType":
-            return ["", "DES", "AES"]
-        return ManagedEntity.zenPropertyOptions(self, propname)
-
     security.declareProtected(ZEN_MANAGE_DEVICE, "pushConfig")
 
     def pushConfig(self, REQUEST=None):
diff --git a/Products/ZenModel/DeviceClass.py b/Products/ZenModel/DeviceClass.py
index 8df023379b..418fb9c2b4 100644
--- a/Products/ZenModel/DeviceClass.py
+++ b/Products/ZenModel/DeviceClass.py
@@ -832,29 +832,6 @@ def buildDeviceTreeProperties(self):
             if not devs.hasProperty(id):
                 devs._setProperty(id, defaultValue, type)
 
-    def zenPropertyOptions(self, propname):
-        """
-        Provide a set of default options for a zProperty
-
-        @param propname: zProperty name
-        @type propname: string
-        @return: list of zProperty options
-        @rtype: list
-        """
-        if propname == 'zCollectorPlugins':
-            from Products.DataCollector.Plugins import loadPlugins
-            return sorted(ldr.pluginName for ldr in loadPlugins(self.dmd))
-        if propname == 'zCommandProtocol':
-            return ['ssh', 'telnet']
-        if propname == 'zSnmpVer':
-            return ['v1', 'v2c', 'v3']
-        if propname == 'zSnmpAuthType':
-            return ['', 'MD5', 'SHA']
-        if propname == 'zSnmpPrivType':
-            return ['', 'DES', 'AES']
-        return DeviceOrganizer.zenPropertyOptions(self, propname)
-
-
     def pushConfig(self, REQUEST=None):
         """
         This will result in a push of all the devices to live collectors
diff --git a/Products/ZenRelations/ZenPropertyManager.py b/Products/ZenRelations/ZenPropertyManager.py
index 0790a43baf..3afcf8c93e 100644
--- a/Products/ZenRelations/ZenPropertyManager.py
+++ b/Products/ZenRelations/ZenPropertyManager.py
@@ -23,6 +23,7 @@
     ZEN_ZPROPERTIES_EDIT,
     ZEN_ZPROPERTIES_VIEW,
 )
+from Products.ZenUtils.snmp import authentication_protocols, privacy_protocols
 from Products.ZenUtils.Utils import getDisplayType
 from Products.ZenWidgets.interfaces import IMessageSender
 
@@ -173,15 +174,15 @@
         "zSnmpAuthType",
         "",
         "string",
-        "SNMP Auth Type",
-        'Use "MD5" or "SHA" signatures to authenticate SNMP requests',
+        "SNMP Authentication Protocol",
+        'The cryptographic protocol used to authenticate SNMP requests.',
     ),
     (
         "zSnmpPrivType",
         "",
         "string",
-        "SNMP Priv Type",
-        '"DES" or "AES" cryptographic algorithms.',
+        "SNMP Privacy Protocol",
+        'The cryptographic protocol used to encrypt SNMP packets.',
     ),
     (
         "zSnmpContext",
@@ -1005,8 +1006,22 @@ def deleteZenProperty(self, propname=None, REQUEST=None):
     security.declareProtected(ZEN_ZPROPERTIES_VIEW, "zenPropertyOptions")
 
     def zenPropertyOptions(self, propname):
-        """Provide a set of default options for a ZProperty."""
-        return []
+        """
+        Returns a list of possible options for a given zProperty
+        """
+        if propname == "zCollectorPlugins":
+            from Products.DataCollector.Plugins import loadPlugins
+
+            return tuple(sorted(p.pluginName for p in loadPlugins(self.dmd)))
+        if propname == "zCommandProtocol":
+            return ("ssh", "telnet")
+        if propname == "zSnmpVer":
+            return ("v1", "v2c", "v3")
+        if propname == "zSnmpAuthType":
+            return ("",) + authentication_protocols
+        if propname == "zSnmpPrivType":
+            return ("",) + privacy_protocols
+        return ()
 
     security.declareProtected(ZEN_ZPROPERTIES_VIEW, "isLocal")
 
diff --git a/Products/ZenUtils/snmp.py b/Products/ZenUtils/snmp.py
index db7186cb0f..4ff63389c1 100755
--- a/Products/ZenUtils/snmp.py
+++ b/Products/ZenUtils/snmp.py
@@ -13,8 +13,14 @@
 from twisted.internet.defer import Deferred
 from pynetsnmp.twistedsnmp import AgentProxy
 
+authentication_protocols = (
+    "MD5", "SHA", "SHA-224", "SHA-256", "SHA-384", "SHA-512"
+)
+privacy_protocols = ("DES", "AES", "AES-192", "AES-256")
+
 _LOG = logging.getLogger("zen.ZenUtils.snmp")
 
+
 class SnmpConfig(object):
     succeeded = None
     sysName = None
diff --git a/Products/Zuul/interfaces/actions.py b/Products/Zuul/interfaces/actions.py
index 851cf1e1c7..31efc4ef43 100644
--- a/Products/Zuul/interfaces/actions.py
+++ b/Products/Zuul/interfaces/actions.py
@@ -7,7 +7,7 @@
 # 
 ##############################################################################
 
-
+from Products.ZenUtils.snmp import authentication_protocols, privacy_protocols
 from Products.Zuul.interfaces import IInfo
 from Products.Zuul.form import schema
 from Products.Zuul.utils import ZuulMessageFactory as _t
@@ -198,15 +198,17 @@ class ISNMPv3ActionContentInfo(ISnmpTrapActionContentInfo):
     contextName = schema.TextLine(title=_t(u'Context Name'))
 
     authProto = schema.Choice(title=_t(u"Authentication Protocol"),
-        vocabulary=SimpleVocabulary.fromValues(['None', 'MD5', 'SHA']),
-        default = _t(u'None')
+        vocabulary=SimpleVocabulary.fromValues(
+            ('None',) + authentication_protocols
+        ),
+        default=_t(u'None'),
     )
     securityName = schema.TextLine(title=_t(u'Security Name'))
     securityPassphrase = schema.Password(title=_t(u'Security Passphrase'))
 
     privProto = schema.Choice(title=_t(u"Privacy Protocol"),
-        vocabulary=SimpleVocabulary.fromValues(['None', 'DES', 'AES']),
-        default = _t(u'None')
+        vocabulary=SimpleVocabulary.fromValues(('None',) + privacy_protocols),
+        default=_t(u'None'),
     )
     privacyPassphrase = schema.Password(title=_t(u'Privacy Passphrase'))