openkylin
/
net-snmp
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
net-snmp/README.thread

344 lines
14 KiB
Plaintext
Raw Normal View History

Import Upstream version 5.8+dfsg
2022-06-27 15:01:12 +08:00
Improved Error Reporting and Thread-Safe Use of the SNMP Library
There is a need in some environments to support multiple threads
in a single application. The SNMP Library provides the Single Session
functions which support thread-safe operation when certain precautions
are taken. This document describes the operation of the SNMP Library
with a focus on its session management functions. The Traditional API
and the Single API functions are compared and contrasted.
A working understanding of the CMU or UCD SNMP Library
API is recommended to fully appreciate the concepts discussed.
The document ends with a list of restrictions for using the Single API
in a multi-threaded application.
Unfortunately, the SNMPv3 support was added about the same time as
the thread support and since they occurred in parallel the SNMPv3
support was never checked for multi-threading correctness. It is
most likely that it is not thread-safe at this time.
***** IMPORTANT ANNOUNCEMENT *****
To the point, no resource locks are applied within the SNMP Library.
The APDU encoding and some session management functions can be used
in thread-safe manners. The MIB file parsing is not thread-safe.
The Single Session API was made available in November 1998.
Existing applications use the Traditional API, which is not thread-safe.
The thread-safe considerations are discussed throughout this document.
The research and development of the Single Session API that I've completed
was wholly funded by my employer, Internet Security Systems, Inc.
and is distributed freely to the Internet community.
-Mike Slifcak, 23 April 1999
09 July 1999 Removed references to snmp_synch_setup and snmp_synch_reset
Availability
The Single Session API is integrated into the currently available
versions of the CMU SNMP library and the UC-Davis SNMP package.
ftp://ftp.net.cmu.edu/pub/snmp/cmu-snmp-V1.13.tar.gz and later
Read : snmp_sess_api.3, Changes.SingleSession
ftp://ucd-snmp.ucdavis.edu/ucd-snmp-3.6.tar.gz and later
Read : snmp_sess_api.3, README.thread (after version 3.6.1)
Both libraries work equally well in Windows NT and various
UNIX platforms. Please read this document and refer to
the snmp_sess_api section 3 manual page.
Glossary of Terms
APDU Application Protocol Data Unit
API Application Programming Interface
CMU Carnegie-Mellon University, Pittsburgh, PA.
Library The SNMP library; Both CMU and UCD versions are applicable.
Session Concept embodying the management of transacting SNMP APDUS.
SNMP Simple Network Management Protocol
UCD University of California at Davis, CA.
Introduction
The Library extends the UNIX file concept (open, close, read, write) to a Session.
Opening a Session binds a local socket to a well-known port and creates internal
structures to help with controlling the transaction of SNMP APDUs. Closing a
Session releases the memory and system resources used for these purposes.
Since the mid-1980s, many SNMP applications have used the Traditional Session
API to transact SNMP APDUs between the local host and SNMP-enabled devices.
The Traditional Session API does not support multi-threaded applications:
1) There are no resource locks to prevent exposing the Library's
global data resources to corruption in a multi-threaded application;
2) The Traditional API functions that receive SNMP APDUs
do not provide an interface for one of many sessions;
3) Errors discovered by the Library are communicated through global
data structures and are not associated with the session
in which the error occurred.
The Single Session API provides these capabilities:
1) Manage a single SNMP session safely, in multi-threaded or
non-threaded applications, by avoiding access to data structures
that the Traditional Session API may share between Sessions;
2) Associate errors with the session context for threaded
and non-threaded applications.
Contrasting and Comparing Traditional API and Single API
The Traditional API uses the struct snmp_session pointer returned
from snmp_open() to identify one SNMP session. The Single API uses
the opaque pointer returned from snmp_sess_open() to identify one
SNMP session.
Helpful Hint : The Library copies the contents of the
structure which is input to snmp_open() and snmp_sess_open().
Once copied, changing that input structure's data
has no effect on the opened SNMP Session.
The Traditional API uses the snmp_error() function to identify any
library and system errors that occurred during the processing for
one SNMP session. The Single API uses snmp_sess_error() for the
same purpose.
The Traditional API manages the private Sessions list structure;
adding to the list during snmp_open(), removing during snmp_close.
With few exceptions, the Traditional API calls the Single API
for each session that appears on the Sessions list.
The Traditional API reads from all Sessions on the Sessions list;
The Single API does not use the Sessions list.
The Single API can read from only one Session.
Helpful Hint :
This is the basis for thread-safe-ness of the Library.
There are no resource locks applied.
Using the Single API
A multi-threaded application that deploys the SNMP Library should
should complete all MIB file parsing before additional threads
are activated. Drawing from the parsed contents of the MIB does
not incur any data corruption exposure once the internal MIB structures
are initialised.
The application may create threads such that a single thread may manage
a single SNMP session. The thread should call snmp_sess_init()
to prepare a struct snmp_session structure. The thread can adjust
session parameters such as the remote UDP port or the local UDP port,
which must be set prior to invoking snmp_sess_open().
The first call to snmp_sess_init() initialises the SNMP Library,
including the MIB parse trees, before any SNMP sessions are created.
Applications that call snmp_sess_init() do not need to read MIBs
nor setup environment variables to utilize the Library.
After the struct snmp_session is setup, the thread must call
snmp_sess_open() to create an SNMP session. If at any time
the thread must change the Session configuration,
snmp_sess_session() returns the pointer to the internal configuration
structure (a struct snmp_session, copied from snmp_sess_open).
The thread can adjust parameters such as the session timeout
or the community string with this returned struct snmp_session pointer.
Changes to the remote or local port values have no effect on an opened Session.
The thread can build PDUs and bind variables to PDUs, as it performs its duties.
The thread then calls snmp_sess_send() or snmp_sess_async_send() to build and send
an SNMP APDU to the remote device. If a Get-Response-PDU is expected, the thread
should call snmp_sess_synch_response() instead.
When the thread is finished using the session, it must free the resources
that the Library used to manage the session.
Finally, the thread must call snmp_sess_close() to end the Session.
Snmp_sess_init(), snmp_open(), and snmp_sess_open()
must use the same calling parameter for a given Session.
Other methods should use only the returned parameter from
snmp_open() and snmp_sess_open() to access the opened SNMP Session.
Error Processing
Two calls were added : snmp_error() and snmp_sess_error() return the
"errno" and "snmp_errno" values from the per session data, and a string
that describes the errors that they represent. The string must be freed
by the caller.
Use snmp_error() to process failures after Traditional API calls,
or snmp_sess_error() to process failure after Single API calls.
In the case where an SNMP session could not be opened,
call snmp_error() using the struct snmp_session supplied to either snmp_open()
or snmp_sess_open().
The following variables and functions are obsolete and may create problems
in a multi-threaded application :
int snmp_errno
char * snmp_detail
snmp_set_detail()
snmp_api_errstring()
Function Summary
The functions in the following table are functionally equivalent,
with the exception of these behaviors:
- The Traditional API manages many sessions
- The Traditional API passes a struct snmp_session pointer,
and touches the Sessions list
- The Single API manages only one session
- The Single API passes an opaque pointer, and does not use Sessions list
Traditional Single Comment
=========== ============== =======
snmp_sess_init snmp_sess_init Call before either open
snmp_open snmp_sess_open Single not on Sessions list
snmp_sess_session Exposes snmp_session pointer
snmp_send snmp_sess_send Send one APDU
snmp_async_send snmp_sess_async_send Send one APDU with callback
snmp_select_info snmp_sess_select_info Which session(s) have input
snmp_read snmp_sess_read Read APDUs
snmp_timeout snmp_sess_timeout Check for timeout
snmp_close snmp_sess_close Single not on Sessions list
snmp_synch_response snmp_sess_synch_response Send/receive one APDU
snmp_error snmp_sess_error Get library,system errno
Example 1 : Traditional API use.
#include "snmp_api.h"
...
int liberr, syserr;
char *errstr;
struct snmp_session Session, *sptr;
...
snmp_sess_init(&Session);
Session.peername = "foo.bar.net";
sptr = snmp_open(&Session);
if (sptr == NULL) {
/* Error codes found in open calling argument */
snmp_error(&Session, &liberr, &syserr, &errstr);
printf("SNMP create error %s.\n", errstr);
free(errstr);
return 0;
}
/* Pass sptr to snmp_error from here forward */
...
/* Change the community name */
free(sptr->community);
sptr->community = strdup("public");
sptr->community_len = strlen("public");
...
if (0 == snmp_send(sptr, pdu)) {
snmp_error(sptr, &liberr, &syserr, &errstr);
printf("SNMP write error %s.\n", errstr);
free(errstr);
return 0;
}
snmp_close(sptr);
Example 2 : Single API use.
#include "snmp_api.h"
...
int liberr, syserr;
char *errstr;
void *sessp; /* <-- an opaque pointer, not a struct pointer */
struct snmp_session Session, *sptr;
...
snmp_sess_init(&Session);
Session.peername = "foo.bar.net";
sessp = snmp_sess_open(&Session);
if (sessp == NULL) {
/* Error codes found in open calling argument */
snmp_error(&Session, &liberr, &syserr, &errstr);
printf("SNMP create error %s.\n", errstr);
free(errstr);
return 0;
}
sptr = snmp_sess_session(sessp); /* <-- get the snmp_session pointer */
/* Pass sptr to snmp_sess_error from here forward */
...
/* Change the community name */
free(sptr->community);
sptr->community = strdup("public");
sptr->community_len = strlen("public");
...
if (0 == snmp_sess_send(sessp, pdu)) {
snmp_sess_error(sessp, &liberr, &syserr, &errstr);
printf("SNMP write error %s.\n", errstr);
free(errstr);
return 0;
}
snmp_sess_close(sessp);
Example 3. Differences Between Traditional API and Single API Usage
5a6
> void *sessp; /* <-- an opaque pointer, not a struct pointer */
11,13c12,14
< sptr = snmp_open(&Session);
< if (sptr == NULL) {
---
> sessp = snmp_sess_open(&Session);
> if (sessp == NULL) {
19c20,22
< /* Pass sptr to snmp_error from here forward */
---
> sptr = snmp_sess_session(sessp); /* <-- get the snmp_session pointer */
>
> /* Pass sptr to snmp_sess_error from here forward */
26,27c29,30
< if (0 == snmp_send(sptr, pdu)) {
< snmp_error(sptr, &liberr, &syserr, &errstr);
---
> if (0 == snmp_sess_send(sessp, pdu)) {
> snmp_sess_error(sessp, &liberr, &syserr, &errstr);
33c36
< snmp_close(sptr);
---
> snmp_sess_close(sessp);
Restrictions on Multi-threaded Use of the SNMP Library
1. Invoke SOCK_STARTUP or SOCK_CLEANUP from the main thread only.
2. The MIB parsing functions use global shared data and are not
multi-thread safe when the MIB tree is under construction.
Once the tree is built, the data can be safely referenced from
any thread. There is no provision for freeing the MIB tree.
Suggestion: Read the MIB files before an SNMP session is created.
This can be accomplished by invoking snmp_sess_init from the main
thread and discarding the buffer which is initialised.
3. Invoke the SNMPv2p initialisation before an SNMP session is created,
for reasons similar to reading the MIB file.
The SNMPv2p structures should be available to all SNMP sessions.
CAUTION: These structures have not been tested in a multi-threaded
application.
4. Sessions created using the Single API do not interact with other
SNMP sessions. If you choose to use Traditional API calls, call
them from a single thread. The Library cannot reference an SNMP
session using both Traditional and Single API calls.
5. Using the callback mechanism for asynchronous response PDUs
requires additional caution in a multi-threaded application.
This means a callback function probably should probably not use
Single API calls to further process the session.
6. Each call to snmp_sess_open() creates an IDS. Only a call to
snmp_sess_close() releases the resources used by the IDS.