Made accepted SNMP version runtime configurable.

This feature can be disabled by setting LWIP_SNMP_CONFIGURE_VERSIONS to 0.

src/apps/snmp/snmp_msg.c

@@ -66,6 +66,94 @@ const char *snmp_community_trap = SNMP_COMMUNITY_TRAP;
 snmp_write_callback_fct snmp_write_callback     = NULL;
 void*                   snmp_write_callback_arg = NULL;
 
+#if LWIP_SNMP_CONFIGURE_VERSIONS
+
+static u8_t v1_enabled = 1;
+static u8_t v2c_enabled = 1;
+static u8_t v3_enabled = 1;
+
+static u8_t
+snmp_version_enabled(u8_t version)
+{
+  LWIP_ASSERT("Invalid SNMP version", (version == SNMP_VERSION_1) || (version == SNMP_VERSION_2c)
+#if LWIP_SNMP_V3
+	  || (version == SNMP_VERSION_3)
+#endif
+	  );
+
+  if (version == SNMP_VERSION_1) {
+    return v1_enabled;
+  }
+  else if (version == SNMP_VERSION_2c) {
+    return v2c_enabled;
+  }
+#if LWIP_SNMP_V3
+  else { /* version == SNMP_VERSION_3 */
+    return v3_enabled;
+  }
+#endif
+}
+
+u8_t
+snmp_v1_enabled(void)
+{
+  return snmp_version_enabled(SNMP_VERSION_1);
+}
+
+u8_t
+snmp_v2c_enabled(void)
+{
+  return snmp_version_enabled(SNMP_VERSION_2c);
+}
+
+u8_t
+snmp_v3_enabled(void)
+{
+  return snmp_version_enabled(SNMP_VERSION_3);
+}
+
+static void
+snmp_version_enable(u8_t version, u8_t enable)
+{
+  LWIP_ASSERT("Invalid SNMP version", (version == SNMP_VERSION_1) || (version == SNMP_VERSION_2c)
+#if LWIP_SNMP_V3
+	  || (version == SNMP_VERSION_3)
+#endif
+	  );
+
+  if (version == SNMP_VERSION_1) {
+	v1_enabled = enable;
+  }
+  else if (version == SNMP_VERSION_2c) {
+	v2c_enabled = enable;
+  }
+#if LWIP_SNMP_V3
+  else { /* version == SNMP_VERSION_3 */
+	v3_enabled = enable;
+  }
+#endif
+}
+
+void
+snmp_v1_enable(u8_t enable)
+{
+  snmp_version_enable(SNMP_VERSION_1, enable);
+}
+
+void
+snmp_v2c_enable(u8_t enable)
+{
+  snmp_version_enable(SNMP_VERSION_2c, enable);
+}
+
+void
+snmp_v3_enable(u8_t enable)
+{
+  snmp_version_enable(SNMP_VERSION_3, enable);
+}
+
+#endif
+
 /**
  * @ingroup snmp_core
  * Returns current SNMP community string.
@@ -630,10 +718,14 @@ snmp_parse_inbound_frame(struct snmp_request *request)
   IF_PARSE_ASSERT(parent_tlv_value_len > 0);
   
   IF_PARSE_EXEC(snmp_asn1_dec_s32t(&pbuf_stream, tlv.value_len, &s32_value));
-  if ((s32_value != SNMP_VERSION_1) &&
+
+  if (((s32_value != SNMP_VERSION_1) &&
       (s32_value != SNMP_VERSION_2c)
 #if LWIP_SNMP_V3
-      && (s32_value != SNMP_VERSION_3)
+      && (s32_value != SNMP_VERSION_3))
+#endif
+#if LWIP_SNMP_CONFIGURE_VERSIONS
+      || (!snmp_version_enabled(s32_value))
 #endif
      )
   {

src/include/lwip/apps/snmp.h

@@ -106,6 +106,13 @@ err_t snmp_send_trap(const struct snmp_obj_id* oid, s32_t generic_trap, s32_t sp
 void snmp_set_auth_traps_enabled(u8_t enable);
 u8_t snmp_get_auth_traps_enabled(void);
 
+u8_t snmp_v1_enabled(void);
+u8_t snmp_v2c_enabled(void);
+u8_t snmp_v3_enabled(void);
+void snmp_v1_enable(u8_t enable);
+void snmp_v2c_enable(u8_t enable);
+void snmp_v3_enable(u8_t enable);
+
 const char * snmp_get_community(void);
 const char * snmp_get_community_write(void);
 const char * snmp_get_community_trap(void);

src/include/lwip/apps/snmp_opts.h

@@ -279,15 +279,19 @@
  * THIS IS UNDER DEVELOPMENT AND SHOULD NOT BE ENABLED IN PRODUCTS.
  */
 #ifndef LWIP_SNMP_V3
-#define LWIP_SNMP_V3               0
-#endif
-
-#ifndef LWIP_SNMP_V3_CRYPTO
-#define LWIP_SNMP_V3_CRYPTO        LWIP_SNMP_V3
+#define LWIP_SNMP_V3               1
 #endif
 
 #ifndef LWIP_SNMP_V3_MBEDTLS
 #define LWIP_SNMP_V3_MBEDTLS       LWIP_SNMP_V3
 #endif
 
+#ifndef LWIP_SNMP_V3_CRYPTO
+#define LWIP_SNMP_V3_CRYPTO        LWIP_SNMP_V3_MBEDTLS
+#endif
+
+#ifndef LWIP_SNMP_CONFIGURE_VERSIONS
+#define LWIP_SNMP_CONFIGURE_VERSIONS 0
+#endif
+
 #endif /* LWIP_HDR_SNMP_OPTS_H */