Re: Netsnmpv5.8 possible security flaw

Hi Madhusudhana, Did you go back and confirm Wes' theory? Did you see an authPriv request which failed, followed by and auth request that succeeded? Robert On Wed, 9 Jan 2019 04:19:28 + Madhusudhana wrote: MR> Thanks Wes. MR> MR> -Original Message- MR> From: Wes Hardaker

Re: A discussion about moving to GitHub from SF (again)

On Tue, 8 Jan 2019 20:37:45 -0800 Bart wrote: BVA> On 1/2/19 2:28 PM, Wes Hardaker via Net-snmp-coders wrote: BVA> > [...] Thus, it's time to reconsider whether we should make BVA> > the move or whether people have concerns worth addressing. BVA> > BVA> > Thoughts? BVA> BVA> [...] However, SF

Re: Change default rwuser default security level

On Tue, 08 Jan 2019 08:40:20 -0800 Wes wrote: WHVNSC> Magnus Fromreide writes: WHVNSC> WHVNSC> > I suppose the default value of the access control is WHVNSC> > "auth", the man page didn't say what the effects of that WHVNSC> > was? WHVNSC> > WHVNSC> > I think this is a bad idea as a default

Re: porting Net-SNMP 5.8 to Yocto

On Fri, 20 Jul 2018 09:35:22 -0400 Simon wrote: SC> While trying to port the newly released net-snmp to yocto, I am SC> getting the following error: SC> SC> ERROR: This autoconf log indicates errors, it looked at host SC> include and/or library paths while determining system SC> capabilities.

Re: [PATCH / request for votes] Support double byte characters

Josef, Two points.. First, are you also submitting these patches to the patch database? The mailing list if fine for discussion, but when we do patch review we go through the database, not the mailing list. Second, 'request for votes' is something specific to the Net-SNMP release process. The

Re: Disable specifc OIDs in MIB

On Mon, 9 Jul 2018 12:33:36 +0530 Thommandra wrote: TG> > Configure can exclude entire MIBs, but not individual OIDs. TG> > You can modify the code, but make sure you deal with get and TG> > get-next properly. TG> TG> Even if we comment/modify the code for individual OIDs, we TG> cannot skip OIDs

Re: Disable specifc OIDs in MIB

On Wed, 4 Jul 2018 18:07:51 +0530 Thommandra wrote: TG> > For snmpd, you can configure VACM views in snmpd.conf to TG> > exclude certain OIDS. It's not very intuitive, but should be TG> > possible. TG> TG> Can we remove the OIDs at compile time (using configure option) TG> like we do for

Re: Disable specifc OIDs in MIB

On Tue, 3 Jul 2018 19:05:59 +0530 Thommandra wrote: TG> - How can we disable an OID from snmpwalk output? For snmpd, you can configure VACM views in snmpd.conf to exclude certain OIDS. It's not very intuitive, but should be possible. For the client, there isn't a way to not query for something

Re: Representation of configuration items

On Mon, 2 Jul 2018 12:38:27 +0530 Pushpa wrote: PT> I would like to know that why snmp identifies PT> configuration-items (and traps) by OID (.1.3.6.1.2.1.1.2) PT> but not as normal acii string/keywords (eg: sysObjectID or PT> anything ascii). In what context? If you are referring to program

Re: Net-SNMP 5.8.rc4 available for testing

On Fri, 29 Jun 2018 13:38:27 -0700 Bart wrote: BVA> Can you explain why you have ignored all nine patches that I BVA> posted one week ago? Had you noticed that one of these patches BVA> is a build fix? See also BVA> https://sourceforge.net/p/net-snmp/mailman/message/36349380/. I did not ignore

Re: proxy remotehost name resolution

On Wed, 27 Jun 2018 19:54:31 -0300 Nico wrote: N> This leads to problems if local equipment startup is in wrong N> order (dns after snmpd). N> N> Other scenario with the same problem is if the IP/name mapping N> changes with snmpd running, Either because of /etc/host edit or N> dynamic IP

Net-SNMP 5.8.rc4 available for testing

Net-SNMP 5.8.rc4 is now available for testing at https://sourceforge.net/projects/net-snmp/files/net-snmp/5.8-release-candidates/ Below is a summary of the change in 5.8.rc4. Please see the CHANGES file for a more detailed list of specific bugs/patches that have been fixed/applied, and the

Re: [PATCH / request for votes] SNMP-TARGET-MIB: Fix snmpTargetAddrTAddress

On Mon, 11 Jun 2018 07:00:57 -0700 Bart wrote: BVA> When I fixed the fmtaddr implementation in several Net-SNMP BVA> transports I hadn't noticed that these changes broke the BVA> target MIB. Hence this patch that fixes the target MIB. +1

Re: Account lockout for v3 user

On Fri, 8 Jun 2018 13:18:18 +0530 RAHUL wrote: RS> I am trying to implement account lockout for v3 user in netsnmp. RS> When the user enters lockout mode, I want to drop all the v3 RS> packets sent during lockout period. RS> Can this be achieved by doing some changes in snmpd.conf file? No, there

Net-SNMP 5.8.rc3 available for testing

Net-SNMP 5.8.rc3 is now available for testing at https://sourceforge.net/projects/net-snmp/files/net-snmp/5.8-release-candidates/ Below is a summary of the major changes in 5.8.rc3. Please see the CHANGES file for a more detailed list of specific bugs/patches that have been fixed/applied,

Re: [PATCH]; request for votes] Cygwin: Make it again possible to build with OpenSSL

On Mon, 21 May 2018 10:12:37 -0700 Bart wrote: BVA> This patch should work for both newer and older Cygwin BVA> versions. +1 -- Check out the vibrant tech community on one of the world's most engaging tech sites,

Re: [PATCH; request for votes] snmplib: Avoid that sprint_realloc_octet_string() triggers a segmentation fault

On Sun, 20 May 2018 13:06:43 -0400 Bill wrote: BF> I do not think that now is the time to try to deal with any of BF> the fundamentals, but just not regress from previous released BF> behavior, and deal with the underlying issue in 5.8.1 / 5.7.4. Just to clarify, do you mean a) accepts Bart's

Re: [PATCH; request for votes] snmplib: Avoid that sprint_realloc_octet_string() triggers a segmentation fault

On Sat, 19 May 2018 14:07:56 -0700 Bart wrote: BVA> strlcpy() implementations typically scan for the end of the BVA> source argument passed to strlcpy(). Hence avoid passing an BVA> unterminated string to strlcpy(). I'm going to say -1, but for the patch and not the need to fix the issue. This

Net-SNMP 5.8.rc2 available for testing

Net-SNMP 5.8.rc2 is now available for testing at https://sourceforge.net/projects/net-snmp/files/net-snmp/5.8-release-candidates/ Below is a summary of the major changes in 5.8.rc2 Please see the CHANGES file for a more detailed list of specific bugs/patches that have been fixed/applied,

Re: [PATCH, RFC] Add Travis and Appveyor CI support

On Wed, 16 May 2018 07:23:32 -0700 Bart wrote: BVA> This patch makes it possible to enable Travis and Appveyor BVA> continuous integration support. On Travis Net-SNMP is built BVA> with all MIBs, with --disable-set-support, with BVA> --enable-mini-agent, with --enable-minimalist and with BVA>

CFV: complete fix for setting engineBoots/Time via cli

A fix in pre2 or pre3 fixed use of -Z command line argument for setting engineBoots/engineTime. The snmptrap app needs to be fixed as well. [PATCH] also fix snmptrap for setting engineBoots and engineTime (e.g. -Z cli arg) An addendum for earlier fix for agent side (commit

Re: RFC: fix --enable-read-only build failure due to snmpping

On Tue, 15 May 2018 17:00:10 -0700 Wes wrote: WH> Robert Story <rst...@freesnmp.com> writes: WH> WH> > We're at +2 now (assuming an implied +1 from your WH> > message/tone). WH> WH> Yeah, I thought I had indicated +1 explicitly. I didn't, my WH> bad. To me,

Re: RFC: fix --enable-read-only build failure due to snmpping

On Wed, 16 May 2018 03:13:34 +0200 Magnus wrote: MF> > Yes, but it doesn't break for a default configure, which is MF> > the criteria for a show stopper in the RC phase. Of course +3 MF> > votes for anything is an automatic show stopper too, so we're MF> > one vote away from that. MF> MF> +1

Re: [PATCH 01/15] Cygwin64: Fix winExtDLL build

On Wed, 16 May 2018 03:07:21 +0200 Magnus wrote: MF> I changed the definition of oid from MF> MF> typedef unsigned long oid; MF> MF> to MF> MF> typedef uint32_t oid; MF> MF> a while back but that patch broke some precompiled HP managment MF> module so it got rolled back but it sure would be

Re: Feature Request: New prTable possible?

On Tue, 15 May 2018 10:58:58 +0200 Michael wrote: MS> at the moment the proc option only checks the output of ps -e MS> for process names. MS> MS> Is it possible to extend the MIB and the agent that something MS> like that will be possible: MS> MS> proc MS> MS> this extension would check

Re: RFC: fix --enable-read-only build failure due to snmpping

On Tue, 15 May 2018 12:12:18 -0700 Wes wrote: WH> Robert Story <rst...@freesnmp.com> writes: WH> WH> > On Tue, 15 May 2018 11:25:03 -0400 Bill wrote: WH> > BF> Since snmpping requires set support, it should be WH> > BF> conditional. My proposed patch is

Re: Textual name of Object in SNMP Packet

On Tue, 15 May 2018 18:28:12 +0530 Anandaprabu wrote: AV> Between SNMP Agent and Master OID is the common parameter. Will AV> the Object name also should be same in Master and Agent? If they are loading the same MIB definitions, they will be able to consistently convert between names and OIDs.

Re: RFC: fix --enable-read-only build failure due to snmpping

On Tue, 15 May 2018 11:07:29 -0700 Bart wrote: BVA> On 05/15/18 10:57, Robert Story wrote: BVA> > On Tue, 15 May 2018 11:25:03 -0400 Bill wrote: BVA> > BF> Since snmpping requires set support, it should be BVA> > BF> conditional. My proposed patch is BVA> >

Re: PATCH at_solaris.c

On Tue, 15 May 2018 15:50:20 +0200 Niels wrote: NBVNSC> The new at_solaris access module does not compile. May I NBVNSC> solicit votes for this patch for the missing include file? +1 -- Check out the vibrant tech

Re: RFC: fix --enable-read-only build failure due to snmpping

On Tue, 15 May 2018 11:25:03 -0400 Bill wrote: BF> Since snmpping requires set support, it should be conditional. BF> My proposed patch is I don't think this meets the criteria for a show-stopper, since it's not part of the default build. -1

Re: Textual name of Object in SNMP Packet

On Mon, 14 May 2018 15:28:31 +0530 Anandaprabu wrote: AV> As per my project requirement I was requested by the NMS to AV> send Textual Object name in a column of a Table. AV> AV> Like after adding the Managed device to NMS, the device should AV> make a queue of updated objects in a table (let's

Re: Suggested patch to support NetBSD 8

On Mon, 14 May 2018 08:45:54 -0700 Bart wrote: BVA> On 05/14/18 05:29, Niels Baggesen via Net-snmp-coders wrote: BVA> > The patch that went into 5.7-patches is not sufficient for BVA> > NetBSD 8 on 5.8 BVA> > BVA> > The following patch to 5.8.RC1 is required. BVA> > BVA> > May I solicit some

Re: RFC: fix clientaddr for 5.8

On Mon, 14 May 2018 08:44:19 -0700 Bart wrote: BVA> > https://sourceforge.net/p/net-snmp/code/ci/3defab66a7aee60ba582a8254412abd2e630c321/ BVA> > BVA> > It turns out that when you specify a clientaddr, the steps BVA> > the function takes are: BVA> > BVA> > - zero out addr_pair BVA> > - store

Re: Summary of meeting between NET-SNMP devs and ICEI

On Sun, 13 May 2018 18:15:16 -0700 Keith wrote: KM> On Sun, May 13, 2018, at 3:41 PM, Bart Van Assche wrote: KM> > Should a list of to-do items be added to the Net-SNMP wiki? KM> KM> I think a to-do wiki page on github would be a good idea to KM> deal with what needs to be done. Then, as each

Re: [PATCH 01/15] Cygwin64: Fix winExtDLL build

On Sun, 13 May 2018 14:31:39 -0700 Bart wrote: BVA> The winExtDLL code assumes that sizeof(oid) == 4. Hence define BVA> the 'oid' type as unsigned int when building with MSVC, MinGW BVA> or Cygwin. This patch avoids that building winExtDLL with BVA> Cygwin64 fails on the following statement: BVA>

Re: [PATCH 00/15] Clean up Net-SNMP public header files

On Sun, 13 May 2018 14:31:38 -0700 Bart wrote: BVA> Since Net-SNMP version 5.8 will be released soon and since no BVA> prior version has been released from the v5.8 (master) branch BVA> yet this is a good time to review the public header files and BVA> verify whether any potentially backwards

Re: 5.8.rc1 is available

On Thu, 10 May 2018 08:46:17 -0700 Bart wrote: BVA> On 05/06/18 17:32, Robert Story wrote: BVA> > The first release candidate for the next release of Net-SNMP BVA> > is available for testing [1]. [...] BVA> [...] BVA> Since we are preparing the first v5.8 release, do you thin

Re: [PATCH] install openbsd6.h header

On Fri, 11 May 2018 21:48:52 +0100 Stuart wrote: SH> From 216f6e4e5c600dc82c27fe67a01bb8f4304d0ddb Mon Sep 17 SH> 00:00:00 2001 From: Stuart Henderson SH> Date: Fri, 11 May 2018 21:48:22 +0100 SH> Subject: [PATCH] Install missing system header files Thanks again. Applied

Re: removed USM_{AUTH,PRIV}_PROTO_*_LEN macros

On Sat, 12 May 2018 12:38:10 +0100 Stuart wrote: SH> The USM_*_PROTO_*_LEN constant macros removed in 329a9d3c9 are SH> used in other programs using Net-SNMP libraries. I noticed a SH> problem building PHP against 5.8.rc1 but looking at SH> codesearch.debian.net I find a few other programs that

Re: [PATCH for master / request for votes] configure.ac: Fix recently introduced autoreconf warnings

On Mon, 7 May 2018 22:08:15 +0200 Niels wrote: NBVNSC> Den 07-05-2018 kl. 06:13 skrev Bart Van Assche: NBVNSC> > A recent patch introduced an invocation of NBVNSC> > AC_CHECK_HEADER before AC_AIX. However, AC_AIX must be NBVNSC> > invoked before AC_CHECK_HEADER. Hence move AC_AIX from NBVNSC> >

Re: FreeBSD pkg HOST-RESOURCES-MIB::hrSWInstalled stops working

On Mon, 07 May 2018 11:44:59 -0500 Mark wrote: MF> The HOST-RESOURCES-MIB::hrSWInstalled support for FreeBSD pkg MF> stops working after so many queries and requires an snmpd MF> process restart. I have been observing this for quite some time MF> and have only recently started to debug it. The

5.8.rc1 is available

The first release candidate for the next release of Net-SNMP is available for testing [1]. Please give it a try and file bug reports [2] if you run into any problems. Here is brief summary of changes for 5.8 release candidates and pre-release: *5.8.rc1* snmpd: - BUG: 2864: use

Re: RFC: "-@" command line argument to set clientaddr per request/session

On Sun, 6 May 2018 09:31:37 -0400 Bill wrote: BF> I think feature parity is a good thing. How close are you to BF> having BF> > this patch ready? I'd say create a branch for it and push it BF> > to teh SF or github repo. Seeing the actual patch will help BF> > me form my opinion on rc1 (maybe if

Re: [PATCH 1/2] ifm_media changed from u_int to uint64_t in OpenBSD 5.9

On Fri, 4 May 2018 13:58:09 +0100 Stuart wrote: SH> Picking out a few things I've had patched in the OpenBSD port SH> for ages. This one is needed for 5.9+ (released in 2016 - SH> OpenBSD has two releases per year and only supports the most SH> recent two) but is harmless for older versions.

Re: Configuration files are not resilient to power failure

I've added a call to fsync in 5-7-patches and master. On Mon, 15 Jan 2018 04:18:57 -0500 (EST) Josef wrote: JR> net-snmp's configuration files are not resilient to power JR> failure. JR> JR> following a power failure event users created with JR> net-snmp-create-v3-user are missing from

Re: 5.8 testing status

On Fri, 4 May 2018 11:25:35 -0400 Bill wrote: BF> I started writing a test for this, and found that it's seriously BF> convoluted. The combination of clientaddr + trap*sink results BF> in the bind() attempting to use port 161 for the clientaddr, so BF> it doesn't work as non-root (in the test

Re: RFC: "-@" command line argument to set clientaddr per request/session

On Fri, 4 May 2018 11:40:21 -0400 Bill wrote: BF> I apologize for mis-speaking. I meant, session.localname, BF> which is used in _sess_open() as follows: BF> BF> https://sourceforge.net/p/net-snmp/code/ci/master/tree/snmplib/snmp_api.c#l1629 Ok, thanks for the pointer. So right now the only

Re: [PATCH 2/2] inpt_queue changed from CIRCLEQ to TAILQ in OpenBSD 5.6

On Fri, 4 May 2018 17:01:05 +0100 Stuart wrote: SH> On 2018/05/04 10:37, Robert Story wrote: SH> Personally I think it's a disservice to users to enable them to SH> run with such an old version of OpenBSD - there's a 2-release SH> cutoff for important fixes in the base OS and 6 mont

Re: [PATCH 2/2] inpt_queue changed from CIRCLEQ to TAILQ in OpenBSD 5.6

On Fri, 04 May 2018 10:25:15 -0700 Keith wrote: KM> I feel that Net-SNMP should follow what the OS maintainers are KM> willing to support. If they're saying they're only going back 2 KM> versions; I strongly urge the team to cut the support for them KM> loose. You will get strong argument from at

Re: Net-SNMP 5.8.pre3 available

On Fri, 4 May 2018 05:16:29 -0700 Bart wrote: BVA> Thanks for having drawn our attention to that bug report. How BVA> about fixing bug 2831 with the below patch? BVA> [...] BVA> include/net-snmp/agent/agent_internal_vars.h | 25 BVA> [...] BVA> +#include In order to make it clear that this

Re: [PATCH 2/2] inpt_queue changed from CIRCLEQ to TAILQ in OpenBSD 5.6

On Fri, 4 May 2018 13:58:43 +0100 Stuart wrote: SH> This is needed for OpenBSD 5.6+. It does break older versions SH> but 5.6 was released in 2014 and support for this ended Oct SH> 2015; I'd find it unlikely that anyone still running this would SH> be building up-to-date net-snmp. We try really

Re: how to store val.string

On Fri, 4 May 2018 15:03:48 +0530 Deepak wrote: DS> int ret; char str_pwd[4]=""; DS>. DS> case MODE_SET_COMMIT: DS> str_ pwd=*(requests->requestvb->val.string); You are assigning a pointer to a character array. Just pass val.string to write() directly. Of course, this

Re: 5.8 testing status

On Thu, 3 May 2018 14:32:40 -0400 Bill wrote: BF> > On Wed, 2 May 2018 11:08:44 -0400 Bill wrote: BF> > BF> I just filed BF> > BF> https://sourceforge.net/p/net-snmp/bugs/2864/ : BF> > BF> "clientaddr" doesn't work to set the source address for BF> > BF> traps any more. (And given that the code

Re: RFC: "-@" command line argument to set clientaddr per request/session

On Thu, 3 May 2018 14:29:09 -0400 Bill wrote: BF> On Thu, May 3, 2018 at 1:07 PM, Robert Story BF> <rst...@freesnmp.com> wrote: BF> Depends on at what level you are looking at the functionality. BF> -@ would set session.localaddr, which is a little different BF> than setting

Re: Net-SNMP 5.8.pre3 available

On Thu, 3 May 2018 21:48:50 +0100 Stuart wrote: SH> On 2018-04-27, Robert Story <rst...@freesnmp.com> wrote: SH> > We're closing in on a final release. The current plan is to SH> > have release candidate 1 next week. SH> SH> Is it planned to address SH> https://s

Re: RFC: "-@" command line argument to set clientaddr per request/session

On Wed, 2 May 2018 11:49:46 -0400 Bill wrote: BF> Is it too late to add this? This occurs to me just because it’s BF> an easier way to test the transports’ support of clientaddr, by BF> being able to set clientaddr dynamically via the command line, BF> and I just noticed that this is broken in

Re: 5.8 testing status

On Wed, 2 May 2018 11:08:44 -0400 Bill wrote: BF> I just filed https://sourceforge.net/p/net-snmp/bugs/2864/ : BF> "clientaddr" doesn't work to set the source address for traps BF> any more. (And given that the code path is the same, I suspect BF> it doesn't work for client requests either).

Re: Verify AES support when Blumenthal draft is enabled

On Fri, 27 Apr 2018 23:00:57 -0700 Keith wrote: KM> > BVA> > https://sourceforge.net/p/net-snmp/code/merge-requests/14/. KM> > BVA> > [...] KM> Let me give this another go. I think the best solution is when KM> --with-openssl is processed that a variable like KM> "blumenthalcapable" be set based

Re: 5.8 testing status

On Sun, 29 Apr 2018 12:10:12 -0400 Bill wrote: BF> BF> It's plausible that a workaround as simple as BF> > BF> BF> > BF> +/* BF> > BF> + * We lie about being SNMPv3, because ... BF> > BF> + */ BF> > BF> if (add_trap_session(main_session, BF> > BF> AGENTX_MSG_NOTIFY, 1, BF> > BF>

Net-SNMP 5.8.pre3 available

A pre-release version of the next major Net-SNMP release is now available for testing. Net-SNMP 5.8.pre3 can be downloaded from: https://sourceforge.net/projects/net-snmp/files/net-snmp/5.8-pre-releases/ Partial summary of changes since since 5.8.pre2: *5.8.pre3* snmplib: - Asn1:

Re: Summary of meeting between NET-SNMP devs and ICEI

On Wed, 25 Apr 2018 13:24:12 -0700 Keith wrote: KM> On Wed, Apr 25, 2018, at 12:08 PM, Robert Story wrote: KM> > We've had recent discussions on this, and I think we'll be KM> > moving the source to github in the near future. KM> KM> I think it would be best to get full ag

Re: Verify AES support when Blumenthal draft is enabled

On Wed, 25 Apr 2018 10:53:35 -0700 Keith wrote: KM> I feel the best solution would be to remove the typecasts going KM> on inside sc_get_openssl_hashfn(). It seems to me that having KM> these typecasts there is triggering the implicit declaration of KM> EVP_sha512() that lead to the crash we both

Re: 5.8 testing status

On Thu, 26 Apr 2018 22:07:27 -0400 Bill wrote: BF> >>> (The context is that the library now tries to suppress BF> >>> converting traps from v1 to v2 or vice versa if there is no BF> >>> trap sink of the right type, but, it does not know how to BF> >>> treat agentx sessions so doesn't count them -

Re: ifPhysAddress address is displaying wrong data

On Fri, 27 Apr 2018 20:08:19 +0530 Venkateswarlu wrote: VK> I am facing one issue with snmp. While fecting the VK> ifPhysAddress for my device interfaces, one of the mac address VK> is displaying wrong data. VK> VK> Version : 5.7.3 VK> OS: armv7l GNU/Linux VK> VK> One of my ineterface is having

Re: [PATCH RFC] Add Travis and Appveyor CI support

On Wed, 25 Apr 2018 12:05:06 -0600 Bart wrote: BVA> On 04/25/18 11:54, Keith Mendoza wrote: BVA> > Out of curiosity, do you have a "fork" of Net-SNMP on github BVA> > to connect it to Travis and Appveyor? BVA> BVA> If you are looking for a Net-SNMP repository on github, please BVA> use

Re: Verify AES support when Blumenthal draft is enabled

On Wed, 25 Apr 2018 10:28:59 -0600 Bart wrote: BVA> On 04/25/18 10:04, Keith Mendoza wrote: BVA> > I have submitted a merge request to verify that when the BVA> > --enable-blumenthal-aes is used in configure that it checks BVA> > that OpenSSL's aes.h and evp.h are available. Merge request BVA> >

Re: Summary of meeting between NET-SNMP devs and ICEI

On Thu, 12 Apr 2018 10:31:13 -0500 Ian wrote: IB> This morning we (Keith, Ian) met with an assortment of the IB> NET-SNMP developers / contributors (primarily Bart Van Assche) IB> to discuss how we could best help the project. The meeting went IB> well, at least form our perspective. I'm sorry I

Re: [PATCH RFC] Add Travis and Appveyor CI support

On Wed, 25 Apr 2018 09:06:28 -0600 Bart wrote: BVA> One of the advantages of github over SourceForge is that BVA> integration with continuous integration (CI) services like BVA> Travis and Appveyor is easy. Adding such support however BVA> requires to add proper configuration files and the

Re: Net-SNMP 5.8.pre2 available

On Mon, Mar 5, 2018 at 3:11 PM, Robert Story <rst...@freesnmp.com> wrote: > A pre-release version of the next major Net-SNMP release is now > available for testing. Net-SNMP 5.8.pre3 can be downloaded from: > This announcement had a typo. Release 5.8.pre2 (not pre3) is ava

Net-SNMP 5.8.pre2 available

A pre-release version of the next major Net-SNMP release is now available for testing. Net-SNMP 5.8.pre3 can be downloaded from: https://sourceforge.net/projects/net-snmp/files/net-snmp/5.8-pre-releases/ Partial summary of changes since since 5.8.pre2: snmplib: - TLS/DTLS fixes

Re: snmpv3 send response: too long

On Sun, 21 Jan 2018 21:41:06 -0800 duocell wrote: D> Need some help to debug the "send response: too long" error in D> net-snmp-5.7.3 D> D> I keeps hitting the following error. D> D> "length of packet 1513 exceeds session maximum 1472" D> D> [snip D> D> How to limit the response pkt size?

Net-SNMP 5.8.pre1 available for testing

A pre-release version of the next major Net-SNMP release is now available for testing. Net-SNMP 5.8.pre1 can be downloaded from: https://sourceforge.net/projects/net-snmp/files/5.8-pre-releases/ * Net-SNMP version 5.8 introduces support for new Authentication protocols defined in RFC 7860. The

Re: rfc7860 support in netsnmp

On Fri, 5 Jan 2018 15:47:58 +0530 Neena wrote: NMS> What is the plan to suport rfc7860 in netsnmp code ? Is beta NMS> version available ? Funny you should ask.. There is a pre-pre release of Net-SNMP 5.8 available, or you can use the master branch in git. I should be making an announcement soon.

Re: DH_get0_pqg not defined on 5.8 master if you build without TLS transport

> Thanks! I'll note that this still results in multiple different > versions of X509_NAME_ENTRY_get_data() and > X509_NAME_ENTRY_get_object() in snmp_openssl.c, but that's in the > code path I'm not using, so I'm unblocked for now. Ok, change pushed to 5.7-patches and master.

Re: Agent not responding to standard MIB browser (i reasoning)

demo Note that the name here doesn't match the name you've configured in the agent, but that shouldn't affect ireasoning. -- Robert Story <http://www.isi.edu/~rstory> USC Information Sciences Institute <http://www.isi.edu/> --

Re: DH_get0_pqg not defined on 5.8 master if you build without TLS transport

repo if it's public and I'll cherry-pick your changes over? attached -- Robert Story <http://www.isi.edu/~rstory> USC Information Sciences Institute <http://www.isi.edu/> commit 89c9d93f2f24cea7f8dac12d36f31daf12419203 Author: Robert Story <rst...@freesnmp.com> Date: Wed D

Re: DH_get0_pqg not defined on 5.8 master if you build without TLS transport

L_DH_H) > && !defined(HAVE_DH_funcXX)). The certificate related functions with > the (poorly named) LIBSSL ifdef would follow. The attached patch against master builds with and without TLS transports on CentOS 6 (openssl 1.0) and Fedora 27 (openssl 1.1). -- Robert Story <http://www.isi.

Re: DH_get0_pqg not defined on 5.8 master if you build without TLS transport

IBSSL ifdef would follow. -- Robert Story <http://www.isi.edu/~rstory> USC Information Sciences Institute <http://www.isi.edu/> -- Check out the vibrant tech community on one of the world's most engaging t

Re: Trap session query

On Thu, 14 Dec 2017 09:45:18 + Madhusudhana wrote: MR> Below is the configuration, where all 3 sessions are destined MR> to same IP and port (could be a wrong configuration). In this MR> case, will there be 3 trapsessions to same destination IP:port? MR> Or will SNMP filter out the duplicated

Re: unable to add a MIB into tree

On Tue, 12 Dec 2017 10:50:24 + Vibhavari wrote: MV> I had a MIB file XXXMIB.txt. It had 8 MIB objects. I added 5 MV> more objects to it and I restarted snmpd service. But when I do MV> snmp walk it shows old OID list only ( previous 8) . New 5 are MV> not added to it. My mib file is already

Re: trap2sink configuration programmatically

On Tue, 31 Oct 2017 20:57:04 +0100 Ján wrote: JG> is there any way how to programmatically (from our app loaded JG> as a dlmod module) set destination host for traps (trap2sink JG> config option)? I'm able to create new trap session via JG> function create_trap_session(). The problem is that I

Re: how to add trap manager dynamic in the code

On Tue, 14 Nov 2017 06:46:49 + YANG wrote: YK> I find net-snmp using configure file to configure the manager YK> that want receive the trap. Such as lines in snmpd.conf: YK> YK> trapsink localhost public YK> trap2sinklocalhost public YK> YK> We want using pollingTable to manage

Re: Trap session query

On Thu, 9 Nov 2017 11:34:53 + Madhusudhana wrote: MR> My query is regarding trap sessions. MR> I have a below configuration where I have a trap user MR> 'Operator1'created with 3 trap sessions with different IP: Port MR> as shown below. MR> MR> createUser Operator1 MD5 "password@123" MR> MR>

Re: OpenSSL 1.1.0 support?

On Fri 2017-10-27 04:34:01-0400 Josef wrote: > From my point of view, I have done all that I could. I have a question about one part of the patch: diff -urNp old/snmplib/scapi.c new/snmplib/scapi.c --- old/snmplib/scapi.c 2014-12-08 21:23:22.0 +0100 +++ new/snmplib/scapi.c 2017-02-20

Re: OpenSSL 1.1.0 support?

On Fri, 27 Oct 2017 04:34:01 -0400 (EDT) Josef wrote: JR> These changes has been delivered to upstream, unfortunately, JR> nobody has response on them yet and I do not have commit access JR> to official net-snmp repository. I found fedora bug:

Re: snmp_sess_synch_response() *sometimes* frees the pdu argument.

Hi Florian, Just following up.. Did you create a patch and/or bug report for this? Robert On Wed, 18 Oct 2017 22:41:04 -0400 Robert wrote: RS> On Fri, 22 Sep 2017 08:33:42 +0200 Florian wrote: RS> FF> I noticed that snmp_sess_synch_response() *sometimes* (not RS> FF> always) frees the

Re: When to do snmp_close?

On Fri, 20 Oct 2017 22:43:36 -0400 Nishikant wrote: ND> I have created a multithreaded application where each thread ND> creates a session, creates a PDU and sends it using snmp_send. ND> If I do snmp_close(session) after snmp_send, after a while I am ND> getting some sort of double free

Re: integration of .so module with other application

On Mon, 23 Oct 2017 15:51:48 +0530 deepak.sachan wrote: DSDS> I have generate a loadable module for my device i.e. DSDS> device.so. I have edited snmpd.conf for loading module using DSDS> dlmod. It working fine. snmpget and snmpset working fine. DSDS> This device.so has been used for remote

Re: Question about Diffie-Helman with net-snmp

On Wed, 20 Sep 2017 14:52:07 +0800 Chih-Ting wrote: CTK> I met a problem about snmpv3 Diffie-Helman with net-snmp. CTK> CTK> Cable modem use SnmpV3 Kickstart Manager Public Number to get CTK> its v3 user's password finally. CTK> SecurityName: "docsisManager" CTK> Random Number: [snip] CTK> CTK>

Re: snmp_sess_synch_response() *sometimes* frees the pdu argument.

On Fri, 22 Sep 2017 08:33:42 +0200 Florian wrote: FF> I noticed that snmp_sess_synch_response() *sometimes* (not FF> always) frees the "netsnmp_pdu *pdu" argument passed to it when FF> returning STAT_ERROR. For example: FF> FF> snmp_sess_session() == NULL -> pdu is not freed FF>

Re: Problems building against MariaDB Connector/C 3.x

On Mon, 16 Oct 2017 18:45:55 +0200 Augusto wrote: AC> The new version of MariaDB C/C (3.x) [1] dropped some AC> header files from install (my_global.h for instance), now AC> mainly relying just on mysql.h. AC> AC> This change causes a build error on net-snmp mysql/mariadb AC> module: AC>

Re: Validating correct OID for SET request

On Tue, 22 Aug 2017 06:42:20 + Madhusudhana wrote: MR> I am implementing SET request and I have varbind of type OBJECT MR> ID for which an object ID can be set as a value. My query is MR> how can I validate a correct object id. Currently, I am able MR> to give an invalid object ID

Re: Aren't completed short OIDs in tables wrong?

On Thu, 31 Aug 2017 17:54:05 +0200 Ignacy wrote: IG> I've come across a problem that has been traced down to the way IG> the table helper handlers are processing OIDs. IG> IG> I have a table indexed by a MacAddress. If I pass a short OID, IG> i.e. one that has less bytes than required IG> (say,

Re: SNMP Trap not working

On Tue, 8 Aug 2017 20:42:39 + Michael wrote: MS> This is my first time working with SNMP, but after reading the MS> SNMP pages I'm still having trouble getting a simple shell MS> script to run when receiving a trap. Did you resolve this issue? MS> Now it seems that the trap does get logged,

Re: RFC 7860 support in net-snmp

On Fri, 14 Jul 2017 07:52:05 + Marek wrote: MJ> When can we expect support of RFC 7860 in Net-SNMP? MJ> I read on different forums that version 5.8 is going to support MJ> it but did find any date when it will be released. We hope to start with 5.8 pre-release in the very near future...

Re: DTLS/TLS Support

On Tue, 19 Sep 2017 19:48:01 -0500 M. wrote: MWT> I'm working on a project using net-snmp with DTLS and would MWT> like to know the plans for DTLS support going forward. It is MWT> my understanding that SNMP using TLS/DLTS is the path forward MWT> but there isn't much information regarding a time

Net-SNMP 5.4.5.pre2 released

Progress has been made once again on the upcoming 5.4.5 release. Pre2 is now available. https://sourceforge.net/projects/net-snmp/files/5.4.5-pre-releases/ -- Developer Access Program for Intel Xeon Phi

Re: Where should NETSNMP_FEATURE_REMOVE_LOGGING_SYSLOG be defined?

On Fri, 2 Dec 2016 13:15:26 + Moreno wrote: MF> Hello, MF> MF> I want to switch off all the parts of the code that are under MF> #ifndef NETSNMP_FEATURE_REMOVE_LOGGING_SYSLOG because I don't MF> have openlog() syslog() and closelog() on my platform. MF> MF> I didn't find the usual switch in

Re: Change snmptrapd user

On Fri, 25 Nov 2016 08:00:30 -0500 (EST) Josef wrote: JR> Hi, is there some way how to edit snmptrapd user (change user's JR> password etc)? Something like snmpusm that is used for editing JR> snmpd users? You should be able to use snmpusm and specify -n snmptrapd to edit snmptrapd's usm user

Re: Adding user failed if the user name with special character

On Tue, 22 Nov 2016 19:26:50 + cai wrote: CA> But I found, when I include some special letters like dash or CA> underscore in user name, it will failed to show correct user CA> in /var/net-snmp/snmpd.conf. For example, when user name is CA> "testsnmp-1", then result is: CA> CA> usmUser 1 3

  1   2   3   4   5   6   7   8   9   10   >