Hi all, I came across a bug while testing access view for IPv6. Basically the following line in snmpd.conf will not work right:
com2sec6 public6_comm 3ffe:80c0:22c:cafe:211:43ff:fedb:7876 public6
The reason for that is that the string allocated for the source address in com2sec function is not large enough:
void
netsnmp_udp6_parse_security(const char *token, char *param)
{
char secName[VACMSTRINGLEN];
char contextName[VACMSTRINGLEN];
char community[VACMSTRINGLEN];
char source[VACMSTRINGLEN];
The sizeof source is 34 since VACMSTRINGLEN is 34. However source may be up to 55 in length (the length required for the example is 39). This causes the parsing of the address to fail despite the fact that this is a valid IPv6 address.
When I added the following fix to my private tree:
#define IPV6_STRING_LEN 55
void
netsnmp_udp6_parse_security(const char *token, char *param)
{
char secName[VACMSTRINGLEN];
char contextName[VACMSTRINGLEN];
char community[VACMSTRINGLEN];
char source[IPV6_STRING_LEN]; // char source[VACMSTRINGLEN];
Everything works as expected. I do not have access to the CVS tree so I hope one of the developers can put the fix to the repository.
The same fix fixes both rocommunity6 and rwcommunity6 since it used the same parsing mechanism.
Thanks,
Shuki Sasson
Principal Engineer, Network Storage Group
EMC²
where information lives
Fax: 508 305 9026
Phone: 508 305 8515
Cell: 617 834 4258
Pager: 877 919 0794
Email: [EMAIL PROTECTED]
