It was pointed out to me that the following statement sounds
a) like a problem and
b) only applies in the case where a securityEngineID actually exists
(IE, USM only).
The patch below fixes this by:
a) changing the warning to be more of a note
b) only printing it if USM is in use
(yes, it's only debugging statement but someone was confused by it)
diff --git a/net-snmp/snmplib/snmp_api.c b/net-snmp/snmplib/snmp_api.c
index 0451ae6..9c7990f 100644
--- a/net-snmp/snmplib/snmp_api.c
+++ b/net-snmp/snmplib/snmp_api.c
@@ -4911,11 +4911,12 @@ snmpv3_scopedPDU_parse(netsnmp_pdu *pdu, u_char * cp,
size_t * length)
* check that it agrees with engineID returned from USM above
* * only a warning because this could be legal if we are a proxy
*/
- if (pdu->securityEngineIDLen != pdu->contextEngineIDLen ||
- memcmp(pdu->securityEngineID, pdu->contextEngineID,
- pdu->securityEngineIDLen) != 0) {
+ if (pdu->securityModel == NETSNMP_SECMOD_USM &&
+ (pdu->securityEngineIDLen != pdu->contextEngineIDLen ||
+ memcmp(pdu->securityEngineID, pdu->contextEngineID,
+ pdu->securityEngineIDLen) != 0)) {
DEBUGMSGTL(("scopedPDU_parse",
- "inconsistent engineID information in message\n"));
+ "Note: security and context engineIDs differ\n"));
}
/*
--
Wes Hardaker
Please mail all replies to net-snmp-coders@lists.sourceforge.net
------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:
Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
