It was pointed out to me that the following statement sounds a) like a problem and b) only applies in the case where a securityEngineID actually exists (IE, USM only).
The patch below fixes this by: a) changing the warning to be more of a note b) only printing it if USM is in use (yes, it's only debugging statement but someone was confused by it) diff --git a/net-snmp/snmplib/snmp_api.c b/net-snmp/snmplib/snmp_api.c index 0451ae6..9c7990f 100644 --- a/net-snmp/snmplib/snmp_api.c +++ b/net-snmp/snmplib/snmp_api.c @@ -4911,11 +4911,12 @@ snmpv3_scopedPDU_parse(netsnmp_pdu *pdu, u_char * cp, size_t * length) * check that it agrees with engineID returned from USM above * * only a warning because this could be legal if we are a proxy */ - if (pdu->securityEngineIDLen != pdu->contextEngineIDLen || - memcmp(pdu->securityEngineID, pdu->contextEngineID, - pdu->securityEngineIDLen) != 0) { + if (pdu->securityModel == NETSNMP_SECMOD_USM && + (pdu->securityEngineIDLen != pdu->contextEngineIDLen || + memcmp(pdu->securityEngineID, pdu->contextEngineID, + pdu->securityEngineIDLen) != 0)) { DEBUGMSGTL(("scopedPDU_parse", - "inconsistent engineID information in message\n")); + "Note: security and context engineIDs differ\n")); } /* -- Wes Hardaker Please mail all replies to net-snmp-coders@lists.sourceforge.net ------------------------------------------------------------------------------ This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders