On Tue, Oct 30, 2018 at 11:31:59PM +0000, Roedersheimer, Drew A. wrote:
> > From: Denis Hainsworth <denis.hainswo...@gmail.com> 
> > Sent: Tuesday, October 30, 2018 7:57 AM
> > To: net-snmp-coders@lists.sourceforge.net
> > Subject: EXTERNAL: Re: 5.7.3 | snmptrap not populating EngineBoots or 
> > EngineTime for snmp v3 traps
> >
> > Just a note to anyone that might run into this.  I was interested in all 
> > the 
> > evidence that snmptrap/d used to process boots/time correctly for v3 and so 
> > built
> > 5.1.4.2 and found that snmptrap in that version does in fact correctly set 
> > boots/time
> > based on the -Z command line argument and if -Z is not used it does use 
> > uptime as coded.
> >
> > I also confirmed that snmptrapd from 5.1.4.2 actually checks those values 
> > while 5.7.3
> > does not which is probably why most people dont care because they are 
> > probably using both
> > binaries so even if snmptrap isnt setting the values snmptrapd is ignoring 
> > them anyway so
> > it just works.
> >
> > No clue yet when it broke or how easy it might be to fix.
> >
> > -denis
> 
> 
> This interested me for selfish reasons, so I investigated it.  It appears 
> that the local cache
> of SNMP engine ID/boot/time is not getting updated from the switches supplied 
> at the command
> line.  When the message is sent out, there is no entry in the cache, so 
> default values of 0
> are used.
> 
> I have pinned down the regression to this commit:
> 
> commit 0dd182f682b6f6cbb18b948718238750ca3404e4
> Author: Robert Story <rst...@users.sourceforge.net>
> Date:   Thu Jun 2 23:14:07 2005 +0000
> 
>     delay SNMPv3 EngineID probe until needed
> 
> 
> 
> I have also tested a patch for this that seems to work.  I'd be interested in 
> the developers'
> opinions, as I'm not sure this is the best location for the fix or if I 
> missed something.
> 
> Patch is against v5.8:
> 
> diff -urN old-5.8/apps/snmptrap.c new-5.8/apps/snmptrap.c
> --- old-5.8/apps/snmptrap.c     2018-07-16 09:33:40.000000000 -0500
> +++ new-5.8/apps/snmptrap.c     2018-10-30 18:25:26.652014237 -0500
> @@ -214,6 +214,9 @@
>              session.engineBoots = 1;
>          if (session.engineTime == 0)    /* not really correct, */
>              session.engineTime = get_uptime();  /* but it'll work. Sort of. 
> */
> +
> +        set_enginetime(session.securityEngineID, session.securityEngineIDLen,
> +                       session.engineBoots, session.engineTime, TRUE);
>      }
> 
>      ss = snmp_add(&session,
> 
> 
> 
> 
> Denis: can you easily test this patch with your system?

Thanks Drew!  Yeah it seems fix  snmptrap which was my primary
concern.   
-denis


_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to