On Fri, Sep 13, 2019 at 12:58 AM Krishna Chaitanya <chaitanya.m...@gmail.com> wrote: > > Hi Guys, > > I am facing the exact problem > https://sourceforge.net/p/net-snmp/mailman/message/19231076/ > > I am using authPriv, snmpd says USM processing completed, user > verified, but when trying to process scopedPDU it fails with "ASN.1 > parse error" Any ideas? > > If I give EngineID and Credentials, Wireshark is able to decrypt the > packet and display as getBulkRequest with proper OIDs. > Logs: > > dumph_recv: SNMP Version 02 01 03 Integer: 3 (0x03) > dumph_recv: SNMPv3 Message > dumph_recv: SNMP Version Number 02 01 03 Integer: 3 (0x03) > dumph_recv: msgGlobalData > dumph_recv: msgID 02 04 32 93 78 21 Integer: > 848525345 (0x32937821) > dumph_recv: msgMaxSize 02 03 00 FF E3 Integer: 65507 > (0xFFE3) > dumph_recv: msgFlags 04 01 07 String: . > dumph_recv: msgSecurityModel 02 01 03 Integer: 3 (0x03) > dumph_recv: SM msgSecurityParameters > usm: USM processing begun... > dumph_recv: msgAuthoritativeEngineID ################# > dumph_recv: msgAuthoritativeEngineBoots ####### > dumph_recv: msgAuthoritativeEngineTime ######### > dumph_recv: msgUserName ####### > dumph_recv: msgAuthenticationParameters ########### > dumph_recv: msgPrivacyParameters ########## > usm: match on user privUser > usm: Verification succeeded. > usm: USM processing completed. > dumph_recv: ScopedPDU > snmp_parse: Parsed SNMPv3 message (secName:privUser, > secLevel:authPriv): ASN.1 parse error in message > > Any help is appreciated. > The wireshark reports "Data not conforming to RFC3411", there was a bug in earlier version, but even the latest version says this, so, probably something wrong with ASN.1 format? It expects the EngineID to be 8 bytes (after removing the 5 bytes of enterprise + 5th octet) for NET-SNMP enterprise, but its actually 12 bytes? 04 11 80 00 1F 88 80 D2 F2 6E 14 8C 5F 4C 5D 00 (random + time)
If I configure a custom engineId in snmpd.conf, then the wireshark error is gone, but the issue of ASN.1 error still persists. 04 0C 80 00 1f 88 04 22 68 65 6c 6c 6f 22 ("hello") _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders