On 25/01/2008, Karthick Babu <[EMAIL PROTECTED]> wrote: > RFC 3414, section 3.2 (Processing an Incoming SNMP Message), > point no. 6 says as follows :
> If the authentication module returns failure, then ... > ..... an error indication (authenticationFailure) > together with the OID and value of the incremented counter is > returned to the calling module. > In the above statement, does 'error indication' means sending the 'report > pdu' or the 'authentication failure trap' to the calling module? No. Neither of these. Remember that RFC 3414 is describing the User-based Security Model, so *everything* in this document is concerned with the service primitives 'processIncomingMsg()' (section 2.5.2) and 'generateRequestMsg()/generateResponseMsg() (section 2.5.1). When it talks about returning an error indication to the calling module, this is effectively equivalent to the return value of these conceptual function calls. The "calling module" here is the next level up of the overall SNMP processing engine - in this case, the Message Processing Module. It's this MPM stage that is responsible for generating the report PDU - not the Security Subsystem itself. See RFC3411 for how all this stuff fits together (esp. section 4.4), and RFC 3412 for the SNMPv3 Message Processing Module (e.g. section 7.2, step 6, for incoming messages). Dave ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
