Bug#958036: nut-snmp: SNMPv3 with privacy method "AES" fails to communicate with UPS
Confirmed, version 2.8.0 from unstable properly connects to the UPS with AES. I see a bunch of new errors ("unhandled ASN 0x81 received”) but the ups connection seems working (I get the right output with upsc). Thanks! > On Oct 21, 2022, at 3:22 PM, Laurent Bigonville wrote: > > On Fri, 17 Apr 2020 12:32:15 -0400 Wilfried Teiken wrote: > > > > > Dear Maintainer, > > Hello Wilfried, > > > > > when configuring SNMP as v3 with privacy enabled and "privProtocol = AES" in > > /etc/nut/ups.conf for the UPS then the communication with the UPS will fail. > > > > The sympton is that on startup the driver will report: > > - "Unknown mibs value: apcc" (with "mibs = apcc") > > - "No supported device detected" (with "mibs = auto" > > > > Communication with "privProtocol = DES" works if the SNMP endpoint is > > configured > > accordingly, so this only affects the "AES" setting. > > > > The underlying root cause is a length issue for the 'usmAESPrivProtocol' > > oid value, causing the wrong privacy string being passed into the net-snmp > > library caused by a #define that is leading to a sizeof() with a pointer > > instead of the oid array. > > > > See attached patch for a fix. > > Could you please tell me if you are still experiencing this issue with the > version 2.8.0 that is currently in debian unstable? > > I can see that the code to detect usmAESPrivProtocol/usmAES128PrivProtocol > availability has changed. > > Also, in the build logs of version 2.7.14, I can see the compiler complain > about the size of these types, while this warning is not present in version > 2.8.0 > > I think that this is now fixed. > > Could you please confirm? > > Kind regards, > > Laurent Bigonville >
Bug#958036: nut-snmp: SNMPv3 with privacy method "AES" fails to communicate with UPS
On Fri, 17 Apr 2020 12:32:15 -0400 Wilfried Teiken wrote: > > Dear Maintainer, Hello Wilfried, > > when configuring SNMP as v3 with privacy enabled and "privProtocol = AES" in > /etc/nut/ups.conf for the UPS then the communication with the UPS will fail. > > The sympton is that on startup the driver will report: > - "Unknown mibs value: apcc" (with "mibs = apcc") > - "No supported device detected" (with "mibs = auto" > > Communication with "privProtocol = DES" works if the SNMP endpoint is configured > accordingly, so this only affects the "AES" setting. > > The underlying root cause is a length issue for the 'usmAESPrivProtocol' > oid value, causing the wrong privacy string being passed into the net-snmp > library caused by a #define that is leading to a sizeof() with a pointer > instead of the oid array. > > See attached patch for a fix. Could you please tell me if you are still experiencing this issue with the version 2.8.0 that is currently in debian unstable? I can see that the code to detect usmAESPrivProtocol/usmAES128PrivProtocol availability has changed. Also, in the build logs of version 2.7.14, I can see the compiler complain about the size of these types, while this warning is not present in version 2.8.0 I think that this is now fixed. Could you please confirm? Kind regards, Laurent Bigonville
Bug#958036: nut-snmp: SNMPv3 with privacy method "AES" fails to communicate with UPS
Package: nut Version: 2.7.4-8 Severity: normal Tags: patch upstream Dear Maintainer, when configuring SNMP as v3 with privacy enabled and "privProtocol = AES" in /etc/nut/ups.conf for the UPS then the communication with the UPS will fail. The sympton is that on startup the driver will report: - "Unknown mibs value: apcc" (with "mibs = apcc") - "No supported device detected" (with "mibs = auto" Communication with "privProtocol = DES" works if the SNMP endpoint is configured accordingly, so this only affects the "AES" setting. The underlying root cause is a length issue for the 'usmAESPrivProtocol' oid value, causing the wrong privacy string being passed into the net-snmp library caused by a #define that is leading to a sizeof() with a pointer instead of the oid array. See attached patch for a fix. -- System Information: Debian Release: 10.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: armhf (armv7l) Kernel: Linux 4.19.115-clearfog (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages nut depends on: ii nut-client 2.7.4-8 ii nut-server 2.7.4-8 nut recommends no packages. nut suggests no packages. -- no debconf information --- .pc/snmp-v3-aes-patch/drivers/snmp-ups.c2020-04-17 02:48:13.0 -0400 +++ drivers/snmp-ups.c 2020-04-17 02:48:13.0 -0400 @@ -56,11 +56,6 @@ #include "eaton-ats-mib.h" #include "apc-ats-mib.h" -/* Address API change */ -#ifndef usmAESPrivProtocol -#define usmAESPrivProtocol usmAES128PrivProtocol -#endif - static mib2nut_info_t *mib2nut[] = { , ,