Delayed engineid probing broke things for some cases from 5.2 and
beyond. I've just fixed this in main (5.3) but won't apply the patch
till after Monday for the 5.2 tree.
The one thing that I know is broken without this is snmptrap when
sending authenticated (or above) SNMPv3 traps.
Index: snmplib/snmp_api.c
===================================================================
RCS file: /cvsroot/net-snmp/net-snmp/snmplib/snmp_api.c,v
retrieving revision 5.91
diff -u -p -r5.91 snmp_api.c
--- snmplib/snmp_api.c 16 Nov 2005 15:10:19 -0000 5.91
+++ snmplib/snmp_api.c 30 Nov 2005 21:04:59 -0000
@@ -1439,6 +1439,13 @@ _sess_open(netsnmp_session * in_session)
snmp_sess_close(slp);
return 0;
}
+ if (create_user_from_session(slp->session) != SNMPERR_SUCCESS) {
+ in_session->s_snmp_errno = SNMPERR_UNKNOWN_USER_NAME; /* XX?? */
+ DEBUGMSGTL(("snmp_api",
+ "_sess_open(): failed(2) to create a new user from
session\n"));
+ return 0;
+ }
+
session->flags &= ~SNMP_FLAGS_DONT_PROBE;
@@ -1571,6 +1578,12 @@ snmp_sess_add_ex(netsnmp_session * in_se
snmp_sess_close(slp);
slp = NULL;
}
+ if (create_user_from_session(slp->session) != SNMPERR_SUCCESS) {
+ slp->session->s_snmp_errno = SNMPERR_UNKNOWN_USER_NAME;
+ DEBUGMSGTL(("snmp_api",
+ "_sess_open(): failed(2) to create a new user from
session\n"));
+ return 0;
+ }
}
return (void *) slp;
@@ -1626,6 +1639,18 @@ create_user_from_session(netsnmp_session
u_char *cp;
/*
+ * - don't create-another/copy-into user for this session by default
+ * - bail now (no error) if we don't have an engineID
+ */
+ if (SNMP_FLAGS_USER_CREATED == (session->flags & SNMP_FLAGS_USER_CREATED)
||
+ session->securityModel != SNMP_SEC_MODEL_USM ||
+ session->version != SNMP_VERSION_3 ||
+ session->securityEngineIDLen == 0)
+ return SNMPERR_SUCCESS;
+
+ session->flags |= SNMP_FLAGS_USER_CREATED;
+
+ /*
* now that we have the engineID, create an entry in the USM list
* for this user using the information in the session
*/
@@ -4711,6 +4743,16 @@ _sess_async_send(void *sessp,
return 0; /* s_snmp_errno already set */
}
+ /*
+ * check to see if we need to create a v3 user from the session info
+ */
+ if (create_user_from_session(session) != SNMPERR_SUCCESS) {
+ session->s_snmp_errno = SNMPERR_UNKNOWN_USER_NAME; /* XX?? */
+ DEBUGMSGTL(("snmp_api",
+ "snmp_sess_open(): failed(2) to create a new user from
session\n"));
+ return 0;
+ }
+
if ((pktbuf = malloc(2048)) == NULL) {
DEBUGMSGTL(("sess_async_send",
"couldn't malloc initial packet buffer\n"));
Index: include/net-snmp/library/snmp_api.h
===================================================================
RCS file: /cvsroot/net-snmp/net-snmp/include/net-snmp/library/snmp_api.h,v
retrieving revision 5.14
diff -u -p -r5.14 snmp_api.h
--- include/net-snmp/library/snmp_api.h 30 Aug 2005 00:24:45 -0000 5.14
+++ include/net-snmp/library/snmp_api.h 30 Nov 2005 21:04:59 -0000
@@ -394,7 +394,8 @@ typedef struct request_list {
#define SNMP_DETAIL_SIZE 512
-#define SNMP_FLAGS_DONT_PROBE 0x100 /* don't probe for an engineID
*/
+#define SNMP_FLAGS_USER_CREATED 0x200 /* USM user has been created */
+#define SNMP_FLAGS_DONT_PROBE 0x100 /* don't probe for an engineID */
#define SNMP_FLAGS_STREAM_SOCKET 0x80
#define SNMP_FLAGS_LISTENING 0x40 /* Server stream sockets only */
#define SNMP_FLAGS_SUBSESSION 0x20
--
Wes Hardaker
Sparta, Inc.
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
