Hi all We are using net-snmp 5.7.2.1 on Solaris and I have compiled Net-SNMP with TLS and DTLS Support # ./configure --with-security-modules=tsm --with-transports=TLSTCP,DTLSUDP
And while testing, I ran the server snmpd dtlsudp:10161 But when I do a snmpget in the client, got following error. snmpget -v3 -l authPriv -T our_identity=13:5D:66:3D:96:05:B2:FB:B8:E7:EA:0D:32:C6:39:5D:07:7A:CA:F9 -T their_identity=FF:24:CE:70:84:D8:DF:57:3D:AF:2C:A2:2E:04:BE:0B:A1:E8:F2:10 dtlsudp:localhost:10161 sysContact.0 failed to send a DTLS specific packet tsm: needed to free transport data failed to send a DTLS specific packet tsm: needed to free transport data tsm: needed to free transport data tsm: needed to free transport data tsm: needed to free transport data failed rfc5343 contextEngineID probing snmpget: Timeout (Error 0) Then I have root-caused the issue and the reason for this failure is client will "connect" to the udp socket and then tries to send data by using sendto or sendmsg. Sendto and sendmsg are not able to send the data when the udp socket is in connected mode and the destination address is specified and return the error EISCONN(A destination address was specified and the socket is already connected) as per the man page. Trace of connect-sendmsg connect(5, 0xFFFF80D8303A8D20, 16, SOV_XPG4_2) = 0 sendmsg(5, 0xFFFF80D8303857F0, 33408) Err#133 EISCONN Trace of connect-sendto connect(5, 0xFFFF80D420661790, 16, SOV_XPG4_2) = 0 sendto(5, 0xFFFF80D42064E3B0, 192, 32768, 0x1C63196E0, 16) Err#133 EISCONN The connect got called in the function netsnmp_dtlsudp6_transport(net-snmp-5.7.2.1/snmplib/transports/snmpDTLSUDPDomain.c) 1472 1473 if (!local) { 1474 /* dtls needs to bind the socket for SSL_write to work */ 1475 if (connect(t->sock, (struct sockaddr *) addr, sizeof(*addr)) == -1) 1476 snmp_log(LOG_ERR, "dtls: failed to connect\n"); 1477 } 1478 And sendmsg or sendto got called in the function netsnmp_udpbase_send(net-snmp-5.7.2.1/snmplib/transports/snmpUDPBaseDomain.c) #ifdef netsnmp_udpbase_recvfrom_sendto_defined 340 rc = netsnmp_udp_sendto(t->sock, 341 addr_pair ? &(addr_pair->local_addr.sin.sin_addr) : NULL, 342 addr_pair ? addr_pair->if_index : 0, to, buf, size); 343#else 344 rc = sendto(t->sock, buf, size, 0, to, sizeof(struct sockaddr)); 345#endif /* netsnmp_udpbase_recvfrom_sendto_defined */ Could you please provide your input on this whether its a bug or not, and how to fix this issue. Thank You Vishwas ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders