On 2021/08/09 12:14, Martijn van Duren wrote: > CVSROOT: /cvs > Module name: src > Changes by: mart...@cvs.openbsd.org 2021/08/09 12:14:53 > > Modified files: > usr.sbin/snmpd : parse.y snmpd.c snmpd.conf.5 snmpd.h snmpe.c > util.c > > Log message: > Allow setting the engineid. > > The previous engineid was based aronud the engine boottime and a random > value, which gives problems when sending/receiving unacknowledged PDUs > (trapv2) over SNMPv3 with authentication enabled, which need a consistent > engineid across restarts to determine the correct user from the sender. > > The new default engineid takes a sha256 hash (chosen for its longer output) > of gethostname(3) and places the first 27 bytes after the new format number > 129. This should give us a very low probability of collisions, assuming > all machines have a unique name.
what happens if there's a collision? i'm not sure it's safe to assume unique names. > The other formats as specified in SNMP-FRAMEWORK-MIB (RFC3411) are also > supported as well as arbitrary formats in the range 128-255 for other > private enterprise numbers in hex format. > > OK jmatthew@ >
