Package: libsnmp30 Version: 5.7.2.1~dfsg-7 Severity: normal Tags: upstream patch
Hi, When using SNMPv3 with USM, libsnmp30 ignores the given securityEngineID, and always probes (unless myabe if you set the seemingly internal flag SNMP_DONT_PROBE at a strategic point in time). Worse, this is done synchronously even if the client asked for asynchronous operation (https://sourceforge.net/p/net-snmp/bugs/2310/). This used to work in the version in wheezy (5.4.3), but seemingly got broken in some refactoring to support multiple security models. The patch is simple: --- net-snmp-5.7.2.1~dfsg.orig/snmplib/snmpusm.c +++ net-snmp-5.7.2.1~dfsg/snmplib/snmpusm.c @@ -3126,6 +3126,11 @@ int usm_discover_engineid(void *slpv, ne int status, i; struct session_list *slp = (struct session_list *) slpv; + if (slp->session->securityEngineIDLen != 0) { + DEBUGMSGTL(("snmp_api", "engineID already known, skipping probe\n")); + return SNMPERR_SUCCESS; + } + if (usm_build_probe_pdu(&pdu) != 0) { DEBUGMSGTL(("snmp_api", "unable to create probe PDU\n")); return SNMP_ERR_GENERR; -- System Information: Debian Release: 7.6 APT prefers stable APT policy: (750, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.3 (SMP w/40 CPU cores) Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libsnmp30 depends on: ii libc6 2.13-38+deb7u4 ii libpci3 1:3.1.9-6 ii libperl5.14 5.14.2-21+deb7u1 ii libsensors4 1:3.3.2-2+deb7u1 ii libsnmp-base 5.7.2.1~dfsg-7 ii libssl1.0.0 1.0.1e-2+deb7u13 ii libwrap0 7.6.q-24 ii multiarch-support 2.13-38+deb7u4 libsnmp30 recommends no packages. libsnmp30 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
