Compare commits
No commits in common. "c8" and "imports/c8s/net-snmp-5.8-21.el8" have entirely different histories.
c8
...
imports/c8
@ -1,163 +0,0 @@
|
||||
From 9a0cd7c00947d5e1c6ceb54558d454f87c3b8341 Mon Sep 17 00:00:00 2001
|
||||
From: Bill Fenner <fenner@gmail.com>
|
||||
Date: Tue, 24 Aug 2021 07:55:00 -0700
|
||||
Subject: [PATCH] CHANGES: snmpd: recover SET status from delegated request
|
||||
|
||||
Reported by: Yu Zhang of VARAS@IIE, Nanyu Zhong of VARAS@IIE
|
||||
Fixes by: Arista Networks
|
||||
|
||||
When a SET request includes a mix of delegated and
|
||||
non-delegated requests (e.g., objects handled by master
|
||||
agent and agentx sub-agent), the status can get lost while
|
||||
waiting for the reply from the sub-agent. Recover the status
|
||||
into the session from the requests even if it has already
|
||||
been processed.
|
||||
---
|
||||
agent/snmp_agent.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c
|
||||
index 84fbb42b47..095ee70985 100644
|
||||
--- a/agent/snmp_agent.c
|
||||
+++ b/agent/snmp_agent.c
|
||||
@@ -2965,7 +2965,7 @@ netsnmp_check_requests_status(netsnmp_agent_session *asp,
|
||||
if (requests->status != SNMP_ERR_NOERROR &&
|
||||
(!look_for_specific || requests->status == look_for_specific)
|
||||
&& (look_for_specific || asp->index == 0
|
||||
- || requests->index < asp->index)) {
|
||||
+ || requests->index <= asp->index)) {
|
||||
asp->index = requests->index;
|
||||
asp->status = requests->status;
|
||||
}
|
||||
From 67ebb43e9038b2dae6e74ae8838b36fcc10fc937 Mon Sep 17 00:00:00 2001
|
||||
From: Bill Fenner <fenner@gmail.com>
|
||||
Date: Wed, 30 Jun 2021 14:00:28 -0700
|
||||
Subject: [PATCH] CHANGES: snmpd: fix bounds checking in NET-SNMP-AGENT-MIB,
|
||||
NET-SNMP-VACM-MIB, SNMP-VIEW-BASED-ACM-MIB, SNMP-USER-BASED-SM-MIB
|
||||
|
||||
Reported by: Yu Zhang of VARAS@IIE, Nanyu Zhong of VARAS@IIE
|
||||
Fixes by: Arista Networks
|
||||
---
|
||||
agent/mibgroup/agent/nsLogging.c | 6 ++++++
|
||||
agent/mibgroup/agent/nsVacmAccessTable.c | 16 ++++++++++++++--
|
||||
agent/mibgroup/mibII/vacm_vars.c | 3 +++
|
||||
agent/mibgroup/snmpv3/usmUser.c | 2 --
|
||||
4 files changed, 23 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/agent/mibgroup/agent/nsLogging.c b/agent/mibgroup/agent/nsLogging.c
|
||||
index 9abdeb5bb7..7f4290490a 100644
|
||||
--- a/agent/mibgroup/agent/nsLogging.c
|
||||
+++ b/agent/mibgroup/agent/nsLogging.c
|
||||
@@ -147,6 +147,8 @@ handle_nsLoggingTable(netsnmp_mib_handler *handler,
|
||||
continue;
|
||||
logh = (netsnmp_log_handler*)netsnmp_extract_iterator_context(request);
|
||||
table_info = netsnmp_extract_table_info(request);
|
||||
+ if (!table_info || !table_info->indexes)
|
||||
+ continue;
|
||||
|
||||
switch (table_info->colnum) {
|
||||
case NSLOGGING_TYPE:
|
||||
@@ -201,6 +203,8 @@ handle_nsLoggingTable(netsnmp_mib_handler *handler,
|
||||
}
|
||||
logh = (netsnmp_log_handler*)netsnmp_extract_iterator_context(request);
|
||||
table_info = netsnmp_extract_table_info(request);
|
||||
+ if (!table_info || !table_info->indexes)
|
||||
+ continue;
|
||||
|
||||
switch (table_info->colnum) {
|
||||
case NSLOGGING_TYPE:
|
||||
@@ -394,6 +398,8 @@ handle_nsLoggingTable(netsnmp_mib_handler *handler,
|
||||
continue;
|
||||
logh = (netsnmp_log_handler*)netsnmp_extract_iterator_context(request);
|
||||
table_info = netsnmp_extract_table_info(request);
|
||||
+ if (!table_info || !table_info->indexes)
|
||||
+ continue;
|
||||
|
||||
switch (table_info->colnum) {
|
||||
case NSLOGGING_TYPE:
|
||||
diff --git a/agent/mibgroup/agent/nsVacmAccessTable.c b/agent/mibgroup/agent/nsVacmAccessTable.c
|
||||
index cc61fce7e6..6c43210074 100644
|
||||
--- a/agent/mibgroup/agent/nsVacmAccessTable.c
|
||||
+++ b/agent/mibgroup/agent/nsVacmAccessTable.c
|
||||
@@ -170,9 +170,13 @@ nsVacmAccessTable_handler(netsnmp_mib_handler *handler,
|
||||
entry = (struct vacm_accessEntry *)
|
||||
netsnmp_extract_iterator_context(request);
|
||||
table_info = netsnmp_extract_table_info(request);
|
||||
+ if (!table_info || !table_info->indexes)
|
||||
+ continue;
|
||||
|
||||
/* Extract the authType token from the list of indexes */
|
||||
idx = table_info->indexes->next_variable->next_variable->next_variable->next_variable;
|
||||
+ if (idx->val_len >= sizeof(atype))
|
||||
+ continue;
|
||||
memset(atype, 0, sizeof(atype));
|
||||
memcpy(atype, (char *)idx->val.string, idx->val_len);
|
||||
viewIdx = se_find_value_in_slist(VACM_VIEW_ENUM_NAME, atype);
|
||||
@@ -212,6 +216,8 @@ nsVacmAccessTable_handler(netsnmp_mib_handler *handler,
|
||||
entry = (struct vacm_accessEntry *)
|
||||
netsnmp_extract_iterator_context(request);
|
||||
table_info = netsnmp_extract_table_info(request);
|
||||
+ if (!table_info || !table_info->indexes)
|
||||
+ continue;
|
||||
ret = SNMP_ERR_NOERROR;
|
||||
|
||||
switch (table_info->colnum) {
|
||||
@@ -247,6 +253,8 @@ nsVacmAccessTable_handler(netsnmp_mib_handler *handler,
|
||||
* Extract the authType token from the list of indexes
|
||||
*/
|
||||
idx = table_info->indexes->next_variable->next_variable->next_variable->next_variable;
|
||||
+ if (idx->val_len >= sizeof(atype))
|
||||
+ continue;
|
||||
memset(atype, 0, sizeof(atype));
|
||||
memcpy(atype, (char *)idx->val.string, idx->val_len);
|
||||
viewIdx = se_find_value_in_slist(VACM_VIEW_ENUM_NAME, atype);
|
||||
@@ -294,8 +302,10 @@ nsVacmAccessTable_handler(netsnmp_mib_handler *handler,
|
||||
idx = idx->next_variable; model = *idx->val.integer;
|
||||
idx = idx->next_variable; level = *idx->val.integer;
|
||||
entry = vacm_createAccessEntry( gName, cPrefix, model, level );
|
||||
- entry->storageType = ST_NONVOLATILE;
|
||||
- netsnmp_insert_iterator_context(request, (void*)entry);
|
||||
+ if (entry) {
|
||||
+ entry->storageType = ST_NONVOLATILE;
|
||||
+ netsnmp_insert_iterator_context(request, (void*)entry);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -321,6 +331,8 @@ nsVacmAccessTable_handler(netsnmp_mib_handler *handler,
|
||||
|
||||
/* Extract the authType token from the list of indexes */
|
||||
idx = table_info->indexes->next_variable->next_variable->next_variable->next_variable;
|
||||
+ if (idx->val_len >= sizeof(atype))
|
||||
+ continue;
|
||||
memset(atype, 0, sizeof(atype));
|
||||
memcpy(atype, (char *)idx->val.string, idx->val_len);
|
||||
viewIdx = se_find_value_in_slist(VACM_VIEW_ENUM_NAME, atype);
|
||||
diff --git a/agent/mibgroup/mibII/vacm_vars.c b/agent/mibgroup/mibII/vacm_vars.c
|
||||
index 469a1eba59..62c9a3d051 100644
|
||||
--- a/agent/mibgroup/mibII/vacm_vars.c
|
||||
+++ b/agent/mibgroup/mibII/vacm_vars.c
|
||||
@@ -997,6 +997,9 @@ access_parse_oid(oid * oidIndex, size_t oidLen,
|
||||
return 1;
|
||||
}
|
||||
groupNameL = oidIndex[0];
|
||||
+ if ((groupNameL + 1) > (int) oidLen) {
|
||||
+ return 1;
|
||||
+ }
|
||||
contextPrefixL = oidIndex[groupNameL + 1]; /* the initial name length */
|
||||
if ((int) oidLen != groupNameL + contextPrefixL + 4) {
|
||||
return 1;
|
||||
diff --git a/agent/mibgroup/snmpv3/usmUser.c b/agent/mibgroup/snmpv3/usmUser.c
|
||||
index 0f52aaba49..0edea53cfb 100644
|
||||
--- a/agent/mibgroup/snmpv3/usmUser.c
|
||||
+++ b/agent/mibgroup/snmpv3/usmUser.c
|
||||
@@ -1505,8 +1505,6 @@ write_usmUserStatus(int action,
|
||||
if (usmStatusCheck(uptr)) {
|
||||
uptr->userStatus = RS_ACTIVE;
|
||||
} else {
|
||||
- SNMP_FREE(engineID);
|
||||
- SNMP_FREE(newName);
|
||||
return SNMP_ERR_INCONSISTENTVALUE;
|
||||
}
|
||||
} else if (long_ret == RS_CREATEANDWAIT) {
|
||||
|
||||
@ -1,129 +0,0 @@
|
||||
From 4589352dac3ae111c7621298cf231742209efd9b Mon Sep 17 00:00:00 2001
|
||||
From: Bill Fenner <fenner@gmail.com>
|
||||
Date: Fri, 25 Nov 2022 08:41:24 -0800
|
||||
Subject: [PATCH 1/3] snmp_agent: disallow SET with NULL varbind
|
||||
|
||||
---
|
||||
agent/snmp_agent.c | 32 ++++++++++++++++++++++++++++++++
|
||||
1 file changed, 32 insertions(+)
|
||||
|
||||
diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c
|
||||
index 867d0c166f..3f678fe2df 100644
|
||||
--- a/agent/snmp_agent.c
|
||||
+++ b/agent/snmp_agent.c
|
||||
@@ -3719,12 +3719,44 @@ netsnmp_handle_request(netsnmp_agent_session *asp, int status)
|
||||
return 1;
|
||||
}
|
||||
|
||||
+static int
|
||||
+check_set_pdu_for_null_varbind(netsnmp_agent_session *asp)
|
||||
+{
|
||||
+ int i;
|
||||
+ netsnmp_variable_list *v = NULL;
|
||||
+
|
||||
+ for (i = 1, v = asp->pdu->variables; v != NULL; i++, v = v->next_variable) {
|
||||
+ if (v->type == ASN_NULL) {
|
||||
+ /*
|
||||
+ * Protect SET implementations that do not protect themselves
|
||||
+ * against wrong type.
|
||||
+ */
|
||||
+ DEBUGMSGTL(("snmp_agent", "disallowing SET with NULL var for varbind %d\n", i));
|
||||
+ asp->index = i;
|
||||
+ return SNMP_ERR_WRONGTYPE;
|
||||
+ }
|
||||
+ }
|
||||
+ return SNMP_ERR_NOERROR;
|
||||
+}
|
||||
+
|
||||
int
|
||||
handle_pdu(netsnmp_agent_session *asp)
|
||||
{
|
||||
int status, inclusives = 0;
|
||||
netsnmp_variable_list *v = NULL;
|
||||
|
||||
+#ifndef NETSNMP_NO_WRITE_SUPPORT
|
||||
+ /*
|
||||
+ * Check for ASN_NULL in SET request
|
||||
+ */
|
||||
+ if (asp->pdu->command == SNMP_MSG_SET) {
|
||||
+ status = check_set_pdu_for_null_varbind(asp);
|
||||
+ if (status != SNMP_ERR_NOERROR) {
|
||||
+ return status;
|
||||
+ }
|
||||
+ }
|
||||
+#endif /* NETSNMP_NO_WRITE_SUPPORT */
|
||||
+
|
||||
/*
|
||||
* for illegal requests, mark all nodes as ASN_NULL
|
||||
*/
|
||||
|
||||
From 7f4ac4051cc7fec6a5944661923acb95cec359c7 Mon Sep 17 00:00:00 2001
|
||||
From: Bill Fenner <fenner@gmail.com>
|
||||
Date: Fri, 25 Nov 2022 08:41:46 -0800
|
||||
Subject: [PATCH 2/3] apps: snmpset: allow SET with NULL varbind for testing
|
||||
|
||||
---
|
||||
apps/snmpset.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/apps/snmpset.c b/apps/snmpset.c
|
||||
index 48e14bd513..d542713e1b 100644
|
||||
--- a/apps/snmpset.c
|
||||
+++ b/apps/snmpset.c
|
||||
@@ -182,6 +182,7 @@ main(int argc, char *argv[])
|
||||
case 'x':
|
||||
case 'd':
|
||||
case 'b':
|
||||
+ case 'n': /* undocumented */
|
||||
#ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES
|
||||
case 'I':
|
||||
case 'U':
|
||||
|
||||
From 15f9d7f7e5b90c9b419832ed8e6413feb6570d83 Mon Sep 17 00:00:00 2001
|
||||
From: Bill Fenner <fenner@gmail.com>
|
||||
Date: Fri, 25 Nov 2022 10:23:32 -0800
|
||||
Subject: [PATCH 3/3] Add test for NULL varbind set
|
||||
|
||||
---
|
||||
.../default/T0142snmpv2csetnull_simple | 31 +++++++++++++++++++
|
||||
1 file changed, 31 insertions(+)
|
||||
create mode 100644 testing/fulltests/default/T0142snmpv2csetnull_simple
|
||||
|
||||
diff --git a/testing/fulltests/default/T0142snmpv2csetnull_simple b/testing/fulltests/default/T0142snmpv2csetnull_simple
|
||||
new file mode 100644
|
||||
index 0000000000..0f1b8f386b
|
||||
--- /dev/null
|
||||
+++ b/testing/fulltests/default/T0142snmpv2csetnull_simple
|
||||
@@ -0,0 +1,31 @@
|
||||
+#!/bin/sh
|
||||
+
|
||||
+. ../support/simple_eval_tools.sh
|
||||
+
|
||||
+HEADER SNMPv2c set of system.sysContact.0 with NULL varbind
|
||||
+
|
||||
+SKIPIF NETSNMP_DISABLE_SET_SUPPORT
|
||||
+SKIPIF NETSNMP_NO_WRITE_SUPPORT
|
||||
+SKIPIF NETSNMP_DISABLE_SNMPV2C
|
||||
+SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE
|
||||
+
|
||||
+#
|
||||
+# Begin test
|
||||
+#
|
||||
+
|
||||
+# standard V2C configuration: testcomunnity
|
||||
+snmp_write_access='all'
|
||||
+. ./Sv2cconfig
|
||||
+STARTAGENT
|
||||
+
|
||||
+CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0"
|
||||
+
|
||||
+CHECK ".1.3.6.1.2.1.1.4.0 = STRING:"
|
||||
+
|
||||
+CAPTURE "snmpset -On $SNMP_FLAGS -c testcommunity -v 2c $SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 n x"
|
||||
+
|
||||
+CHECK "Reason: wrongType"
|
||||
+
|
||||
+STOPAGENT
|
||||
+
|
||||
+FINISHED
|
||||
|
||||
@ -1,12 +0,0 @@
|
||||
diff -urNp a/local/net-snmp-cert b/local/net-snmp-cert
|
||||
--- a/local/net-snmp-cert 2021-10-11 09:08:53.451970484 +0200
|
||||
+++ b/local/net-snmp-cert 2021-10-11 09:11:36.765386413 +0200
|
||||
@@ -1002,7 +1002,7 @@ sub make_openssl_conf {
|
||||
rdir = .
|
||||
dir = $ENV::DIR
|
||||
RANDFILE = $rdir/.rand
|
||||
-MD = sha1
|
||||
+MD = sha512
|
||||
KSIZE = 2048
|
||||
CN = net-snmp.org
|
||||
EMAIL = admin@net-snmp.org
|
||||
@ -1,41 +0,0 @@
|
||||
diff -up net-snmp-5.8/agent/mibgroup/if-mib/data_access/interface_linux.c.original net-snmp-5.8/agent/mibgroup/if-mib/data_access/interface_linux.c
|
||||
--- net-snmp-5.8/agent/mibgroup/if-mib/data_access/interface_linux.c.original 2022-02-02 15:06:29.382119898 +0900
|
||||
+++ net-snmp-5.8/agent/mibgroup/if-mib/data_access/interface_linux.c 2022-02-02 15:15:39.298280447 +0900
|
||||
@@ -600,7 +600,6 @@ netsnmp_arch_interface_container_load(ne
|
||||
{
|
||||
FILE *devin;
|
||||
char line[256];
|
||||
- netsnmp_interface_entry *entry = NULL;
|
||||
static char scan_expected = 0;
|
||||
int fd;
|
||||
#ifdef NETSNMP_ENABLE_IPV6
|
||||
@@ -669,6 +668,7 @@ netsnmp_arch_interface_container_load(ne
|
||||
* and retrieve (or create) the corresponding data structure.
|
||||
*/
|
||||
while (fgets(line, sizeof(line), devin)) {
|
||||
+ netsnmp_interface_entry *entry = NULL;
|
||||
char *stats, *ifstart = line;
|
||||
u_int flags;
|
||||
oid if_index;
|
||||
@@ -701,6 +701,11 @@ netsnmp_arch_interface_container_load(ne
|
||||
*stats++ = 0; /* null terminate name */
|
||||
|
||||
if_index = netsnmp_arch_interface_index_find(ifstart);
|
||||
+ if (if_index == 0) {
|
||||
+ DEBUGMSGTL(("access:interface", "network interface %s is gone",
|
||||
+ ifstart));
|
||||
+ continue;
|
||||
+ }
|
||||
|
||||
/*
|
||||
* set address type flags.
|
||||
@@ -726,7 +731,7 @@ netsnmp_arch_interface_container_load(ne
|
||||
continue;
|
||||
}
|
||||
|
||||
- entry = netsnmp_access_interface_entry_create(ifstart, 0);
|
||||
+ entry = netsnmp_access_interface_entry_create(ifstart, if_index);
|
||||
if(NULL == entry) {
|
||||
#ifdef NETSNMP_ENABLE_IPV6
|
||||
netsnmp_access_ipaddress_container_free(addr_container, 0);
|
||||
|
||||
@ -1,35 +0,0 @@
|
||||
From 8bb544fbd2d6986a9b73d3fab49235a4baa96c23 Mon Sep 17 00:00:00 2001
|
||||
From: Bart Van Assche <bvanassche@acm.org>
|
||||
Date: Sat, 31 Jul 2021 16:21:16 -0700
|
||||
Subject: [PATCH] Linux: IF-MIB: Fix a memory leak
|
||||
|
||||
The Linux kernel regenerates proc files in their entirety every time a 4 KiB
|
||||
boundary is crossed. This can result in reading the same network interface
|
||||
twice if network information changes while it is being read. Fix a memory
|
||||
leak that can be triggered if /proc/net/dev changes while being read.
|
||||
---
|
||||
agent/mibgroup/if-mib/data_access/interface_linux.c | 10 +++++++++-
|
||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/agent/mibgroup/if-mib/data_access/interface_linux.c b/agent/mibgroup/if-mib/data_access/interface_linux.c
|
||||
index e99360a216..215b30e806 100644
|
||||
--- a/agent/mibgroup/if-mib/data_access/interface_linux.c
|
||||
+++ b/agent/mibgroup/if-mib/data_access/interface_linux.c
|
||||
@@ -921,7 +921,15 @@ netsnmp_arch_interface_container_load(netsnmp_container* container,
|
||||
/*
|
||||
* add to container
|
||||
*/
|
||||
- CONTAINER_INSERT(container, entry);
|
||||
+ if (CONTAINER_INSERT(container, entry) != 0) {
|
||||
+ netsnmp_interface_entry *existing =
|
||||
+ CONTAINER_FIND(container, entry);
|
||||
+ NETSNMP_LOGONCE((LOG_WARNING,
|
||||
+ "Encountered interface with index %" NETSNMP_PRIz "u twice: %s <> %s",
|
||||
+ entry->index, existing ? existing->name : "(?)",
|
||||
+ entry->name));
|
||||
+ netsnmp_access_interface_entry_free(entry);
|
||||
+ }
|
||||
}
|
||||
#ifdef NETSNMP_ENABLE_IPV6
|
||||
netsnmp_access_ipaddress_container_free(addr_container, 0);
|
||||
|
||||
@ -1,25 +0,0 @@
|
||||
From 79f014464ba761e2430cc767b021993ab9379822 Mon Sep 17 00:00:00 2001
|
||||
From: Wes Hardaker <opensource@hardakers.net>
|
||||
Date: Tue, 8 Jan 2019 08:52:29 -0800
|
||||
Subject: [PATCH] NEWS: snmptrap: BUG: 2899: Patch from Drew Roedersheimer to
|
||||
set library engineboots/time values before sending
|
||||
|
||||
---
|
||||
apps/snmptrap.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/apps/snmptrap.c b/apps/snmptrap.c
|
||||
index d16d2fa671..12808d07e4 100644
|
||||
--- a/apps/snmptrap.c
|
||||
+++ b/apps/snmptrap.c
|
||||
@@ -237,6 +237,9 @@ main(int argc, char *argv[])
|
||||
session.engineBoots = 1;
|
||||
if (session.engineTime == 0) /* not really correct, */
|
||||
session.engineTime = get_uptime(); /* but it'll work. Sort of. */
|
||||
+
|
||||
+ set_enginetime(session.securityEngineID, session.securityEngineIDLen,
|
||||
+ session.engineBoots, session.engineTime, TRUE);
|
||||
}
|
||||
|
||||
ss = snmp_add(&session,
|
||||
|
||||
@ -1,38 +0,0 @@
|
||||
diff -up net-snmp-5.7.2/agent/mibgroup/ip-mib/data_access/systemstats_linux.c.rhbz2134359 net-snmp-5.7.2/agent/mibgroup/ip-mib/data_access/systemstats_linux.c
|
||||
--- net-snmp-5.7.2/agent/mibgroup/ip-mib/data_access/systemstats_linux.c.rhbz2134359 2022-10-13 11:10:12.206072210 +0200
|
||||
+++ net-snmp-5.7.2/agent/mibgroup/ip-mib/data_access/systemstats_linux.c 2022-10-13 11:10:40.893111569 +0200
|
||||
@@ -566,6 +566,7 @@ _systemstats_v6_load_systemstats(netsnmp
|
||||
DEBUGMSGTL(("access:systemstats",
|
||||
"Failed to load Systemstats Table (linux1), cannot open %s\n",
|
||||
filename));
|
||||
+ netsnmp_access_systemstats_entry_free(entry);
|
||||
return 0;
|
||||
}
|
||||
|
||||
diff --git a/agent/mibgroup/ucd-snmp/lmsensorsMib.c b/agent/mibgroup/ucd-snmp/lmsensorsMib.c
|
||||
index f709812fdc..ef93eeedc9 100644
|
||||
--- a/agent/mibgroup/ucd-snmp/lmsensorsMib.c
|
||||
+++ b/agent/mibgroup/ucd-snmp/lmsensorsMib.c
|
||||
@@ -94,7 +94,9 @@ initialize_lmSensorsTable(const char *tableName, const oid *tableOID,
|
||||
netsnmp_table_helper_add_indexes(table_info, ASN_INTEGER, 0);
|
||||
table_info->min_column = COLUMN_LMSENSORS_INDEX;
|
||||
table_info->max_column = COLUMN_LMSENSORS_VALUE;
|
||||
- netsnmp_container_table_register( reg, table_info, container, 0 );
|
||||
+ if (netsnmp_container_table_register(reg, table_info, container, 0) !=
|
||||
+ SNMPERR_SUCCESS)
|
||||
+ return;
|
||||
|
||||
/*
|
||||
* If the HAL sensors module was configured as an on-demand caching
|
||||
diff -up net-snmp-5.7.2/snmplib/snmp_logging.c.rhbz2134359 net-snmp-5.7.2/snmplib/snmp_logging.c
|
||||
--- net-snmp-5.7.2/snmplib/snmp_logging.c.rhbz2134359 2022-10-13 11:11:25.599172905 +0200
|
||||
+++ net-snmp-5.7.2/snmplib/snmp_logging.c 2022-10-13 11:12:26.986257126 +0200
|
||||
@@ -534,7 +534,7 @@ snmp_log_options(char *optarg, int argc,
|
||||
char *
|
||||
snmp_log_syslogname(const char *pstr)
|
||||
{
|
||||
- if (pstr)
|
||||
+ if (pstr && (pstr != syslogname))
|
||||
strlcpy (syslogname, pstr, sizeof(syslogname));
|
||||
|
||||
return syslogname;
|
||||
@ -1,143 +0,0 @@
|
||||
From 5b8bf5d4130761c3374f9ad618e8a76bb75eb634 Mon Sep 17 00:00:00 2001
|
||||
From: Yuwei Ba <i@xiaoba.me>
|
||||
Date: Fri, 21 Aug 2020 15:06:10 +0800
|
||||
Subject: [PATCH] snmpd: support MemAvailable on Linux
|
||||
|
||||
See also https://github.com/net-snmp/net-snmp/pull/167 .
|
||||
|
||||
[bvanassche: modified the behavior of this patch]
|
||||
---
|
||||
agent/mibgroup/hardware/memory/memory_linux.c | 20 ++++++++++++++++++-
|
||||
agent/mibgroup/ucd-snmp/memory.c | 12 ++++++++++-
|
||||
agent/mibgroup/ucd-snmp/memory.h | 1 +
|
||||
include/net-snmp/agent/hardware/memory.h | 1 +
|
||||
mibs/UCD-SNMP-MIB.txt | 16 +++++++++++++++
|
||||
5 files changed, 48 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/agent/mibgroup/hardware/memory/memory_linux.c b/agent/mibgroup/hardware/memory/memory_linux.c
|
||||
index 6d5e86cde4..4ae235c2d0 100644
|
||||
--- a/agent/mibgroup/hardware/memory/memory_linux.c
|
||||
+++ b/agent/mibgroup/hardware/memory/memory_linux.c
|
||||
@@ -24,7 +24,8 @@ int netsnmp_mem_arch_load( netsnmp_cache *cache, void *magic ) {
|
||||
static int first = 1;
|
||||
ssize_t bytes_read;
|
||||
char *b;
|
||||
- unsigned long memtotal = 0, memfree = 0, memshared = 0,
|
||||
+ int have_memavail = 0;
|
||||
+ unsigned long memtotal = 0, memavail = 0, memfree = 0, memshared = 0,
|
||||
buffers = 0, cached = 0, sreclaimable = 0,
|
||||
swaptotal = 0, swapfree = 0;
|
||||
|
||||
@@ -81,6 +82,11 @@ int netsnmp_mem_arch_load( netsnmp_cache *cache, void *magic ) {
|
||||
if (first)
|
||||
snmp_log(LOG_ERR, "No MemTotal line in /proc/meminfo\n");
|
||||
}
|
||||
+ b = strstr(buff, "MemAvailable: ");
|
||||
+ if (b) {
|
||||
+ have_memavail = 1;
|
||||
+ sscanf(b, "MemAvailable: %lu", &memavail);
|
||||
+ }
|
||||
b = strstr(buff, "MemFree: ");
|
||||
if (b)
|
||||
sscanf(b, "MemFree: %lu", &memfree);
|
||||
@@ -151,6 +157,18 @@ int netsnmp_mem_arch_load( netsnmp_cache *cache, void *magic ) {
|
||||
mem->other = -1;
|
||||
}
|
||||
|
||||
+ if (have_memavail) {
|
||||
+ mem = netsnmp_memory_get_byIdx(NETSNMP_MEM_TYPE_AVAILMEM, 1);
|
||||
+ if (mem) {
|
||||
+ if (!mem->descr)
|
||||
+ mem->descr = strdup("Available memory");
|
||||
+ mem->units = 1024;
|
||||
+ mem->size = memavail;
|
||||
+ mem->free = memavail;
|
||||
+ mem->other = -1;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
mem = netsnmp_memory_get_byIdx( NETSNMP_MEM_TYPE_VIRTMEM, 1 );
|
||||
if (!mem) {
|
||||
snmp_log_perror("No Virtual Memory info entry");
|
||||
diff --git a/agent/mibgroup/ucd-snmp/memory.c b/agent/mibgroup/ucd-snmp/memory.c
|
||||
index 371a77e9a5..158b28e67b 100644
|
||||
--- a/agent/mibgroup/ucd-snmp/memory.c
|
||||
+++ b/agent/mibgroup/ucd-snmp/memory.c
|
||||
@@ -26,7 +26,7 @@ init_memory(void)
|
||||
netsnmp_create_handler_registration("memory", handle_memory,
|
||||
memory_oid, OID_LENGTH(memory_oid),
|
||||
HANDLER_CAN_RONLY),
|
||||
- 1, 26);
|
||||
+ 1, 27);
|
||||
netsnmp_register_scalar(
|
||||
netsnmp_create_handler_registration("memSwapError", handle_memory,
|
||||
memSwapError_oid, OID_LENGTH(memSwapError_oid),
|
||||
@@ -272,6 +272,16 @@ handle_memory(netsnmp_mib_handler *handler,
|
||||
c64.low = val & 0xFFFFFFFF;
|
||||
c64.high = val >>32;
|
||||
break;
|
||||
+ case MEMORY_SYS_AVAIL:
|
||||
+ type = ASN_COUNTER64;
|
||||
+ mem_info = netsnmp_memory_get_byIdx(NETSNMP_MEM_TYPE_AVAILMEM, 0);
|
||||
+ if (!mem_info)
|
||||
+ goto NOSUCH;
|
||||
+ val = mem_info->size; /* memavail */
|
||||
+ val *= (mem_info->units/1024);
|
||||
+ c64.low = val & 0xFFFFFFFF;
|
||||
+ c64.high = val >> 32;
|
||||
+ break;
|
||||
case MEMORY_SWAP_ERROR:
|
||||
mem_info = netsnmp_memory_get_byIdx( NETSNMP_MEM_TYPE_SWAP, 0 );
|
||||
if (!mem_info)
|
||||
diff --git a/agent/mibgroup/ucd-snmp/memory.h b/agent/mibgroup/ucd-snmp/memory.h
|
||||
index ded2140227..54a56a2fdb 100644
|
||||
--- a/agent/mibgroup/ucd-snmp/memory.h
|
||||
+++ b/agent/mibgroup/ucd-snmp/memory.h
|
||||
@@ -41,6 +41,7 @@ Netsnmp_Node_Handler handle_memory;
|
||||
#define MEMORY_SHARED_X 24
|
||||
#define MEMORY_BUFFER_X 25
|
||||
#define MEMORY_CACHED_X 26
|
||||
+#define MEMORY_SYS_AVAIL 27
|
||||
#define MEMORY_SWAP_ERROR 100
|
||||
#define MEMORY_SWAP_ERRMSG 101
|
||||
#endif /* MEMORY_H */
|
||||
diff --git a/include/net-snmp/agent/hardware/memory.h b/include/net-snmp/agent/hardware/memory.h
|
||||
index 54265cf22a..aca3a4d00d 100644
|
||||
--- a/include/net-snmp/agent/hardware/memory.h
|
||||
+++ b/include/net-snmp/agent/hardware/memory.h
|
||||
@@ -10,6 +10,7 @@ typedef struct netsnmp_memory_info_s netsnmp_memory_info;
|
||||
#define NETSNMP_MEM_TYPE_SHARED 8
|
||||
#define NETSNMP_MEM_TYPE_SHARED2 9
|
||||
#define NETSNMP_MEM_TYPE_SWAP 10
|
||||
+#define NETSNMP_MEM_TYPE_AVAILMEM 11
|
||||
/* Leave space for individual swap devices */
|
||||
#define NETSNMP_MEM_TYPE_MAX 30
|
||||
|
||||
diff --git a/mibs/UCD-SNMP-MIB.txt b/mibs/UCD-SNMP-MIB.txt
|
||||
index cde67feb50..d360bad025 100644
|
||||
--- a/mibs/UCD-SNMP-MIB.txt
|
||||
+++ b/mibs/UCD-SNMP-MIB.txt
|
||||
@@ -746,6 +746,22 @@ memCachedX OBJECT-TYPE
|
||||
memory as specifically reserved for this purpose."
|
||||
::= { memory 26 }
|
||||
|
||||
+memSysAvail OBJECT-TYPE
|
||||
+ SYNTAX CounterBasedGauge64
|
||||
+ UNITS "kB"
|
||||
+ MAX-ACCESS read-only
|
||||
+ STATUS current
|
||||
+ DESCRIPTION
|
||||
+ "The total amount of available memory, which is an estimate
|
||||
+ of how much memory is available for starting new applications,
|
||||
+ without swapping.
|
||||
+
|
||||
+ This object will not be implemented on hosts where the
|
||||
+ underlying operating system does not explicitly identify
|
||||
+ memory as specifically reserved for this purpose."
|
||||
+ ::= { memory 27 }
|
||||
+
|
||||
+
|
||||
memSwapError OBJECT-TYPE
|
||||
SYNTAX UCDErrorFlag
|
||||
MAX-ACCESS read-only
|
||||
|
||||
@ -1,92 +0,0 @@
|
||||
From c6facf2f080c9e1ea803e4884dc92889ec83d990 Mon Sep 17 00:00:00 2001
|
||||
From: Drew A Roedersheimer <Drew.A.Roedersheimer@leidos.com>
|
||||
Date: Wed, 10 Oct 2018 21:42:35 -0700
|
||||
Subject: [PATCH] snmplib/keytools: Fix a memory leak
|
||||
|
||||
Avoid that Valgrind reports the following memory leak:
|
||||
|
||||
17,328 bytes in 361 blocks are definitely lost in loss record 696 of 704
|
||||
at 0x4C29BE3: malloc (vg_replace_malloc.c:299)
|
||||
by 0x52223B7: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.2k)
|
||||
by 0x52DDB06: EVP_MD_CTX_create (in /usr/lib64/libcrypto.so.1.0.2k)
|
||||
by 0x4E9885D: generate_Ku (keytools.c:186)
|
||||
by 0x40171F: asynchronous (leaktest.c:276)
|
||||
by 0x400FE7: main (leaktest.c:356)
|
||||
---
|
||||
snmplib/keytools.c | 12 ++++++++----
|
||||
1 file changed, 8 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/snmplib/keytools.c b/snmplib/keytools.c
|
||||
index 2cf0240abf..dcdae044ac 100644
|
||||
--- a/snmplib/keytools.c
|
||||
+++ b/snmplib/keytools.c
|
||||
@@ -186,11 +186,15 @@ generate_Ku(const oid * hashtype, u_int hashtype_len,
|
||||
ctx = EVP_MD_CTX_create();
|
||||
#else
|
||||
ctx = malloc(sizeof(*ctx));
|
||||
- if (!EVP_MD_CTX_init(ctx))
|
||||
- return SNMPERR_GENERR;
|
||||
+ if (!EVP_MD_CTX_init(ctx)) {
|
||||
+ rval = SNMPERR_GENERR;
|
||||
+ goto generate_Ku_quit;
|
||||
+ }
|
||||
#endif
|
||||
- if (!EVP_DigestInit(ctx, hashfn))
|
||||
- return SNMPERR_GENERR;
|
||||
+ if (!EVP_DigestInit(ctx, hashfn)) {
|
||||
+ rval = SNMPERR_GENERR;
|
||||
+ goto generate_Ku_quit;
|
||||
+ }
|
||||
|
||||
#elif NETSNMP_USE_INTERNAL_CRYPTO
|
||||
#ifndef NETSNMP_DISABLE_MD5
|
||||
From 67726f2a74007b5b4117fe49ca1e02c86110b624 Mon Sep 17 00:00:00 2001
|
||||
From: Drew A Roedersheimer <Drew.A.Roedersheimer@leidos.com>
|
||||
Date: Tue, 9 Oct 2018 23:28:25 +0000
|
||||
Subject: [PATCH] snmplib: Fix a memory leak in scapi.c
|
||||
|
||||
This patch avoids that Valgrind reports the following leak:
|
||||
|
||||
==1069== 3,456 bytes in 72 blocks are definitely lost in loss record 1,568 of 1,616
|
||||
==1069== at 0x4C29BE3: malloc (vg_replace_malloc.c:299)
|
||||
==1069== by 0x70A63B7: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.2k)
|
||||
==1069== by 0x7161B06: EVP_MD_CTX_create (in /usr/lib64/libcrypto.so.1.0.2k)
|
||||
==1069== by 0x4EA3017: sc_hash (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4EA1CD8: hash_engineID (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4EA1DEC: search_enginetime_list (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4EA2256: set_enginetime (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4EC495E: usm_process_in_msg (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4EC58CA: usm_secmod_process_in_msg (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4E7B91D: snmpv3_parse (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4E7C1F6: ??? (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
==1069== by 0x4E7CE94: ??? (in /usr/lib64/libnetsnmp.so.31.0.2)
|
||||
|
||||
[ bvanassche: minimized diffs / edited commit message ]
|
||||
---
|
||||
snmplib/scapi.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/snmplib/scapi.c b/snmplib/scapi.c
|
||||
index 8ad1d70d90..54310099d8 100644
|
||||
--- a/snmplib/scapi.c
|
||||
+++ b/snmplib/scapi.c
|
||||
@@ -967,7 +967,8 @@ sc_hash_type(int auth_type, const u_char * buf, size_t buf_len, u_char * MAC,
|
||||
#endif
|
||||
if (!EVP_DigestInit(cptr, hashfn)) {
|
||||
/* requested hash function is not available */
|
||||
- return SNMPERR_SC_NOT_CONFIGURED;
|
||||
+ rval = SNMPERR_SC_NOT_CONFIGURED;
|
||||
+ goto sc_hash_type_quit;
|
||||
}
|
||||
|
||||
/** pass the data */
|
||||
@@ -976,6 +977,8 @@ sc_hash_type(int auth_type, const u_char * buf, size_t buf_len, u_char * MAC,
|
||||
/** do the final pass */
|
||||
EVP_DigestFinal(cptr, MAC, &tmp_len);
|
||||
*MAC_len = tmp_len;
|
||||
+
|
||||
+sc_hash_type_quit:
|
||||
#if defined(HAVE_EVP_MD_CTX_FREE)
|
||||
EVP_MD_CTX_free(cptr);
|
||||
#elif defined(HAVE_EVP_MD_CTX_DESTROY)
|
||||
|
||||
@ -1,33 +0,0 @@
|
||||
From 6fd7499ccaafdf244a74306972562b2091cb91b1 Mon Sep 17 00:00:00 2001
|
||||
From: fisabelle <fisabelle@broadsoft.com>
|
||||
Date: Thu, 9 Jul 2020 15:49:35 -0400
|
||||
Subject: [PATCH] Issue#147: Net-SNMP not responding when proxy requests times
|
||||
out
|
||||
|
||||
---
|
||||
agent/mibgroup/ucd-snmp/proxy.c | 11 +++++++++++
|
||||
1 file changed, 11 insertions(+)
|
||||
|
||||
diff --git a/agent/mibgroup/ucd-snmp/proxy.c b/agent/mibgroup/ucd-snmp/proxy.c
|
||||
index 24ae9322bd..e0ee96b29a 100644
|
||||
--- a/agent/mibgroup/ucd-snmp/proxy.c
|
||||
+++ b/agent/mibgroup/ucd-snmp/proxy.c
|
||||
@@ -572,6 +572,17 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid,
|
||||
}
|
||||
|
||||
switch (operation) {
|
||||
+ case NETSNMP_CALLBACK_OP_RESEND:
|
||||
+ /*
|
||||
+ * Issue#147: Net-SNMP not responding when proxy requests times out
|
||||
+ *
|
||||
+ * When snmp_api issue a resend, the default case was hit and the
|
||||
+ * delagated cache was freed.
|
||||
+ * As a result, the NETSNMP_CALLBACK_OP_TIMED_OUT never came in.
|
||||
+ */
|
||||
+ DEBUGMSGTL(("proxy", "pdu has been resent for request = %8p\n", requests));
|
||||
+ return SNMP_ERR_NOERROR;
|
||||
+
|
||||
case NETSNMP_CALLBACK_OP_TIMED_OUT:
|
||||
/*
|
||||
* WWWXXX: don't leave requests delayed if operation is
|
||||
|
||||
@ -1,46 +0,0 @@
|
||||
From b67afb81eb0f7ad89496cd3e672654bfd8c55d0e Mon Sep 17 00:00:00 2001
|
||||
From: Bart Van Assche <bvanassche@acm.org>
|
||||
Date: Sat, 21 Mar 2020 20:03:13 -0700
|
||||
Subject: [PATCH] snmpd: UCD-SNMP proxy: Fix a crash triggered by a wrong
|
||||
passphrase
|
||||
|
||||
See also https://github.com/net-snmp/net-snmp/issues/82 .
|
||||
---
|
||||
agent/mibgroup/ucd-snmp/proxy.c | 9 ---------
|
||||
1 file changed, 9 deletions(-)
|
||||
|
||||
diff --git a/agent/mibgroup/ucd-snmp/proxy.c b/agent/mibgroup/ucd-snmp/proxy.c
|
||||
index f4eb03ef6f..548ae7588f 100644
|
||||
--- a/agent/mibgroup/ucd-snmp/proxy.c
|
||||
+++ b/agent/mibgroup/ucd-snmp/proxy.c
|
||||
@@ -698,8 +698,6 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid,
|
||||
"proxy OID return length too long.\n");
|
||||
netsnmp_set_request_error(cache->reqinfo, requests,
|
||||
SNMP_ERR_GENERR);
|
||||
- if (pdu)
|
||||
- snmp_free_pdu(pdu);
|
||||
netsnmp_free_delegated_cache(cache);
|
||||
return 1;
|
||||
}
|
||||
@@ -723,8 +721,6 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid,
|
||||
* ack, this is bad. The # of varbinds don't match and
|
||||
* there is no way to fix the problem
|
||||
*/
|
||||
- if (pdu)
|
||||
- snmp_free_pdu(pdu);
|
||||
snmp_log(LOG_ERR,
|
||||
"response to proxy request illegal. We're screwed.\n");
|
||||
netsnmp_set_request_error(cache->reqinfo, requests,
|
||||
@@ -735,11 +731,6 @@ proxy_got_response(int operation, netsnmp_session * sess, int reqid,
|
||||
if (cache->reqinfo->mode == MODE_GETBULK)
|
||||
netsnmp_bulk_to_next_fix_requests(requests);
|
||||
|
||||
- /*
|
||||
- * free the response
|
||||
- */
|
||||
- if (pdu && 0)
|
||||
- snmp_free_pdu(pdu);
|
||||
break;
|
||||
|
||||
default:
|
||||
|
||||
@ -1,12 +0,0 @@
|
||||
diff -urNp a/snmplib/transports/snmpUDPBaseDomain.c b/snmplib/transports/snmpUDPBaseDomain.c
|
||||
--- a/snmplib/transports/snmpUDPBaseDomain.c 2023-08-01 08:20:56.776099134 +0200
|
||||
+++ b/snmplib/transports/snmpUDPBaseDomain.c 2023-08-01 08:23:18.921323874 +0200
|
||||
@@ -293,7 +293,7 @@ int netsnmp_udpbase_sendto(int fd, const
|
||||
}
|
||||
|
||||
rc = sendmsg(fd, &m, MSG_NOSIGNAL|MSG_DONTWAIT);
|
||||
- if (rc >= 0 || errno != EINVAL)
|
||||
+ if (rc >= 0 || (errno != EINVAL && errno != ENETUNREACH))
|
||||
return rc;
|
||||
|
||||
/*
|
||||
@ -1,48 +0,0 @@
|
||||
From 7330e3e3e08d9baff23332e764f9a53561939fff Mon Sep 17 00:00:00 2001
|
||||
From: Bart Van Assche <bvanassche@acm.org>
|
||||
Date: Thu, 2 Sep 2021 21:06:54 -0700
|
||||
Subject: [PATCH] libsnmp: Log "Truncating integer value >32 bits" once
|
||||
|
||||
Log this message once instead of every time sysUpTime and/or
|
||||
hrSystemUptime are accessed after snmpd is running for more than 497 days.
|
||||
|
||||
Fixes: https://github.com/net-snmp/net-snmp/issues/144
|
||||
---
|
||||
snmplib/snmp_client.c | 9 ++++++---
|
||||
1 file changed, 6 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/snmplib/snmp_client.c b/snmplib/snmp_client.c
|
||||
index 0f539c63fe..b00670d973 100644
|
||||
--- a/snmplib/snmp_client.c
|
||||
+++ b/snmplib/snmp_client.c
|
||||
@@ -853,7 +853,8 @@ snmp_set_var_value(netsnmp_variable_list * vars,
|
||||
= (const u_long *) value;
|
||||
*(vars->val.integer) = *val_ulong;
|
||||
if (*(vars->val.integer) > 0xffffffff) {
|
||||
- snmp_log(LOG_ERR,"truncating integer value > 32 bits\n");
|
||||
+ NETSNMP_LOGONCE((LOG_INFO,
|
||||
+ "truncating integer value > 32 bits\n"));
|
||||
*(vars->val.integer) &= 0xffffffff;
|
||||
}
|
||||
}
|
||||
@@ -865,7 +866,8 @@ snmp_set_var_value(netsnmp_variable_list * vars,
|
||||
= (const unsigned long long *) value;
|
||||
*(vars->val.integer) = (long) *val_ullong;
|
||||
if (*(vars->val.integer) > 0xffffffff) {
|
||||
- snmp_log(LOG_ERR,"truncating integer value > 32 bits\n");
|
||||
+ NETSNMP_LOGONCE((LOG_INFO,
|
||||
+ "truncating integer value > 32 bits\n"));
|
||||
*(vars->val.integer) &= 0xffffffff;
|
||||
}
|
||||
}
|
||||
@@ -877,7 +879,8 @@ snmp_set_var_value(netsnmp_variable_list * vars,
|
||||
= (const uintmax_t *) value;
|
||||
*(vars->val.integer) = (long) *val_uintmax_t;
|
||||
if (*(vars->val.integer) > 0xffffffff) {
|
||||
- snmp_log(LOG_ERR,"truncating integer value > 32 bits\n");
|
||||
+ NETSNMP_LOGONCE((LOG_INFO,
|
||||
+ "truncating integer value > 32 bits\n"));
|
||||
*(vars->val.integer) &= 0xffffffff;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
diff -urNp a/snmplib/cert_util.c b/snmplib/cert_util.c
|
||||
--- a/snmplib/cert_util.c 2021-12-09 08:45:23.217942229 +0100
|
||||
+++ b/snmplib/cert_util.c 2021-12-09 08:46:56.567562352 +0100
|
||||
@@ -1368,8 +1368,7 @@ _add_certfile(const char* dirname, const
|
||||
|
||||
okey = PEM_read_bio_PrivateKey(certbio, NULL, NULL, NULL);
|
||||
if (NULL == okey)
|
||||
- snmp_log(LOG_ERR, "error parsing key file %s\n",
|
||||
- key->info.filename);
|
||||
+ snmp_log(LOG_ERR, "error parsing key file %s\n", filename);
|
||||
else {
|
||||
key = _add_key(okey, dirname, filename, index);
|
||||
if (NULL == key) {
|
||||
@ -10,7 +10,7 @@
|
||||
Summary: A collection of SNMP protocol tools and libraries
|
||||
Name: net-snmp
|
||||
Version: 5.8
|
||||
Release: 30%{?dist}
|
||||
Release: 21%{?dist}
|
||||
Epoch: 1
|
||||
|
||||
License: BSD
|
||||
@ -67,20 +67,6 @@ Patch38: net-snmp-5.8-digest-from-ECC.patch
|
||||
Patch39: net-snmp-5.8-broken-errmsg.patch
|
||||
Patch40: net-snmp-5.8-intermediate-certs.patch
|
||||
Patch41: net-snmp-5.8-fix-cert-crash.patch
|
||||
Patch42: net-snmp-5.8-engine-id.patch
|
||||
Patch43: net-snmp-5.8-certs.patch
|
||||
Patch44: net-snmp-5.8-util-fix.patch
|
||||
Patch45: net-snmp-5.8-deleted-iface.patch
|
||||
Patch46: net-snmp-5.8-memleak-backport.patch
|
||||
Patch47: net-snmp-5.8-dev-mem-leak.patch
|
||||
Patch48: net-snmp-5.8-CVE-2022-44792-44793.patch
|
||||
Patch49: net-snmp-5.8-ipv6-disable-leak.patch
|
||||
Patch50: net-snmp-5.8-proxy-time-out.patch
|
||||
Patch51: net-snmp-5.8-sendmsg-error-code.patch
|
||||
Patch52: net-snmp-5.8-memavailable.patch
|
||||
Patch53: net-snmp-5.8-proxy.patch
|
||||
Patch54: net-snmp-5.8-truncating-log-once.patch
|
||||
Patch55: net-snmp-5.8-CVE-2022-24805-24810.patch
|
||||
|
||||
# Modern RPM API means at least EL6
|
||||
Patch101: net-snmp-5.8-modern-rpm-api.patch
|
||||
@ -247,20 +233,6 @@ rm -r python
|
||||
%patch39 -p1 -b .broken-errmsg
|
||||
%patch40 -p1 -b .intermediate-certs
|
||||
%patch41 -p1 -b .fix-cert-crash
|
||||
%patch42 -p1 -b .engine-id
|
||||
%patch43 -p1 -b .certs
|
||||
%patch44 -p1 -b .utils
|
||||
%patch45 -p1 -b .ifaces
|
||||
%patch46 -p1 -b .memleak-backport
|
||||
%patch47 -p1 -b .dev-mem-leak
|
||||
%patch48 -p1
|
||||
%patch49 -p1 -b .ipv6-disable-leak
|
||||
%patch50 -p1 -b .proxy-time-out
|
||||
%patch51 -p1 -b .sendmsg-error-code
|
||||
%patch52 -p1 -b .memavailable
|
||||
%patch53 -p1 -b .proxy
|
||||
%patch54 -p1 -b .truncating-log-once
|
||||
%patch55 -p1 -b .CVE-2022-24805-24810
|
||||
|
||||
%patch101 -p1 -b .modern-rpm-api
|
||||
|
||||
@ -515,39 +487,6 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
|
||||
%{_libdir}/libnetsnmptrapd*.so.%{soname}*
|
||||
|
||||
%changelog
|
||||
* Mon Mar 04 2024 Josef Ridky <jridky@redhat.com> - 1:5.8-30
|
||||
- fix crash when configured as proxy - issue 82 (RHEL-14454)
|
||||
- log once truncating issue (RHEL-13597)
|
||||
- fix CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,
|
||||
CVE-2022-24809 and CVE-2022-24810 (RHEL-26650)
|
||||
|
||||
* Tue Jan 23 2024 Josef Ridky <jridky@redhat.com> - 1:5.8-29
|
||||
- backport MemAvailable report from upstream (RHEL-21780)
|
||||
|
||||
* Wed Aug 02 2023 Josef Ridky <jridky@redhat.com> - 1:5.8-28
|
||||
- fix sendmsg error code for new kernel (#2185787)
|
||||
|
||||
* Tue Jan 31 2023 Josef Ridky <jridky@redhat.com> - 1:5.8-27
|
||||
- fix memory leak due of proc file creating (#2105957)
|
||||
- fix CVE-2022-44792 and CVE-2022-44793 (#2141901) and (#2141905)
|
||||
- fix memory leak when ipv6 disable set to 1 (#2151537)
|
||||
- fix proxy timeout issue (#2160723)
|
||||
|
||||
* Mon Oct 17 2022 Josef Ridky <jridky@redhat.com> - 1:5.8-26
|
||||
- backport two memory leaks from upstream (#2134635)
|
||||
|
||||
* Mon Feb 21 2022 Josef Ridky <jridky@redhat.com> - 1:5.8-25
|
||||
- fix segfault with error on subcontainer (#2051370)
|
||||
|
||||
* Thu Dec 09 2021 Josef Ridky <jridky@redhat.com> - 1:5.8-24
|
||||
- fix dereferencing null pointer (#2021403)
|
||||
|
||||
* Mon Oct 11 2021 Josef Ridky <jridky@redhat.com> - 1:5.8-23
|
||||
- net-snmp-cert gencert create SHA512 (#1908331)
|
||||
|
||||
* Mon Jun 28 2021 Josef Ridky <jridky@redhat.com> - 1:5.8-22
|
||||
- update engineTime when sending traps (#1973252)
|
||||
|
||||
* Wed Jun 09 2021 Josef Ridky <jridky@redhat.com> - 1:5.8-21
|
||||
- prevent parsing IP address twice (#1768908)
|
||||
- add support for digests detected from ECC certs (#1919714)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user