SNMP Updates – NET+OS 6.3
Last Updated: 12/30/10 Fix Count: 16
Title
snmp get-bulk can crash V6.3 stack
Case: 37153
Date fixed: 12/30/10
Description
Denial of service possible in current release.
Solution
Corrected defective that caused SNMP to run out or resources during
a get-bulk with max repetitions of 10000 causing a denial of service.
Title
Increased allowable length of community name to 32 characters
Case: 1272924
Date fixed: 06/11/09
Description
Customers requested that a community name of up to 32 bytes be allowed in traps. Additionally, when trap send requests were fielded, logic error in the traps processing code could have caused a buffer overrun as the length of the community string was not being checked. Also the root.c file was sending (be default) traps to the port on which the UDP request was received as opposed to (by default) sending the trap to UDP port 162 (though this is configurable by the user).
Solution
The internal buffer
into which the community (or user) was stored for internal traps processing was
24 bytes in length. There were no restrictions placed on the size of community
names passed into naSnmpSendTrap(),
thus there was the potential for a buffer overrun and memory corruption, at
worst, or community name truncation, at best. The length of the community name
is now checked and if it is greater than the max length the error NA_STATUS_INVALID_PARAMETER
is returned.
In root.c, has been changed to (by default) send the user
generated traps to UDP port 162 on the machine that sent the UDP request. Root.c is shipped as source code allowing the user to
configure both the IP address and the port at that IP address to which the
traps are sent.
Title
Community name missing and PDU type incorrect in authentication traps
Case: 27937
Date fixed: 09/08/08
Description
Authentication traps were missing the community name and were incorrectly set at SNMPv2 trap (7).
Solution
Authentication traps now contain the
community name and the PDU type is correctly set to V1 PDU (4).
Title
SNMP hangs during MIB walk
Case: 26746
Date fixed: 07/30/08
Description
The problem was that the code would get itself into an infinite loop where it was always trying to find the next item in the vacmSecurityGroup table, but the functions to get the next item would always return the current one. It was determined that the vacmSecurityToGroupTableLocalCompare function was not handling the case where two group tables were the same except for the vacmSecurityGroup field.
Solution
Modified code that handles the compare.
Title
Support for virtual interfaces
Case: none
Date fixed: 07/03/08
Description
Added API to add virtual SNMP
interfaces.
Solution
Added naSnmpSetSysObjectID,
naSnmpSetSysDescr, naSnmpSetSysServices,
naSnmpGetIfDescr, and naSnmpSetIfDescr.
Title
Memory leak
Case: 26746
Date fixed: 07/01/08
Description
When sending traps, a memory leak could cause traps not to be sent.
Solution
Buffers were being saved for reuse and
never cleaned up.
Title
Data abort when sending enterprise traps
Case: 26746
Date fixed: 06/16/08
Description
When sending enterprise traps, if the specific trap type is one, you get a data abort.
Solution
The first two var
binds in a trap are the sysUpTimeOid and snmpTrapOID. snmpSendTrap was setting up the snmpTrapOID for a generic trap, and then overwriting the
OID in it if the trap was actually for a specific trap. In this case, snmpTrapOID
is set to an enterprise OID. However,
when it did this, it didn't free memory it allocated when it initially created snmpTrapOid for the generic trap. This caused problems later when the SNMP
agent later tried to free the enterprise OID, which was not malloced. Changed the code to free the buffer and
update the flags appropriately to indicate the buffer had been freed.
Title
V2c Traps malformed
Case: 21020
Date fixed: 02/28/07
Description
Multiple V2c traps are grouped together in one packet rather than sent as separate traps.
Solution
Fixed problem that was causing the trapVarList to be initialized improperly when multiple traps were queued.
Title
Trap type selection feature
Case: internal
Date fixed: 01/03/07
Description
Currently Net+OS sends a trap as V3 if it's authenticated and as V1 if it's not.
Solution
Two
new functions have been added to allow manually switching trap types:
int SNMPSetTrapVersion(int version);
int SNMPGetTrapVersion(void);
version would be1 for V1 traps, 2 for V2c traps, and 3 for SNMPv3 traps. This now enables sending plain V3 traps as well as V2c traps.
See ApiReference for details.
Title
V3 Traps malformed
Case: internal
Date fixed: 12/20/06
Description
The original code did not set the PDU type of the message correctly, and did not encrypt messages with the correct encryption key.
The effect was to cause SNMP version 3 traps sent by the agent to be malformed.
Solution
Updated libraries now properly set the PDU type of
the message, and use the correct encryption key.
Title
sysUpTiime rolling over prematurely
Case: 1220419
Date fixed: 11/10/06
Description
When running a MIB browser (snmp)
such as MG-Soft, the sysUpTime value displayed would increase
up to approximately 49.6 days plus some number of hours, minutes and seconds.
At that point, the sysUpTime value would roll over to
00 days, 3 hours, some number of minutes and seconds. If you looked at the
communications between the NET+OS snmp agent and a
MIB browser, the sysUpTime number would get to
something like FF712345 and then "roll over" to something like
15436345 (these are not meant to be exact numbers just close approximations).
Solution
There were two problems causing this problem. First
the internal value that is used to accumulate 1/100 second timer ticks that is
then used as the sysUpTime value was mistakenly being
accumulated at 10 times the rate actually needed. Secondly, some code in the
ASN1 area of our code was mistakenly removing the 2 high order bytes from
numbers greater having 9 or more consecutive bits in the high order bytes of
the value. These two problems have been addressed.
Title
Tabular
data missing from ipNetToMediaTable
Case: 1219675
Date Fixed: 11/02/06
Description
When performing a MIB walk, get or get next snmp mib browser action,
against the MIB-II ip portion of a NET+OS SNMP tree, the ipNetToMediaTable
(OID 1.3.6.1.2.1.4.22) only displays the indicies. The actual tabular data
(MAC address, IP Address and dynamic/static status) are not displayed.
Solution
A coding error in the code that extracts fields from the fusion stack
and makes this data available to the ASN1 processing code was dropping all
tabular fields except the index. This problem has been identified and corrected.
Title
ipForwarding can not be set from MIB browser
Case: 1216228
Date Fixed: 08/22/06
Description
Changing the ipForwarding OID from a MIB browser had no effect on the stack.
Solution
Fixed problem where MIB setting
was not being passed to the stack to allow change.
Title
SNMP v3 traps not working
Case:
1214064
Date Fixed: 07/13/06
Description
SNMP v3 traps and especially encrypted v3 traps
were not being sent out correctly.
Solution
The macro constant SNMP_TRAP_VERSION was not being set for V3 traps, and a buffer was not being properly allocated for an
encryption key. Both issues resolved.
Title
v1/v2 traps
being sent out twice
Case: 18803
Date Fixed: 06/13/06
Description
In certain cases, v1/v2 traps would be sent out
twice
Solution
Corrected issue with logic that detected the trap
had previously been sent.
Title
Customizable
ports for SNMP and traps
Case: internal
Date Fixed: 11/28/05
Description
SNMP
ports were previously hard coded to 161 and 162.
Solution
Changed to use user provided
port number (through naSnmpSetPortNumber,
naSnmpSetTrapPortNumber). Default will be 161 (snmp port) and 162 (trap
port).
Files: netos\bin\mibman.jar
netos\h\nastatus.h
netos\h\snmpapi.h
netos\h\snmp\nasnmpvirtif.h
netos\h\snmp\snmp.h
netos\h\snmp\snmpv3api.h
netos\h\snmp\osdefs.h
netos\lib\arm7\32b\ghs\libsnmp.a
netos\lib\arm7\32b\gnu\libsnmp.a
netos\lib\arm9\32b\ghs\libsnmp.a
netos\lib\arm9\32b\gnu\libsnmp.a
netos\lib\arm7\32b\ghs\libsnmpv3.a
netos\lib\arm7\32b\gnu\libsnmpv3.a
netos\lib\arm9\32b\ghs\libsnmpv3.a
netos\lib\arm9\32b\gnu\libsnmpv3.a
netos\lib\arm7\32b\ghs\libmanMib.a
netos\lib\arm7\32b\gnu\libmanMib.a
netos\lib\arm9\32b\ghs\libmanMib.a
netos\lib\arm9\32b\gnu\libmanMib.a
netos\src\examples\nasnmpv3\cli.c
netos\src\examples\nasnmpv3\appconf.h
netos\src\examples\nasnmpd\root.c
netos\src\examples\namib\appconf.h
netos\src\examples\namib\EXAMPLE.c
netos\src\examples\namib\ EXAMPLE.h
netos\src\examples\namib\ EXAMPLEAction.c
netos\src\examples\namib\gen.bat
netos\src\examples\namib\list
netos\src\examples\namib\MibMan.c
netos\src\examples\namib\ MibMan.h
netos\src\examples\namib\project.gpj
netos\src\examples\namib\readme
netos\src\examples\namib\root.c
netos\src\examples\namib\table.c
netos\src\examples\namib\table.h
netos\src\examples\namib\32b\image.gpj
netos\src\examples\namib\32\Makefile
netos\src\examples\namib\32b\rom.bld
netos\src\examples\namib\32b\rom.gpj
netos\src\examples\namib\mibs\example.config
netos\src\examples\namib\mibs\ example.inc
netos\src\examples\namib\mibs\ example.out
netos\src\examples\namib\mibs\ example.sm2
netos\src\examples\namib\mibs\list
netos\src\examples\namib\mibs\listgh
netos\src\examples\namib\mibs\rc1902.out
netos\src\examples\namib\mibs\rfc1902.inc
netos\src\examples\namib\mibs\ rfc1902.out
netos\src\examples\namib\mibs\ rfc1902.sm2
netos\src\examples\namib\mibs\ rfc1903.inc
netos\src\examples\namib\mibs\ rfc1903.out
netos\src\examples\namib\mibs\ rfc1903.sm2
netos\src\examples\namib\mibs\ rfc1904.inc
netos\src\examples\namib\mibs\ rfc1904.sm2
netos\src\snmpcust\Makefile
netos\src\snmpcust\Snmp_api.c
Special Instructions
- Unzip
the patch(es) to the
root of your NET+OS installation, for example C:\netos63_gnu\.
- Be
sure to install any patches listed under Dependencies below
- Rebuild
your application.
Patch Link:
SNMPUpdates_63
Dependencies
This
patch also requires the installation of the following patch(es):
TCPIPUpdates_63
ACEUpdates_63
ApiReference_63