[prev in list] [next in list] [prev in thread] [next in thread] 

List:       net-snmp-bugs
Subject:    [ net-snmp-Bugs-1527930 ] snmpd 5.2.2 doesn't accept authentication
From:       "SourceForge.net" <noreply () sourceforge ! net>
Date:       2006-07-24 19:35:27
Message-ID: E1G56D9-0001UL-Rc () sc8-sf-web2 ! sourceforge ! net
[Download RAW message or body]

Bugs item #1527930, was opened at 2006-07-24 15:33
Message generated for change (Settings changed) made by itillman
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=1527930&group_id=12694

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: agent
Group: smux
Status: Open
Resolution: None
Priority: 5
Submitted By: Irwin Tillman (itillman)
Assigned to: Nobody/Anonymous (nobody)
>Summary: snmpd 5.2.2 doesn't accept authentication from smux sub-agen

Initial Comment:
snmpd 5.2.2 and later doesn't accept authentication
from a smux sub-agent.

Broken starting in version 5.2.2.

Verified works fine in net-snmp versions 5.1.3, 5.1.4,
5.2.1.2.
Verified broken in net-snmp versions 5.2.2, 5.2.3,
5.3.0.1, 5.3.1.

Platform: Solaris 9 on SPARC.

When running net-snmp 5.1.3, 5.1.4, and 5.2.1.2, an
smux sub-agent in 
freeradius 1.0.5 and 1.1.2 was able to talk to snmpd
fine.  

In net-snmp  5.2.2, 5.2.3,  5.3.0.1, and 5.3.0.1,
snmpd is refusing to accept the connection from the
freeradius, apparently because snmpd thinks the smux
peer's password is wrong.


Debug of freeradius shows:

    radiusd[13113]: SMUX_CLOSE with reason: 5

I think that the '5' reason is referring to
SMUXC_AUTHENTICATIONFAILURE
as per net-snmp's ./agent/mibgroup/smux/smux.h


Debug of snmpd 5.3.0.1 shows (smux sub-agent password
changed to 'foobar' to protect the guilty):

    at snmpd startup:
    ...
    registered debug token smux, 1
    registered debug token smux_conf, 1
    registered debug token smux_init, 1
    smux_conf: parsing registration for:
.1.3.6.1.4.1.3317.1.3.1 foobar
    smux_conf: password is: foobar

    when freeradius's smux sub-agent tries to connect
to snmpd:
    ...
    smux: [smux_accept] Calling accept()
    [smux_accept] accepted fd 9 from 127.0.0.1:56878
    smux: [smux_open_process] version 0, len 33, type 2
    smux: [smux_open_process] smux peer:
SNMPv2-SMI::enterprises.3317.1.3.1
    smux: [smux_open_process] len 21, type 6
    smux: [smux_open_process] smux peer descr: radiusd
    smux: [smux_open_process] len 12, type 4
    smux: [smux_open_process] smux peer passwd: foobar
    smux: [smux_open_process] len 0, type 4
    refused smux peer: oid
SNMPv2-SMI::enterprises.3317.1.3.1, descr radiusd
    smux: [smux_close] sending close to fd 9, reason 5
    smux: [smux_accept] peer on 9 failed authentication


snmpd seems to be saying that snmpd initialized
password "foobar" for this OID,
but when SMUX client connected and supplied password
"foobar",  snmpd
said that this is the wrong password.



/etc/snmp/snmpd.conf hasn't changed; the relevant
config line is:

  smuxpeer .1.3.6.1.4.1.3317.1.3.1 foobar

It's 100% reproducible.  I make no changes to the
config files;
I simply replace one version of net-snmp with another.




----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=1527930&group_id=12694

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Net-snmp-bugs mailing list
Net-snmp-bugs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-bugs
[prev in list] [next in list] [prev in thread] [next in thread]