[Pkg-net-snmp-devel] Bug#765873: ignores configured engineID for USM, always probes

[Steinar H. Gunderson]

Package: libsnmp30
Version: 5.7.2.1~dfsg-7
Severity: normal
Tags: upstream patch

Hi,

When using SNMPv3 with USM, libsnmp30 ignores the given securityEngineID,
and always probes (unless myabe if you set the seemingly internal flag
SNMP_DONT_PROBE at a strategic point in time). Worse, this is done
synchronously even if the client asked for asynchronous operation
(https://sourceforge.net/p/net-snmp/bugs/2310/).

This used to work in the version in wheezy (5.4.3), but seemingly got broken
in some refactoring to support multiple security models. The patch is simple:

--- net-snmp-5.7.2.1~dfsg.orig/snmplib/snmpusm.c
+++ net-snmp-5.7.2.1~dfsg/snmplib/snmpusm.c
@@ -3126,6 +3126,11 @@ int usm_discover_engineid(void *slpv, ne
     int status, i;
     struct session_list *slp = (struct session_list *) slpv;
 
+    if (slp->session->securityEngineIDLen != 0) {
+        DEBUGMSGTL(("snmp_api", "engineID already known, skipping probe\n"));
+        return SNMPERR_SUCCESS;
+    }
+
     if (usm_build_probe_pdu(&pdu) != 0) {
         DEBUGMSGTL(("snmp_api", "unable to create probe PDU\n"));
         return SNMP_ERR_GENERR;


-- System Information:
Debian Release: 7.6
  APT prefers stable
  APT policy: (750, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.3 (SMP w/40 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libsnmp30 depends on:
ii  libc6              2.13-38+deb7u4
ii  libpci3            1:3.1.9-6
ii  libperl5.14        5.14.2-21+deb7u1
ii  libsensors4        1:3.3.2-2+deb7u1
ii  libsnmp-base       5.7.2.1~dfsg-7
ii  libssl1.0.0        1.0.1e-2+deb7u13
ii  libwrap0           7.6.q-24
ii  multiarch-support  2.13-38+deb7u4

libsnmp30 recommends no packages.

libsnmp30 suggests no packages.

-- no debconf information