forked from net-snmp/net-snmp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGES
2883 lines (2678 loc) · 144 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
This file contains a list of specific bugs that have been fixed, and patches
that have been applied in released versions. Please see the NEWS file for
a summary of the major changes, and the ChangeLog file for a comprehensive
listing of all changes made to the code.
*5.9.4*:
IMPORTANT: SNMP over TLS and/or DTLS are not functioning properly
in this release with various versions of OpenSSL and will be fixed
in a future release.
libsnmp:
- Remove the SNMP_SWIPE_MEM() macro Remove this macro since it is not
used in the Net-SNMP code base.
- DISPLAY-HINT fixes
- Miscellanious improvements to the transports
- Handle multiple oldEngineID configuration lines
- fixes for DNS names longer than 63 characters
agent:
- Added a ignoremount configuration option for the HOST-MIB
- disallow SETs with a NULL varbind
- fix the --enable-minimalist build
apps:
- snmpset: allow SET with NULL varbind for testing
- snmptrapd: improved MySQL logging code
general:
- configure: Remove -Wno-deprecated as it is no longer needed
- miscellanious ther bug fixes, build fixes and cleanups
*5.9.3*:
security:
- These two CVEs can be exploited by a user with read-only credentials:
- CVE-2022-24805 A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
- CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
can cause a NULL pointer dereference.
- These CVEs can be exploited by a user with read-write credentials:
- CVE-2022-24806 Improper Input Validation when SETing malformed
OIDs in master agent and subagent simultaneously
- CVE-2022-24807 A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
out-of-bounds memory access.
- CVE-2022-24808 A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
- CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
can cause a NULL pointer dereference.
- To avoid these flaws, use strong SNMPv3 credentials and do not share them.
If you must use SNMPv1 or SNMPv2c, use a complex community string
and enhance the protection by restricting access to a given IP address range.
- Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for
reporting the following CVEs that have been fixed in this release, and
to Arista Networks for providing fixes.
Windows:
- WinExtDLL: Fix multiple compiler warnings
- WinExtDLL: Make long strings occupy a single line Make it easier to
look up error messages in the source code by making long strings
occupy a single source code line.
- WinExtDLL: Restore MIB-II support Make winExtDLL work on 64-bit
Windows systems") caused snmpd to skip MIB-II on 64-bit systems.
IF-MIB: Update ifTable entries even if the interface name has changed
At least on Linux a network interface index may be reused for a
network interface with a different name. Hence this patch that
enables replacing network interface information even if the network
interface name has changed.
unspecified:
- Moved transport code into a separate subdirectory in snmplib
- Snmplib: remove inline versions of container funcs".
misc:
- snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is
expanded in ${datarootdir} so datarootdir must be set before
@datadir@ is used.
*5.9.2*:
skipped due to a last minute library versioning found bug -- use 5.9.3 instead
*5.9.1*:
General: Many bug fixes
*5.9*
snmplib:
- Add IPv6 support to DTLSUDP transport
- use new netsnmp_sockaddr_storage in netsnmp_addr_pair
- add base_transport ptr for tunneled transports
- Add support for OpenSSL 1.1.1
- Dtls: overhaul of debug
- Remove inline versions of container funcs
snmpd:
- Use ETHTOOL_GLINKSETTINGS when available Newer Linux kernels
support ETHTOOL_GLINKSETTINGS. Use it when available instead of the
older and deprecated ETHTOOL_GSET. This patch avoids that the Linux
kernel reports the following kernel warning: warning: 'snmpd' uses
legacy ethtool link settings API, link modes are only partially
reported See also https://sourceforge.net/p/net-snmp/patches/1387/.
[bvanassche: reworked this patch significantly]
- Reduce the time needed to execute "pass" scripts on BSD systems See
also https://github.com/net-snmp/net-snmp/issues/8.
- [BUG 2926]: Make it possible to set agentXPingInterval for a
subagent - register agentXPingInterval for the subagent list
handler, before it was registered for snmp - added agentxTimeout to
the subagent list handler. It's now possible to set for snmpd and
the subagent. See 'man snmpd.conf' - added agentxRetries to the
subagent list handler. See 'man snmpd.conf'. It's never used in the
subagent, but it's now following the documentation Signed-off-by:
Anders Wallin <[email protected]>
snmptrap:
- BUG: 2899: Patch from Drew Roedersheimer to set library
engineboots/time values before sending
snmptrapd:
- Add support for the latest libmysqlclient version
libsnmp:
- Scan MIB directories in alphabetical order This guarantees that
e.g. mibs/RFC1213-MIB.txt is read before mibs/SNMPv2-MIB.txt. The
order in which these MIBs is read matters because both define
sysLocation but with different attributes.
unspecified:
- [BUG 2930]: Fix a Solaris hrSWInst crash Avoid that snmpd crashes
on Solaris when querying software packages with an empty CATEGORY
field. See also https://sourceforge.net/p/net-snmp/bugs/2930/. See
also https://sourceforge.net/p/net-snmp/patches/1390/.
FreeBSD:
- Fix first byte of IF-MIB::ifPhysAddress Don't write past the
interface name, and use temporary copy instead. This fixes the
first byte of ifPhysAddress always being 0 on FreeBSD. See also
https://sourceforge.net/p/net-snmp/code/merge-requests/20/. [
bvanassche: edited patch title / added test for malloc() result /
reduced number of free(if_name) calls ]
Win32:
- BUG: 2779541 Fixed handle leak in pass_persist.
*5.8*
snmplib:
- [BUG 3444939]: BUG: 1796886: snmplib: Avoid that
sprint_realloc_octet_string() triggers a segmentation fault
strlcpy() implementations typically scan for the end of the source
argument passed to strlcpy(). Hence avoid passing an unterminated
string to strlcpy().
- Flush persistent config to persistent storage
- Asn1: BUG: 2828: from "Google Autofuzz project": fix off-by-one
heap access for opaque types (and an adjacent bug that was not in
5.4, noticed by code inspection)
- Asn1: from "Google Autofuzz project": propagate error from
asn_parse_length
- TLS/DTLS fixes
- Add more openssl error cases where we check for local cert
- fix usm keychanges for new algorithms and longer keylengths
- fix some memory leaks in usm processing
- IP address formatting fixes
- Make the source code C89 compliant
- Fixed reporting 'error writing to /var/xxx/snmpapp.conf'. When a
client utility, such as snmptrap, tries to write to its persistent
configuration file (/var/net-snmp/snmpapp.conf in Fedora), do not
report any error when open() fails. The tool is typically run by
non-root, who cannot write to /var and the error just confuses
users. And when doing it, make sure that "snmpapp" string is
defined only on one place, just in case.
- BUG: 2622: Fix excessive indents in log file
snmpd:
- SNMP-TARGET-MIB: Fix snmpTargetAddrTAddress
- [BUG 2815]: Display UTF-8 characters again
- [BUG 3444939]: BUG: 1796886: snmplib: Avoid that
sprint_realloc_octet_string() embeds unprintable control characters
or binary zeroes in its output. This behavior could cause truncated
output in snmptrapd.")
- BUG: 2864: use clientaddr properly
- Add the ability to set the source address with "-s" for trapsess
- BUG: 1366: Pass proper buffer length to netsnmp_tls_fingerprint_build()
- Fix/enforce ipDefaultRouterLifetime value range
- BUG: 2810: from "Minzhuan Gong": fix compile with
--enable-read-only
- BUG: 2845: fix compilation error with NETSNMP_NO_WRITE_SUPPORT
- BUG: 2846: fix agent compile when both --enable-read-only and
--disable-set-support are given.
- Com2sec and com2sec6 SOURCE values may deny sources as well as
permit.
- TLSTM MIB: Fix support for sha256, 384 and 512 fingerprints
- BUG: 2830: Make the agentxperms keyword work again
- Add new snmpd.conf option 'diskio' to monitor only selected disks.
On machines with thousands of block devices, parsing
/proc/diskstats is really slow. The new option enables monitoring
of selected devices, saving lot of CPU time.
agentx:
- From "Google AutoFuzz project": account for the nul character we
will add to the string.
- From "Google Autofuzz project": additional agentx protocol parser
bounds checking
install:
- Install missing system header files
building:
- Add Travis and Appveyor CI support
- Fix recently introduced autoreconf warnings
- Unbreak AIX support
- RHEL 5 build fix
docs:
- Bug 2826: from Tomasz: fix utf-8 encoding
python:
- BUG 2824: from: Tomasz: Fix python module make install
snmptranslate:
- Introduce bulk translation mode The special argument "-" causes
snmptranslate to enter bulk translation mode, in which it expects
one OID per line. Whitespace is treated as the end of the OID, and
only that portion of the line is replaced, meaning that this can be
used to translate, e.g., "snmpwalk" output without the proper MIBs
loaded: snmptranslate -m all -OX < numeric.txt > symbolic.txt
snmptrapd:
- Add support for the latest libmysqlclient version
- Correctly forward traps with Request-ID '0'. Request-ID of
forwarded traps is taken from the incoming trap and it can be zero.
We should not report error in this case.
mib2c:
- PATCH: 1281, BUG: 2534 fixed mfd writability
python:
- Patch from David Hankins to fix python binding error codes
unspecified:
- A new 'checkbandwidth' script to check host min/max bandwidth
- Many fixes found by Coverity scans
- Fixed crash when receiving non-standard compliant responses. Some
HW sends ifOperStatus as NULL instead of INTEGER type. We should
not try to dereference this NULL.
- IPv6 support is now compiled by default. If you need an IPv4-only
agent, use --disable-ipv6.
- [BUG 2616]: Fix certain spelling errors in source code comments and
printed messages
- [BUG 2624]: stop trying to use the deprecated perl uninstall
- [BUG 2712]: Fix Perl module compilation
- [BUG ]: #2615: Don't return incompletely parsed varbinds
DISMAN EXPRESSION MIB:
- Avoid that enabling this MIB causes snmpd to crash during startup
DISMAN MIB:
- Avoid reading past the end of a buffer Terminate the expExpression
string with a NUL character.
HP:
- UX on ia64: Fix large fd set implementation Reported-by: Dixon
Xavier <[email protected]>
NetBSD:
- Fix for NetBSD 8
MIB:
- Speed up reading /proc/net/tcp and /proc/net/tcp6 The time needed
to read Linux procfs files is proportional to the square of the
quotient of the file size and the read buffer size. Increase the
read buffer size to decrease the time needed to read large procfs
files.
Windows:
- BUG: 2550: Suppress netsnmp_assert s != (-1) messages
- Feature-request: 181: Export snmp_api and ASN functions See also
http://sourceforge.net/p/net-snmp/feature-requests/181/.
Cygwin64:
- Fix build with OpenSSL
- Fix winExtDLL build
Win32:
- Add support for the DTLS-UDP and TLS-TCP transports
- Win32/MSVC general cleanup
*5.7.3*
snmplib:
- Fixed crash when MD5 hash is not supported by OpenSSL.
- Fixed parsing of sequences. Don't overwrite 'data' variable, it's
used when parsing bulk responses.
- [BUG 1267 ]: snmplib: register_mib_context() fix for read-only
variables This is a slightly modified version of a patch from
Harsha Shivanna.
snmp:
- Usm-dh-objects-mib: Avoid triggering an assert statement in
netsnmp_ready_monotonic() The cache timeout for
snmp-usm-dh-objects-mib is -1. Any cache timeout value < 0 disables
caching. However, strictly negative values trigger the assert
statement in netsnmp_ready_monotonic(). Avoid triggering that
assert statement.
- Fixed monitoring based on non-delta trigger. snmpd crashed wit
following snmpd.conf: monitor -s -D -r 10 -e LOGMATCH -o
logMatchCurrentCount "Log Match" != logMatchCurrentCount logmatch
LoginFailure1 /var/log/secure 10 su: .*fail.* The reason was
unitialized variable sysUT_var in mteTrigger_run(), it was filled
only if the trigger was delta-valued, while its value was used for
all triggers. With this patch, sysUT_var is filled for all code
branches where it is needed.
snmpd:
- Add a missing function declaration
- Added btrfs support to hrFSTable
- Correct the size of of the EXAMPLEIPADDRESS value on L64 hosts
- Fixed crash in UCD-SNMP-MIB::extTable snmpd crashed when the
command to execute had no arguments, i.e. extend->args was NULL.
- Fixed value of UCD-SNMP-MIB::extCommand to contain full command
line. MIB description of UCD-SNMP-MIB::extCommand suggests it
should contail full command line. Also in Net-SNMP 5.3.2.2, whole
command line was shown.
- Make it possible to use NUL characters in the indices for
snmpTargetAddrTable
- PATCH 2472: from Sunil: don't use HBKT as heartbeat interval in
SCTP-MIB::sctpAssocTable.
- Remove some unused includes
- Show Linux kernel threads in hrSWRunTable.
- Use 0 for the ignored numvars argument to netsnmp_register_mib The
numvars argument of netsnmp_register_mib is ignored if the var
argument is NULL. In order to unify this use of it with all other
ones, change it from 1 to 0
- SECURITY: a denial of service attack vector was discovered on
the linux implementation of the ICMP-MIB. This release fixes
this bug and all users are encouraged to update their SNMP
agent if they make use of the ICMP-MIB table objects.
- PATCH: 1275: from Viliam Púčik: fixed Perl trap handler when
processing trap with empty community string.
snmpd, snmptrapd and apps:
- Make ENV_SEPARATOR_CHAR configurable
snmptrapd:
apps:
- Stop agentxtrap from accessing the persistent configuration This is
needed to prevent moaning about not beeing allowed to write those
files due to bad permissions.
- Stop using snmp_perror when logging after functions that don't set
snmp_errno.
building:
- Make the -without options to rpmbuild work
- Avoid duplicate and trailing spaces in the dependency files.
documentation:
- From "Eric S. Raymond": Correct man page markup problem Ambiguous
or invalid backslash. This doesn't cause groff a problem. but it
confuses doclifter and may confuse older troff implementations.
perl:
- BUG: 2402: Add support for SNMPv3 traps
python:
- Fixed IPADDRESS size on 64bit systems.
- Fixed returning of empty strings. Varbind type (SNMP_NOSUCHOBJECT
etc.) should be used to detect errors instead of length of the
variable - it can be empty string.
- [PATCH 1239]: Fix memory leak
testing:
- Make sure Test::Harness is of at least version 1.21 Test::Harness
1.21 is the first version that implements TAP v12 which allows
putting the header (1..N) after the tests and since our tests
utilize that we should make sure that the test runner supports it.
AIX:
- Make tcp-mib build
- Make udp-mib build
Linux:
- BUG: 2238: Add libnl3 support
- RESOURCES-MIB, hrSWRun table: Parse /proc/<pid>/stat correctly on
Linux This issue was reported by Vincent Bernat
<[email protected]>. See also
http://sourceforge.net/p/net-snmp/patches/1257/.
Win32:
- Modified patch from Bart Van Assche to improve cygwin building
- Perl: BUG: 2488: Avoid "Free to wrong pool" error
- Perl: BUG: 2488: Avoid "Free to wrong pool" error" This reverts
commit b2725964bde921b6285e3a59a512552cae0a0ca5.
Windows:
- Add multihoming support On Windows Vista / Windows Server 2008 and
later it is possible to add multihoming support by using the
IP_PKTINFO socket option. Conflicts:
snmplib/transports/snmpUDPBaseDomain.c
- Make winExtDLL work on 64-bit Windows systems
- Port batch build infrastructure to Visual Studio 2010 and later
From Visual Studio 2010 on it is no longer possible to specify
include or library directories globally - these have to be
specified per project. Hence two additional menu entries in
build.bat that allow to specify these directories.
- Ported ucd-snmp/dlmod to MinGW / MSVC
MinGW:
- Port T005table_dataset_cagentlib.c to MinGW
unspecified:
- Added simfs (OpenVZ filesystem) to hrStorageTable and hrFSTable.
- Upport new MIB structures and MFD rewrites under Darwin
- [BUG 2470]: Accept 65535 as a valid IPv6 port number
- [BUG 2476]: snmpd fails to start on AIX On an AIX system there is
no <kvm.h> header file nor do the /dev/dmem or /dev/drum devices
exist and hence DMEM_LOC is not defined. Avoid that init_kmem()
fails in that case.
- [BUG 2568]: Avoid that file descriptors above FD_SETSIZE trigger
abort()
*5.7.2*
snmplib:
- Add Doxygen-style function header for
netsnmp_register_default_target() and
netsnmp_clear_default_target().
- Add netsnmp_setenv().
- Avoid that system clock changes (e.g. by ntpd) affect code that
needs relative time Make sure that the range of the SNMPv3 variable
snmpEngineTime is 0..2147483647 on all supported systems instead of
0..42949672 on some systems (i.e. wraparound after 497 days) Add
netsnmp_get_monotonic_clock(), netsnmp_set_monotonic_marker(),
netsnmp_ready_monotonic(), netsnmp_get_agent_runtime()
- Avoid that system clock changes (e.g. by ntpd) affect code that
needs relative time Make sure that the range of the SNMPv3 variable
snmpEngineTime is 0..2147483647 on all supported systems instead of
0..42949672 on some systems (i.e. wraparound after 497 days) Add
netsnmp_get_monotonic_clock(), netsnmp_set_monotonic_marker(),
netsnmp_ready_monotonic(), netsnmp_get_agent_runtime() Deprecate
atime_diff(), atime_newMarker(), atime_ready(), atime_setMarker(),
marker_tticks(), netsnmp_marker_uptime(), netsnmp_timeval_uptime(),
timeval_tticks(), uatime_diff(), uatime_hdiff() and uatime_ready().
- Avoid waiting indefinitely if a session has timeout zero
- Declare "type" argument of se_store_list() / se_store_slist() /
se_store_enum_list() const
- Make it explicit that MAX_SUBID is an unsigned constant
- Make netsnmp_callback_accept() return -1 (failure) instead of 0
(STDIN_FILENO)
- Make netsnmp_large_fd_set_resize() robust against memory allocation
failures. Make NETSNMP_LARGE_FD_ZERO() use memset() on Unix systems
instead of an explicit loop.
- Make netsnmp_large_fd_set_resize() robust against memory allocation
failures. Make NETSNMP_LARGE_FD_ZERO() use memset() on Unix systems
instead of an explicit loop. Make sure that on Unix systems
netsnmp_large_fd_clr() doesn't try to read memory it isn't allowed
to read if the first argument equals -1 (a value that shouldn't be
passed by the caller).
- Merge together the Linux and *BSD version of src port sending.
- Only transform the address to printable form when needed.
- PATCH 3510454: Allow the use of 0.0.0.0/0 as alias for default
- Prevent gcc ped-warning for NETSNMP_REMOVE_CONST git-svn-id:
file:///home/hardaker/lib/sf-bkups/net-snmp-convert-svnrepo/trunk@1
8052 06827809-a52a-0410-b366-d66718629ded
- Reduce overhead of config file parsing
- Remove obsolete snmp_get_fd_for_session() declaration
- Separate out the cmesg buffer size
- Set the rpath for libperl.so in libnetsnmpmibs.so such that the
dynamic linker can find libperl.so without requiring the user to
modify the dynamic linker settings. This change in
agent/Makefile.in is necessary on the 5.5 branch and later but not
on the 5.4 branch. That is because the 5.4 branch uses an older
version of libtool that propagates the rpath of dependent
libraries. This is called inter-library dependency tracking in the
libtool manual. This functionality is present in libtool version 1
but not in libtool version 2. For more background information about
dynamic libraries and rpaths, see also the document with the title
"RpathIssue" on the Debian wiki
(http://wiki.debian.org/RpathIssue).
- Simplify implementation of functions manipulating 64-bit numbers.
- Simplify the se_store_enum_list() implementation
- Use SNMP_ALLOC_TYPEDEF to allocate transports in order to avoid the
separate call to memset.
- [PATCH 3414773]: Encode integer value using ASN_INTEGER
- [PATCH 3526599]: Don't hang on retried failing SNMPv3 responses
- PATCH 3560473: from fenner: Handle TimeTicks when pretty-printing
OID Signed-off-by: Wes Hardaker <[email protected]>
- Add the symbol NETSNMP_PRIo to help in printing oid values.
- Do not crash from empty values in --token=value arguments
- Do not crash on incomplete configuration tokens.
- Do not truncate single default transport domains
- Move the check that the pdu variable is non-NULL to before the
first dereference of it.
snmplib + snmpd + snmpwalk:
- Avoid that system clock changes (e.g. by ntpd) affect code that
needs relative time
snmplib, snmpd, perl:
- Eliminate dead variables agent/mibgroup/agentx/master_admin.c
agent/mibgroup/etherlike-mib/data_access/dot3stats_linux.c
agent/mibgroup/etherlike-mib/dot3StatsTable/dot3StatsTable_data_acc
ess.c agent/mibgroup/host/data_access/swinst_pkginfo.c
agent/mibgroup/host/data_access/swrun_procfs_status.c
agent/mibgroup/ip-mib/data_access/systemstats_linux.c
agent/mibgroup/mibII/kernel_linux.c
agent/mibgroup/rmon-mib/data_access/etherstats_linux.c
agent/mibgroup/rmon-mib/etherStatsTable/etherStatsTable_data_access
.c apps/snmptls.c apps/snmptrapd_log.c snmplib/dir_utils.c
snmplib/snmp_client.c snmplib/snmp_openssl.c
snmplib/transports/snmpTLSTCPDomain.c
- BUG: 3517030: Ensure large tables are walked properly
- BUG: 3541012: Fix handling of gettable columns
- [PATCH 3529541]: Don't refer to internal 'my' variables from
external scripts Fix provided by Lezz Giles
snmp:
- Bridge-mib: Fix index interpretation. This patch corrects a wrong
data interpretation. snmp-bridge-mib obtains the ifindex value from
the sysfs attribute 'ifindex' The value given by the sysfs
attribute is an integer, which is handled as hex and leads to
incorrect data displayed to the user. e.g. $ > snmpwalk localhost
BRIDGE-MIB::dot1dBasePortIfIndex.2
BRIDGE-MIB::dot1dBasePortIfIndex.2 = INTEGER: 54 according to the
sysfs attribute the value is 36 $ > cat
/sys/class/net/<device>/ifindex 36 Signed-off-by: Mijo Safradin
snmpd:
- Lowered severity of 'Error expanding XXX to 64bits' messages.
- Removed error log messages when IPv6 is disabled.
- Add missing debug tag
- Add netsnmp_get_next_alarm_time()
- Avoid that system clock changes (e.g. by ntpd) affect code that
needs relative time Make sure that the range of the SNMPv3 variable
snmpEngineTime is 0..2147483647 on all supported systems instead of
0..42949672 on some systems (i.e. wraparound after 497 days)
- BUG 3542188: Correct sysORDescr for snmpUsmMIB. Thanks to Dave
Vucich for reporting this.
- BUG 3542307: Correct sysORID for snmpMPDStats. Thanks to Dave
Vucich for reporting this.
- BUG: 3439234: Correct the dependencies of ucd-snmp/pass and
ucd-snmp/pass_persist
- BUG: 3439234: Move netsnmp_pass_str_to_errno to pass_common and
rename it to netsnmp_internal_pass_str_to_errno
- BUG: 3463767: Handle parsing subidentifiers > 2^31
- BUG: 3532090: Fix high ifIndex values crashing hrDeviceDescr
- Call snmp_oidtree_compare instead of snmp_oid_min_compare
- DISMAN-PING-MIB: Avoid dangling pointers (based on patch 3503259)
- DISMAN-PING-MIB: Avoid reading freed memory when deleting a row
from a table
- DISMAN-PING-MIB: Do not send the contents of the stack over the
network
- DISMAN-PING-MIB: Don't call exit() upon memory allocation failure
- DISMAN-PING-MIB: Fix IPv6 socket leak in error paths
- DISMAN-PING-MIB: Fix a socket leak triggered by pinging a remote
host
- DISMAN-PING-MIB: Fix more memory leaks
- DISMAN-PING-MIB: Fix several memory leaks
- DISMAN-PING-MIB: Make ping implementation independent of ntpd clock
jumps
- DISMAN-PING-MIB: Make pinging local interface addresses work
- DISMAN-SCHEDULER-MIB: Handle 32-character schedContextName values
correctly. See also commit
b3c4982542e0ab151fb3884754cdfbcb472da52d.
- Disable the support for integer64 in pass scripts if compiling
without opaque-special-types.
- Factor out asc2bin and bin2asc. Add a netsnmp_internal_ prefix to
them
- Fixed UCD-SNMP-MIB::systemStats after 30 days of uptime. After 30
days, values from /proc/stat (on Linux) can get bigger than 32bits
and snmpd calculations might render counters like ssCpuUser
negative or zero, while the real value is higher. Therefore the
counters should be tracked as the largest integer available.
- Fixed snmpd '-d' option. Now it dumps packets again.
- IF-MIB::ifType: Report type "infiniband (199)" for InfiniBand
interfaces instead of type "other (1)".
- Init_agent() + init_kmem(): Return an error value instead of
invoking exit() if access to kernel virtual memory is denied
- Make the configuration of the dlmod module fail rather than
generate a dummy module if the dlopen function isn't available.
- Match each getpwnam()/getpwuid() call with an endpwent() call and
each getgrent() call with an endgrent() call.
- PATCH 3402376: from Leonardo Chiquitto: Recognise ReiserFS Also
move various FSType definitions to the appropriate blocks
- PATCH 3453868: from "Bill Fenner <[email protected]>": Factor common
code into pass_common Move the code for pormatting and printing
values from pass and pass_persist into pass_common.
- PATCH: 3487867: Don't skip missing ifXTable entries
(ifConnectorPresent FALSE)
- Pass_persist: Fixes a race condition introduced in commit
31fa07cd9ffde46d41d2b5838c3fc4d01548bfb5. The following race
condition could happen: - A system call fails and errno is set
accordingly by the C library. - SIGCHLD handler invokes a system
call that fails and hence overwrites errno. - SIGCHLD handler
leaves. - original context checks errno and finds the value from
the system call invoked by the SIGCHLD handler instead of the
system call that failed originally. Other fixes included in this
patch: - Renamed deinit_pass_persist() into shutdown_pass_persist()
such that this function gets called during agent shutdown. - Made
sure that shutdown_pass_persist() is called by the Windows
snmpd.exe too. - Windows: avoid calling
CloseHandle(INVALID_HANDLE_VALUE). - Windows: avoid that closing a
pass_persist pipe triggers a crash. - Windows: pass_persist: close
handles of finished processes.
agent/mibgroup/ucd-snmp/pass_persist.c win32/mib_module_shutdown.h
- Smux: simplify smux_list_detach()
- UDP-MIB: Report the proper address in udpLocalAddress instead of
0.0.0.0. Makes test T160snmpnetstat pass again. Fixes a bug
introduced in commit c76fb96f65e33ba2fd212a921e8c386155ee5c7a.
- [BUG 3460364]: Fix use of block factor when detecting error
conditions
- [BUG 3489631]: Fix incorrect handling of UCD monitoring flag
- [PATCH 3410050]: Skip already-'processed' varbinds Based on mib2c
patch provided by Stephen Turner
- [PATCH 3410059]: Fix sparsely augmenting trigger tables Patch
provided by Stephen Turner
- [PATCH 3447444]: Fix SIG_PIPE handling Patch provided by Bill
Fenner
- [PATCH 3447671]: Fix override handling of OID values Patch supplied
by Phillip O'Donnell
- [PATCH 3479740]: Fix hrSWRunPerf statistics
- [PATCH 3487919]: Fix compilation when caching is disabled
- [PATCH 3495697]: Store persistent snmpTarget table changes
- BUG 3542188: Correct sysORDescr for snmpUsmMIB. Thanks to Dave
Vucich for reporting this.
- BUG 3542307: Correct sysORID for snmpMPDStats. Thanks to Dave
Vucich for reporting this.
- BUG: 3543864: Remove extraneous function type (and fix a related
typo)
- Removed limit of 'exec' and 'sh' entries in snmpd.conf Use dynamic
(re)allocation instead.
- [PATCH 3543000]: Various fixes to Rmon code Supplied by Patrick
Ritter
snmpdx:
- [PATCH 3445437]: Log AgentX disconnections (in line with
connections) Patch provided by Bill Fenner
snmptrapd:
- Avoid crash during shutdown due to invoking perl_destruct(NULL)
- Do not invoke shutdown_perl() from inside the SIGTERM handler since
that fails if SIGTERM is received while a Perl handler is active.
Based on a patch posted by Joel Avni <[email protected]>
- Eliminate an unused variable (Now)
- Move the main loop code into a new function
- Remove superfluous casts
snmptrapd_sql:
- Avoid that a linker error is triggered on systems where my_progname
is missing in libmysqlclient (e.g. Fedora 15 and 16). This is a
backport of commit 9f653f7.
aix:
- Eliminate configure warning regarding libperfstat.h on AIX 6.1 and
up
- PATCH 3403433: from blentz: Issues with hrSWRunName and Parameters
on AIX Signed-off-by: Wes Hardaker
apps, snmplib:
- PATCH: 2835577: identified by "Bart Van Assche": Replace SNMP_ZERO
of arrays with a memset. git-svn-id:
file:///home/hardaker/lib/sf-bkups/net-snmp-convert-svnrepo/trunk@1
7797 06827809-a52a-0410-b366-d66718629ded
- BUG: 3529768: Be more careful when stripping off numeric suffixes
build:
- Do not generate an output file on failure make supposes that no
output is generated if the command failed. Change feature-remove to
follow that presumption.
- BUG: 3532234: Fix typo in libtool script (addressed properly in
libtool 2.4.2)
building:
- Add dependencies on @FEATURETARGS@ to make the subtarget work as
well.
- Add missing end comments to feature ifndefs.
- Add target to build agentxtrap from the toplevel
- Build fix for systems lacking field msg_flags in struct msghdr
(e.g. IRIX)
- Build fix for systems lacking fields msg_control/msg_flags in
struct msghdr (backport)
- Correct dependencies - since
bf74fea69f24dc6e85f908f3f41d1426b2e09688 snmpconf is located in
builddir, not srcdir
- Correct dependencies - since
bf74fea69f24dc6e85f908f3f41d1426b2e09688 snmpconf is located in
builddir, not srcdir" This reverts commit
9efa467a972bb6e1c7fbdaf2e27429d29f4ab89e.
- Make the transport configuration code work again Previously the
transport inheritance processing code ran with
NETSNMP_FEATURE_CHECKING set. In this mode the file
net-snmp/feature-details.h is requiered. That file is created
during the first make run, and that happens after configure is run.
Change this to undefine NETSNMP_MINIMAL_CODE, effectively turning
off feature support during transport configuration in order to make
it work at all.
- Run libtool --mode=finish on the right directory
libnetsnmp:
- PATCH 3394586: from rwa-co: file descriptor leak in read_config
(+fix) Signed-off-by: Wes Hardaker <[email protected]>
libsnmp:
- Changed the type of the fourth argument of netsnmp_set_row_column()
from const char* to const void* such that no cast is necessary when
passing another datatype then char* or const char*.
man:
- [BUG 3490708]: Clarify use of common command-line options
- BUG: 3535269: Document use of [snmp] for client-side tools.
pass:
perl:
- Add agent::uptime()
- Enable sending SNMPv2 traps with an empty varbind list
- Fix spelling in the documentation of the SNMP module
- Fixed segmentation fault when handler registration fails. When
netsnmp_register_handler fails, it frees its reginfo ->
nsahr_DESTROY (and any other function) must not dereference it.
- Perl: Make sure that the constant SNMP_DEFAULT_RETRIES is
recognized. SNMP module: Add constants
NETSNMP_CALLBACK_OP_RECEIVED_MESSAGE and
NETSNMP_CALLBACK_OP_TIMED_OUT. When the Net-SNMP Perl modules are
built on Windows with MSVC or MinGW it is possible that each these
are linked with another version of the MSVC runtime library than
the Perl interpreter itself. In that case the "errno" variable used
inside .xs source files is another variable than the $! variable in
.pm files. Or: assignments to "errno" in a .xs file do not modify
the "$!" Perl variable This patch avoids using "errno" by modifying
the different constant() functions such that these return a
two-element array instead of returning a scalar and setting errno.
python:
- Avoid that an SNMP set with UseEnums enabled causes a segmentation
fault
- [PATCH 3433846]: Fix for use with python 2.4
- BUG: 3535967: Fix memory leak - snmp_{sess_}error allocates the
output buffer
testing:
- Add a test for se_store_list()
- Add testing/fulltests/default/T154dismanpingmib_simple
- Avoid false negative for T114agentxagentxtrap_simple caused by the
test result being present in the hex dump ("mostly_harmless")
- Convert snmplib/test_binary_array.c into two unit tests
- Fix Perl regression test failures All Perl regression tests pass
now on Linux and on Windows (MSVC).
- Make the asn1 test pass even if support for opaque types are
removed.
- Perl regression tests: Don't fail skipped tests.
- Protect the use of $OSTYPE to ensure that 'test' get enough
parameters.
- Remove an incorrect comment from simple_eval_tools.sh
- Remove unused variable
- Require a semicolon after OK(), OKF() and PLAN() Also, let OKF()
emit a single line of output such that all output it produces is
visible in the output of "make test".
- [BUG 3474590]: Don't match underscores within the source root
filename
- Add test cases for snmp_service
unspecified:
- Added CVFS (CentraVision File System) to hrStorageTable and
hrFSTable.
- Removed counter-64 error messages. These messages do not say
enything useful, caller should check their return value and report
it.
- Added OCFS2 (Oracle Cluster FS) to hrStorageTable and hrFSTable
- [BUG 3444939]: BUG: 1796886: snmplib: Avoid that
sprint_realloc_octet_string() embeds unprintable control characters
or binary zeroes in its output. This behavior could cause truncated
output in snmptrapd.
- [BUG 3452069]: Fix snmptrap_oid declaration in mib2c generated code
This bug was introduced considerable time ago. It did already exist
at the time the 5.6 branch was created (see also commit
0ec088afa27cfda4e6ea78aae7cfc5507564edde).
- [BUG 3454168]: configure: Fix building with --enable-read-only
- [PATCH 3418649]: HOST-RESOURCES-MIB: Use pclose() instead of
fclose() to close a pipe.
- [BUG 3540621]: dist: Add missing Provides: to net-snmp-perlmods RPM
spec
BSD:
Bug 3152841:
- Do not install the util_funcs subheaders that were removed in 5.7
- Install util_funcs subheaders
- Install util_funcs subheaders introduced in 5.6
Cygwin:
- Make date_n_time() produce time zone information
Cywin:
- Agent: Implement get_uptime() such that querying
HOST-RESOURCES-MIB::hrSystemUptime returns a non-zero value.
FreeBSD:
- Restore IP_RECVDSTADDR functionality.
- Snmpd + apps: Sending UDP packets works again for non-root users
- [PATCH 3489387]: Install FreeBSD 10 header file (plus other missing
versions)
Linux:
- PATCH: 3525998: Don't use an uninitialised value in error message
- [PATCH 3536420]: Ensure snd/rcv memory buffers are suitably aligned
Patch provided by Tyler Olmstead
MinGW:
- Net-SNMP Perl modules build again.
- Support the directory structure of recent Shining Light OpenSSL
binary distributions
- Testing: Fix a race condition in the test framework
- Testing: Fix a race condition in the test runner
- Testing: Make test T130snmpv1vacmget_simple pass
- Testing: Make those regression tests pass for which SNMPCONFPATH
and/or SNMP_PERSISTENT_DIR matter
- Testing: Make unit-tests/T014gethostbyaddr_clib pass
- Testing: Make unit-tests/T102pdu_build_clib pass.
- Testing: Obtain the MSYS path from the environment
Win32:
- Avoid that compiling the header file <net-snmp/net-snmp-config.h>
with the MinGW gcc compiler triggers warnings about "pragma
comment".
- Avoid that the PACKAGE_* macros defined in
<net-snmp/net-snmp-config.h> cause trouble when including this
header in a package that uses the GNU autotools.
- Building: Builds now correctly with a 64-bit compiler. git-svn-id:
file:///home/hardaker/lib/sf-bkups/net-snmp-convert-svnrepo/trunk@1
9458 06827809-a52a-0410-b366-d66718629ded
- Snmpd: Remove dlmod
Windows:
- Building (build.bat): Install netsnmp.dll before running the Perl
regression tests such that the regression tests are run with the
correct version of netsnmp.dll.
- MSVC: Avoid that the typedefs in <net-snmp/net-snmp-config.h>
conflict with those in <stdint.h> from the msinttypes project
- MSVC: Link with proper libeay32 library
- MSVC: When linking with OpenSSL, link with user32.lib too
- Make netsnmp_large_fd_set_resize() robust against memory allocation
failures. Make NETSNMP_LARGE_FD_ZERO() use memset() on Unix systems
instead of an explicit loop. Make sure that on Unix systems
netsnmp_large_fd_clr() doesn't try to read memory it isn't allowed
to read if the first argument equals -1 (a value that shouldn't be
passed by the caller). Make netsnmp_large_fd_is_set() return false
on Unix systems if the first argument equals -1 (a value that
shouldn't be passed by the caller). Make
netsnmp_large_fd_set_resize() shrink behavior correct.
- Perl (build.bat): When installing development files, install the
PDB files too.
- Remove superfluous link libraries from project files (*.dsp)
- Snmptrapd: Make the IP address to hostname conversion work
- Testing: perl: Fix an incorrect message printed while running the
Perl module regression tests
*5.7.1*
snmplib:
- Fix a crash that could be
- tweak patch 3044888 to restore
snmpd:
- [PATCH 3386633]: fix integer overflow in disk percent calculations
- Make
- Restore storage tables on Linux
- run signal handlers when select()
snmptrapd:
- Add missing newline
- Invoke shutdown_perl() when
building:
- [PATCH 3383951]: Fix -Wunused compile warnings with FreeBSD/NetBSD
Signed-off-by: Wes Hardaker <[email protected]>
- build fix
- build fix for systems lacking
libnetsnmp:
- [PATCH 3387139]: from
man:
- [PATCH 3312861]: Man pages
testing:
- Changed
- Check PID file existence after having read it instead of before.
This fixes the race condition where the PID file disappeared after
the existence check and before it was read.
- Make the SNMP_VERBOSE=1 output even more verbose.
unspecified:
- minor NEWS polish
Perl:
- Remove file perl/NetSNMP.xs
Win32:
- Add support for
- Document how to build 64-bit
- Documented how to use build.bat with
- winExtDLL: Invoke
Windows:
- Avoid that if
- Remove outdated instructions about
*5.7*
snmplib:
- Added function netsnmp_delete_table_data_set().
- Added function netsnmp_delete_table_data_set(). Added declaration
for the function netsnmp_table_data_delete_table() in a public
agent header file.
- Added function netsnmp_delete_table_data_set(). Added declaration
for the function netsnmp_table_data_delete_table() in a public
agent header file. Fixed memory leak in
netsnmp_table_data_delete_table().
- Added function netsnmp_delete_table_data_set(). Added declaration
for the function netsnmp_table_data_delete_table() in a public
agent header file. Fixed memory leak in
netsnmp_table_data_delete_table(). Fixed memory leak triggered by
unregistering a table handler.
- Added macro netsnmp_static_assert().
- Added netsnmp_mib_handler.data_clone, a function pointer that
defines how to clone netsnmp_mib_handler.myvoid. Must be defined if
and only if data_free is set. The function netsnmp_handler_dup()
does now clone MIB handler private data if data_clone() is set.
Previously after duplicating a MIB handler and unregistering one of
the two MIB handlers, the private data pointer (myvoid) of the
other became a dangling pointer. Note: addition of
netsnmp_mib_handler.data_clone is an ABI change.
- Added snmp_sess_session_lookup().
- Added the function netsnmp_check_definedness(), which helps to find
the cause of undefined value errors as reported by Valgrind.
- Avoid that Valgrind complains about uninitialized data for the
buffers returned by netsnmp_callback_recv() and
netsnmp_callback_hook_build().
- Be const correct over calls to str* functions.
- Changed the argument type of debug_register_tokens() from char *
into const char *.
- Check that the argument to netsnmp_transport_copy is non-NULL
- Check the return value of strdup in netsnmp_create_data_list and
fail if strdup fails.
- Correct the extern "C" declarations to be consistent. Remove
commented out code.
- Fenner: fix sending of UDP responses from multihomed agents. Try to
send the response as it was before Net-SNMP 5.6 (assuming the
appropriate request was unicast) and only if it fails try to set
if_index (the request must be broadcast).
- Fixed bugs in asn_parse_unsigned_int64(),
asn_build_unsigned_int64(), asn_parse_signed_int64() and
asn_build_signed_int64(). Most but not all of these bugs were
specific to 64-bit systems. Fixes bug #3093199.
- Fixed memory leak triggered by calling se_add_pair_to_list() with a
value that already existed in the list.
- Invoking se_clear_slist() does no longer create a dangling pointer.
- Invoking se_clear_slist() does no longer create a dangling pointer.
Fixed leaks-at-exit triggered by using the snmp_enum code.
- Invoking se_clear_slist() does no longer create a dangling pointer.
Fixed leaks-at-exit triggered by using the snmp_enum code.
Documented behavior of se_add_pair(), se_add_pair_to_slist() and
clear_snmp_enum(). Made snmp_enum example consistent with the rest
of the code by adding strdup() calls and added a call to
se_clear_all_lists().
- Invoking se_clear_slist() does no longer create a dangling pointer.
Fixed leaks-at-exit triggered by using the snmp_enum code.
Documented behavior of se_add_pair(), se_add_pair_to_slist() and
clear_snmp_enum(). Made snmp_enum example consistent with the rest
of the code by adding strdup() calls and added a call to
se_clear_all_lists(). Fixed a memory corruption problem triggered
by the (undocumented) snmpd.conf "enum" keyword handler - storing
pointers to strings allocated on the stack in a global list does
not work.
- Remove the support for CMU compatibility since there is no way to
enable it and nobody have missed it.
- [BUG 3134323]: Fix crash when comparing invalid OIDs
- [PATCH 3165878]: Catch buffer overrun on 64-bit systems
- [PATCH 3195537]: Minor binary_array container sort optimization
- [PATCH 3203806]: Add the function netsnmp_large_select().
- [PATCH 3203806]: Make netsnmp_large_fd_set_resize() clear all
relevant file descriptors.
- [PATCH 3203806]: Minor performance optimization of
netsnmp_large_fd_set_resize().
- add IPv6 support to DTLSUDP transport
- add IPv6 support to DTLSUDP transport use new
netsnmp_sockaddr_storage in netsnmp_addr_pair
- add IPv6 support to DTLSUDP transport use new
netsnmp_sockaddr_storage in netsnmp_addr_pair add base_transport
ptr for tunneled transports
- add more openssl error cases where we check for local cert
- add new transport config tokens localCert/peerCert, deprecate
our_identity, their_identity
- add optional support for local DNSSEC validation of hostnames -
optional at configure time: --with-local-dnssec-validation -
requires DNSSEC-Tool validation libraries - initial support, for
systems with getaddrinfo. support for additional resolver