rpms
/
net-snmp
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f37-riscv64
rpms:f35
rpms:f36
rpms:f37
rpms:main
rpms:f33
rpms:f34
rpms:f31
rpms:f32
rpms:f30
rpms:f29
rpms:f28
rpms:f26
rpms:f27
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f18
rpms:f17
rpms:f16
rpms:f14
rpms:f15
rpms:f13
rpms:f11
rpms:f9
rpms:f10
rpms:f12
rpms:f7
rpms:f8
rpms:net-snmp-5_5-18_fc14
rpms:net-snmp-5_5-14_fc13
rpms:net-snmp-5_5-17_fc14
rpms:net-snmp-5_5-16_fc14
rpms:net-snmp-5_5-13_fc13
rpms:net-snmp-5_5-15_fc14
rpms:net-snmp-5_5-14_fc14
rpms:net-snmp-5_5-13_fc14
rpms:net-snmp-5_4_2_1-14_fc11
rpms:net-snmp-5_5-12_fc13
rpms:F-13-start
rpms:F-13-split
rpms:net-snmp-5_5-11_fc13
rpms:net-snmp-5_5-10_fc13
rpms:net-snmp-5_5-9_fc13
rpms:net-snmp-5_5-8_fc13
rpms:net-snmp-5_5-7_fc13
rpms:net-snmp-5_5-6_fc13
rpms:net-snmp-5_5-5_fc13
rpms:net-snmp-5_5-3_fc13
rpms:net-snmp-5_5-2_fc13
rpms:net-snmp-5_4_2_1-19_fc12
rpms:net-snmp-5_4_2_1-5_fc10
rpms:net-snmp-5_4_2_1-13_fc11
rpms:net-snmp-5_5-1_fc13
rpms:net-snmp-5_4_2_1-18_fc12
rpms:net-snmp-5_4_2_1-17_fc12
rpms:F-12-start
rpms:F-12-split
rpms:net-snmp-5_4_2_1-16_fc12
rpms:net-snmp-5_4_2_1-15_fc12
rpms:net-snmp-5_4_2_1-14_fc12
rpms:net-snmp-5_4_2_1-13_fc12
rpms:net-snmp-5_4_2_1-12_fc12
rpms:net-snmp-5_4_2_1-12_fc11
rpms:net-snmp-5_4_2_1-4_fc10
rpms:net-snmp-5_4_2_1-11_fc12
rpms:net-snmp-5_4_2_1-11_fc11
rpms:net-snmp-5_4_2_1-10_fc11
rpms:F-11-start
rpms:F-11-split
rpms:net-snmp-5_4_2_1-9_fc11
rpms:net-snmp-5_4_2_1-8_fc11
rpms:net-snmp-5_4_2_1-3_fc10
rpms:net-snmp-5_4_2_1-7_fc11
rpms:net-snmp-5_4_2_1-6_fc11
rpms:net-snmp-5_4_2_1-5_fc11
rpms:net-snmp-5_4_2_1-4_fc11
rpms:net-snmp-5_4_2_1-2_fc10
rpms:net-snmp-5_4_2_1-3_fc11
rpms:net-snmp-5_4_2_1-1_fc10
rpms:F-10-start
rpms:F-10-split
rpms:net-snmp-5_4_1-8_fc8
rpms:net-snmp-5_4_1-19_fc9
rpms:net-snmp-5_4_2-3_fc10
rpms:net-snmp-5_4_2-2_fc10
rpms:net-snmp-5_4_2-1_fc10
rpms:net-snmp-5_4_1-22_fc10
rpms:net-snmp-5_4_1-21_fc10
rpms:net-snmp-5_4_1-20_fc10
rpms:net-snmp-5_4_1-7_fc8
rpms:net-snmp-5_4_1-18_fc9
rpms:net-snmp-5_4_1-19_fc10
rpms:net-snmp-5_4-18_fc7
rpms:net-snmp-5_4_1-17_fc9
rpms:net-snmp-5_4_1-18_fc10
rpms:net-snmp-5_4_1-17_fc10
rpms:net-snmp-5_4_1-16_fc9
rpms:net-snmp-5_4_1-16_fc10
rpms:net-snmp-5_4_1-15_fc9
rpms:net-snmp-5_4_1-15_fc10
rpms:net-snmp-5_4_1-14_fc9
rpms:F-9-start
rpms:F-9-split
rpms:net-snmp-5_4_1-13_fc9
rpms:net-snmp-5_4_1-12_fc9
rpms:net-snmp-5_4_1-10_fc9
rpms:net-snmp-5_4-17_fc7
rpms:net-snmp-5_4_1-6_fc8
rpms:net-snmp-5_4_1-9_fc9
rpms:net-snmp-5_4_1-8_fc9
rpms:net-snmp-5_4_1-7_fc9
rpms:net-snmp-5_4_1-6_fc9
rpms:net-snmp-5_4_1-5_fc8
rpms:net-snmp-5_4-16_fc7
rpms:net-snmp-5_4_1-5_fc9
rpms:net-snmp-5_4_1-4_fc8
rpms:F-8-start
rpms:F-8-split
rpms:net-snmp-5_4-15_fc7
rpms:net-snmp-5_4_1-3_fc8
rpms:net-snmp-5_4_1-2_fc8
rpms:net-snmp-5_4_1-1_fc8
rpms:net-snmp-5_4-16_fc8
rpms:net-snmp-5_4-15_fc8
rpms:net-snmp-5_4-14_fc7
rpms:net-snmp-5_4-14_fc8
rpms:net-snmp-5_4-13_fc7
rpms:F-7-start
rpms:F-7-split
rpms:net-snmp-5_4-12_fc7
rpms:net-snmp-5_4-11_fc7
rpms:net-snmp-5_4-10_fc7
rpms:net-snmp-5_4-9_fc7
rpms:net-snmp-5_4-8_fc7
rpms:net-snmp-5_4-7_fc7
rpms:net-snmp-5_4-6_fc7
rpms:net-snmp-5_4-5_fc7
rpms:net-snmp-5_4-4_fc7
rpms:net-snmp-5_4-3_fc7
rpms:net-snmp-5_4-2_fc7
rpms:net-snmp-5_4-1_fc7
rpms:net-snmp-5_3_1-11_fc6
rpms:FC-6-split
rpms:net-snmp-5_3_1-10_fc6
rpms:net-snmp-5_3_1-9_fc6
rpms:net-snmp-5_3_1-8_fc6
rpms:net-snmp-5_3_1-7_fc6
rpms:net-snmp-5_3_1_0-6_fc6
rpms:net-snmp-5_3_1_0-5_fc6
rpms:net-snmp-5_3_1_0-4_fc6
rpms:net-snmp-5_3_1_0-3
rpms:net-snmp-5_3_1_0-2
rpms:net-snmp-5_3_1_0-1
rpms:net-snmp-5_3_1_rc4-2
rpms:net-snmp-5_3_1_rc4-1_1
rpms:net-snmp-5_3_1_rc4-1
rpms:net-snmp-5_3_1_pre3-2
rpms:net-snmp-5_3_1_pre3-1
rpms:net-snmp-5_3_1_pre2-4
rpms:net-snmp-5_3_1_pre2-3
rpms:net-snmp-5_3_1_pre2-2
rpms:net-snmp-5_3_1_pre2-1
rpms:net-snmp-5_3-8
rpms:net-snmp-5_3-7
rpms:net-snmp-5_3-6
rpms:net-snmp-5_3-5
rpms:net-snmp-5_3-4_2
rpms:FC-5-split
rpms:net-snmp-5_3-4_1
rpms:net-snmp-5_3-4
rpms:net-snmp-5_3-3
rpms:net-snmp-5_3-2
rpms:net-snmp-5_3-1
rpms:net-snmp-5_2_2-4_1
rpms:net-snmp-5_2_2-4
rpms:net-snmp-5_2_2-2
rpms:net-snmp-5_2_2-1
rpms:net-snmp-5_2_2-0_rc6_1
rpms:net-snmp-5_2_2-0_rc5_1
rpms:net-snmp-5_2_2-0_rc4_2
rpms:net-snmp-5_2_2-0_rc4_1
rpms:net-snmp-5_2_2-0_rc3_1
rpms:net-snmp-5_2_2_rc2-1
rpms:net-snmp-5_2_1_2-3
rpms:net-snmp-5_2_1_2-2
rpms:net-snmp-5_2_1_2-1
rpms:net-snmp-5_2_1-13
rpms:FC-4-split
rpms:net-snmp-5_2_1-12
rpms:net-snmp-5_2_1-11
rpms:net-snmp-5_2_1-10
rpms:net-snmp-5_2_1-9
rpms:net-snmp-5_2_1-8
rpms:net-snmp-5_2_1-7
rpms:net-snmp-5_2_1-6
rpms:net-snmp-5_2_1-5
rpms:net-snmp-5_2_1-4
rpms:net-snmp-5_2_1-3
rpms:net-snmp-5_2_1-2
rpms:net-snmp-5_2_1-1
rpms:net-snmp-5_2-2
rpms:net-snmp-5_2-1
rpms:net-snmp-5_1_2-12
rpms:net-snmp-5_1_2-11
rpms:RHEL-4-split
rpms:FC-3-split
rpms:net-snmp-5_1_2-10
rpms:net-snmp-5_1_2-8
rpms:net-snmp-5_1_2-7
rpms:net-snmp-5_1_2-6
rpms:net-snmp-5_1_2-5
rpms:present-on-devel
rpms:net-snmp-5_1_2-4
rpms:net-snmp-5_1_2-3
rpms:net-snmp-5_1_2-2
rpms:net-snmp-5_1_2-1
rpms:net-snmp-5_1_1-4
rpms:net-snmp-5_1_1-3
rpms:net-snmp-5_1_1-2
rpms:net-snmp-5_1-11_1
rpms:net-snmp-5_1-8
rpms:FC-2-split
rpms:net-snmp-5_1-2_1
rpms:FC-1-split
rpms:net-snmp-5_0_9-2
rpms:net-snmp-5_0_6-17
rpms:RHL-9-split
rpms:RHL-8-split
rpms:RHEL-3-split
rpms:net-snmp-5_0_6-8_80_2
rpms:net-snmp-5_0_1-6
rpms:net-snmp-5_0_1-5
rpms:net-snmp-5_0_1-4
..
compare: rpms:net-snmp-5_5-6_fc13
Branches Tags
rpms:f37-riscv64
rpms:f35
rpms:f36
rpms:f37
rpms:main
rpms:rawhide
rpms:f33
rpms:f34
rpms:f31
rpms:f32
rpms:f30
rpms:f29
rpms:f28
rpms:f26
rpms:f27
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f18
rpms:f17
rpms:f16
rpms:f14
rpms:f15
rpms:f13
rpms:f11
rpms:f9
rpms:f10
rpms:f12
rpms:f7
rpms:f8
rpms:net-snmp-5_5-18_fc14
rpms:net-snmp-5_5-14_fc13
rpms:net-snmp-5_5-17_fc14
rpms:net-snmp-5_5-16_fc14
rpms:net-snmp-5_5-13_fc13
rpms:net-snmp-5_5-15_fc14
rpms:net-snmp-5_5-14_fc14
rpms:net-snmp-5_5-13_fc14
rpms:net-snmp-5_4_2_1-14_fc11
rpms:net-snmp-5_5-12_fc13
rpms:F-13-start
rpms:F-13-split
rpms:net-snmp-5_5-11_fc13
rpms:net-snmp-5_5-10_fc13
rpms:net-snmp-5_5-9_fc13
rpms:net-snmp-5_5-8_fc13
rpms:net-snmp-5_5-7_fc13
rpms:net-snmp-5_5-6_fc13
rpms:net-snmp-5_5-5_fc13
rpms:net-snmp-5_5-3_fc13
rpms:net-snmp-5_5-2_fc13
rpms:net-snmp-5_4_2_1-19_fc12
rpms:net-snmp-5_4_2_1-5_fc10
rpms:net-snmp-5_4_2_1-13_fc11
rpms:net-snmp-5_5-1_fc13
rpms:net-snmp-5_4_2_1-18_fc12
rpms:net-snmp-5_4_2_1-17_fc12
rpms:F-12-start
rpms:F-12-split
rpms:net-snmp-5_4_2_1-16_fc12
rpms:net-snmp-5_4_2_1-15_fc12
rpms:net-snmp-5_4_2_1-14_fc12
rpms:net-snmp-5_4_2_1-13_fc12
rpms:net-snmp-5_4_2_1-12_fc12
rpms:net-snmp-5_4_2_1-12_fc11
rpms:net-snmp-5_4_2_1-4_fc10
rpms:net-snmp-5_4_2_1-11_fc12
rpms:net-snmp-5_4_2_1-11_fc11
rpms:net-snmp-5_4_2_1-10_fc11
rpms:F-11-start
rpms:F-11-split
rpms:net-snmp-5_4_2_1-9_fc11
rpms:net-snmp-5_4_2_1-8_fc11
rpms:net-snmp-5_4_2_1-3_fc10
rpms:net-snmp-5_4_2_1-7_fc11
rpms:net-snmp-5_4_2_1-6_fc11
rpms:net-snmp-5_4_2_1-5_fc11
rpms:net-snmp-5_4_2_1-4_fc11
rpms:net-snmp-5_4_2_1-2_fc10
rpms:net-snmp-5_4_2_1-3_fc11
rpms:net-snmp-5_4_2_1-1_fc10
rpms:F-10-start
rpms:F-10-split
rpms:net-snmp-5_4_1-8_fc8
rpms:net-snmp-5_4_1-19_fc9
rpms:net-snmp-5_4_2-3_fc10
rpms:net-snmp-5_4_2-2_fc10
rpms:net-snmp-5_4_2-1_fc10
rpms:net-snmp-5_4_1-22_fc10
rpms:net-snmp-5_4_1-21_fc10
rpms:net-snmp-5_4_1-20_fc10
rpms:net-snmp-5_4_1-7_fc8
rpms:net-snmp-5_4_1-18_fc9
rpms:net-snmp-5_4_1-19_fc10
rpms:net-snmp-5_4-18_fc7
rpms:net-snmp-5_4_1-17_fc9
rpms:net-snmp-5_4_1-18_fc10
rpms:net-snmp-5_4_1-17_fc10
rpms:net-snmp-5_4_1-16_fc9
rpms:net-snmp-5_4_1-16_fc10
rpms:net-snmp-5_4_1-15_fc9
rpms:net-snmp-5_4_1-15_fc10
rpms:net-snmp-5_4_1-14_fc9
rpms:F-9-start
rpms:F-9-split
rpms:net-snmp-5_4_1-13_fc9
rpms:net-snmp-5_4_1-12_fc9
rpms:net-snmp-5_4_1-10_fc9
rpms:net-snmp-5_4-17_fc7
rpms:net-snmp-5_4_1-6_fc8
rpms:net-snmp-5_4_1-9_fc9
rpms:net-snmp-5_4_1-8_fc9
rpms:net-snmp-5_4_1-7_fc9
rpms:net-snmp-5_4_1-6_fc9
rpms:net-snmp-5_4_1-5_fc8
rpms:net-snmp-5_4-16_fc7
rpms:net-snmp-5_4_1-5_fc9
rpms:net-snmp-5_4_1-4_fc8
rpms:F-8-start
rpms:F-8-split
rpms:net-snmp-5_4-15_fc7
rpms:net-snmp-5_4_1-3_fc8
rpms:net-snmp-5_4_1-2_fc8
rpms:net-snmp-5_4_1-1_fc8
rpms:net-snmp-5_4-16_fc8
rpms:net-snmp-5_4-15_fc8
rpms:net-snmp-5_4-14_fc7
rpms:net-snmp-5_4-14_fc8
rpms:net-snmp-5_4-13_fc7
rpms:F-7-start
rpms:F-7-split
rpms:net-snmp-5_4-12_fc7
rpms:net-snmp-5_4-11_fc7
rpms:net-snmp-5_4-10_fc7
rpms:net-snmp-5_4-9_fc7
rpms:net-snmp-5_4-8_fc7
rpms:net-snmp-5_4-7_fc7
rpms:net-snmp-5_4-6_fc7
rpms:net-snmp-5_4-5_fc7
rpms:net-snmp-5_4-4_fc7
rpms:net-snmp-5_4-3_fc7
rpms:net-snmp-5_4-2_fc7
rpms:net-snmp-5_4-1_fc7
rpms:net-snmp-5_3_1-11_fc6
rpms:FC-6-split
rpms:net-snmp-5_3_1-10_fc6
rpms:net-snmp-5_3_1-9_fc6
rpms:net-snmp-5_3_1-8_fc6
rpms:net-snmp-5_3_1-7_fc6
rpms:net-snmp-5_3_1_0-6_fc6
rpms:net-snmp-5_3_1_0-5_fc6
rpms:net-snmp-5_3_1_0-4_fc6
rpms:net-snmp-5_3_1_0-3
rpms:net-snmp-5_3_1_0-2
rpms:net-snmp-5_3_1_0-1
rpms:net-snmp-5_3_1_rc4-2
rpms:net-snmp-5_3_1_rc4-1_1
rpms:net-snmp-5_3_1_rc4-1
rpms:net-snmp-5_3_1_pre3-2
rpms:net-snmp-5_3_1_pre3-1
rpms:net-snmp-5_3_1_pre2-4
rpms:net-snmp-5_3_1_pre2-3
rpms:net-snmp-5_3_1_pre2-2
rpms:net-snmp-5_3_1_pre2-1
rpms:net-snmp-5_3-8
rpms:net-snmp-5_3-7
rpms:net-snmp-5_3-6
rpms:net-snmp-5_3-5
rpms:net-snmp-5_3-4_2
rpms:FC-5-split
rpms:net-snmp-5_3-4_1
rpms:net-snmp-5_3-4
rpms:net-snmp-5_3-3
rpms:net-snmp-5_3-2
rpms:net-snmp-5_3-1
rpms:net-snmp-5_2_2-4_1
rpms:net-snmp-5_2_2-4
rpms:net-snmp-5_2_2-2
rpms:net-snmp-5_2_2-1
rpms:net-snmp-5_2_2-0_rc6_1
rpms:net-snmp-5_2_2-0_rc5_1
rpms:net-snmp-5_2_2-0_rc4_2
rpms:net-snmp-5_2_2-0_rc4_1
rpms:net-snmp-5_2_2-0_rc3_1
rpms:net-snmp-5_2_2_rc2-1
rpms:net-snmp-5_2_1_2-3
rpms:net-snmp-5_2_1_2-2
rpms:net-snmp-5_2_1_2-1
rpms:net-snmp-5_2_1-13
rpms:FC-4-split
rpms:net-snmp-5_2_1-12
rpms:net-snmp-5_2_1-11
rpms:net-snmp-5_2_1-10
rpms:net-snmp-5_2_1-9
rpms:net-snmp-5_2_1-8
rpms:net-snmp-5_2_1-7
rpms:net-snmp-5_2_1-6
rpms:net-snmp-5_2_1-5
rpms:net-snmp-5_2_1-4
rpms:net-snmp-5_2_1-3
rpms:net-snmp-5_2_1-2
rpms:net-snmp-5_2_1-1
rpms:net-snmp-5_2-2
rpms:net-snmp-5_2-1
rpms:net-snmp-5_1_2-12
rpms:net-snmp-5_1_2-11
rpms:RHEL-4-split
rpms:FC-3-split
rpms:net-snmp-5_1_2-10
rpms:net-snmp-5_1_2-8
rpms:net-snmp-5_1_2-7
rpms:net-snmp-5_1_2-6
rpms:net-snmp-5_1_2-5
rpms:present-on-devel
rpms:net-snmp-5_1_2-4
rpms:net-snmp-5_1_2-3
rpms:net-snmp-5_1_2-2
rpms:net-snmp-5_1_2-1
rpms:net-snmp-5_1_1-4
rpms:net-snmp-5_1_1-3
rpms:net-snmp-5_1_1-2
rpms:net-snmp-5_1-11_1
rpms:net-snmp-5_1-8
rpms:FC-2-split
rpms:net-snmp-5_1-2_1
rpms:FC-1-split
rpms:net-snmp-5_0_9-2
rpms:net-snmp-5_0_6-17
rpms:RHL-9-split
rpms:RHL-8-split
rpms:RHEL-3-split
rpms:net-snmp-5_0_6-8_80_2
rpms:net-snmp-5_0_1-6
rpms:net-snmp-5_0_1-5
rpms:net-snmp-5_0_1-4

No commits in common. "rawhide" and "net-snmp-5_5-6_fc13" have entirely different histories.
rawhide ... net-snmp-5

51 changed files with 561 additions and 3012 deletions
Show Stats Expand all files Collapse all files

1
.cvsignore Normal file
View File

@ -0,0 +1 @@
net-snmp-5.5.tar.gz

11
.gitignore vendored
View File

@ -1,11 +0,0 @@
net-snmp-5.5.tar.gz
/net-snmp-5.6.tar.gz
/net-snmp-5.6.1.tar.gz
/net-snmp-5.7.tar.gz
/net-snmp-5.7.1.tar.gz
/net-snmp-5.7.2.tar.gz
/net-snmp-5.7.3.tar.gz
/net-snmp-5.8.tar.gz
/net-snmp-5.9.tar.gz
/net-snmp-5.9.1.tar.gz
/net-snmp-5.9.3.tar.gz

41
IETF-MIB-LICENSE.txt
View File

@ -1,41 +0,0 @@
MIBs included in this software taken from IETF Documents are considered
Code Components in accordance with the IETF Trust License Policy, as found
here:
http://trustee.ietf.org/license-info/
They are available under the terms of the Simplified BSD license, a copy of
which is included below.
*****
Copyright (c) 2013 IETF Trust and the persons identified as authors of
the code. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
· Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
· Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
· Neither the name of Internet Society, IETF or IETF Trust, nor the
names of specific contributors, may be used to endorse or promote
products derived from this software without specific prior written
permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS
IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

21
Makefile Normal file
View File

@ -0,0 +1,21 @@
# Makefile for source rpm: net-snmp
# $Id: Makefile,v 1.2 2007/10/15 19:10:41 notting Exp $
NAME := net-snmp
SPECFILE = $(firstword $(wildcard *.spec))
define find-makefile-common
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
endef
MAKEFILE_COMMON := $(shell $(find-makefile-common))
ifeq ($(MAKEFILE_COMMON),)
# attempt a checkout
define checkout-makefile-common
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
endef
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
endif
include $(MAKEFILE_COMMON)

24
net-snmp-5.4.1-pie.patch Normal file
View File

@ -0,0 +1,24 @@
diff -up net-snmp-5.4.1/agent/Makefile.in.backup_patch_4 net-snmp-5.4.1/agent/Makefile.in
--- net-snmp-5.4.1/agent/Makefile.in.backup_patch_4 2007-07-05 01:26:56.000000000 +0200
+++ net-snmp-5.4.1/agent/Makefile.in 2008-07-25 12:52:44.000000000 +0200
@@ -139,7 +139,7 @@ getmibstat.o: mibgroup/kernel_sunos5.c
$(CC) $(CFLAGS) -o $@ -D_GETMIBSTAT_TEST -DDODEBUG -c $?
snmpd$(EXEEXT): ${LAGENTOBJS} $(USELIBS) $(AGENTLIB) $(HELPERLIB) $(MIBLIB) $(LIBTARG)
- $(LINK) $(CFLAGS) -o $@ ${LAGENTOBJS} $(LOCAL_LIBS) ${LDFLAGS} ${OUR_AGENT_LIBS}
+ $(LINK) $(CFLAGS) -o $@ -pie ${LAGENTOBJS} $(LOCAL_LIBS) ${LDFLAGS} ${OUR_AGENT_LIBS}
libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION): ${LLIBAGENTOBJS} $(USELIBS)
diff -up net-snmp-5.4.1/apps/Makefile.in.backup_patch_4 net-snmp-5.4.1/apps/Makefile.in
--- net-snmp-5.4.1/apps/Makefile.in.backup_patch_4 2007-07-05 01:26:56.000000000 +0200
+++ net-snmp-5.4.1/apps/Makefile.in 2008-07-25 12:52:44.000000000 +0200
@@ -115,7 +115,7 @@ snmptest$(EXEEXT): snmptest.$(OSUFFIX
$(LINK) ${CFLAGS} -o $@ snmptest.$(OSUFFIX) $(LOCAL_LIBS) ${LDFLAGS} ${LIBS}
snmptrapd$(EXEEXT): $(TRAPD_OBJECTS) $(USETRAPLIBS) $(INSTALLLIBS)
- $(LINK) ${CFLAGS} -o $@ $(TRAPD_OBJECTS) $(INSTALLLIBS) $(LOCAL_LIBS) ${LDFLAGS} ${TRAPLIBS}
+ $(LINK) ${CFLAGS} -o $@ -pie $(TRAPD_OBJECTS) $(INSTALLLIBS) $(LOCAL_LIBS) ${LDFLAGS} ${TRAPLIBS}
snmptrap$(EXEEXT): snmptrap.$(OSUFFIX) $(USELIBS)
$(LINK) ${CFLAGS} -o $@ snmptrap.$(OSUFFIX) $(LOCAL_LIBS) ${LDFLAGS} ${LIBS}

14
net-snmp-5.5-dir-fix.patch Normal file
View File

@ -0,0 +1,14 @@
Let net-snmp-create-v3-user save settings into /etc/ instead of /usr/
diff -up net-snmp-5.5/net-snmp-create-v3-user.in.orig net-snmp-5.5/net-snmp-create-v3-user.in
--- net-snmp-5.5/net-snmp-create-v3-user.in.orig 2008-07-22 16:33:25.000000000 +0200
+++ net-snmp-5.5/net-snmp-create-v3-user.in 2009-09-29 16:30:36.000000000 +0200
@@ -158,7 +158,7 @@ if test ! -d $outfile ; then
touch $outfile
fi
echo $line >> $outfile
-outfile="@datadir@/snmp/snmpd.conf"
+outfile="/etc/snmp/snmpd.conf"
line="$token $user"
echo "adding the following line to $outfile:"
echo " " $line

47
net-snmp-5.5-multilib.patch Normal file
View File

@ -0,0 +1,47 @@
Make the man pages multilib safe.
diff -up net-snmp-5.5/man/config_api.3.def.orig net-snmp-5.5/man/config_api.3.def
--- net-snmp-5.5/man/config_api.3.def.orig 2009-04-21 11:36:52.000000000 +0200
+++ net-snmp-5.5/man/config_api.3.def 2009-09-29 11:45:44.000000000 +0200
@@ -256,7 +256,7 @@ machines and the second file can be used
for one particular machine.
.PP
The default list of directories to search is
-SYSCONFDIR/snmp, followed by DATADIR/snmp, followed by LIBDIR/snmp,
+SYSCONFDIR/snmp, followed by DATADIR/snmp, followed by /usr/lib(64)/snmp,
followed by $HOME/.snmp.
This list can be changed by setting the environmental variable
.I SNMPCONFPATH
@@ -326,7 +326,7 @@ function that it should abort the operat
SNMPCONFPATH
A colon separated list of directories to search for configuration
files in.
-Default: SYSCONFDIR/snmp:DATADIR/snmp:LIBDIR/snmp:$HOME/.snmp
+Default: SYSCONFDIR/snmp:DATADIR/snmp:/usr/lib(64)/snmp:$HOME/.snmp
.SH "SEE ALSO"
.BR mib_api "(3), " snmp_api (3)
.\" Local Variables:
diff -up net-snmp-5.5/man/snmp_config.5.def.orig net-snmp-5.5/man/snmp_config.5.def
--- net-snmp-5.5/man/snmp_config.5.def.orig 2007-06-18 23:17:15.000000000 +0200
+++ net-snmp-5.5/man/snmp_config.5.def 2009-09-29 11:45:22.000000000 +0200
@@ -11,7 +11,7 @@ First off, there are numerous places tha
found and read from. By default, the applications look for
configuration files in the following 4 directories, in order:
SYSCONFDIR/snmp,
-DATADIR/snmp, LIBDIR/snmp, and $HOME/.snmp. In each of these
+DATADIR/snmp, /usr/lib(64)/snmp, and $HOME/.snmp. In each of these
directories, it looks for files with the extension of both
.IR conf " and " local.conf
(reading the second ones last). In this manner, there are
diff -up net-snmp-5.5/man/snmpd.conf.5.def.orig net-snmp-5.5/man/snmpd.conf.5.def
--- net-snmp-5.5/man/snmpd.conf.5.def.orig 2009-06-01 17:53:30.000000000 +0200
+++ net-snmp-5.5/man/snmpd.conf.5.def 2009-09-29 11:44:59.000000000 +0200
@@ -1272,7 +1272,7 @@ filename), and call the initialisation r
.RS
.IP "Note:"
If the specified PATH is not a fully qualified filename, it will
-be interpreted relative to LIBDIR/snmp/dlmod, and \fC.so\fR
+be interpreted relative to /usr/lib(64)/snmp/dlmod, and \fC.so\fR
will be appended to the filename.
.RE
.PP

14
net-snmp-5.5-sensors3.patch Normal file
View File

@ -0,0 +1,14 @@
Compile with lm_sensors3.
diff -up net-snmp-5.5/agent/mibgroup/hardware/sensors.h.orig net-snmp-5.5/agent/mibgroup/hardware/sensors.h
--- net-snmp-5.5/agent/mibgroup/hardware/sensors.h.orig 2009-04-24 00:53:26.000000000 +0200
+++ net-snmp-5.5/agent/mibgroup/hardware/sensors.h 2009-09-29 12:00:18.000000000 +0200
@@ -7,7 +7,7 @@ config_require(hardware/sensors/picld_se
config_require(hardware/sensors/kstat_sensors)
# endif
#else
-config_require(hardware/sensors/lmsensors_v2)
+config_require(hardware/sensors/lmsensors_v3)
#endif
/* config_require(hardware/sensors/dummy_sensors) */

27
net-snmp-5.5-udptable-index.patch Normal file
View File

@ -0,0 +1,27 @@
543352: 'make test' fails on big endian system
Source: upstream, SVN rev. 17860
Fix udpTable indexes.
Index: net-snmp/agent/mibgroup/mibII/udpTable.c
===================================================================
--- net-snmp/agent/mibgroup/mibII/udpTable.c (revision 17859)
+++ net-snmp/agent/mibgroup/mibII/udpTable.c (revision 17860)
@@ -361,7 +361,7 @@
{
UDPTABLE_ENTRY_TYPE *entry = (UDPTABLE_ENTRY_TYPE *)*loop_context;
long port;
- in_addr_t addr;
+ long addr;
if (!entry)
return NULL;
@@ -376,7 +376,7 @@
#else
addr = UDP_ADDRESS_TO_NETWORK_ORDER((in_addr_t)entry->UDPTABLE_LOCALADDRESS);
snmp_set_var_value(index, (u_char *)&addr,
- sizeof(entry->UDPTABLE_LOCALADDRESS));
+ sizeof(addr));
#endif
port = UDP_PORT_TO_HOST_ORDER(entry->UDPTABLE_LOCALPORT);
snmp_set_var_value(index->next_variable,

30
net-snmp-5.7.2-cert-path.patch
View File

@ -1,30 +0,0 @@
1134475 - dependency in perl package
Use hardcoded path to configuration directories instead of net-snmp-config.
net-snmp-config is in net-snmp-devel package and we do not want net-snmp-perl
depending on -devel.
diff -up net-snmp-5.7.2/local/net-snmp-cert.cert-path net-snmp-5.7.2/local/net-snmp-cert
--- net-snmp-5.7.2/local/net-snmp-cert.cert-path 2012-10-10 00:28:58.000000000 +0200
+++ net-snmp-5.7.2/local/net-snmp-cert 2014-09-01 12:05:10.582427036 +0200
@@ -819,8 +819,7 @@ sub set_default {
sub cfg_path {
my $path;
- $path = `$NetSNMP::Cert::CFGTOOL --snmpconfpath`;
- chomp $path;
+ $path = "/etc/snmp:/usr/share/snmp:/usr/lib64/snmp:/home/jsafrane/.snmp:/var/lib/net-snmp";
return (wantarray ? split(':', $path) : $path);
}
@@ -1414,8 +1413,8 @@ sub checkReqs {
die("$NetSNMP::Cert::OPENSSL (v$ossl_ver): must be $ossl_min_ver or later")
if ($ossl_ver cmp $ossl_min_ver) < 0;
- die("$NetSNMP::Cert::CFGTOOL not found: please install")
- if system("$NetSNMP::Cert::CFGTOOL > /dev/null 2>&1");
+# die("$NetSNMP::Cert::CFGTOOL not found: please install")
+# if system("$NetSNMP::Cert::CFGTOOL > /dev/null 2>&1");
}
sub initOpts {

14
net-snmp-5.7.3-iterator-fix.patch
View File

@ -1,14 +0,0 @@
diff -urNp old/agent/mibgroup/host/data_access/swrun.c new/agent/mibgroup/host/data_access/swrun.c
--- old/agent/mibgroup/host/data_access/swrun.c 2017-07-18 09:44:00.626109526 +0200
+++ new/agent/mibgroup/host/data_access/swrun.c 2017-07-19 15:27:50.452255836 +0200
@@ -102,6 +102,10 @@ swrun_count_processes_by_name( char *nam
return 0; /* or -1 */
it = CONTAINER_ITERATOR( swrun_container );
+ if((entry = (netsnmp_swrun_entry*)ITERATOR_FIRST( it )) != NULL) {
+ if (0 == strcmp( entry->hrSWRunName, name ))
+ i++;
+ }
while ((entry = (netsnmp_swrun_entry*)ITERATOR_NEXT( it )) != NULL) {
if (0 == strcmp( entry->hrSWRunName, name ))
i++;

12
net-snmp-5.8-Remove-U64-typedef.patch
View File

@ -1,12 +0,0 @@
diff -urNp a/include/net-snmp/library/int64.h b/include/net-snmp/library/int64.h
--- a/include/net-snmp/library/int64.h 2018-07-18 14:37:16.543348832 +0200
+++ b/include/net-snmp/library/int64.h 2018-07-18 15:31:31.516999288 +0200
@@ -10,7 +10,7 @@ extern "C" {
* Note: using the U64 typedef is deprecated because this typedef conflicts
* with a typedef with the same name defined in the Perl header files.
*/
- typedef struct counter64 U64;
+// typedef struct counter64 U64;
#endif
#define I64CHARSZ 21

35
net-snmp-5.8-clientaddr-error-message.patch
View File

@ -1,35 +0,0 @@
diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
--- a/snmplib/snmp_api.c 2020-11-26 11:05:51.084788775 +0100
+++ b/snmplib/snmp_api.c 2020-11-26 11:08:27.850751397 +0100
@@ -235,7 +235,7 @@ static const char *api_errors[-SNMPERR_M
"No error", /* SNMPERR_SUCCESS */
"Generic error", /* SNMPERR_GENERR */
"Invalid local port", /* SNMPERR_BAD_LOCPORT */
- "Unknown host", /* SNMPERR_BAD_ADDRESS */
+ "Invalid address", /* SNMPERR_BAD_ADDRESS */
"Unknown session", /* SNMPERR_BAD_SESSION */
"Too long", /* SNMPERR_TOO_LONG */
"No socket", /* SNMPERR_NO_SOCKET */
@@ -1662,7 +1662,9 @@ _sess_open(netsnmp_session * in_session)
DEBUGMSGTL(("_sess_open", "couldn't interpret peername\n"));
in_session->s_snmp_errno = SNMPERR_BAD_ADDRESS;
in_session->s_errno = errno;
- snmp_set_detail(in_session->peername);
+ if (!netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID,
+ NETSNMP_DS_LIB_CLIENT_ADDR))
+ snmp_set_detail(in_session->peername);
return NULL;
}
diff -ruNp a/snmplib/transports/snmpUDPIPv4BaseDomain.c b/snmplib/transports/snmpUDPIPv4BaseDomain.c
--- a/snmplib/transports/snmpUDPIPv4BaseDomain.c 2021-01-06 12:51:51.948106797 +0100
+++ b/snmplib/transports/snmpUDPIPv4BaseDomain.c 2021-01-06 14:17:31.029745744 +0100
@@ -209,6 +209,8 @@ netsnmp_udpipv4base_transport_bind(netsn
DEBUGMSGTL(("netsnmp_udpbase",
"failed to bind for clientaddr: %d %s\n",
errno, strerror(errno)));
+ NETSNMP_LOGONCE((LOG_ERR, "Cannot bind for clientaddr: %s\n",
+ strerror(errno)));
goto err;
}

11
net-snmp-5.8-duplicate-ipAddress.patch
View File

@ -1,11 +0,0 @@
diff -urNp a/agent/mibgroup/ip-mib/data_access/ipaddress_common.c b/agent/mibgroup/ip-mib/data_access/ipaddress_common.c
--- a/agent/mibgroup/ip-mib/data_access/ipaddress_common.c 2020-06-10 13:27:03.213904398 +0200
+++ b/agent/mibgroup/ip-mib/data_access/ipaddress_common.c 2020-06-10 13:28:41.025863050 +0200
@@ -121,6 +121,7 @@ _remove_duplicates(netsnmp_container *co
for (entry = ITERATOR_FIRST(it); entry; entry = ITERATOR_NEXT(it)) {
if (prev_entry && _access_ipaddress_entry_compare_addr(prev_entry, entry) == 0) {
/* 'entry' is duplicate of the previous one -> delete it */
+ NETSNMP_LOGONCE((LOG_ERR, "Duplicate IPv4 address detected, some interfaces may not be visible in IP-MIB\n"));
netsnmp_access_ipaddress_entry_free(entry);
} else {
CONTAINER_INSERT(ret, entry);

12
net-snmp-5.8-expand-SNMPCONFPATH.patch
View File

@ -1,12 +0,0 @@
diff -ruNp a/snmplib/read_config.c b/snmplib/read_config.c
--- a/snmplib/read_config.c 2020-06-10 09:51:57.184786510 +0200
+++ b/snmplib/read_config.c 2020-06-10 09:53:13.257507112 +0200
@@ -1642,7 +1642,7 @@ snmp_save_persistent(const char *type)
* save a warning header to the top of the new file
*/
snprintf(fileold, sizeof(fileold),
- "%s%s# Please save normal configuration tokens for %s in SNMPCONFPATH/%s.conf.\n# Only \"createUser\" tokens should be placed here by %s administrators.\n%s",
+ "%s%s# Please save normal configuration tokens for %s in /etc/snmp/%s.conf.\n# Only \"createUser\" tokens should be placed here by %s administrators.\n%s",
"#\n# net-snmp (or ucd-snmp) persistent data file.\n#\n############################################################################\n# STOP STOP STOP STOP STOP STOP STOP STOP STOP \n",
"#\n# **** DO NOT EDIT THIS FILE ****\n#\n# STOP STOP STOP STOP STOP STOP STOP STOP STOP \n############################################################################\n#\n# DO NOT STORE CONFIGURATION ENTRIES HERE.\n",
type, type, type,

82
net-snmp-5.8-ipAddress-faster-load.patch
View File

@ -1,82 +0,0 @@
diff -urNp a/agent/mibgroup/mibII/ipAddr.c b/agent/mibgroup/mibII/ipAddr.c
--- a/agent/mibgroup/mibII/ipAddr.c 2020-06-10 14:14:30.113696471 +0200
+++ b/agent/mibgroup/mibII/ipAddr.c 2020-06-10 14:27:15.345354018 +0200
@@ -495,14 +495,16 @@ Address_Scan_Next(Index, Retin_ifaddr)
}
#elif defined(linux)
+#include <errno.h>
static struct ifreq *ifr;
static int ifr_counter;
static void
Address_Scan_Init(void)
{
- int num_interfaces = 0;
+ int i;
int fd;
+ int lastlen = 0;
/* get info about all interfaces */
@@ -510,28 +512,45 @@ Address_Scan_Init(void)
SNMP_FREE(ifc.ifc_buf);
ifr_counter = 0;
- do
- {
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
{
DEBUGMSGTL(("snmpd", "socket open failure in Address_Scan_Init\n"));
return;
}
- num_interfaces += 16;
- ifc.ifc_len = sizeof(struct ifreq) * num_interfaces;
- ifc.ifc_buf = (char*) realloc(ifc.ifc_buf, ifc.ifc_len);
-
- if (ioctl(fd, SIOCGIFCONF, &ifc) < 0)
- {
- ifr=NULL;
- close(fd);
- return;
- }
- close(fd);
+ /*
+ * Cope with lots of interfaces and brokenness of ioctl SIOCGIFCONF
+ * on some platforms; see W. R. Stevens, ``Unix Network Programming
+ * Volume I'', p.435...
+ */
+
+ for (i = 8;; i *= 2) {
+ ifc.ifc_len = sizeof(struct ifreq) * i;
+ ifc.ifc_req = calloc(i, sizeof(struct ifreq));
+
+ if (ioctl(fd, SIOCGIFCONF, &ifc) < 0) {
+ if (errno != EINVAL || lastlen != 0) {
+ /*
+ * Something has gone genuinely wrong...
+ */
+ snmp_log(LOG_ERR, "bad rc from ioctl, errno %d", errno);
+ SNMP_FREE(ifc.ifc_buf);
+ close(fd);
+ return;
+ }
+ } else {
+ if (ifc.ifc_len == lastlen) {
+ /*
+ * The length is the same as the last time; we're done...
+ */
+ break;
+ }
+ lastlen = ifc.ifc_len;
+ }
+ free(ifc.ifc_buf); /* no SNMP_FREE, getting ready to reassign */
}
- while (ifc.ifc_len >= (sizeof(struct ifreq) * num_interfaces));
-
+
+ close(fd);
ifr = ifc.ifc_req;
}

36
net-snmp-5.8-man-page.patch
View File

@ -1,36 +0,0 @@
diff -urNp a/man/net-snmp-create-v3-user.1.def b/man/net-snmp-create-v3-user.1.def
--- a/man/net-snmp-create-v3-user.1.def 2020-06-10 13:43:18.443070961 +0200
+++ b/man/net-snmp-create-v3-user.1.def 2020-06-10 13:49:25.975363441 +0200
@@ -3,7 +3,7 @@
net-snmp-create-v3-user \- create a SNMPv3 user in net-snmp configuration file
.SH SYNOPSIS
.PP
-.B net-snmp-create-v3-user [-ro] [-a authpass] [-x privpass] [-X DES|AES]
+.B net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass] [-x DES|AES]
.B [username]
.SH DESCRIPTION
.PP
@@ -16,13 +16,16 @@ new user in net-snmp configuration file
displays the net-snmp version number
.TP
\fB\-ro\fR
-create an user with read-only permissions
+creates a user with read-only permissions
.TP
-\fB\-a authpass\fR
-specify authentication password
+\fB\-A authpass\fR
+specifies the authentication password
.TP
-\fB\-x privpass\fR
-specify encryption password
+\fB\-a MD5|SHA\fR
+specifies the authentication password hashing algorithm
.TP
-\fB\-X DES|AES\fR
-specify encryption algorithm
+\fB\-X privpass\fR
+specifies the encryption password
+.TP
+\fB\-x DES|AES\fR
+specifies the encryption algorithm

83
net-snmp-5.8-modern-rpm-api.patch
View File

@ -1,83 +0,0 @@
diff -urNp a/agent/mibgroup/host/data_access/swinst_rpm.c b/agent/mibgroup/host/data_access/swinst_rpm.c
--- a/agent/mibgroup/host/data_access/swinst_rpm.c 2018-07-18 16:12:19.583503903 +0200
+++ b/agent/mibgroup/host/data_access/swinst_rpm.c 2018-07-18 16:50:38.599703588 +0200
@@ -102,7 +102,6 @@ netsnmp_swinst_arch_load( netsnmp_contai
rpmtd td_name, td_version, td_release, td_group, td_time;
#else
char *n, *v, *r, *g;
- int32_t *t;
#endif
time_t install_time;
size_t date_len;
@@ -146,14 +145,13 @@ netsnmp_swinst_arch_load( netsnmp_contai
install_time = rpmtdGetNumber(td_time);
g = rpmtdGetString(td_group);
#else
- headerGetEntry( h, RPMTAG_NAME, NULL, (void**)&n, NULL);
- headerGetEntry( h, RPMTAG_VERSION, NULL, (void**)&v, NULL);
- headerGetEntry( h, RPMTAG_RELEASE, NULL, (void**)&r, NULL);
- headerGetEntry( h, RPMTAG_GROUP, NULL, (void**)&g, NULL);
- headerGetEntry( h, RPMTAG_INSTALLTIME, NULL, (void**)&t, NULL);
+ n = headerGetString( h, RPMTAG_NAME);
+ v = headerGetString( h, RPMTAG_VERSION);
+ r = headerGetString( h, RPMTAG_RELEASE);
+ g = headerGetString( h, RPMTAG_GROUP);
+ install_time = headerGetNumber( h, RPMTAG_INSTALLTIME);
entry->swName_len = snprintf( entry->swName, sizeof(entry->swName),
"%s-%s-%s", n, v, r);
- install_time = *t;
#endif
entry->swType = (g && NULL != strstr( g, "System Environment"))
? 2 /* operatingSystem */
diff -urNp a/agent/mibgroup/host/hr_swinst.c b/agent/mibgroup/host/hr_swinst.c
--- a/agent/mibgroup/host/hr_swinst.c 2018-07-18 16:12:19.582503907 +0200
+++ b/agent/mibgroup/host/hr_swinst.c 2018-07-18 17:09:29.716564197 +0200
@@ -479,9 +479,9 @@ var_hrswinst(struct variable * vp,
}
#else
# ifdef HAVE_LIBRPM
- char *rpm_groups;
- if ( headerGetEntry(swi->swi_h, RPMTAG_GROUP, NULL, (void **) &rpm_groups, NULL) ) {
- if ( strstr(rpm_groups, "System Environment") != NULL )
+ const char *rpm_group = headerGetString(swi->swi_h, RPMTAG_GROUP);
+ if ( NULL != rpm_group ) {
+ if ( strstr(rpm_group, "System Environment") != NULL )
long_return = 2; /* operatingSystem */
else
long_return = 4; /* applcation */
@@ -498,9 +498,8 @@ var_hrswinst(struct variable * vp,
case HRSWINST_DATE:
{
#ifdef HAVE_LIBRPM
- int32_t *rpm_data;
- if ( headerGetEntry(swi->swi_h, RPMTAG_INSTALLTIME, NULL, (void **) &rpm_data, NULL) ) {
- time_t installTime = *rpm_data;
+ time_t installTime = headerGetNumber(swi->swi_h, RPMTAG_INSTALLTIME);
+ if ( 0 != installTime ) {
ret = date_n_time(&installTime, var_len);
} else {
ret = date_n_time(NULL, var_len);
@@ -660,7 +659,7 @@ Save_HR_SW_info(int ix)
if (1 <= ix && ix <= swi->swi_nrec && ix != swi->swi_prevx) {
int offset;
Header h;
- char *n, *v, *r;
+ const char *n, *v, *r;
offset = swi->swi_recs[ix - 1];
@@ -685,11 +684,9 @@ Save_HR_SW_info(int ix)
swi->swi_h = h;
swi->swi_prevx = ix;
- headerGetEntry(swi->swi_h, RPMTAG_NAME, NULL, (void **) &n, NULL);
- headerGetEntry(swi->swi_h, RPMTAG_VERSION, NULL, (void **) &v,
- NULL);
- headerGetEntry(swi->swi_h, RPMTAG_RELEASE, NULL, (void **) &r,
- NULL);
+ n = headerGetString(swi->swi_h, RPMTAG_NAME);
+ v = headerGetString(swi->swi_h, RPMTAG_VERSION);
+ r = headerGetString(swi->swi_h, RPMTAG_RELEASE);
snprintf(swi->swi_name, sizeof(swi->swi_name), "%s-%s-%s", n, v, r);
swi->swi_name[ sizeof(swi->swi_name)-1 ] = 0;
}

28
net-snmp-5.8-rpm-memory-leak.patch
View File

@ -1,28 +0,0 @@
diff --git a/agent/mibgroup/host/data_access/swinst_rpm.c b/agent/mibgroup/host/data_access/swinst_rpm.c
index 695c469..dd0e487 100644
--- a/agent/mibgroup/host/data_access/swinst_rpm.c
+++ b/agent/mibgroup/host/data_access/swinst_rpm.c
@@ -75,6 +75,9 @@ netsnmp_swinst_arch_init(void)
snprintf( pkg_directory, SNMP_MAXPATH, "%s/Packages", dbpath );
SNMP_FREE(rpmdbpath);
dbpath = NULL;
+#ifdef HAVE_RPMGETPATH
+ rpmFreeRpmrc();
+#endif
if (-1 == stat( pkg_directory, &stat_buf )) {
snmp_log(LOG_ERR, "Can't find directory of RPM packages\n");
pkg_directory[0] = '\0';
diff --git a/agent/mibgroup/host/hr_swinst.c b/agent/mibgroup/host/hr_swinst.c
index 1f52733..ccf1cab 100644
--- a/agent/mibgroup/host/hr_swinst.c
+++ b/agent/mibgroup/host/hr_swinst.c
@@ -231,6 +231,9 @@ init_hr_swinst(void)
snprintf(path, sizeof(path), "%s/packages.rpm", swi->swi_dbpath);
path[ sizeof(path)-1 ] = 0;
swi->swi_directory = strdup(path);
+#ifdef HAVE_RPMGETPATH
+ rpmFreeRpmrc();
+#endif
}
#else
# ifdef _PATH_HRSW_directory

18
net-snmp-5.9-aes-config.patch
View File

@ -1,18 +0,0 @@
diff --git a/net-snmp-create-v3-user.in b/net-snmp-create-v3-user.in
index afd6fa4..07c26fe 100644
--- a/net-snmp-create-v3-user.in
+++ b/net-snmp-create-v3-user.in
@@ -58,11 +58,11 @@ case $1 in
exit 1
fi
case $1 in
- DES|AES|AES128)
+ DES|AES|AES128|AES192|AES256)
Xalgorithm=$1
shift
;;
- des|aes|aes128)
+ des|aes|aes128|aes192|aes256)
Xalgorithm=$(echo "$1" | tr a-z A-Z)
shift
;;

12
net-snmp-5.9-autofs-skip.patch
View File

@ -1,12 +0,0 @@
diff --git a/agent/mibgroup/host/hr_filesys.c b/agent/mibgroup/host/hr_filesys.c
index e7ca92f..80b3e0d 100644
--- a/agent/mibgroup/host/hr_filesys.c
+++ b/agent/mibgroup/host/hr_filesys.c
@@ -704,6 +704,7 @@ static const char *HRFS_ignores[] = {
"shm",
"sockfs",
"sysfs",
+ "tmpfs",
"usbdevfs",
"usbfs",
#endif

20
net-snmp-5.9-cflags.patch
View File

@ -1,20 +0,0 @@
diff -urNp a/perl/Makefile.PL b/perl/Makefile.PL
--- a/perl/Makefile.PL 2020-08-26 08:32:52.498909823 +0200
+++ b/perl/Makefile.PL 2020-08-26 09:30:45.584951552 +0200
@@ -1,3 +1,4 @@
+use lib '.';
use strict;
use warnings;
use ExtUtils::MakeMaker;
diff -urNp a/perl/MakefileSubs.pm b/perl/MakefileSubs.pm
--- a/perl/MakefileSubs.pm 2020-08-26 08:32:52.498909823 +0200
+++ b/perl/MakefileSubs.pm 2020-08-26 08:36:44.097218448 +0200
@@ -116,7 +116,7 @@ sub AddCommonParams {
append($Params->{'CCFLAGS'}, $cflags);
append($Params->{'CCFLAGS'}, $Config{'ccflags'});
# Suppress known Perl header shortcomings.
- $Params->{'CCFLAGS'} =~ s/ -W(cast-qual|write-strings)//g;
+ $Params->{'CCFLAGS'} =~ s/ -W(inline|strict-prototypes|write-strings|cast-qual|no-char-subscripts)//g;
append($Params->{'CCFLAGS'}, '-Wformat');
}
}

22
net-snmp-5.9-coverity.patch
View File

@ -1,22 +0,0 @@
diff --git a/agent/mibgroup/disman/event/mteTrigger.c b/agent/mibgroup/disman/event/mteTrigger.c
index e9a8831..5a1d8e7 100644
--- a/agent/mibgroup/disman/event/mteTrigger.c
+++ b/agent/mibgroup/disman/event/mteTrigger.c
@@ -1012,7 +1012,7 @@ mteTrigger_run( unsigned int reg, void *clientarg)
* Similarly, if no fallEvent is configured,
* there's no point in trying to fire it either.
*/
- if (entry->mteTThRiseEvent[0] != '\0' ) {
+ if (entry->mteTThFallEvent[0] != '\0' ) {
entry->mteTriggerXOwner = entry->mteTThObjOwner;
entry->mteTriggerXObjects = entry->mteTThObjects;
entry->mteTriggerFired = vp1;
@@ -1105,7 +1105,7 @@ mteTrigger_run( unsigned int reg, void *clientarg)
* Similarly, if no fallEvent is configured,
* there's no point in trying to fire it either.
*/
- if (entry->mteTThDRiseEvent[0] != '\0' ) {
+ if (entry->mteTThDFallEvent[0] != '\0' ) {
entry->mteTriggerXOwner = entry->mteTThObjOwner;
entry->mteTriggerXObjects = entry->mteTThObjects;
entry->mteTriggerFired = vp1;

30
net-snmp-5.9-dir-fix.patch
View File

@ -1,30 +0,0 @@
diff --git a/net-snmp-create-v3-user.in b/net-snmp-create-v3-user.in
index 19895a1..ac3c60f 100644
--- a/net-snmp-create-v3-user.in
+++ b/net-snmp-create-v3-user.in
@@ -14,6 +14,10 @@ Xalgorithm="DES"
token=rwuser
while test "x$done" = "x" -a "x$1" != "x" -a "x$usage" != "xyes"; do
+case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+esac
unset shifted
case $1 in
@@ -134,11 +138,9 @@ if test ! -d "$outfile"; then
touch "$outfile"
fi
echo "$line" >> "$outfile"
-prefix=@prefix@
-datarootdir=@datarootdir@
-# To suppress shellcheck complaints about $prefix and $datarootdir.
-: "$prefix" "$datarootdir"
-outfile="@datadir@/snmp/snmpd.conf"
+# Avoid that configure complains that this script ignores @datarootdir@
+echo "@datarootdir@" >/dev/null
+outfile="/etc/snmp/snmpd.conf"
line="$token $user"
echo "adding the following line to $outfile:"
echo " $line"

855
net-snmp-5.9-intermediate-certs.patch
View File

@ -1,855 +0,0 @@
diff --git a/include/net-snmp/library/cert_util.h b/include/net-snmp/library/cert_util.h
index 80e2a19..143adbb 100644
--- a/include/net-snmp/library/cert_util.h
+++ b/include/net-snmp/library/cert_util.h
@@ -55,7 +55,8 @@ extern "C" {
char *common_name;
u_char hash_type;
- u_char _pad[3]; /* for future use */
+ u_char _pad[1]; /* for future use */
+ u_short offset;
} netsnmp_cert;
/** types */
@@ -100,6 +101,7 @@ extern "C" {
NETSNMP_IMPORT
netsnmp_cert *netsnmp_cert_find(int what, int where, void *hint);
+ netsnmp_void_array *netsnmp_certs_find(int what, int where, void *hint);
int netsnmp_cert_check_vb_fingerprint(const netsnmp_variable_list *var);
diff --git a/include/net-snmp/library/dir_utils.h b/include/net-snmp/library/dir_utils.h
index 471bb0b..ac7f69a 100644
--- a/include/net-snmp/library/dir_utils.h
+++ b/include/net-snmp/library/dir_utils.h
@@ -53,7 +53,8 @@ extern "C" {
#define NETSNMP_DIR_NSFILE 0x0010
/** load stats in netsnmp_file */
#define NETSNMP_DIR_NSFILE_STATS 0x0020
-
+/** allow files to be indexed more than once */
+#define NETSNMP_DIR_ALLOW_DUPLICATES 0x0040
#ifdef __cplusplus
diff --git a/snmplib/cert_util.c b/snmplib/cert_util.c
index 210ad8b..b1f8144 100644
--- a/snmplib/cert_util.c
+++ b/snmplib/cert_util.c
@@ -100,7 +100,7 @@ netsnmp_feature_child_of(tls_fingerprint_build, cert_util_all);
* bump this value whenever cert index format changes, so indexes
* will be regenerated with new format.
*/
-#define CERT_INDEX_FORMAT 1
+#define CERT_INDEX_FORMAT 2
static netsnmp_container *_certs = NULL;
static netsnmp_container *_keys = NULL;
@@ -126,6 +126,8 @@ static int _cert_fn_ncompare(netsnmp_cert_common *lhs,
netsnmp_cert_common *rhs);
static void _find_partner(netsnmp_cert *cert, netsnmp_key *key);
static netsnmp_cert *_find_issuer(netsnmp_cert *cert);
+static netsnmp_void_array *_cert_reduce_subset_first(netsnmp_void_array *matching);
+static netsnmp_void_array *_cert_reduce_subset_what(netsnmp_void_array *matching, int what);
static netsnmp_void_array *_cert_find_subset_fn(const char *filename,
const char *directory);
static netsnmp_void_array *_cert_find_subset_sn(const char *subject);
@@ -345,6 +347,8 @@ _get_cert_container(const char *use)
{
netsnmp_container *c;
+ int rc;
+
c = netsnmp_container_find("certs:binary_array");
if (NULL == c) {
snmp_log(LOG_ERR, "could not create container for %s\n", use);
@@ -354,6 +358,8 @@ _get_cert_container(const char *use)
c->free_item = (netsnmp_container_obj_func*)_cert_free;
c->compare = (netsnmp_container_compare*)_cert_compare;
+ CONTAINER_SET_OPTIONS(c, CONTAINER_KEY_ALLOW_DUPLICATES, rc);
+
return c;
}
@@ -362,6 +368,8 @@ _setup_containers(void)
{
netsnmp_container *additional_keys;
+ int rc;
+
_certs = _get_cert_container("netsnmp certificates");
if (NULL == _certs)
return;
@@ -376,6 +384,7 @@ _setup_containers(void)
additional_keys->container_name = strdup("certs_cn");
additional_keys->free_item = NULL;
additional_keys->compare = (netsnmp_container_compare*)_cert_cn_compare;
+ CONTAINER_SET_OPTIONS(additional_keys, CONTAINER_KEY_ALLOW_DUPLICATES, rc);
netsnmp_container_add_index(_certs, additional_keys);
/** additional keys: subject name */
@@ -389,6 +398,7 @@ _setup_containers(void)
additional_keys->free_item = NULL;
additional_keys->compare = (netsnmp_container_compare*)_cert_sn_compare;
additional_keys->ncompare = (netsnmp_container_compare*)_cert_sn_ncompare;
+ CONTAINER_SET_OPTIONS(additional_keys, CONTAINER_KEY_ALLOW_DUPLICATES, rc);
netsnmp_container_add_index(_certs, additional_keys);
/** additional keys: file name */
@@ -402,6 +412,7 @@ _setup_containers(void)
additional_keys->free_item = NULL;
additional_keys->compare = (netsnmp_container_compare*)_cert_fn_compare;
additional_keys->ncompare = (netsnmp_container_compare*)_cert_fn_ncompare;
+ CONTAINER_SET_OPTIONS(additional_keys, CONTAINER_KEY_ALLOW_DUPLICATES, rc);
netsnmp_container_add_index(_certs, additional_keys);
_keys = netsnmp_container_find("cert_keys:binary_array");
@@ -424,7 +435,7 @@ netsnmp_cert_map_container(void)
}
static netsnmp_cert *
-_new_cert(const char *dirname, const char *filename, int certType,
+_new_cert(const char *dirname, const char *filename, int certType, int offset,
int hashType, const char *fingerprint, const char *common_name,
const char *subject)
{
@@ -446,8 +457,10 @@ _new_cert(const char *dirname, const char *filename, int certType,
cert->info.dir = strdup(dirname);
cert->info.filename = strdup(filename);
- cert->info.allowed_uses = NS_CERT_REMOTE_PEER;
+ /* only the first certificate is allowed to be a remote peer */
+ cert->info.allowed_uses = offset ? 0 : NS_CERT_REMOTE_PEER;
cert->info.type = certType;
+ cert->offset = offset;
if (fingerprint) {
cert->hash_type = hashType;
cert->fingerprint = strdup(fingerprint);
@@ -884,14 +897,86 @@ _certindex_new( const char *dirname )
* certificate utility functions
*
*/
+static BIO *
+netsnmp_open_bio(const char *dir, const char *filename)
+{
+ BIO *certbio;
+ char file[SNMP_MAXPATH];
+
+ DEBUGMSGT(("9:cert:read", "Checking file %s\n", filename));
+
+ certbio = BIO_new(BIO_s_file());
+ if (NULL == certbio) {
+ snmp_log(LOG_ERR, "error creating BIO\n");
+ return NULL;
+ }
+
+ snprintf(file, sizeof(file),"%s/%s", dir, filename);
+ if (BIO_read_filename(certbio, file) <=0) {
+ snmp_log(LOG_ERR, "error reading certificate/key %s into BIO\n", file);
+ BIO_vfree(certbio);
+ return NULL;
+ }
+
+ return certbio;
+}
+
+static void
+netsnmp_ocert_parse(netsnmp_cert *cert, X509 *ocert)
+{
+ int is_ca;
+
+ cert->ocert = ocert;
+
+ /*
+ * X509_check_ca return codes:
+ * 0 not a CA
+ * 1 is a CA
+ * 2 basicConstraints absent so "maybe" a CA
+ * 3 basicConstraints absent but self signed V1.
+ * 4 basicConstraints absent but keyUsage present and keyCertSign asserted.
+ * 5 outdated Netscape Certificate Type CA extension.
+ */
+ is_ca = X509_check_ca(ocert);
+ if (1 == is_ca)
+ cert->info.allowed_uses |= NS_CERT_CA;
+
+ if (NULL == cert->subject) {
+ cert->subject = X509_NAME_oneline(X509_get_subject_name(ocert), NULL,
+ 0);
+ DEBUGMSGT(("9:cert:add:subject", "subject name: %s\n", cert->subject));
+ }
+
+ if (NULL == cert->issuer) {
+ cert->issuer = X509_NAME_oneline(X509_get_issuer_name(ocert), NULL, 0);
+ if (strcmp(cert->subject, cert->issuer) == 0) {
+ free(cert->issuer);
+ cert->issuer = strdup("self-signed");
+ }
+ DEBUGMSGT(("9:cert:add:issuer", "CA issuer: %s\n", cert->issuer));
+ }
+
+ if (NULL == cert->fingerprint) {
+ cert->hash_type = netsnmp_openssl_cert_get_hash_type(ocert);
+ cert->fingerprint =
+ netsnmp_openssl_cert_get_fingerprint(ocert, cert->hash_type);
+ }
+
+ if (NULL == cert->common_name) {
+ cert->common_name =netsnmp_openssl_cert_get_commonName(ocert, NULL,
+ NULL);
+ DEBUGMSGT(("9:cert:add:name","%s\n", cert->common_name));
+ }
+
+}
+
static X509 *
netsnmp_ocert_get(netsnmp_cert *cert)
{
BIO *certbio;
X509 *ocert = NULL;
+ X509 *ncert = NULL;
EVP_PKEY *okey = NULL;
- char file[SNMP_MAXPATH];
- int is_ca;
if (NULL == cert)
return NULL;
@@ -908,51 +993,33 @@ netsnmp_ocert_get(netsnmp_cert *cert)
}
}
- DEBUGMSGT(("9:cert:read", "Checking file %s\n", cert->info.filename));
-
- certbio = BIO_new(BIO_s_file());
- if (NULL == certbio) {
- snmp_log(LOG_ERR, "error creating BIO\n");
- return NULL;
- }
-
- snprintf(file, sizeof(file),"%s/%s", cert->info.dir, cert->info.filename);
- if (BIO_read_filename(certbio, file) <=0) {
- snmp_log(LOG_ERR, "error reading certificate %s into BIO\n", file);
- BIO_vfree(certbio);
+ certbio = netsnmp_open_bio(cert->info.dir, cert->info.filename);
+ if (!certbio) {
return NULL;
}
- if (NS_CERT_TYPE_UNKNOWN == cert->info.type) {
- char *pos = strrchr(cert->info.filename, '.');
- if (NULL == pos)
- return NULL;
- cert->info.type = _cert_ext_type(++pos);
- netsnmp_assert(cert->info.type != NS_CERT_TYPE_UNKNOWN);
- }
-
switch (cert->info.type) {
case NS_CERT_TYPE_DER:
+ (void)BIO_seek(certbio, cert->offset);
ocert = d2i_X509_bio(certbio,NULL); /* DER/ASN1 */
if (NULL != ocert)
break;
- (void)BIO_reset(certbio);
/* Check for PEM if DER didn't work */
/* FALLTHROUGH */
case NS_CERT_TYPE_PEM:
- ocert = PEM_read_bio_X509_AUX(certbio, NULL, NULL, NULL);
+ (void)BIO_seek(certbio, cert->offset);
+ ocert = ncert = PEM_read_bio_X509_AUX(certbio, NULL, NULL, NULL);
if (NULL == ocert)
break;
if (NS_CERT_TYPE_DER == cert->info.type) {
DEBUGMSGT(("9:cert:read", "Changing type from DER to PEM\n"));
cert->info.type = NS_CERT_TYPE_PEM;
}
- /** check for private key too */
- if (NULL == cert->key) {
- (void)BIO_reset(certbio);
- okey = PEM_read_bio_PrivateKey(certbio, NULL, NULL, NULL);
+ /** check for private key too, but only if we're the first certificate */
+ if (0 == cert->offset && NULL == cert->key) {
+ okey = PEM_read_bio_PrivateKey(certbio, NULL, NULL, NULL);
if (NULL != okey) {
netsnmp_key *key;
DEBUGMSGT(("cert:read:key", "found key with cert in %s\n",
@@ -979,7 +1046,7 @@ netsnmp_ocert_get(netsnmp_cert *cert)
break;
#ifdef CERT_PKCS12_SUPPORT_MAYBE_LATER
case NS_CERT_TYPE_PKCS12:
- (void)BIO_reset(certbio);
+ (void)BIO_seek(certbio, cert->offset);
PKCS12 *p12 = d2i_PKCS12_bio(certbio, NULL);
if ( (NULL != p12) && (PKCS12_verify_mac(p12, "", 0) ||
PKCS12_verify_mac(p12, NULL, 0)))
@@ -999,46 +1066,7 @@ netsnmp_ocert_get(netsnmp_cert *cert)
return NULL;
}
- cert->ocert = ocert;
- /*
- * X509_check_ca return codes:
- * 0 not a CA
- * 1 is a CA
- * 2 basicConstraints absent so "maybe" a CA
- * 3 basicConstraints absent but self signed V1.
- * 4 basicConstraints absent but keyUsage present and keyCertSign asserted.
- * 5 outdated Netscape Certificate Type CA extension.
- */
- is_ca = X509_check_ca(ocert);
- if (1 == is_ca)
- cert->info.allowed_uses |= NS_CERT_CA;
-
- if (NULL == cert->subject) {
- cert->subject = X509_NAME_oneline(X509_get_subject_name(ocert), NULL,
- 0);
- DEBUGMSGT(("9:cert:add:subject", "subject name: %s\n", cert->subject));
- }
-
- if (NULL == cert->issuer) {
- cert->issuer = X509_NAME_oneline(X509_get_issuer_name(ocert), NULL, 0);
- if (strcmp(cert->subject, cert->issuer) == 0) {
- free(cert->issuer);
- cert->issuer = strdup("self-signed");
- }
- DEBUGMSGT(("9:cert:add:issuer", "CA issuer: %s\n", cert->issuer));
- }
-
- if (NULL == cert->fingerprint) {
- cert->hash_type = netsnmp_openssl_cert_get_hash_type(ocert);
- cert->fingerprint =
- netsnmp_openssl_cert_get_fingerprint(ocert, cert->hash_type);
- }
-
- if (NULL == cert->common_name) {
- cert->common_name =netsnmp_openssl_cert_get_commonName(ocert, NULL,
- NULL);
- DEBUGMSGT(("9:cert:add:name","%s\n", cert->common_name));
- }
+ netsnmp_ocert_parse(cert, ocert);
return ocert;
}
@@ -1048,7 +1076,6 @@ netsnmp_okey_get(netsnmp_key *key)
{
BIO *keybio;
EVP_PKEY *okey;
- char file[SNMP_MAXPATH];
if (NULL == key)
return NULL;
@@ -1056,19 +1083,8 @@ netsnmp_okey_get(netsnmp_key *key)
if (key->okey)
return key->okey;
- snprintf(file, sizeof(file),"%s/%s", key->info.dir, key->info.filename);
- DEBUGMSGT(("cert:key:read", "Checking file %s\n", key->info.filename));
-
- keybio = BIO_new(BIO_s_file());
- if (NULL == keybio) {
- snmp_log(LOG_ERR, "error creating BIO\n");
- return NULL;
- }
-
- if (BIO_read_filename(keybio, file) <=0) {
- snmp_log(LOG_ERR, "error reading certificate %s into BIO\n",
- key->info.filename);
- BIO_vfree(keybio);
+ keybio = netsnmp_open_bio(key->info.dir, key->info.filename);
+ if (!keybio) {
return NULL;
}
@@ -1154,7 +1170,7 @@ netsnmp_cert_load_x509(netsnmp_cert *cert)
cert->issuer_cert = _find_issuer(cert);
if (NULL == cert->issuer_cert) {
DEBUGMSGT(("cert:load:warn",
- "couldn't load CA chain for cert %s\n",
+ "couldn't load full CA chain for cert %s\n",
cert->info.filename));
rc = CERT_LOAD_PARTIAL;
break;
@@ -1163,7 +1179,7 @@ netsnmp_cert_load_x509(netsnmp_cert *cert)
/** get issuer ocert */
if ((NULL == cert->issuer_cert->ocert) &&
(netsnmp_ocert_get(cert->issuer_cert) == NULL)) {
- DEBUGMSGT(("cert:load:warn", "couldn't load cert chain for %s\n",
+ DEBUGMSGT(("cert:load:warn", "couldn't load full cert chain for %s\n",
cert->info.filename));
rc = CERT_LOAD_PARTIAL;
break;
@@ -1184,7 +1200,7 @@ _find_partner(netsnmp_cert *cert, netsnmp_key *key)
return;
}
- if(key) {
+ if (key) {
if (key->cert) {
DEBUGMSGT(("cert:partner", "key already has partner\n"));
return;
@@ -1197,7 +1213,8 @@ _find_partner(netsnmp_cert *cert, netsnmp_key *key)
return;
*pos = 0;
- matching = _cert_find_subset_fn( filename, key->info.dir );
+ matching = _cert_reduce_subset_first(_cert_find_subset_fn( filename,
+ key->info.dir ));
if (!matching)
return;
if (1 == matching->size) {
@@ -1217,7 +1234,7 @@ _find_partner(netsnmp_cert *cert, netsnmp_key *key)
DEBUGMSGT(("cert:partner", "%s matches multiple certs\n",
key->info.filename));
}
- else if(cert) {
+ else if (cert) {
if (cert->key) {
DEBUGMSGT(("cert:partner", "cert already has partner\n"));
return;
@@ -1255,76 +1272,182 @@ _find_partner(netsnmp_cert *cert, netsnmp_key *key)
}
}
+static netsnmp_key *
+_add_key(EVP_PKEY *okey, const char* dirname, const char* filename, FILE *index)
+{
+ netsnmp_key *key;
+
+ key = _new_key(dirname, filename);
+ if (NULL == key) {
+ return NULL;
+ }
+
+ key->okey = okey;
+
+ if (-1 == CONTAINER_INSERT(_keys, key)) {
+ DEBUGMSGT(("cert:key:file:add:err",
+ "error inserting key into container\n"));
+ netsnmp_key_free(key);
+ key = NULL;
+ }
+ if (index) {
+ fprintf(index, "k:%s\n", filename);
+ }
+
+ return key;
+}
+
+static netsnmp_cert *
+_add_cert(X509 *ocert, const char* dirname, const char* filename, int type, int offset, FILE *index)
+{
+ netsnmp_cert *cert;
+
+ cert = _new_cert(dirname, filename, type, offset, -1, NULL, NULL, NULL);
+ if (NULL == cert)
+ return NULL;
+
+ netsnmp_ocert_parse(cert, ocert);
+
+ if (-1 == CONTAINER_INSERT(_certs, cert)) {
+ DEBUGMSGT(("cert:file:add:err",
+ "error inserting cert into container\n"));
+ netsnmp_cert_free(cert);
+ return NULL;
+ }
+
+ if (index) {
+ /** filename = NAME_MAX = 255 */
+ /** fingerprint max = 64*3=192 for sha512 */
+ /** common name / CN = 64 */
+ if (cert)
+ fprintf(index, "c:%s %d %d %d %s '%s' '%s'\n", filename,
+ cert->info.type, cert->offset, cert->hash_type, cert->fingerprint,
+ cert->common_name, cert->subject);
+ }
+
+ return cert;
+}
+
static int
_add_certfile(const char* dirname, const char* filename, FILE *index)
{
- X509 *ocert;
- EVP_PKEY *okey;
+ BIO *certbio;
+ X509 *ocert = NULL;
+ X509 *ncert;
+ EVP_PKEY *okey = NULL;
netsnmp_cert *cert = NULL;
netsnmp_key *key = NULL;
char certfile[SNMP_MAXPATH];
int type;
+ int offset = 0;
if (((const void*)NULL == dirname) || (NULL == filename))
return -1;
type = _type_from_filename(filename);
- netsnmp_assert(type != NS_CERT_TYPE_UNKNOWN);
+ if (type == NS_CERT_TYPE_UNKNOWN) {
+ snmp_log(LOG_ERR, "certificate file '%s' type not recognised, ignoring\n", filename);
+ return -1;
+ }
- snprintf(certfile, sizeof(certfile),"%s/%s", dirname, filename);
+ certbio = netsnmp_open_bio(dirname, filename);
+ if (!certbio) {
+ return -1;
+ }
- DEBUGMSGT(("9:cert:file:add", "Checking file: %s (type %d)\n", filename,
- type));
+ switch (type) {
- if (NS_CERT_TYPE_KEY == type) {
- key = _new_key(dirname, filename);
- if (NULL == key)
- return -1;
- okey = netsnmp_okey_get(key);
- if (NULL == okey) {
- netsnmp_key_free(key);
- return -1;
- }
- key->okey = okey;
- if (-1 == CONTAINER_INSERT(_keys, key)) {
- DEBUGMSGT(("cert:key:file:add:err",
- "error inserting key into container\n"));
- netsnmp_key_free(key);
- key = NULL;
- }
- }
- else {
- cert = _new_cert(dirname, filename, type, -1, NULL, NULL, NULL);
- if (NULL == cert)
- return -1;
- ocert = netsnmp_ocert_get(cert);
- if (NULL == ocert) {
- netsnmp_cert_free(cert);
- return -1;
- }
- cert->ocert = ocert;
- if (-1 == CONTAINER_INSERT(_certs, cert)) {
- DEBUGMSGT(("cert:file:add:err",
- "error inserting cert into container\n"));
- netsnmp_cert_free(cert);
- cert = NULL;
- }
- }
- if ((NULL == cert) && (NULL == key)) {
- DEBUGMSGT(("cert:file:add:failure", "for %s\n", certfile));
- return -1;
+ case NS_CERT_TYPE_KEY:
+
+ okey = PEM_read_bio_PrivateKey(certbio, NULL, NULL, NULL);
+ if (NULL == okey)
+ snmp_log(LOG_ERR, "error parsing key file %s\n",
+ key->info.filename);
+ else {
+ key = _add_key(okey, dirname, filename, index);
+ if (NULL == key) {
+ EVP_PKEY_free(okey);
+ okey = NULL;
+ }
+ }
+ break;
+
+ case NS_CERT_TYPE_DER:
+
+ ocert = d2i_X509_bio(certbio, NULL); /* DER/ASN1 */
+ if (NULL != ocert) {
+ if (!_add_cert(ocert, dirname, filename, type, 0, index)) {
+ X509_free(ocert);
+ ocert = NULL;
+ }
+ break;
+ }
+ (void)BIO_reset(certbio);
+ /* Check for PEM if DER didn't work */
+ /* FALLTHROUGH */
+
+ case NS_CERT_TYPE_PEM:
+
+ if (NS_CERT_TYPE_DER == type) {
+ DEBUGMSGT(("9:cert:read", "Changing type from DER to PEM\n"));
+ type = NS_CERT_TYPE_PEM;
+ }
+ ocert = ncert = PEM_read_bio_X509_AUX(certbio, NULL, NULL, NULL);
+ if (NULL != ocert) {
+ cert = _add_cert(ncert, dirname, filename, type, offset, index);
+ if (NULL == cert) {
+ X509_free(ocert);
+ ocert = ncert = NULL;
+ }
+ }
+ while (NULL != ncert) {
+ offset = BIO_tell(certbio);
+ ncert = PEM_read_bio_X509_AUX(certbio, NULL, NULL, NULL);
+ if (ncert) {
+ if (NULL == _add_cert(ncert, dirname, filename, type, offset, index)) {
+ X509_free(ncert);
+ ncert = NULL;
+ }
+ }
+ }
+
+ BIO_seek(certbio, offset);
+
+ /** check for private key too */
+ okey = PEM_read_bio_PrivateKey(certbio, NULL, NULL, NULL);
+
+ if (NULL != okey) {
+ DEBUGMSGT(("cert:read:key", "found key with cert in %s\n",
+ cert->info.filename));
+ key = _add_key(okey, dirname, filename, NULL);
+ if (NULL != key) {
+ DEBUGMSGT(("cert:read:partner", "%s match found!\n",
+ cert->info.filename));
+ key->cert = cert;
+ cert->key = key;
+ cert->info.allowed_uses |= NS_CERT_IDENTITY;
+ }
+ else {
+ EVP_PKEY_free(okey);
+ okey = NULL;
+ }
+ }
+
+ break;
+
+#ifdef CERT_PKCS12_SUPPORT_MAYBE_LATER
+ case NS_CERT_TYPE_PKCS12:
+#endif
+
+ default:
+ break;
}
- if (index) {
- /** filename = NAME_MAX = 255 */
- /** fingerprint max = 64*3=192 for sha512 */
- /** common name / CN = 64 */
- if (cert)
- fprintf(index, "c:%s %d %d %s '%s' '%s'\n", filename,
- cert->info.type, cert->hash_type, cert->fingerprint,
- cert->common_name, cert->subject);
- else if (key)
- fprintf(index, "k:%s\n", filename);
+ BIO_vfree(certbio);
+
+ if ((NULL == ocert) && (NULL == okey)) {
+ snmp_log(LOG_ERR, "certificate file '%s' contained neither certificate nor key, ignoring\n", certfile);
+ return -1;
}
return 0;
@@ -1338,7 +1461,8 @@ _cert_read_index(const char *dirname, struct stat *dirstat)
struct stat idx_stat;
char tmpstr[SNMP_MAXPATH + 5], filename[NAME_MAX];
char fingerprint[EVP_MAX_MD_SIZE*3], common_name[64+1], type_str[15];
- char subject[SNMP_MAXBUF_SMALL], hash_str[15];
+ char subject[SNMP_MAXBUF_SMALL], hash_str[15], offset_str[15];
+ ssize_t offset;
int count = 0, type, hash, version;
netsnmp_cert *cert;
netsnmp_key *key;
@@ -1381,7 +1505,8 @@ _cert_read_index(const char *dirname, struct stat *dirstat)
netsnmp_directory_container_read_some(NULL, dirname,
_time_filter, &idx_stat,
NETSNMP_DIR_NSFILE |
- NETSNMP_DIR_NSFILE_STATS);
+ NETSNMP_DIR_NSFILE_STATS |
+ NETSNMP_DIR_ALLOW_DUPLICATES);
if (newer) {
DEBUGMSGT(("cert:index:parse", "Index outdated; files modified\n"));
CONTAINER_FREE_ALL(newer, NULL);
@@ -1426,6 +1551,7 @@ _cert_read_index(const char *dirname, struct stat *dirstat)
pos = &tmpstr[2];
if ((NULL == (pos=copy_nword(pos, filename, sizeof(filename)))) ||
(NULL == (pos=copy_nword(pos, type_str, sizeof(type_str)))) ||
+ (NULL == (pos=copy_nword(pos, offset_str, sizeof(offset_str)))) ||
(NULL == (pos=copy_nword(pos, hash_str, sizeof(hash_str)))) ||
(NULL == (pos=copy_nword(pos, fingerprint,
sizeof(fingerprint)))) ||
@@ -1438,8 +1564,9 @@ _cert_read_index(const char *dirname, struct stat *dirstat)
break;
}
type = atoi(type_str);
+ offset = atoi(offset_str);
hash = atoi(hash_str);
- cert = _new_cert(dirname, filename, type, hash, fingerprint,
+ cert = _new_cert(dirname, filename, type, offset, hash, fingerprint,
common_name, subject);
if (cert && 0 == CONTAINER_INSERT(found, cert))
++count;
@@ -1546,7 +1673,8 @@ _add_certdir(const char *dirname)
netsnmp_directory_container_read_some(NULL, dirname,
_cert_cert_filter, NULL,
NETSNMP_DIR_RELATIVE_PATH |
- NETSNMP_DIR_EMPTY_OK );
+ NETSNMP_DIR_EMPTY_OK |
+ NETSNMP_DIR_ALLOW_DUPLICATES);
if (NULL == cert_container) {
DEBUGMSGT(("cert:index:dir",
"error creating container for cert files\n"));
@@ -1634,7 +1762,7 @@ _cert_print(netsnmp_cert *c, void *context)
if (NULL == c)
return;
- DEBUGMSGT(("cert:dump", "cert %s in %s\n", c->info.filename, c->info.dir));
+ DEBUGMSGT(("cert:dump", "cert %s in %s at offset %d\n", c->info.filename, c->info.dir, c->offset));
DEBUGMSGT(("cert:dump", " type %d flags 0x%x (%s)\n",
c->info.type, c->info.allowed_uses,
_mode_str(c->info.allowed_uses)));
@@ -1838,7 +1966,8 @@ netsnmp_cert_find(int what, int where, void *hint)
netsnmp_void_array *matching;
DEBUGMSGT(("cert:find:params", " hint = %s\n", (char *)hint));
- matching = _cert_find_subset_fn( filename, NULL );
+ matching = _cert_reduce_subset_what(_cert_find_subset_fn(
+ filename, NULL ), what);
if (!matching)
return NULL;
if (1 == matching->size)
@@ -2281,6 +2410,124 @@ _reduce_subset_dir(netsnmp_void_array *matching, const char *directory)
}
}
+/*
+ * reduce subset by eliminating any certificates that are not the
+ * first certficate in a file. This allows us to ignore certificate
+ * chains when testing for specific certificates, and to match keys
+ * to the first certificate only.
+ */
+static netsnmp_void_array *
+_cert_reduce_subset_first(netsnmp_void_array *matching)
+{
+ netsnmp_cert *cc;
+ int i = 0, j, newsize;
+
+ if ((NULL == matching))
+ return matching;
+
+ newsize = matching->size;
+
+ for( ; i < matching->size; ) {
+ /*
+ * if we've shifted matches down we'll hit a NULL entry before
+ * we hit the end of the array.
+ */
+ if (NULL == matching->array[i])
+ break;
+ /*
+ * skip over valid matches. The first entry has an offset of zero.
+ */
+ cc = (netsnmp_cert*)matching->array[i];
+ if (0 == cc->offset) {
+ ++i;
+ continue;
+ }
+ /*
+ * shrink array by shifting everything down a spot. Might not be
+ * the most efficient soloution, but this is just happening at
+ * startup and hopefully most certs won't have common prefixes.
+ */
+ --newsize;
+ for ( j=i; j < newsize; ++j )
+ matching->array[j] = matching->array[j+1];
+ matching->array[j] = NULL;
+ /** no ++i; just shifted down, need to look at same position again */
+ }
+ /*
+ * if we shifted, set the new size
+ */
+ if (newsize != matching->size) {
+ DEBUGMSGT(("9:cert:subset:first", "shrank from %" NETSNMP_PRIz "d to %d\n",
+ matching->size, newsize));
+ matching->size = newsize;
+ }
+
+ if (0 == matching->size) {
+ free(matching->array);
+ SNMP_FREE(matching);
+ }
+
+ return matching;
+}
+
+/*
+ * reduce subset by eliminating any certificates that do not match
+ * purpose specified.
+ */
+static netsnmp_void_array *
+_cert_reduce_subset_what(netsnmp_void_array *matching, int what)
+{
+ netsnmp_cert_common *cc;
+ int i = 0, j, newsize;
+
+ if ((NULL == matching))
+ return matching;
+
+ newsize = matching->size;
+
+ for( ; i < matching->size; ) {
+ /*
+ * if we've shifted matches down we'll hit a NULL entry before
+ * we hit the end of the array.
+ */
+ if (NULL == matching->array[i])
+ break;
+ /*
+ * skip over valid matches. The first entry has an offset of zero.
+ */
+ cc = (netsnmp_cert_common *)matching->array[i];
+ if ((cc->allowed_uses & what)) {
+ ++i;
+ continue;
+ }
+ /*
+ * shrink array by shifting everything down a spot. Might not be
+ * the most efficient soloution, but this is just happening at
+ * startup and hopefully most certs won't have common prefixes.
+ */
+ --newsize;
+ for ( j=i; j < newsize; ++j )
+ matching->array[j] = matching->array[j+1];
+ matching->array[j] = NULL;
+ /** no ++i; just shifted down, need to look at same position again */
+ }
+ /*
+ * if we shifted, set the new size
+ */
+ if (newsize != matching->size) {
+ DEBUGMSGT(("9:cert:subset:what", "shrank from %" NETSNMP_PRIz "d to %d\n",
+ matching->size, newsize));
+ matching->size = newsize;
+ }
+
+ if (0 == matching->size) {
+ free(matching->array);
+ SNMP_FREE(matching);
+ }
+
+ return matching;
+}
+
static netsnmp_void_array *
_cert_find_subset_common(const char *filename, netsnmp_container *container)
{
diff --git a/snmplib/dir_utils.c b/snmplib/dir_utils.c
index c2dd989..e7145e4 100644
--- a/snmplib/dir_utils.c
+++ b/snmplib/dir_utils.c
@@ -107,6 +107,9 @@ netsnmp_directory_container_read_some(netsnmp_container *user_container,
/** default to unsorted */
if (! (flags & NETSNMP_DIR_SORTED))
CONTAINER_SET_OPTIONS(container, CONTAINER_KEY_UNSORTED, rc);
+ /** default to duplicates not allowed */
+ if (! (flags & NETSNMP_DIR_ALLOW_DUPLICATES))
+ CONTAINER_SET_OPTIONS(container, CONTAINER_KEY_ALLOW_DUPLICATES, rc);
}
dir = opendir(dirname);

28
net-snmp-5.9-memory-reporting.patch
View File

@ -1,28 +0,0 @@
diff --git a/agent/mibgroup/hardware/memory/memory_linux.c b/agent/mibgroup/hardware/memory/memory_linux.c
index 6d5e86c..68b55d2 100644
--- a/agent/mibgroup/hardware/memory/memory_linux.c
+++ b/agent/mibgroup/hardware/memory/memory_linux.c
@@ -123,6 +123,13 @@ int netsnmp_mem_arch_load( netsnmp_cache *cache, void *magic ) {
if (first)
snmp_log(LOG_ERR, "No SwapTotal line in /proc/meminfo\n");
}
+ b = strstr(buff, "SReclaimable: ");
+ if (b)
+ sscanf(b, "SReclaimable: %lu", &sreclaimable);
+ else {
+ if (first)
+ snmp_log(LOG_ERR, "No SReclaimable line in /proc/meminfo\n");
+ }
b = strstr(buff, "SwapFree: ");
if (b)
sscanf(b, "SwapFree: %lu", &swapfree);
@@ -130,9 +137,6 @@ int netsnmp_mem_arch_load( netsnmp_cache *cache, void *magic ) {
if (first)
snmp_log(LOG_ERR, "No SwapFree line in /proc/meminfo\n");
}
- b = strstr(buff, "SReclaimable: ");
- if (b)
- sscanf(b, "SReclaimable: %lu", &sreclaimable);
first = 0;

48
net-snmp-5.9-multilib.patch
View File

@ -1,48 +0,0 @@
diff --git a/man/netsnmp_config_api.3.def b/man/netsnmp_config_api.3.def
index 90b20d9..bd5abe1 100644
--- a/man/netsnmp_config_api.3.def
+++ b/man/netsnmp_config_api.3.def
@@ -295,7 +295,7 @@ for one particular machine.
.PP
The default list of directories to search is \fC SYSCONFDIR/snmp\fP,
followed by \fC DATADIR/snmp\fP,
-followed by \fC LIBDIR/snmp\fP,
+followed by \fC /usr/lib(64)/snmp\fP,
followed by \fC $HOME/.snmp\fP.
This list can be changed by setting the environmental variable
.I SNMPCONFPATH
@@ -367,7 +367,7 @@ A colon separated list of directories to search for configuration
files in.
Default:
.br
-SYSCONFDIR/snmp:\:DATADIR/snmp:\:LIBDIR/snmp:\:$HOME/.snmp
+SYSCONFDIR/snmp:\:DATADIR/snmp:\:/usr/lib(64)/snmp:\:$HOME/.snmp
.SH "SEE ALSO"
netsnmp_mib_api(3), snmp_api(3)
.\" Local Variables:
diff --git a/man/snmp_config.5.def b/man/snmp_config.5.def
index fd30873..c3437d6 100644
--- a/man/snmp_config.5.def
+++ b/man/snmp_config.5.def
@@ -10,7 +10,7 @@ First off, there are numerous places that configuration files can be
found and read from. By default, the applications look for
configuration files in the following 4 directories, in order:
SYSCONFDIR/snmp,
-DATADIR/snmp, LIBDIR/snmp, and $HOME/.snmp. In each of these
+DATADIR/snmp, /usr/lib(64)/snmp, and $HOME/.snmp. In each of these
directories, it looks for files snmp.conf, snmpd.conf and/or
snmptrapd.conf, as well as snmp.local.conf, snmpd.local.conf
and/or snmptrapd.local.conf. *.local.conf are always
diff --git a/man/snmpd.conf.5.def b/man/snmpd.conf.5.def
index 7ce8a46..a4000f9 100644
--- a/man/snmpd.conf.5.def
+++ b/man/snmpd.conf.5.def
@@ -1593,7 +1593,7 @@ filename), and call the initialisation routine \fIinit_NAME\fR.
.RS
.IP "Note:"
If the specified PATH is not a fully qualified filename, it will
-be interpreted relative to LIBDIR/snmp/dlmod, and \fC.so\fR
+be interpreted relative to /usr/lib(64)/snmp/dlmod, and \fC.so\fR
will be appended to the filename.
.RE
.PP

26
net-snmp-5.9-pie.patch
View File

@ -1,26 +0,0 @@
diff --git a/agent/Makefile.in b/agent/Makefile.in
index 047d880..38d40aa 100644
--- a/agent/Makefile.in
+++ b/agent/Makefile.in
@@ -300,7 +300,7 @@ getmibstat.o: mibgroup/kernel_sunos5.c
$(CC) $(CFLAGS) -o $@ -D_GETMIBSTAT_TEST -DDODEBUG -c $?
snmpd$(EXEEXT): ${LAGENTOBJS} $(USELIBS) $(AGENTLIB) $(HELPERLIB) $(MIBLIB) $(LIBTARG)
- $(LINK) $(CFLAGS) -o $@ ${LAGENTOBJS} ${LDFLAGS} ${OUR_AGENT_LIBS}
+ $(LINK) $(CFLAGS) -o $@ -pie ${LAGENTOBJS} ${LDFLAGS} ${OUR_AGENT_LIBS}
libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION): ${LLIBAGENTOBJS} $(USELIBS)
$(LIB_LD_CMD) $(AGENTLIB) ${LLIBAGENTOBJS} $(USELIBS) ${LAGENTLIBS} $(LDFLAGS) $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
diff --git a/apps/Makefile.in b/apps/Makefile.in
index 3dbb1d1..48ed23a 100644
--- a/apps/Makefile.in
+++ b/apps/Makefile.in
@@ -190,7 +190,7 @@ snmptest$(EXEEXT): snmptest.$(OSUFFIX) $(USELIBS)
$(LINK) ${CFLAGS} -o $@ snmptest.$(OSUFFIX) ${LDFLAGS} ${LIBS}
snmptrapd$(EXEEXT): $(TRAPD_OBJECTS) $(USETRAPLIBS) $(INSTALLLIBS)
- $(LINK) ${CFLAGS} -o $@ $(TRAPD_OBJECTS) $(INSTALLLIBS) ${LDFLAGS} ${TRAPLIBS}
+ $(LINK) ${CFLAGS} -o $@ -pie $(TRAPD_OBJECTS) $(INSTALLLIBS) ${LDFLAGS} ${TRAPLIBS}
snmptrap$(EXEEXT): snmptrap.$(OSUFFIX) $(USELIBS)
$(LINK) ${CFLAGS} -o $@ snmptrap.$(OSUFFIX) ${LDFLAGS} ${LIBS}

38
net-snmp-5.9-python3.patch
View File

@ -1,38 +0,0 @@
diff --git a/Makefile.in b/Makefile.in
index 912f6b2..862fb5f 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -227,7 +227,7 @@ perlcleanfeatures:
# python specific build rules
#
-PYMAKE=$(PYTHON) setup.py $(PYTHONARGS)
+PYMAKE=/usr/bin/python3 setup.py $(PYTHONARGS)
pythonmodules: subdirs
@(dir=`pwd`; cd python; $(PYMAKE) build --basedir=$$dir) ; \
if test $$? != 0 ; then \
diff --git a/python/netsnmp/client.py b/python/netsnmp/client.py
index daf11a4..3a30a64 100644
--- a/python/netsnmp/client.py
+++ b/python/netsnmp/client.py
@@ -56,7 +56,7 @@ class Varbind(object):
def __init__(self, tag=None, iid=None, val=None, type_arg=None):
self.tag = STR(tag)
self.iid = STR(iid)
- self.val = STR(val)
+ self.val = val
self.type = STR(type_arg)
# parse iid out of tag if needed
if iid is None and tag is not None:
@@ -66,7 +66,10 @@ class Varbind(object):
(self.tag, self.iid) = match.group(1, 2)
def __setattr__(self, name, val):
- self.__dict__[name] = STR(val)
+ if name == 'val':
+ self.__dict__[name] = val
+ else:
+ self.__dict__[name] = STR(val)
def __str__(self):
return obj_to_str(self)

110
net-snmp-5.9-test-debug.patch
View File

@ -1,110 +0,0 @@
diff --git a/testing/fulltests/default/T070com2sec_simple b/testing/fulltests/default/T070com2sec_simple
index 6c07f74..7df0b51 100644
--- a/testing/fulltests/default/T070com2sec_simple
+++ b/testing/fulltests/default/T070com2sec_simple
@@ -134,34 +134,30 @@ SAVECHECKAGENT '<"c406a", 255.255.255.255/255.255.255.255> => "t406a"'
SAVECHECKAGENT 'line 30: Error:' # msg from h_strerror so it varies
SAVECHECKAGENT 'line 31: Error:' # msg from h_strerror so it varies
-if false; then
- # The two tests below have been disabled because these rely on resolving a
- # domain name into a local IP address. Such DNS replies are filtered out by
- # many security devices because to avoid DNS rebinding attacks. See also
- # https://en.wikipedia.org/wiki/DNS_rebinding.
-
- CHECKAGENT '<"c408a"'
- if [ "$snmp_last_test_result" -eq 0 ] ; then
- CHECKAGENT 'line 32: Error:'
- if [ "$snmp_last_test_result" -ne 1 ] ; then
- return_value=1
- FINISHED
- fi
- elif [ "$snmp_last_test_result" -ne 1 ] ; then
+FINISHED
+
+# don't test the rest, it depends on DNS, which is not available in Koji
+
+CHECKAGENT '<"c408a"'
+if [ "$snmp_last_test_result" -eq 0 ] ; then
+ CHECKAGENT 'line 32: Error:'
+ if [ "$snmp_last_test_result" -ne 1 ] ; then
return_value=1
FINISHED
fi
+elif [ "$snmp_last_test_result" -ne 1 ] ; then
+ return_value=1
+ FINISHED
+fi
- CHECKAGENT '<"c408b"'
- if [ "$snmp_last_test_result" -eq 0 ] ; then
- CHECKAGENT 'line 33: Error:'
- if [ "$snmp_last_test_result" -ne 1 ] ; then
- return_value=1
- fi
- elif [ "$snmp_last_test_result" -ne 1 ] ; then
+CHECKAGENT '<"c408b"'
+if [ "$snmp_last_test_result" -eq 0 ] ; then
+ CHECKAGENT 'line 33: Error:'
+ if [ "$snmp_last_test_result" -ne 1 ] ; then
return_value=1
fi
-
+elif [ "$snmp_last_test_result" -ne 1 ] ; then
+ return_value=1
fi
FINISHED
diff --git a/testing/fulltests/default/T071com2sec6_simple b/testing/fulltests/default/T071com2sec6_simple
index 76da70b..bc2d432 100644
--- a/testing/fulltests/default/T071com2sec6_simple
+++ b/testing/fulltests/default/T071com2sec6_simple
@@ -132,30 +132,27 @@ SAVECHECKAGENT '<"c606a", ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/ffff:ffff:ffff
SAVECHECKAGENT 'line 27: Error:'
SAVECHECKAGENT 'line 28: Error:'
-if false; then
- # The two tests below have been disabled because these rely on resolving a
- # domain name into a local IP address. Such DNS replies are filtered out by
- # many security devices because to avoid DNS rebinding attacks. See also
- # https://en.wikipedia.org/wiki/DNS_rebinding.
-
- # 608
- CHECKAGENT '<"c608a"'
- if [ "$snmp_last_test_result" -eq 0 ] ; then
- CHECKAGENT 'line 29: Error:'
- errnum=`expr $errnum - 1`
- if [ "$snmp_last_test_result" -ne 1 ] ; then
- FINISHED
- fi
- elif [ "$snmp_last_test_result" -ne 1 ] ; then
+FINISHED
+
+# don't test the rest, it depends on DNS, which is not available in Koji
+
+# 608
+CHECKAGENT '<"c608a"'
+if [ "$snmp_last_test_result" -eq 0 ] ; then
+ CHECKAGENT 'line 29: Error:'
+ errnum=`expr $errnum - 1`
+ if [ "$snmp_last_test_result" -ne 1 ] ; then
FINISHED
fi
+elif [ "$snmp_last_test_result" -ne 1 ] ; then
+ FINISHED
+fi
- CHECKAGENTCOUNT atleastone '<"c608b"'
- if [ "$snmp_last_test_result" -eq 0 ] ; then
- CHECKAGENT 'line 30: Error:'
- if [ "$snmp_last_test_result" -eq 1 ] ; then
- errnum=`expr $errnum - 1`
- fi
+CHECKAGENTCOUNT atleastone '<"c608b"'
+if [ "$snmp_last_test_result" -eq 0 ] ; then
+ CHECKAGENT 'line 30: Error:'
+ if [ "$snmp_last_test_result" -eq 1 ] ; then
+ errnum=`expr $errnum - 1`
fi
fi

6
net-snmp-5.9.1-autoconf.patch
View File

@ -1,6 +0,0 @@
diff -urNp a/dist/autoconf-version b/dist/autoconf-version
--- a/dist/autoconf-version 2021-09-01 11:18:14.582110773 +0200
+++ b/dist/autoconf-version 2021-09-01 11:20:16.804369533 +0200
@@ -1 +1 @@
-2.69
+2.71

175
net-snmp-5.9.1-remove-des.patch
View File

@ -1,175 +0,0 @@
diff -urNp a/man/net-snmp-config.1.def b/man/net-snmp-config.1.def
--- a/man/net-snmp-config.1.def 2021-05-26 09:30:07.430790003 +0200
+++ b/man/net-snmp-config.1.def 2021-05-26 09:35:36.703673542 +0200
@@ -30,7 +30,7 @@ code for a list of available debug token
SNMP Setup commands:
.TP
\fB\-\-create\-snmpv3\-user\fR [\-ro] [\-a authpass] [\-x privpass]
-[\-X DES|AES] [\-A MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224] [username]
+[\-X AES] [\-A MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224] [username]
.PP
These options produce the various compilation flags needed when
building external SNMP applications:
diff -urNp a/man/net-snmp-create-v3-user.1.def b/man/net-snmp-create-v3-user.1.def
--- a/man/net-snmp-create-v3-user.1.def 2021-05-26 09:30:07.430790003 +0200
+++ b/man/net-snmp-create-v3-user.1.def 2021-05-26 09:34:23.702034230 +0200
@@ -3,7 +3,7 @@
net-snmp-create-v3-user \- create a SNMPv3 user in net-snmp configuration file
.SH SYNOPSIS
.PP
-.B net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass] [-x DES|AES]
+.B net-snmp-create-v3-user [-ro] [-A authpass] [-a MD5|SHA] [-X privpass] [-x AES]
.B [username]
.SH DESCRIPTION
.PP
@@ -27,5 +27,5 @@ specifies the authentication password ha
\fB\-X privpass\fR
specifies the encryption password
.TP
-\fB\-x DES|AES\fR
+\fB\-x AES\fR
specifies the encryption algorithm
diff -urNp a/man/snmpcmd.1.def b/man/snmpcmd.1.def
--- a/man/snmpcmd.1.def 2021-05-26 09:30:07.429789994 +0200
+++ b/man/snmpcmd.1.def 2021-05-26 09:37:51.104850500 +0200
@@ -311,7 +311,7 @@ Overrides the \fIdefSecurityName\fR toke
file.
.TP
.BI \-x " privProtocol"
-Set the privacy protocol (DES or AES) used for encrypted SNMPv3 messages.
+Set the privacy protocol (AES) used for encrypted SNMPv3 messages.
Overrides the \fIdefPrivType\fR token in the
.I snmp.conf
file. This option is only valid if the Net-SNMP software was build
diff -urNp a/man/snmp.conf.5.def b/man/snmp.conf.5.def
--- a/man/snmp.conf.5.def 2021-05-26 09:30:07.429789994 +0200
+++ b/man/snmp.conf.5.def 2021-05-26 09:40:03.730011937 +0200
@@ -221,13 +221,13 @@ The
value will be used for the authentication and/or privacy pass phrases
if either of the other directives are not specified.
.IP "defAuthType MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224"
-.IP "defPrivType DES|AES"
+.IP "defPrivType AES"
define the default authentication and privacy protocols to use for
SNMPv3 requests.
These can be overridden using the \fB\-a\fR and \fB\-x\fR options respectively.
.IP
If not specified, SNMPv3 requests will default to MD5 authentication
-and DES encryption.
+and AES encryption.
.RS
.IP "Note:
If the software has not been compiled to use the OpenSSL libraries,
@@ -262,8 +262,7 @@ master keys which have been converted to
suitable for on particular SNMP engine (agent). The length of the key
needs to be appropriate for the authentication or encryption type
being used (auth keys: MD5=16 bytes, SHA1=20 bytes;
-priv keys: DES=16 bytes (8
-bytes of which is used as an IV and not a key), and AES=16 bytes).
+priv keys: AES=16 bytes).
.IP "sshtosnmpsocket PATH"
Sets the path of the \fBsshtosnmp\fR socket created by an application
(e.g. snmpd) listening for incoming ssh connections through the
diff -urNp a/man/snmpd.examples.5.def b/man/snmpd.examples.5.def
--- a/man/snmpd.examples.5.def 2021-05-26 09:30:07.429789994 +0200
+++ b/man/snmpd.examples.5.def 2021-05-26 09:41:29.170761436 +0200
@@ -87,8 +87,8 @@ the same authentication and encryption s
.RS
.nf
createUser me MD5 "single pass phrase"
-createUser myself MD5 "single pass phrase" DES
-createUser andI MD5 "single pass phrase" DES "single pass phrase"
+createUser myself MD5 "single pass phrase" AES
+createUser andI MD5 "single pass phrase" AES "single pass phrase"
.fi
.RE
Note that this defines three \fIdistinct\fR users, who could be granted
diff -urNp a/man/snmptrapd.conf.5.def b/man/snmptrapd.conf.5.def
--- a/man/snmptrapd.conf.5.def 2021-05-26 09:30:07.428789985 +0200
+++ b/man/snmptrapd.conf.5.def 2021-05-26 09:42:02.963064029 +0200
@@ -117,7 +117,7 @@ to trigger the types of processing liste
See
.IR snmpd.conf (5)
for more details.
-.IP "createUser [-e ENGINEID] username (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224) authpassphrase [DES|AES]"
+.IP "createUser [-e ENGINEID] username (MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224) authpassphrase [AES]"
See the
.IR snmpd.conf (5)
manual page for a description of how to create SNMPv3 users. This
diff -urNp a/man/snmpusm.1.def b/man/snmpusm.1.def
--- a/man/snmpusm.1.def 2021-05-26 09:30:07.430790003 +0200
+++ b/man/snmpusm.1.def 2021-05-26 09:42:24.178253990 +0200
@@ -216,7 +216,7 @@ rwuser initial
# lets add the new user we'll create too:
rwuser wes
# USM configuration entries
-createUser initial MD5 setup_passphrase DES
+createUser initial MD5 setup_passphrase AES
.fi
.RE
.PP
diff -urNp a/net-snmp-create-v3-user.in b/net-snmp-create-v3-user.in
--- a/net-snmp-create-v3-user.in 2021-05-26 09:30:07.369789468 +0200
+++ b/net-snmp-create-v3-user.in 2021-05-26 09:33:23.966511123 +0200
@@ -10,7 +10,7 @@ if @PSCMD@ | egrep ' snmpd *$' > /dev/nu
fi
Aalgorithm="MD5"
-Xalgorithm="DES"
+Xalgorithm="AES"
token=rwuser
while test "x$done" = "x" -a "x$1" != "x" -a "x$usage" != "xyes"; do
@@ -57,11 +57,11 @@ case $1 in
exit 1
fi
case $1 in
- DES|AES|AES128|AES192|AES256)
+ AES|AES128|AES192|AES256)
Xalgorithm=$1
shift
;;
- des|aes|aes128|aes192|aes256)
+ aes|aes128|aes192|aes256)
Xalgorithm=$(echo "$1" | tr a-z A-Z)
shift
;;
@@ -90,7 +90,7 @@ if test "x$usage" = "xyes"; then
echo ""
echo "Usage:"
echo " net-snmp-create-v3-user [-ro] [-A authpass] [-X privpass]"
- echo " [-a MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224] [-x DES|AES] [username]"
+ echo " [-a MD5|SHA|SHA-512|SHA-384|SHA-256|SHA-224] [-x AES] [username]"
echo ""
exit
fi
diff -urNp a/README.snmpv3 b/README.snmpv3
--- a/README.snmpv3 2021-05-26 09:30:07.352789320 +0200
+++ b/README.snmpv3 2021-05-26 09:44:49.109551728 +0200
@@ -4,7 +4,7 @@ How to setup SNMPv3, a very brief docume
do a better job on since I suck at writing documentation and he
doesn't ;-) --Wes:
-Note: SHA authentication and DES/AES encryption support is only available
+Note: SHA authentication and AES encryption support is only available
if you have OpenSSL installed or if you've compiled using
--with-openssl=internal. If you use --with-openssl=internal please
read the documentation in snmplib/openssl/README for important details.
@@ -27,7 +27,7 @@ CREATING THE FIRST USER:
WARNING: SNMPv3 pass phrases must be at least 8 characters long!
The above line creates the user "myuser" with a password of
- "my_password" (and uses MD5 and DES for protection). (Note that
+ "my_password" (and uses MD5 and AES for protection). (Note that
encryption support isn't enabled in the binary releases downloadable
from the net-snmp web site.) net-snmp-config will also add a line
to your snmpd.conf file to let that user have read/write access to
@@ -44,7 +44,7 @@ CREATING THE FIRST USER:
[ this should return information about how long your agent has been up]
snmpget -v 3 -u myuser -l authPriv -a MD5 -A my_password
- -x DES -X my_password localhost sysUpTime.0
+ -x AES -X my_password localhost sysUpTime.0
[ this should return similar information, but encrypts the transmission ]
CREATING A SECOND USER:

24
net-snmp-config
View File

@ -16,47 +16,43 @@
arch=`arch`
echo $arch | grep -q i.86
if [ $? -eq 0 ] ; then
net-snmp-config-i386 "$@"
net-snmp-config-i386 $*
exit 0
fi
if [ "$arch" = "ia64" ] ; then
net-snmp-config-ia64 "$@"
net-snmp-config-ia64 $*
exit 0
fi
if [ "$arch" = "ppc" ] ; then
net-snmp-config-ppc "$@"
net-snmp-config-ppc $*
exit 0
fi
if [ "$arch" = "ppc64" ] ; then
net-snmp-config-ppc64 "$@"
net-snmp-config-ppc64 $*
exit 0
fi
if [ "$arch" = "s390" ] ; then
net-snmp-config-s390 "$@"
net-snmp-config-s390 $*
exit 0
fi
if [ "$arch" = "s390x" ] ; then
net-snmp-config-s390x "$@"
net-snmp-config-s390x $*
exit 0
fi
if [ "$arch" = "x86_64" ] ; then
net-snmp-config-x86_64 "$@"
net-snmp-config-x86_64 $*
exit 0
fi
if [ "$arch" = "alpha" ] ; then
net-snmp-config-alpha "$@"
net-snmp-config-alpha $*
exit 0
fi
if [ "$arch" = "sparc" ] ; then
net-snmp-config-sparc "$@"
net-snmp-config-sparc $*
exit 0
fi
if [ "$arch" = "sparc64" ] ; then
net-snmp-config-sparc64 "$@"
exit 0
fi
if [ "$arch" = "aarch64" ] ; then
net-snmp-config-aarch64 "$@"
net-snmp-config-sparc64 $*
exit 0
fi
echo "Cannot determine architecture"

10
net-snmp-config.h
View File

@ -4,10 +4,10 @@
* out) in net-snmp-config.h. The original net-snmp-config.h has been renamed.
* DO NOT INCLUDE THE NEW FILE DIRECTLY -- ALWAYS INCLUDE THIS ONE INSTEAD. */
#ifdef net_snmp_config_multilib_redirection_h
#error "Do not define net_snmp_config_multilib_redirection_h!"
#ifdef net-snmp-config_multilib_redirection_h
#error "Do not define net-snmp-config_multilib_redirection_h!"
#endif
#define net_snmp_config_multilib_redirection_h
#define net-snmp-config_multilib_redirection_h
#if defined(__i386__)
#include "net-snmp-config-i386.h"
@ -29,10 +29,8 @@
#include "net-snmp-config-sparc64.h"
#elif defined(__sparc__)
#include "net-snmp-config-sparc.h"
#elif defined(__aarch64__)
#include "net-snmp-config-aarch64.h"
#else
#error "net-snmp-devel package does not work on your architecture"
#endif
#undef net_snmp_config_multilib_redirection_h
#undef net-snmp-config_multilib_redirection_h

59
net-snmp-libs-misunderstanding.patch
View File

@ -1,59 +0,0 @@
Libs.private should contain a list of libraries the library that the package
exposes is linked too. So let's filter out unrelated link flags.
diff --git net-snmp-5.9.1/netsnmp.pc.in~ net-snmp-5.9.1/netsnmp.pc.in
index 0a1f5785a4..524ca91d82 100644
--- net-snmp-5.9.1/netsnmp.pc.in~
+++ net-snmp-5.9.1/netsnmp.pc.in
@@ -9,4 +9,4 @@ URL: http://www.net-snmp.org
Version: @PACKAGE_VERSION@
Cflags: -I${includedir}
Libs: -L${libdir} -lnetsnmp
-Libs.private: @LDFLAGS@ @LNETSNMPLIBS@ @LIBS@ @PERLLDOPTS_FOR_APPS@
+Libs.private: @LNETSNMPLIBS@ @LIBS@
diff --git net-snmp-5.9.1/netsnmp-agent.pc.in~ net-snmp-5.9.1/netsnmp-agent.pc.in
index 3a1c77bbf8..3d3b308d21 100644
--- net-snmp-5.9.1/netsnmp-agent.pc.in~
+++ net-snmp-5.9.1/netsnmp-agent.pc.in
@@ -9,4 +9,4 @@ URL: http://www.net-snmp.org
Version: @PACKAGE_VERSION@
Cflags: -I${includedir}
Libs: -L${libdir} -lnetsnmpmibs -lnetsnmpagent -lnetsnmp
-Libs.private: @LDFLAGS@ @LMIBLIBS@ @LAGENTLIBS@ @PERLLDOPTS_FOR_APPS@ @LNETSNMPLIBS@ @LIBS@
+Libs.private: @LMIBLIBS@ @LAGENTLIBS@ @LNETSNMPLIBS@ @LIBS@
diff --git net-snmp-5.9.1/net-snmp-config.in~ net-snmp-5.9.1/net-snmp-config.in
index 6b5abf8f83..ee81ce98fa 100644
--- net-snmp-5.9.1/net-snmp-config.in~
+++ net-snmp-5.9.1/net-snmp-config.in
@@ -193,13 +193,13 @@ else
#################################################### client lib
--libs)
# use this one == --netsnmp-libs + --external-libs
- echo $NSC_LDFLAGS $NSC_LIBDIR $NSC_SNMPLIBS $NSC_LIBS
+ echo $NSC_LIBDIR $NSC_SNMPLIBS $NSC_LIBS
;;
--netsnmp-libs)
echo $NSC_LIBDIR $NSC_BASE_SNMP_LIBS
;;
--external-libs)
- echo $NSC_LDFLAGS $NSC_LNETSNMPLIBS $NSC_LIBS @PERLLDOPTS_FOR_APPS@
+ echo $NSC_LNETSNMPLIBS $NSC_LIBS
;;
#################################################### agent lib
--base-agent-libs)
@@ -210,13 +210,13 @@ else
;;
--agent-libs)
# use this one == --netsnmp-agent-libs + --external-libs
- echo $NSC_LDFLAGS $NSC_LIBDIR $NSC_AGENTLIBS $NSC_LIBS
+ echo $NSC_LIBDIR $NSC_AGENTLIBS $NSC_LIBS
;;
--netsnmp-agent-libs)
echo $NSC_LIBDIR $NSC_BASE_AGENT_LIBS
;;
--external-agent-libs)
- echo $NSC_LDFLAGS $NSC_LMIBLIBS $NSC_LAGENTLIBS $NSC_LNETSNMPLIBS $NSC_LIBS
+ echo $NSC_LMIBLIBS $NSC_LAGENTLIBS $NSC_LNETSNMPLIBS $NSC_LIBS
;;
####################################################
--version|--ver*)

1
net-snmp-tmpfs.conf
View File

@ -1 +0,0 @@
d /run/net-snmp 0755 root root

6
net-snmp.redhat.conf
View File

@ -38,14 +38,14 @@
# First, map the community name "public" into a "security name"
# sec.name source community
#com2sec notConfigUser default public
com2sec notConfigUser default public
####
# Second, map the security name into a group name:
# groupName securityModel securityName
#group notConfigGroup v1 notConfigUser
#group notConfigGroup v2c notConfigUser
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:

1004
net-snmp.spec
View File

File diff suppressed because it is too large Load Diff

115
net-snmpd.init Executable file
View File

@ -0,0 +1,115 @@
#!/bin/bash
# ucd-snmp init file for snmpd
#
# chkconfig: - 50 50
# description: Simple Network Management Protocol (SNMP) Daemon
#
# processname: /usr/sbin/snmpd
# config: /etc/snmp/snmpd.conf
# config: /usr/share/snmp/snmpd.conf
# pidfile: /var/run/snmpd.pid
### BEGIN INIT INFO
# Provides: snmpd
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop:
# Short-Description: start and stop Net-SNMP daemon
# Description: Simple Network Management Protocol (SNMP) Daemon
### END INIT INFO
# source function library
. /etc/init.d/functions
OPTIONS="-LS0-6d -Lf /dev/null -p /var/run/snmpd.pid"
if [ -e /etc/sysconfig/snmpd ]; then
. /etc/sysconfig/snmpd
fi
RETVAL=0
prog="snmpd"
binary=/usr/sbin/snmpd
pidfile=/var/run/snmpd.pid
start() {
[ -x $binary ] || exit 5
echo -n $"Starting $prog: "
if [ $UID -ne 0 ]; then
RETVAL=1
failure
else
daemon --pidfile=$pidfile $binary $OPTIONS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/snmpd
fi;
echo
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
if [ $UID -ne 0 ]; then
RETVAL=1
failure
else
killproc -p $pidfile $binary
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/snmpd
fi;
echo
return $RETVAL
}
reload(){
echo -n $"Reloading $prog: "
killproc -p $pidfile $binary -HUP
RETVAL=$?
echo
return $RETVAL
}
restart(){
stop
start
}
condrestart(){
[ -e /var/lock/subsys/snmpd ] && restart
return 0
}
case "$1" in
start)
start
RETVAL=$?
;;
stop)
stop
RETVAL=$?
;;
restart)
restart
RETVAL=$?
;;
reload|force-reload)
reload
RETVAL=$?
;;
condrestart|try-restart)
condrestart
RETVAL=$?
;;
status)
status snmpd
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|force-reload}"
RETVAL=2
esac
exit $RETVAL

3
net-snmpd.sysconfig
View File

@ -1,3 +1,2 @@
# snmpd command line options
# '-f' is implicitly added by snmpd systemd unit file
# OPTIONS="-LS0-6d"
# OPTIONS="-LS0-6d -Lf /dev/null -p /var/run/snmpd.pid"

103
net-snmptrapd.init Executable file
View File

@ -0,0 +1,103 @@
#!/bin/bash
# ucd-snmp init file for snmptrapd
#
# chkconfig: - 50 50
# description: Simple Network Management Protocol (SNMP) Trap Daemon
#
# processname: /usr/sbin/snmptrapd
# config: /etc/snmp/snmptrapd.conf
# config: /usr/share/snmp/snmptrapd.conf
# pidfile: /var/run/snmptrapd.pid
### BEGIN INIT INFO
# Provides: snmptrapd
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop:
# Short-Description: start and stop Net-SNMP trap daemon
# Description: Simple Network Management Protocol (SNMP) trap daemon
### END INIT INFO
# source function library
. /etc/init.d/functions
OPTIONS="-Lsd -p /var/run/snmptrapd.pid"
if [ -e /etc/sysconfig/snmptrapd ]; then
. /etc/sysconfig/snmptrapd
fi
RETVAL=0
prog="snmptrapd"
binary=/usr/sbin/snmptrapd
pidfile=/var/run/snmptrapd.pid
start() {
[ -x $binary ] || exit 5
echo -n $"Starting $prog: "
daemon --pidfile=$pidfile /usr/sbin/snmptrapd $OPTIONS
RETVAL=$?
echo
touch /var/lock/subsys/snmptrapd
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $pidfile /usr/sbin/snmptrapd
RETVAL=$?
echo
rm -f /var/lock/subsys/snmptrapd
return $RETVAL
}
reload(){
stop
start
}
restart(){
stop
start
}
condrestart(){
[ -e /var/lock/subsys/snmptrapd ] && restart
return 0
}
case "$1" in
start)
start
RETVAL=$?
;;
stop)
stop
RETVAL=$?
;;
restart)
restart
RETVAL=$?
;;
reload|force-reload)
reload
RETVAL=$?
;;
condrestart|try-restart)
condrestart
RETVAL=$?
;;
status)
status snmptrapd
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|force-reload}"
RETVAL=2
esac
exit $RETVAL

3
net-snmptrapd.sysconfig
View File

@ -1,3 +1,2 @@
# snmptrapd command line options
# '-f' is implicitly added by snmptrapd systemd unit file
# OPTIONS="-Lsd"
# OPTIONS="-Lsd -p /var/run/snmptrapd.pid"

13
snmpd.service
View File

@ -1,13 +0,0 @@
[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon.
After=syslog.target network-online.target
[Service]
Type=notify
Environment=OPTIONS="-LS0-6d"
EnvironmentFile=-/etc/sysconfig/snmpd
ExecStart=/usr/sbin/snmpd $OPTIONS -f
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

13
snmptrapd.service
View File

@ -1,13 +0,0 @@
[Unit]
Description=Simple Network Management Protocol (SNMP) Trap Daemon.
After=syslog.target network-online.target
[Service]
Type=notify
Environment=OPTIONS="-Lsd"
EnvironmentFile=-/etc/sysconfig/snmptrapd
ExecStart=/usr/sbin/snmptrapd $OPTIONS -f
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

2
sources
View File

@ -1 +1 @@
SHA512 (net-snmp-5.9.3.tar.gz) = a476df4967029a2eb03d27b0e250170785d0a8c143d49b900ee958c3cbdfaccd415b70af40f6fbed9cb8819d522c35a6073a431091d908ccc7c018fa0aaa2abc
5b2551e7bd024fbbee84dca22a5f13a1 net-snmp-5.5.tar.gz

36
tests/integration-tests/Makefile
View File

@ -1,36 +0,0 @@
# SPDX-License-Identifier: LGPL-2.1+
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/net-snmp
# Description: Test if net-snmp working ok
# Author: Susant Sahani<susant@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/net-snmp
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Susant Sahani<susant@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test snmpd" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: net-snmp" >> $(METADATA)
@echo "Requires: net=snmp" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -Fedora 28" >> $(METADATA)
rhts-lint $(METADATA)

3
tests/integration-tests/PURPOSE
View File

@ -1,3 +0,0 @@
PURPOSE of /CoreOS/net-snmp
Description: tests for net-snmp
Author: Susant Sahani<susant@redhat.com>

175
tests/integration-tests/net-snmp-tests.py
View File

@ -1,175 +0,0 @@
#!/usr/bin/env python3
# SPDX-License-Identifier: LGPL-2.1+
# ~~~
# Description: Tests for snmpd
#
# Author: Susant Sahani <susant@redhat.com>
# Copyright (c) 2018 Red Hat, Inc.
# ~~~
import errno
import os
import sys
import time
import unittest
import subprocess
import signal
import shutil
import psutil
import socket
import platform
import re
from pyroute2 import IPRoute
from psutil import virtual_memory
from collections import OrderedDict
HOST='192.168.111.50'
def setUpModule():
"""Initialize the environment, and perform sanity checks on it."""
if shutil.which('snmpd') is None:
raise OSError(errno.ENOENT, 'snmpd not found')
if shutil.which('snmpwalk') is None:
raise OSError(errno.ENOENT, 'snmpwalk not found')
def tearDownModule():
pass
class GenericUtilities():
"""Provide a set of utility functions start stop daemons. write config files etc """
def StartSnmpd(self):
"""Start snmpd"""
subprocess.check_output(['systemctl', 'start', 'snmpd'])
def StopSnmpd(self):
"""Stop snmpd"""
subprocess.check_output(['systemctl', 'stop', 'snmpd'])
def SetupVethInterface(self):
"""Setup veth interface"""
ip = IPRoute()
ip.link('add', ifname='veth-test', peer='veth-peer', kind='veth')
idx_veth_test = ip.link_lookup(ifname='veth-test')[0]
idx_veth_peer = ip.link_lookup(ifname='veth-peer')[0]
ip.link('set', index=idx_veth_test, address='12:11:12:13:14:18')
ip.link('set', index=idx_veth_peer, address='22:21:22:23:24:29')
ip.link('set', index=idx_veth_test, state='up')
ip.link('set', index=idx_veth_peer, state='up')
ip.addr('add', index=idx_veth_test, address='192.168.111.50')
ip.addr('add', index=idx_veth_peer, address='192.168.111.51')
ip.close()
def TearDownVethInterface(self):
ip = IPRoute()
ip.link('del', index=ip.link_lookup(ifname='veth-test')[0])
ip.close()
class SnmpdTests(unittest.TestCase, GenericUtilities):
def setUp(self):
self.SetupVethInterface()
time.sleep(1)
self.StartSnmpd()
def tearDown(self):
self.StopSnmpd()
self.TearDownVethInterface()
def test_UCD_SNMP_MIB_memory(self):
''' UCD-SNMP-MIB::memory '''
subprocess.check_output(['snmpwalk', '-v2c', '-c' , 'public', HOST, 'UCD-SNMP-MIB::memory'])
meminfo=OrderedDict()
with open('/proc/meminfo') as f:
for line in f:
meminfo[line.split(':')[0]] = line.split(':')[1].strip()
output=subprocess.check_output(['snmpwalk', '-v2c', '-c' , 'public', HOST, 'UCD-SNMP-MIB::memTotalReal.0']).rstrip().decode('utf-8')
self.assertRegex(output, meminfo['MemTotal'])
def test_SNMP_hrSWRunPath(self):
""" process id """
output=subprocess.check_output(['snmpwalk', '-v2c', '-c' , 'public', HOST, 'HOST-RESOURCES-MIB::hrSWRunPath.1']).rstrip().decode('utf-8')
self.assertRegex(output, 'systemd')
def test_SNMP_IF_MIB_network_interface(self):
""" verify network interface (1.3.6.1.2.1.2.2.1) SNMP variables """
ip = IPRoute()
subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.2.2.1'])
# 1.3.6.1.2.1.2.2.1.1 IF-MIB::ifIndex
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.2.2.1.1']).rstrip().decode('utf-8')
self.assertRegex(output, 'IF-MIB::ifIndex.1 = INTEGER: 1')
# 1.3.6.1.2.1.2.2.1.1 IF-MIB::ifDescr
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.2.2.1.2']).rstrip().decode('utf-8')
for link in ip.get_links():
self.assertRegex(output, link.get_attr('IFLA_IFNAME'))
# IP-MIB::ipAdEntAddr 1.3.6.1.2.1.4.20.1.1
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.4.20.1.1']).rstrip().decode('utf-8')
for addr in ip.get_addr():
if addr.get_attr('IFA_ADDRESS'):
if addr.get_attr('IFA_ADDRESS') != '::1' and addr.get_attr('Ifamily') == 2:
self.assertRegex(output, addr.get_attr('IFA_ADDRESS'))
# IF-MIB::ifPhysAddress. 1.3.6.1.2.1.2.2.1.6
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.2.2.1.6']).rstrip().decode('utf-8')
for link in ip.get_links():
if link.get_attr('IFLA_ADDRESS') and link.get_attr('IFLA_ADDRESS') != '00:00:00:00:00:00':
snmp_mac = re.sub(r'\b0+(\d)', r'\1', link.get_attr('IFLA_ADDRESS')).lstrip('0')
self.assertRegex(output, snmp_mac)
ip.close()
def test_SNMP_MIB_2_System(self):
""" verify RFC 1213 System (1.3.6.1.2.1.1) SNMP variables"""
subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1']).rstrip().decode('utf-8')
# 1.3.6.1.2.1.1.1 - sysDescr
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1.1']).rstrip().decode('utf-8')
self.assertRegex(output, platform.machine())
self.assertRegex(output, platform.node())
self.assertRegex(output, platform.processor())
self.assertRegex(output, platform.release())
self.assertRegex(output, platform.version())
# 1.3.6.1.2.1.1.2 - sysObjectID
subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1.2'])
# 1.3.6.1.2.1.1.3 - sysUpTime
subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1.3'])
# 1.3.6.1.2.1.1.4 - sysContact
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1.4']).rstrip().decode('utf-8')
self.assertRegex(output, 'fedora-ci <fedoraci@fedoraproject.org>')
# 1.3.6.1.2.1.1.5 - sysName
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1.5']).rstrip().decode('utf-8')
self.assertRegex(output, socket.gethostname())
# 1.3.6.1.2.1.1.6 - sysLocation
output=subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST, '1.3.6.1.2.1.1.6']).rstrip().decode('utf-8')
self.assertRegex(output, 'Pune, IN')
def test_basic_snmpwalk(self):
""" verify snmpwalk getting success snmpwalk -v2c -c public localhost """
subprocess.check_output(['snmpwalk', '-v2c', '-c', 'public', HOST])
if __name__ == '__main__':
unittest.main(testRunner=unittest.TextTestRunner(stream=sys.stdout,
verbosity=3))

51
tests/integration-tests/runtest.sh
View File

@ -1,51 +0,0 @@
#!/bin/bash
# SPDX-License-Identifier: LGPL-2.1+
# ~~~
# runtest.sh of net-snmp
# Description: net-snmp tests
#
# Author: Susant Sahani <susant@redhat.com>
# Copyright (c) 2018 Red Hat, Inc.
# ~~~
# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE_NET_SNMP="net-snmp"
PACKAGE_NET_SNMP_UTILS="net-snmp-utils"
NET_SNMP_CONF_FILE="/etc/snmp/snmpd.conf"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE_NET_SNMP
rlAssertRpm $PACKAGE_NET_SNMP_UTILS
rlRun "systemctl stop firewalld" 0,5
rlRun "setenforce 0" 0,1
rlRun "[ -e /sys/class/net/veth-test ] && ip link del veth-test" 0,1
rlRun "cp net-snmp-tests.py /usr/bin/"
rlFileBackup "$NET_SNMP_CONF_FILE"
rlRun "cp snmpd.conf $NET_SNMP_CONF_FILE"
rlPhaseEnd
rlPhaseStartTest
rlLog "Starting net-snmp tests ..."
rlRun "/usr/bin/python3 /usr/bin/net-snmp-tests.py"
rlPhaseEnd
rlPhaseStartCleanup
rlRun "rm /usr/bin/net-snmp-tests.py $NET_SNMP_CONFIG_FILE"
rlRun "systemctl daemon-reload"
rlRun "[ -e /sys/class/net/veth-test ] && ip link del veth-test" 0,1
rlFileRestore
rlRun "setenforce 1" 0,1
rlLog "net-snmp tests done"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd
rlGetTestState

7
tests/integration-tests/snmpd.conf
View File

@ -1,7 +0,0 @@
agentAddress udp:192.168.111.50:161
syslocation Pune, IN
syscontact fedora-ci <fedoraci@fedoraproject.org>
dontLogTCPWrappersConnects yes
rocommunity public

14
tests/tests.yml
View File

@ -1,14 +0,0 @@
- hosts: localhost
roles:
- role: standard-test-beakerlib
tags:
- classic
tests:
- integration-tests
required_packages:
- python3
- systemd
- iproute
- python3-pyroute2
- net-snmp
- net-snmp-utils