[erlang-questions] Two SNMP questions: SHA auth + authPriv, authenticationFailure trap

Martin Bjorklund <>
Mon Apr 23 10:08:24 CEST 2007


Scott Lystig Fritchie <> wrote:
> >>>>> "mb" == Martin Bjorklund <> writes:
> 
> mb> So validate_key_change/4 should do the
> mb> corresponding validation.  Thus, the code should be something
> mb> like:
> 
> That yields a different error, this during the set phase.
> 
> % snmpusm -v 3 -l authPriv -u superuser-sha -a SHA -A shaphrase \
>     -x DES privphrase localhost:55161 \
>     -Cx passwd privphrase privpriv
> 
> =ERROR REPORT==== 23-Apr-2007::01:27:17 ===
> ** User error: {snmp_user_based_sm_mib,usmUserTable,[]} with set (table), returned: {'EXIT',{function_clause,[{snmp_misc,str_xor,[[],[30,210,149,239,237,30,4,15]]},{snmp_misc,str_xor,2},{snmp_user_based_sm_mib,set_key_change,4},{snmp_user_based_sm_mib,validate_set,3},{snmpa_set_lib,dbg_apply,3},{snmpa_set_lib,set_value_all_rows,4},{snmpa_set_lib,try_set,1},{snmpa_set,set_phase_two,2}]}}. Using genErr.
> 
> My naive eyes can't immediately see how
> snmp_user_based_sm_mib:extract_new_key/3 is supposed to deal with a
> KeyChange list that's much longer than the OldKey: the above error
> seems to happen because Delta ends up an empty list.  Hrm.

OldKey should also be of length 40.

> >> (*) The 5.4 version of "snmpusm" uses a different method for
> >> changing passwords, I think.  It appears to be using the "Own"
> >> columns in usmUserTable.
> 
> mb> But this doesn't work either, does it?
> 
> It actually does work, as long as the agent's config uses
> {multi_threaded, false} .

Ok, that means that I need to spend some more time in order to
understand this...  First of all, we'll have to write a test case for
our environment so it can be reproduced.  I won't have time during the
next few weeks though.


/martin




More information about the erlang-questions mailing list