[erlang-questions] Two SNMP questions: SHA auth + authPriv, authenticationFailure trap
Martin Bjorklund
mbj@REDACTED
Mon Apr 23 10:08:24 CEST 2007
Scott Lystig Fritchie <fritchie@REDACTED> wrote:
> >>>>> "mb" == Martin Bjorklund <mbj@REDACTED> writes:
>
> mb> So validate_key_change/4 should do the
> mb> corresponding validation. Thus, the code should be something
> mb> like:
>
> That yields a different error, this during the set phase.
>
> % snmpusm -v 3 -l authPriv -u superuser-sha -a SHA -A shaphrase \
> -x DES privphrase localhost:55161 \
> -Cx passwd privphrase privpriv
>
> =ERROR REPORT==== 23-Apr-2007::01:27:17 ===
> ** User error: {snmp_user_based_sm_mib,usmUserTable,[]} with set (table), returned: {'EXIT',{function_clause,[{snmp_misc,str_xor,[[],[30,210,149,239,237,30,4,15]]},{snmp_misc,str_xor,2},{snmp_user_based_sm_mib,set_key_change,4},{snmp_user_based_sm_mib,validate_set,3},{snmpa_set_lib,dbg_apply,3},{snmpa_set_lib,set_value_all_rows,4},{snmpa_set_lib,try_set,1},{snmpa_set,set_phase_two,2}]}}. Using genErr.
>
> My naive eyes can't immediately see how
> snmp_user_based_sm_mib:extract_new_key/3 is supposed to deal with a
> KeyChange list that's much longer than the OldKey: the above error
> seems to happen because Delta ends up an empty list. Hrm.
OldKey should also be of length 40.
> >> (*) The 5.4 version of "snmpusm" uses a different method for
> >> changing passwords, I think. It appears to be using the "Own"
> >> columns in usmUserTable.
>
> mb> But this doesn't work either, does it?
>
> It actually does work, as long as the agent's config uses
> {multi_threaded, false} .
Ok, that means that I need to spend some more time in order to
understand this... First of all, we'll have to write a test case for
our environment so it can be reproduced. I won't have time during the
next few weeks though.
/martin
More information about the erlang-questions
mailing list