Ethereal-dev: Re: [ethereal-dev] packet-snmp.c patch to handle zero length context names

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Guy Harris <gharris@xxxxxxxxxxxx>
Date: Mon, 3 Jul 2000 13:22:00 -0700
On Mon, Jul 03, 2000 at 10:22:41AM +0200, Juergen Schoenwaelder wrote:
> Guy> 	the msgSecurityParameters field in SNMPv3 packets using the
> Guy> SNMP V1 or SNMP V2C security model (RFC 2261 says a security
> Guy> model of 1 is "reserved for SNMPv1" and 2 is "reserved for
> Guy> SNMPv2c"; are those models documented anywhere, or are they still
> Guy> reserved?);
> 
> There is some confusion here. The community based security model is
> not used with the SNMPv3 message format. 

...but the SNMP dissector checks for SNMP_SEC_V1 and SNMP_SEC_V2C in the
code after

	case SNMP_VERSION_3:

that checks the SNMP version number in the SNMP packet, which I infer
means either that

	1) the values "reserved for SNMPv1" and "reserved for SNMPv2c"
	   *are* used with the SNMPv3 message format, and the format of
	   the msgSecurityParameters field in SNMPv3 packets when those
	   "reserved" values are used is documented somewhere

or

	2) the SNMPv3 dissection code should just treat the
	   msgSecurityParameters field as opaque hex data.

Section 5.2.1 says of RFC 2576 says:

	5.2.1.  Processing An Incoming Request

	   In RFC1157 [2], section 4.1, item (3) for an entity which receives a
	   message, states that various parameters are passed to the 'desired
	   authentication scheme.'  The desired authentication scheme in this
	   case is the SNMPv1 Community-Based Security Model, which will be
	   called using the processIncomingMsg ASI.  The parameters passed to
	   this ASI are:

	      -  The messageProcessingModel, which will be 0 (or 1 for SNMPv2c).

	      -  The maxMessageSize, which should be the maximum size of a
	         message that the receiving entity can generate (since there is
	         no such value in the received message).

	      -  The securityParameters, which consist of the community string
	         and the message's source and destination transport domains and
	         addresses.

	      -  The securityModel, which will be 1 (or 2 for SNMPv2c).

	      -  The securityLevel, which will be noAuthNoPriv.

	      -  The wholeMsg and wholeMsgLength.

although I don't know whether that section is discussing the way
incoming SNMPv1 or v2c packets are to be processed by a server (which
would suggest that 2) is true), or is also discussing the way in which
the "reserved for SNMPv1" and "reserved for SNMPv2c" values are to be
handled in incoming SNMPv3 packets (which would suggest that 1) is true
and that the msgSecurityParameters field contains the community string -
if "the message's source and destination transport domains and
addresses" are just obtained from the transport-layer and network-layer
headers for the packet).