From 34d7f3932e0264410c455ae9d50fac872e010536 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 19 2015 15:41:33 +0000 Subject: import net-snmp-5.7.2-24.el7 --- diff --git a/SOURCES/net-snmp-5.5-hrStorage-31bits.patch b/SOURCES/net-snmp-5.5-hrStorage-31bits.patch new file mode 100644 index 0000000..e0cc436 --- /dev/null +++ b/SOURCES/net-snmp-5.5-hrStorage-31bits.patch @@ -0,0 +1,42 @@ +1104293 - net-snmp OID 32 bit integer returning number larger than 32 bit signed value +1192221 - net-snmp OID 32 bit integer returning number larger than 32 bit signed value + +commit 6a421248afab56035066355727380781d515c545 +Author: Jan Safranek +Date: Mon Jan 26 10:40:10 2015 +0100 + + Fix 32 bit integeres in hrStorageTable. + + RFC says the integers are de-facto 31 bits: 1..2147483647. + +diff --git a/agent/mibgroup/host/hrh_storage.c b/agent/mibgroup/host/hrh_storage.c +index ca2f854..96b7198 100644 +--- a/agent/mibgroup/host/hrh_storage.c ++++ b/agent/mibgroup/host/hrh_storage.c +@@ -421,7 +421,7 @@ really_try_next: + if (store_idx > NETSNMP_MEM_TYPE_MAX) { + if (netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, + NETSNMP_DS_AGENT_REALSTORAGEUNITS)) +- long_return = HRFS_entry->units & 0xffffffff; ++ long_return = HRFS_entry->units & 0x7fffffff; + else + long_return = HRFS_entry->units_32; + } else { +@@ -434,7 +434,7 @@ really_try_next: + if (store_idx > NETSNMP_MEM_TYPE_MAX) { + if (netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, + NETSNMP_DS_AGENT_REALSTORAGEUNITS)) +- long_return = HRFS_entry->size & 0xffffffff; ++ long_return = HRFS_entry->size & 0x7fffffff; + else + long_return = HRFS_entry->size_32; + } else { +@@ -447,7 +447,7 @@ really_try_next: + if (store_idx > NETSNMP_MEM_TYPE_MAX) { + if (netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, + NETSNMP_DS_AGENT_REALSTORAGEUNITS)) +- long_return = HRFS_entry->used & 0xffffffff; ++ long_return = HRFS_entry->used & 0x7fffffff; + else + long_return = HRFS_entry->used_32; + } else { diff --git a/SOURCES/net-snmp-5.5-sensors-duplicate.patch b/SOURCES/net-snmp-5.5-sensors-duplicate.patch new file mode 100644 index 0000000..6c9484a --- /dev/null +++ b/SOURCES/net-snmp-5.5-sensors-duplicate.patch @@ -0,0 +1,56 @@ +Bug 967871 - net-snmp does not display correct lm_sensors sensor data / missing CPU cores + +commit e886f5eb9701851ad6948583156bfd59fcb6110f +Author: Jan Safranek +Date: Wed Feb 25 09:30:24 2015 +0100 + + CHANGES: snmpd: fixed lm_sensors not reporting sensors with duplicate names. + + Some systems report two or more sensors with the same name. + This patch adds support for reporting of all these duplicate + sensor names. + + Before the patch, these sensors were reported: + > lmTempSensorsDevice.2 = STRING: Core 0 + + After the patch, new sensors appear with a prefix: + > lmTempSensorsDevice.2 = STRING: Core 0 + > lmTempSensorsDevice.6 = STRING: coretemp-isa-0004:Core 0 + + This approach keeps backward compatibility (applications used to 'Core 0' + will keep workig, while it adds new sensorscto the table (with a prefix). + +diff --git a/agent/mibgroup/hardware/sensors/lmsensors_v3.c b/agent/mibgroup/hardware/sensors/lmsensors_v3.c +index 60af9e6..1de7c68 100644 +--- a/agent/mibgroup/hardware/sensors/lmsensors_v3.c ++++ b/agent/mibgroup/hardware/sensors/lmsensors_v3.c +@@ -86,7 +86,28 @@ netsnmp_sensor_arch_load(netsnmp_cache *cache, void *vp) { + * (inserting it in the appropriate sub-containers) + */ + sp = sensor_by_name( label, type ); +- if ( sp ) { ++ if ( sp && sp->flags & NETSNMP_SENSOR_FLAG_ACTIVE) { ++ /* ++ * Some HW does not have unique sensors labels. ++ * We already have a sensor with this label, thus ++ * try to create unique label by adding chip-name prefix ++ * and try again. ++ */ ++ char chip_name[64]; ++ char new_label[128]; ++ int ret; ++ DEBUGMSGTL(("sensors:arch:detail", "Already know label %s, adding prefix\n", label)); ++ ret = sensors_snprintf_chip_name(chip_name, sizeof(chip_name), chip); ++ if (ret < 0) { ++ DEBUGMSGTL(("sensors:arch:detail", "Can't get chip name for label %s\n", label)); ++ free(label); ++ continue; ++ } ++ snprintf(new_label, sizeof(new_label), "%s:%s", chip_name, label); ++ DEBUGMSGTL(("sensors:arch:detail", "New label: %s\n", new_label)); ++ sp = sensor_by_name( new_label, type ); ++ } ++ if (sp) { + sp->value = val; + sp->flags|= NETSNMP_SENSOR_FLAG_ACTIVE; + } diff --git a/SOURCES/net-snmp-5.5-storageUseNFS.patch b/SOURCES/net-snmp-5.5-storageUseNFS.patch new file mode 100644 index 0000000..b620121 --- /dev/null +++ b/SOURCES/net-snmp-5.5-storageUseNFS.patch @@ -0,0 +1,22 @@ +1125793 - [RHEL6] net-snmp "storageUseNFS 2" option does not report NFS mount as "Fixed Disks" +1193006 - net-snmp "storageUseNFS 2" option does not report NFS mount as "Fixed Disks" + +commit e69e09f8c316cc1bf2456cdc837c487ba3b03837 +Author: Jan Safranek +Date: Mon Jan 26 13:29:49 2015 +0100 + + Fixed storageUseNFS functionality in hrStorageTable. + +diff --git a/agent/mibgroup/host/hrh_storage.c b/agent/mibgroup/host/hrh_storage.c +index 96b7198..61ead75 100644 +--- a/agent/mibgroup/host/hrh_storage.c ++++ b/agent/mibgroup/host/hrh_storage.c +@@ -384,7 +384,7 @@ really_try_next: + return (u_char *) & long_return; + case HRSTORE_TYPE: + if (store_idx > NETSNMP_MEM_TYPE_MAX) +- if (HRFS_entry->flags & NETSNMP_FS_FLAG_REMOTE ) ++ if (HRFS_entry->flags & NETSNMP_FS_FLAG_REMOTE && storageUseNFS == 1) + storage_type_id[storage_type_len - 1] = 10; /* Network Disk */ + else if (HRFS_entry->flags & NETSNMP_FS_FLAG_REMOVE ) + storage_type_id[storage_type_len - 1] = 5; /* Removable Disk */ diff --git a/SOURCES/net-snmp-5.5-trap-forward-reqid.patch b/SOURCES/net-snmp-5.5-trap-forward-reqid.patch new file mode 100644 index 0000000..1e0a42a --- /dev/null +++ b/SOURCES/net-snmp-5.5-trap-forward-reqid.patch @@ -0,0 +1,32 @@ +Bug 1146948 - snmptrapd "Forward failed" when SNMPv3 requestid=0 +Bug 1192511 - snmptrapd "Forward failed" when SNMPv3 requestid=0 + +commit 148f2de48e1cd6ba8ebdab8591424df64ab967a3 +Author: Jan Safranek +Date: Thu Feb 5 14:01:44 2015 +0100 + + CHANGES: snmptrapd: Correctly forward traps with Request-ID '0'. + + Request-ID of forwarded traps is taken from the incoming trap and it can be zero. + We should not report error in this case. + +diff --git a/apps/snmptrapd_handlers.c b/apps/snmptrapd_handlers.c +index 37ca5ab..74cc62e 100644 +--- a/apps/snmptrapd_handlers.c ++++ b/apps/snmptrapd_handlers.c +@@ -1013,9 +1013,12 @@ int forward_handler( netsnmp_pdu *pdu, + pdu2->transport_data = NULL; + pdu2->transport_data_length = 0; + } +- if (!snmp_send( ss, pdu2 )) { +- snmp_sess_perror("Forward failed", ss); +- snmp_free_pdu(pdu2); ++ ++ ss->s_snmp_errno = SNMPERR_SUCCESS; ++ if (!snmp_send( ss, pdu2 ) && ++ ss->s_snmp_errno != SNMPERR_SUCCESS) { ++ snmp_sess_perror("Forward failed", ss); ++ snmp_free_pdu(pdu2); + } + snmp_close( ss ); + return NETSNMPTRAPD_HANDLER_OK; diff --git a/SOURCES/net-snmp-5.7.2-client-write-var.patch b/SOURCES/net-snmp-5.7.2-client-write-var.patch new file mode 100644 index 0000000..fe3bb41 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-client-write-var.patch @@ -0,0 +1,128 @@ +1151310 - snmptrap can't create (or write to) /var/lib/net-snmp/snmpapp.conf if isn't run under root +Backported from: + +commit 53ee5f1d240ac90adae935538bdc2ca13a8caa32 +Author: Jan Safranek +Date: Wed Feb 18 16:29:16 2015 +0100 + + CHANGES: snmplib: Fixed reporting 'error writing to /var/xxx/snmpapp.conf'. + + When a client utility, such as snmptrap, tries to write to its persistent + configuration file (/var/net-snmp/snmpapp.conf in Fedora), do not report + any error when open() fails. The tool is typically run by non-root, who + cannot write to /var and the error just confuses users. + + And when doing it, make sure that "snmpapp" string is defined only on one + place, just in case. + +diff -up net-snmp-5.7.2/agent/mibgroup/disman/expression/expValueTable.c.test net-snmp-5.7.2/agent/mibgroup/disman/expression/expValueTable.c +--- net-snmp-5.7.2/agent/mibgroup/disman/expression/expValueTable.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/disman/expression/expValueTable.c 2015-06-18 14:06:47.871027563 +0200 +@@ -127,7 +127,7 @@ init_expValueTable(void) + REGISTER_MIB("expValueTable", + expValueTable_variables, variable2, + expValueTable_variables_oid); +- init_snmp("snmpapp"); ++ init_snmp(NETSNMP_APPLICATION_CONFIG_TYPE); + + /* + * Initialize a "session" that defines who we're going to talk to +diff -up net-snmp-5.7.2/apps/snmptranslate.c.test net-snmp-5.7.2/apps/snmptranslate.c +--- net-snmp-5.7.2/apps/snmptranslate.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/apps/snmptranslate.c 2015-06-18 14:06:47.872027568 +0200 +@@ -236,7 +236,7 @@ main(int argc, char *argv[]) + } + } + +- init_snmp("snmpapp"); ++ init_snmp(NETSNMP_APPLICATION_CONFIG_TYPE); + if (optind < argc) + current_name = argv[optind]; + +diff -up net-snmp-5.7.2/apps/snmptrap.c.test net-snmp-5.7.2/apps/snmptrap.c +--- net-snmp-5.7.2/apps/snmptrap.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/apps/snmptrap.c 2015-06-18 14:06:47.872027568 +0200 +@@ -386,7 +386,7 @@ main(int argc, char *argv[]) + snmp_free_pdu(response); + + snmp_close(ss); +- snmp_shutdown("snmpapp"); ++ snmp_shutdown(NETSNMP_APPLICATION_CONFIG_TYPE); + SOCK_CLEANUP; + return exitval; + } +diff -up net-snmp-5.7.2/include/net-snmp/library/read_config.h.test net-snmp-5.7.2/include/net-snmp/library/read_config.h +--- net-snmp-5.7.2/include/net-snmp/library/read_config.h.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/include/net-snmp/library/read_config.h 2015-06-18 14:06:47.873027572 +0200 +@@ -15,6 +15,12 @@ extern "C" { + #define PREMIB_CONFIG 1 + #define EITHER_CONFIG 2 + ++/* ++ * Value of 'type' parameter of various snmp_config calls, ++ * used by Net-SNMP client utilities. ++ */ ++#define NETSNMP_APPLICATION_CONFIG_TYPE "snmpapp" ++ + #include + + /* +diff -up net-snmp-5.7.2/snmplib/read_config.c.test net-snmp-5.7.2/snmplib/read_config.c +--- net-snmp-5.7.2/snmplib/read_config.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/snmplib/read_config.c 2015-06-18 14:06:47.874027577 +0200 +@@ -1540,7 +1540,14 @@ read_config_store(const char *type, cons + DEBUGMSGTL(("read_config:store", "storing: %s\n", line)); + fclose(fout); + } else { +- snmp_log(LOG_ERR, "read_config_store open failure on %s\n", filep); ++ if (strcmp(NETSNMP_APPLICATION_CONFIG_TYPE, type) != 0) { ++ /* ++ * Ignore this error in client utilities, they can run with random ++ * UID/GID and typically cannot write to /var. Error message just ++ * confuses people. ++ */ ++ snmp_log(LOG_ERR, "read_config_store open failure on %s"); ++ } + } + #ifdef NETSNMP_PERSISTENT_MASK + umask(oldmask); +diff -up net-snmp-5.7.2/snmplib/snmp_parse_args.c.test net-snmp-5.7.2/snmplib/snmp_parse_args.c +--- net-snmp-5.7.2/snmplib/snmp_parse_args.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/snmplib/snmp_parse_args.c 2015-06-18 14:06:47.874027577 +0200 +@@ -250,7 +250,7 @@ netsnmp_parse_args(int argc, + break; + + case 'H': +- init_snmp("snmpapp"); ++ init_snmp(NETSNMP_APPLICATION_CONFIG_TYPE); + fprintf(stderr, "Configuration directives understood:\n"); + read_config_print_usage(" "); + return (NETSNMP_PARSE_ARGS_SUCCESS_EXIT); +@@ -640,7 +640,7 @@ netsnmp_parse_args(int argc, + /* + * read in MIB database and initialize the snmp library + */ +- init_snmp("snmpapp"); ++ init_snmp(NETSNMP_APPLICATION_CONFIG_TYPE); + + /* + * session default version +commit 653da2f955f88d7419363e6d31f2b5f0ffdc4f73 +Author: Jan Safranek +Date: Thu Feb 19 13:40:37 2015 +0100 + + Fixed missing printf argument from previous commit. + +diff --git a/snmplib/read_config.c b/snmplib/read_config.c +index 6157fc6..2972232 100644 +--- a/snmplib/read_config.c ++++ b/snmplib/read_config.c +@@ -1317,7 +1317,7 @@ read_config_store(const char *type, const char *line) + * UID/GID and typically cannot write to /var. Error message just + * confuses people. + */ +- snmp_log(LOG_ERR, "read_config_store open failure on %s"); ++ snmp_log(LOG_ERR, "read_config_store open failure on %s\n", filep); + } + } + #ifdef NETSNMP_PERSISTENT_MASK diff --git a/SOURCES/net-snmp-5.7.2-diskio-whitelist.patch b/SOURCES/net-snmp-5.7.2-diskio-whitelist.patch new file mode 100644 index 0000000..1ea62b2 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-diskio-whitelist.patch @@ -0,0 +1,427 @@ +1092308 - backport diskio device filtering + +Backported from: + +commit 5be210c90870ff6bab193d497d401b92c1d50db9 +Author: Jan Safranek +Date: Thu Mar 6 13:26:30 2014 +0100 + + CHANGES: snmpd: add new snmpd.conf option 'diskio' to monitor only selected disks. + + On machines with thousands of block devices, parsing /proc/diskstats is really + slow. The new option enables monitoring of selected devices, saving lot of CPU + time. + +diff -up net-snmp-5.7.2/agent/mibgroup/ucd-snmp/diskio.c.test net-snmp-5.7.2/agent/mibgroup/ucd-snmp/diskio.c +--- net-snmp-5.7.2/agent/mibgroup/ucd-snmp/diskio.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/ucd-snmp/diskio.c 2015-06-18 15:14:57.164891695 +0200 +@@ -27,11 +27,18 @@ + + #include + ++#if defined (linux) ++/* for stat() */ ++#include ++#include ++#endif ++ + #include + #include + + #include "util_funcs/header_simple_table.h" + ++#include "struct.h" + /* + * include our .h file + */ +@@ -95,6 +102,66 @@ static int ps_numdisks; /* number of d + #if defined (linux) + #define DISKIO_SAMPLE_INTERVAL 5 + void devla_getstats(unsigned int regno, void * dummy); ++static void diskio_parse_config_disks(const char *token, char *cptr); ++static void diskio_free_config(void); ++static int get_sysfs_stats(void); ++ ++struct diskiopart { ++ char syspath[STRMAX]; /* full stat path */ ++ char name[STRMAX]; /* name as provided */ ++ char shortname[STRMAX]; /* short name for output */ ++ int major; ++ int minor; ++}; ++ ++static int numdisks; ++static int maxdisks = 0; ++static struct diskiopart *disks; ++ ++#define DISK_INCR 2 ++ ++typedef struct linux_diskio ++{ ++ int major; ++ int minor; ++ unsigned long blocks; ++ char name[256]; ++ unsigned long rio; ++ unsigned long rmerge; ++ unsigned long rsect; ++ unsigned long ruse; ++ unsigned long wio; ++ unsigned long wmerge; ++ unsigned long wsect; ++ unsigned long wuse; ++ unsigned long running; ++ unsigned long use; ++ unsigned long aveq; ++} linux_diskio; ++ ++/* disk load averages */ ++typedef struct linux_diskio_la ++{ ++ unsigned long use_prev; ++ double la1, la5, la15; ++} linux_diskio_la; ++ ++typedef struct linux_diskio_header ++{ ++ linux_diskio* indices; ++ int length; ++ int alloc; ++} linux_diskio_header; ++ ++typedef struct linux_diskio_la_header ++{ ++ linux_diskio_la * indices; ++ int length; ++} linux_diskio_la_header; ++ ++static linux_diskio_header head; ++static linux_diskio_la_header la_head; ++ + #endif /* linux */ + + #if defined (darwin) +@@ -228,6 +295,8 @@ init_diskio(void) + devla_getstats(0, NULL); + /* collect LA data regularly */ + snmp_alarm_register(DISKIO_SAMPLE_INTERVAL, SA_REPEAT, devla_getstats, NULL); ++ snmpd_register_config_handler("diskio", diskio_parse_config_disks, ++ diskio_free_config, "path | device"); + #endif + + +@@ -870,49 +939,134 @@ var_diskio(struct variable * vp, + + #ifdef linux + +-#define DISK_INCR 2 +- +-typedef struct linux_diskio ++static void ++diskio_free_config() ++ { ++ if (la_head.length) { ++ /* reset any usage stats, we may get different list of devices from config */ ++ free(la_head.indices); ++ la_head.length = 0; ++ la_head.indices = NULL; ++ } ++ if (numdisks > 0) { ++ int i; ++ head.length = 0; ++ numdisks = 0; ++ for (i = 0; i < maxdisks; i++) { /* init/erase disk db */ ++ disks[i].syspath[0] = 0; ++ disks[i].name[0] = 0; ++ disks[i].shortname[0] = 0; ++ disks[i].major = -1; ++ disks[i].minor = -1; ++ } ++ } ++} ++static int ++disk_exists(char *path) + { +- int major; +- int minor; +- unsigned long blocks; +- char name[256]; +- unsigned long rio; +- unsigned long rmerge; +- unsigned long rsect; +- unsigned long ruse; +- unsigned long wio; +- unsigned long wmerge; +- unsigned long wsect; +- unsigned long wuse; +- unsigned long running; +- unsigned long use; +- unsigned long aveq; +-} linux_diskio; ++ int index; ++ for(index = 0; index < numdisks; index++) { ++ DEBUGMSGTL(("ucd-snmp/disk", "Checking for %s. Found %s at %d\n", path, disks[index].syspath, index)); ++ if(strcmp(path, disks[index].syspath) == 0) { ++ return index; ++ } ++ } ++ return -1; ++} + +-/* disk load averages */ +-typedef struct linux_diskio_la +-{ +- unsigned long use_prev; +- double la1, la5, la15; +-} linux_diskio_la; ++static void ++add_device(char *path, int addNewDisks ) ++ { ++ int index; ++ char device[STRMAX]; ++ char syspath[STRMAX]; ++ char *basename; ++ struct stat stbuf; + +-typedef struct linux_diskio_header +-{ +- linux_diskio* indices; +- int length; +- int alloc; +-} linux_diskio_header; ++ if (!path || !strcmp(path, "none")) { ++ DEBUGMSGTL(("ucd-snmp/diskio", "Skipping null path device (%s)\n", path)); ++ return; ++ } ++ if (numdisks == maxdisks) { ++ if (maxdisks == 0) { ++ maxdisks = 50; ++ disks = malloc(maxdisks * sizeof(struct diskiopart)); ++ if (!disks) { ++ config_perror("malloc failed for new disko allocation."); ++ netsnmp_config_error("\tignoring: %s", path); ++ return; ++ } ++ memset(disks, 0, maxdisks * sizeof(struct diskiopart)); ++ } else { ++ maxdisks *= 2; ++ disks = realloc(disks, maxdisks * sizeof(struct diskiopart)); ++ if (!disks) { ++ config_perror("malloc failed for new disko allocation."); ++ netsnmp_config_error("\tignoring: %s", path); ++ return; ++ } ++ memset(disks + maxdisks/2, 0, maxdisks/2 * sizeof(struct diskiopart)); ++ } ++ } + +-typedef struct linux_diskio_la_header +-{ +- linux_diskio_la * indices; +- int length; +-} linux_diskio_la_header; ++ /* first find the path for this device */ ++ device[0]='\0'; ++ if ( *path != '/' ) { ++ strlcpy(device, "/dev/", STRMAX - 1 ); ++ } ++ strncat(device, path, STRMAX - 1 ); ++ ++ /* check for /dev existence */ ++ if ( stat(device,&stbuf)!=0 ) { /* ENOENT */ ++ config_perror("diskio path does not exist."); ++ netsnmp_config_error("\tignoring: %s", path); ++ return; ++ } ++ else if ( ! S_ISBLK(stbuf.st_mode) ) { /* ENODEV */ ++ config_perror("diskio path is not a device."); ++ netsnmp_config_error("\tignoring: %s", path); ++ return; ++ } + +-static linux_diskio_header head; +-static linux_diskio_la_header la_head; ++ /* either came with a slash or we just put one there, so the following always works */ ++ basename = strrchr(device, '/' )+1; ++ /* construct a sys path using the device numbers to avoid having to disambiguate the various text forms */ ++ snprintf( syspath, STRMAX - 1, "/sys/dev/block/%d:%d/stat", major(stbuf.st_rdev), minor(stbuf.st_rdev) ); ++ DEBUGMSGTL(("ucd-snmp/diskio", " monitoring sys path (%s)\n", syspath)); ++ ++ index = disk_exists(syspath); ++ ++ if(index == -1 && addNewDisks){ ++ /* The following buffers are cleared above, no need to add '\0' */ ++ strlcpy(disks[numdisks].syspath, syspath, sizeof(disks[numdisks].syspath) - 1); ++ strlcpy(disks[numdisks].name, path, sizeof(disks[numdisks].name) - 1); ++ strlcpy(disks[numdisks].shortname, basename, sizeof(disks[numdisks].shortname) - 1); ++ disks[numdisks].major = major(stbuf.st_rdev); ++ disks[numdisks].minor = minor(stbuf.st_rdev); ++ numdisks++; ++ } ++} ++ ++static void ++diskio_parse_config_disks(const char *token, char *cptr) ++ { ++#if HAVE_FSTAB_H || HAVE_GETMNTENT || HAVE_STATFS ++ char path[STRMAX]; ++ ++ ++ /* ++ * read disk path (eg, /1 or /usr) ++ */ ++ copy_nword(cptr, path, sizeof(path)); ++ ++ /* TODO: we may include regular expressions in future */ ++ /* ++ * check if the disk already exists, if so then modify its ++ * parameters. if it does not exist then add it ++ */ ++ add_device(path, 1); ++#endif /* HAVE_FSTAB_H || HAVE_GETMNTENT || HAVE_STATFS */ ++} + + void devla_getstats(unsigned int regno, void * dummy) { + +@@ -976,6 +1130,47 @@ int is_excluded(const char *name) + return 0; + } + ++static int get_sysfs_stats() ++{ ++ int i; ++ char buffer[1024]; ++ ++ head.length = 0; ++ ++ for(i = 0; i < numdisks; i++) { ++ FILE *f = fopen(disks[i].syspath, "r"); ++ if ( f == NULL ) { ++ DEBUGMSGTL(("ucd-snmp/diskio", "Can't open %s, skipping", disks[i].syspath)); ++ continue; ++ } ++ if (fgets(buffer, sizeof(buffer), f) == NULL) { ++ DEBUGMSGTL(("ucd-snmp/diskio", "Can't read %s, skipping", disks[i].syspath)); ++ fclose(f); ++ continue; ++ } ++ ++ linux_diskio* pTemp; ++ if (head.length == head.alloc) { ++ head.alloc += DISK_INCR; ++ head.indices = (linux_diskio *) realloc(head.indices, head.alloc*sizeof(linux_diskio)); ++ } ++ pTemp = &head.indices[head.length]; ++ pTemp->major = disks[i].major; ++ pTemp->minor = disks[i].minor; ++ strlcpy( pTemp->name, disks[i].shortname, sizeof(pTemp->name) - 1 ); ++ if (sscanf (buffer, "%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu\n", ++ &pTemp->rio, &pTemp->rmerge, &pTemp->rsect, &pTemp->ruse, ++ &pTemp->wio, &pTemp->wmerge, &pTemp->wsect, &pTemp->wuse, ++ &pTemp->running, &pTemp->use, &pTemp->aveq) != 11) ++ sscanf (buffer, "%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu%*[ \n\t]%lu\n", ++ &pTemp->rio, &pTemp->rsect, ++ &pTemp->wio, &pTemp->wsect); ++ head.length++; ++ fclose(f); ++ } ++ return 0; ++} ++ + static int + getstats(void) + { +@@ -995,6 +1189,14 @@ getstats(void) + + memset(head.indices, 0, head.alloc*sizeof(linux_diskio)); + ++ if (numdisks>0) { ++ /* 'diskio' configuration is used - go through the whitelist only and ++ * read /sys/dev/block/xxx */ ++ cache_time = now; ++ return get_sysfs_stats(); ++ } ++ /* 'diskio' configuration is not used - report all devices */ ++ + /* Is this a 2.6 kernel? */ + parts = fopen("/proc/diskstats", "r"); + if (parts) { +@@ -1111,13 +1313,22 @@ var_diskio(struct variable * vp, + long_ret = head.indices[indx].wio & 0xffffffff; + return (u_char *) & long_ret; + case DISKIO_LA1: +- long_ret = la_head.indices[indx].la1; ++ if (la_head.length > indx) ++ long_ret = la_head.indices[indx].la1; ++ else ++ long_ret = 0; + return (u_char *) & long_ret; + case DISKIO_LA5: +- long_ret = la_head.indices[indx].la5; ++ if (la_head.length > indx) ++ long_ret = la_head.indices[indx].la5; ++ else ++ long_ret = 0; + return (u_char *) & long_ret; + case DISKIO_LA15: +- long_ret = la_head.indices[indx].la15; ++ if (la_head.length > indx) ++ long_ret = la_head.indices[indx].la15; ++ else ++ long_ret = 0; + return (u_char *) & long_ret; + case DISKIO_NREADX: + *var_len = sizeof(struct counter64); +diff -up net-snmp-5.7.2/man/snmpd.conf.5.def.test net-snmp-5.7.2/man/snmpd.conf.5.def +--- net-snmp-5.7.2/man/snmpd.conf.5.def.test 2015-06-18 15:13:31.249470179 +0200 ++++ net-snmp-5.7.2/man/snmpd.conf.5.def 2015-06-18 15:16:45.481423115 +0200 +@@ -715,6 +715,15 @@ e.g. "loop0" + .IP "diskio_exclude_ram yes" + Excludes all LInux ramdisk block devices, whose names start with "ram", e.g. + "ram0" ++.PP ++On Linux systems, it is possible to report only explicitly whitelisted ++devices. It may take significant amount of time to process diskIOTable data ++on systems with tens of thousands of block devices and whitelisting only the ++important ones avoids large CPU consumption. ++.IP "diskio " ++Enables whitelisting of devices and adds the device to the whitelist. Only ++explicitly whitelisted devices will be reported. This option may be used ++multiple times. + .SS System Load Monitoring + This requires that the agent was built with support for either the + \fIucd\-snmp/loadave\fR module or the \fIucd\-snmp/memory\fR module + + +commit 59f9f3387dab4238114804a0be9e4c15667d868c +Author: Jan Safranek +Date: Fri Jun 19 09:29:06 2015 +0200 + + Fixed memory leak on realloc failure. + + Found by Coverity. + +diff --git a/agent/mibgroup/ucd-snmp/diskio.c b/agent/mibgroup/ucd-snmp/diskio.c +index f04d5c5..58163d8 100644 +--- a/agent/mibgroup/ucd-snmp/diskio.c ++++ b/agent/mibgroup/ucd-snmp/diskio.c +@@ -405,13 +405,17 @@ add_device(char *path, int addNewDisks ) + } + memset(disks, 0, maxdisks * sizeof(struct diskiopart)); + } else { ++ struct diskiopart *newdisks; + maxdisks *= 2; +- disks = realloc(disks, maxdisks * sizeof(struct diskiopart)); +- if (!disks) { ++ newdisks = realloc(disks, maxdisks * sizeof(struct diskiopart)); ++ if (!newdisks) { ++ free(disks); ++ disks = NULL; + config_perror("malloc failed for new disko allocation."); + netsnmp_config_error("\tignoring: %s", path); + return; + } ++ disks = newdisks; + memset(disks + maxdisks/2, 0, maxdisks/2 * sizeof(struct diskiopart)); + } + } diff --git a/SOURCES/net-snmp-5.7.2-extend-close.patch b/SOURCES/net-snmp-5.7.2-extend-close.patch new file mode 100644 index 0000000..2d93e1d --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-extend-close.patch @@ -0,0 +1,181 @@ +Bug 1252048 - net-snmp snmpd fork() overhead [fix available] + +Backported from: + +commit f0e87f4918ffc41e03f707e9670ea422cd154a9b +Author: Bart Van Assche +Date: Sat Jan 31 12:05:24 2015 +0100 + + CHANGES: snmpd: BUG: 2596: Reduce fork() overhead + + Avoid that the close() loop that is executed after a fork() delays + the pass/extend API on systems with a large maximum number of files + by reducing the number of iterations of this loop on Linux systems. + + See also http://sourceforge.net/p/net-snmp/bugs/2596. + + Reported-by: andymf + + +diff -up net-snmp-5.7.2/agent/mibgroup/util_funcs.c.test net-snmp-5.7.2/agent/mibgroup/util_funcs.c +--- net-snmp-5.7.2/agent/mibgroup/util_funcs.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/util_funcs.c 2015-08-18 10:15:18.888767023 +0200 +@@ -480,8 +480,7 @@ get_exec_pipes(char *cmd, int *fdIn, int + /* + * close all non-standard open file descriptors + */ +- for (cnt = getdtablesize() - 1; cnt >= 2; --cnt) +- (void) close(cnt); ++ netsnmp_close_fds(1); + (void) dup(1); /* stderr */ + + for (cnt = 1, cptr1 = cmd, cptr2 = argvs; *cptr1 != 0; +diff -up net-snmp-5.7.2/agent/mibgroup/utilities/execute.c.test net-snmp-5.7.2/agent/mibgroup/utilities/execute.c +--- net-snmp-5.7.2/agent/mibgroup/utilities/execute.c.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/utilities/execute.c 2015-08-18 10:15:18.889767028 +0200 +@@ -22,6 +22,9 @@ + #if HAVE_FCNTL_H + #include + #endif ++#if HAVE_DIRENT_H ++#include ++#endif + #if HAVE_SYS_WAIT_H + #include + #endif +@@ -207,8 +210,8 @@ run_exec_command( char *command, char *i + close(opipe[0]); + close(2); + dup(1); +- for (i = getdtablesize()-1; i>2; i--) +- close(i); ++ ++ netsnmp_close_fds(2); + + /* + * Set up the argv array and execute it +@@ -406,3 +409,30 @@ run_exec_command( char *command, char *i + return run_shell_command( command, input, output, out_len ); + #endif + } ++ ++/** ++ * Close all file descriptors larger than @fd. ++ */ ++void netsnmp_close_fds(int fd) ++{ ++#if defined(HAVE_FORK) ++ DIR *dir; ++ struct dirent *ent; ++ int i, largest_fd = -1; ++ ++ if ((dir = opendir("/proc/self/fd"))) { ++ while ((ent = readdir(dir))) { ++ if (sscanf(ent->d_name, "%d", &i) == 1) { ++ if (i > largest_fd) ++ largest_fd = i; ++ } ++ } ++ closedir(dir); ++ } else { ++ largest_fd = getdtablesize() - 1; ++ } ++ ++ for (i = largest_fd; i > fd && i > 0; i--) ++ close(i); ++#endif ++} +diff -up net-snmp-5.7.2/agent/mibgroup/utilities/execute.h.test net-snmp-5.7.2/agent/mibgroup/utilities/execute.h +--- net-snmp-5.7.2/agent/mibgroup/utilities/execute.h.test 2012-10-10 00:28:58.000000000 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/utilities/execute.h 2015-08-18 10:15:18.889767028 +0200 +@@ -3,6 +3,7 @@ + + config_belongs_in(agent_module) + ++void netsnmp_close_fds(int fd); + int run_shell_command(char *command, char *input, + char *output, int *out_len); + int run_exec_command( char *command, char *input, +diff -up net-snmp-5.7.2/agent/snmpd.c.test net-snmp-5.7.2/agent/snmpd.c +--- net-snmp-5.7.2/agent/snmpd.c.test 2015-08-18 10:15:08.450714809 +0200 ++++ net-snmp-5.7.2/agent/snmpd.c 2015-08-18 10:17:31.579430763 +0200 +@@ -143,6 +143,7 @@ typedef long fd_mask; + #include + #include + ++#include "utilities/execute.h" /* netsnmp_close_fds() */ + #include "snmpd.h" + + #include +@@ -451,7 +452,6 @@ main(int argc, char *argv[]) + FILE *PID; + #endif + +-#ifndef WIN32 + #ifndef NETSNMP_NO_SYSYSTEMD + /* check if systemd has sockets for us and don't close them */ + prepared_sockets = netsnmp_sd_listen_fds(0); +@@ -462,11 +462,8 @@ main(int argc, char *argv[]) + * inherited from the shell. + */ + if (!prepared_sockets) { +- for (i = getdtablesize() - 1; i > 2; --i) { +- (void) close(i); +- } ++ netsnmp_close_fds(2); + } +-#endif /* #WIN32 */ + + /* + * register signals ASAP to prevent default action (usually core) +diff -up net-snmp-5.7.2/apps/snmptrapd.c.test net-snmp-5.7.2/apps/snmptrapd.c +--- net-snmp-5.7.2/apps/snmptrapd.c.test 2015-08-18 10:15:08.450714809 +0200 ++++ net-snmp-5.7.2/apps/snmptrapd.c 2015-08-18 10:18:15.454650235 +0200 +@@ -97,6 +97,7 @@ SOFTWARE. + #include + #include + #include ++#include "utilities/execute.h" /* netsnmp_close_fds() */ + #include "snmptrapd_handlers.h" + #include "snmptrapd_log.h" + #include "snmptrapd_auth.h" +@@ -662,7 +663,6 @@ main(int argc, char *argv[]) + int prepared_sockets = 0; + + +-#ifndef WIN32 + #ifndef NETSNMP_NO_SYSTEMD + /* check if systemd has sockets for us and don't close them */ + prepared_sockets = netsnmp_sd_listen_fds(0); +@@ -672,11 +672,8 @@ main(int argc, char *argv[]) + * inherited from the shell. + */ + if (!prepared_sockets) { +- for (i = getdtablesize() - 1; i > 2; --i) { +- (void) close(i); +- } ++ netsnmp_close_fds(2); + } +-#endif /* #WIN32 */ + + #ifdef SIGTERM + signal(SIGTERM, term_handler); +@@ -1382,18 +1379,6 @@ trapd_update_config(void) + read_configs(); + } + +- +-#if !defined(HAVE_GETDTABLESIZE) && !defined(WIN32) +-#include +-int +-getdtablesize(void) +-{ +- struct rlimit rl; +- getrlimit(RLIMIT_NOFILE, &rl); +- return (rl.rlim_cur); +-} +-#endif +- + /* + * Windows Service Related functions + */ diff --git a/SOURCES/net-snmp-5.7.2-extend-reload.patch b/SOURCES/net-snmp-5.7.2-extend-reload.patch new file mode 100644 index 0000000..e5211cb --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-extend-reload.patch @@ -0,0 +1,54 @@ +1228893 - snmpd segfaults on reload with multiple 'exec' entry + +commit 54290bede338164ca65a3eed224fa5040d7dd857 +Author: Niels Baggesen +Date: Fri Oct 26 07:50:11 2012 +0200 + + Better cleanup of "exec" config to avoid crash during reload of config + +diff --git a/agent/mibgroup/agent/extend.c b/agent/mibgroup/agent/extend.c +index 68a11e2..9cb641c 100644 +--- a/agent/mibgroup/agent/extend.c ++++ b/agent/mibgroup/agent/extend.c +@@ -34,7 +34,7 @@ typedef struct extend_registration_block_s { + size_t oid_len; + long num_entries; + netsnmp_extend *ehead; +- netsnmp_handler_registration *reg[3]; ++ netsnmp_handler_registration *reg[4]; + struct extend_registration_block_s *next; + } extend_registration_block; + extend_registration_block *ereg_head = NULL; +@@ -222,10 +222,13 @@ _register_extend( oid *base, size_t len ) + rc = netsnmp_register_watched_scalar2( reg, winfo ); + if (rc != SNMPERR_SUCCESS) + goto bail; ++ eptr->reg[3] = reg; + + return eptr; + + bail: ++ if (eptr->reg[3]) ++ netsnmp_unregister_handler(eptr->reg[3]); + if (eptr->reg[2]) + netsnmp_unregister_handler(eptr->reg[2]); + if (eptr->reg[1]) +@@ -267,6 +270,7 @@ extend_clear_callback(int majorID, int minorID, + netsnmp_unregister_handler( eptr->reg[0] ); + netsnmp_unregister_handler( eptr->reg[1] ); + netsnmp_unregister_handler( eptr->reg[2] ); ++ netsnmp_unregister_handler( eptr->reg[3] ); + SNMP_FREE(eptr); + } + ereg_head = NULL; +@@ -550,6 +554,10 @@ extend_parse_config(const char *token, char *cptr) + } + + eptr = _register_extend( oid_buf, oid_len ); ++ if (!eptr) { ++ snmp_log(LOG_ERR, "Failed to register extend entry '%s' - possibly duplicate name.\n", exec_name ); ++ return; ++ } + extension = _new_extension( exec_name, flags, eptr ); + if (extension) { + extension->command = strdup( exec_command ); diff --git a/SOURCES/net-snmp-5.7.2-hrFSTable-read-write.patch b/SOURCES/net-snmp-5.7.2-hrFSTable-read-write.patch new file mode 100644 index 0000000..4c86200 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-hrFSTable-read-write.patch @@ -0,0 +1,19 @@ +commit aff1fb31dac236bb5f8e641c92e5651f00fa4f7d +Author: Jan Safranek +Date: Thu Jul 30 11:25:48 2015 +0200 + + CHANGES: snmpd: restore read-write flag in hrFSTable when a device becomes writable + +diff --git a/agent/mibgroup/hardware/fsys/fsys_mntent.c b/agent/mibgroup/hardware/fsys/fsys_mntent.c +index 6fe4ed4..8a12181 100644 +--- a/agent/mibgroup/hardware/fsys/fsys_mntent.c ++++ b/agent/mibgroup/hardware/fsys/fsys_mntent.c +@@ -206,6 +206,8 @@ netsnmp_fsys_arch_load( void ) + #if HAVE_HASMNTOPT + if (hasmntopt( m, "ro" )) + entry->flags |= NETSNMP_FS_FLAG_RONLY; ++ else ++ entry->flags &= ~NETSNMP_FS_FLAG_RONLY; + #endif + /* + * The root device is presumably bootable. diff --git a/SOURCES/net-snmp-5.7.2-python-addr-size.patch b/SOURCES/net-snmp-5.7.2-python-addr-size.patch new file mode 100644 index 0000000..32cf0fa --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-python-addr-size.patch @@ -0,0 +1,59 @@ +1100099 - net-snmp-python adds zeros to end of IP address (IPADDR type), which is not valid + +commit 1bc799de6cab010b25c0c4d3f5155b5fbaf527f0 +Author: Bart Van Assche +Date: Thu Feb 21 20:05:14 2013 +0100 + + Python bindings: Fix the out-of-bounds write + + See also commit 234158b8e84cc204cbac96e6e9be6959635404b8 + +diff --git a/python/netsnmp/client_intf.c b/python/netsnmp/client_intf.c +index 3eda804..d188e65 100644 +--- a/python/netsnmp/client_intf.c ++++ b/python/netsnmp/client_intf.c +@@ -822,14 +822,18 @@ OCT: + + case TYPE_IPADDR: + vars->type = ASN_IPADDRESS; +- vars->val.integer = (in_addr_t *)malloc(sizeof(in_addr_t)); +- if (val) +- *(vars->val.integer) = inet_addr(val); +- else { +- ret = FAILURE; +- *(vars->val.integer) = 0; ++ { ++ in_addr_t addr; ++ ++ if (val) ++ addr = inet_addr(val); ++ else { ++ ret = FAILURE; ++ addr = 0; ++ } ++ memdup(&vars->val.integer, &addr, sizeof(addr)); ++ vars->val_len = sizeof(addr); + } +- vars->val_len = sizeof(in_addr_t); + break; + + case TYPE_OBJID: +commit d9789f2570452b54112443f3b8a32cf22a4ec783 +Author: Jan Safranek +Date: Fri Feb 27 13:55:07 2015 +0100 + + Fixed compiler warning. + +diff --git a/python/netsnmp/client_intf.c b/python/netsnmp/client_intf.c +index 7fc74dc..db5db75 100644 +--- a/python/netsnmp/client_intf.c ++++ b/python/netsnmp/client_intf.c +@@ -833,7 +833,7 @@ OCT: + ret = FAILURE; + addr = 0; + } +- memdup(&vars->val.integer, &addr, sizeof(addr)); ++ memdup((u_char**) &vars->val.integer, &addr, sizeof(addr)); + vars->val_len = sizeof(addr); + } + break; diff --git a/SOURCES/net-snmp-5.7.2-smux-invalid-headers.patch b/SOURCES/net-snmp-5.7.2-smux-invalid-headers.patch new file mode 100644 index 0000000..cf92569 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-smux-invalid-headers.patch @@ -0,0 +1,25 @@ +1140236 - Segfault when starting snmpd + +commit 95b87c7fe990869f6b4ce62c0b2f0382e47699a5 +Author: Jan Safranek +Date: Thu Feb 19 15:14:10 2015 +0100 + + Add extra check to throw away invalid SMUX messages. + + Otherwise snmpd crashes on NULL pointer dereference. + +diff --git a/agent/mibgroup/smux/smux.c b/agent/mibgroup/smux/smux.c +index fd96710..02d02d2 100644 +--- a/agent/mibgroup/smux/smux.c ++++ b/agent/mibgroup/smux/smux.c +@@ -752,6 +752,10 @@ smux_pdu_process(int fd, u_char * data, size_t length) + while (error == 0 && ptr != NULL && ptr < data + length) { + len = length - (ptr - data); + ptr = asn_parse_header(ptr, &len, &type); ++ if (ptr == NULL) { ++ DEBUGMSGTL(("smux", "[smux_pdu_process] cannot parse header\n")); ++ break; ++ } + DEBUGMSGTL(("smux", "[smux_pdu_process] type is %d\n", + (int) type)); + switch (type) { diff --git a/SOURCES/net-snmp-5.7.2-smux-logging.patch b/SOURCES/net-snmp-5.7.2-smux-logging.patch new file mode 100644 index 0000000..3f88ddc --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-smux-logging.patch @@ -0,0 +1,88 @@ +Bug 1140234 - unexpected messages in log while smux processing +Bug 1189393 - unexpected messages in log while smux processing + +Backported from: + +commit 75d17a242e524e66b6c8214f68dc9920d5bd59df +Author: Jan Safranek +Date: Fri Jan 30 11:29:53 2015 +0100 + + CHANGES: snmpd: Remove some log messages from SMUX processing. + + These messages are not useful to system admin and only makes system log unreadable. Let's move them to debug level. + +diff -up net-snmp-5.7.2/agent/mibgroup/smux/smux.c.smux-logging net-snmp-5.7.2/agent/mibgroup/smux/smux.c +--- net-snmp-5.7.2/agent/mibgroup/smux/smux.c.smux-logging 2015-06-18 10:49:01.165899644 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/smux/smux.c 2015-06-18 10:50:01.650157657 +0200 +@@ -536,8 +536,8 @@ var_smux_write(int action, + + if (buf[0] == SMUX_TRAP) { + DEBUGMSGTL(("smux", "[var_smux_write] Received trap\n")); +- snmp_log(LOG_INFO, "Got trap from peer on fd %d\n", +- rptr->sr_fd); ++ DEBUGMSGTL(("smux", "Got trap from peer on fd %d\n", ++ rptr->sr_fd)); + ptr = asn_parse_header(buf, &len, &type); + smux_trap_process(ptr, &len); + +@@ -646,9 +646,9 @@ smux_accept(int sd) + snmp_log_perror("[smux_accept] accept failed"); + return -1; + } else { +- snmp_log(LOG_INFO, "[smux_accept] accepted fd %d from %s:%d\n", ++ DEBUGMSGTL(("smux", "[smux_accept] accepted fd %d from %s:%d\n", + fd, inet_ntoa(in_socket.sin_addr), +- ntohs(in_socket.sin_port)); ++ ntohs(in_socket.sin_port))); + if (npeers + 1 == SMUXMAXPEERS) { + snmp_log(LOG_ERR, + "[smux_accept] denied peer on fd %d, limit %d reached", +@@ -747,7 +747,8 @@ smux_process(int fd) + + if (length <= 0) + { +- snmp_log_perror("[smux_process] peek failed"); ++ if (length < 0) ++ snmp_log_perror("[smux_process] peek failed"); + smux_peer_cleanup(fd); + return -1; + } +@@ -837,7 +838,7 @@ smux_pdu_process(int fd, u_char * data, + DEBUGMSGTL(("smux", "This shouldn't have happened!\n")); + break; + case SMUX_TRAP: +- snmp_log(LOG_INFO, "Got trap from peer on fd %d\n", fd); ++ DEBUGMSGTL(("smux", "Got trap from peer on fd %d\n", fd)); + if (ptr) + { + DEBUGMSGTL(("smux", "[smux_pdu_process] call smux_trap_process.\n")); +@@ -943,9 +944,9 @@ smux_open_process(int fd, u_char * ptr, + *fail = TRUE; + return ptr; + } +- snmp_log(LOG_INFO, ++ DEBUGMSGTL(("smux", + "accepted smux peer: oid %s, descr %s\n", +- oid_print, descr); ++ oid_print, descr)); + *fail = FALSE; + return ptr; + } +@@ -1538,7 +1539,7 @@ smux_snmp_process(int exact, + + if (result[0] == SMUX_TRAP) { + DEBUGMSGTL(("smux", "[smux_snmp_process] Received trap\n")); +- snmp_log(LOG_INFO, "Got trap from peer on fd %d\n", sd); ++ DEBUGMSGTL(("smux", "Got trap from peer on fd %d\n", sd)); + ptr = asn_parse_header(result, (size_t *) &length, &type); + smux_trap_process(ptr, (size_t *) &length); + +@@ -1906,7 +1907,7 @@ smux_peer_cleanup(int sd) + Auths[i]->sa_active_fd = -1; + snprint_objid(oid_name, sizeof(oid_name), Auths[i]->sa_oid, + Auths[i]->sa_oid_len); +- snmp_log(LOG_INFO, "peer disconnected: %s\n", oid_name); ++ DEBUGMSGTL(("smux", "peer disconnected: %s\n", oid_name)); + } + } + } diff --git a/SOURCES/net-snmp-5.7.2-systemstats-ipv4.patch b/SOURCES/net-snmp-5.7.2-systemstats-ipv4.patch new file mode 100644 index 0000000..0998803 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-systemstats-ipv4.patch @@ -0,0 +1,58 @@ +1235697 - ipSystemStatsInOctets & ipSystemStatsHCInOctets for IPV4 not implemented with net-snmp in RHEL 7 + +commit b4caf543cff7dba8f9acca2b9ea88c9b79dc39ee +Author: Niels Baggesen +Date: Mon Oct 22 16:32:12 2012 +0200 + + Pick up HC octets and McastOctets from /proc/net/netstat of current RHEL6 + and Fedora kernels. + +diff --git a/agent/mibgroup/ip-mib/data_access/systemstats_linux.c b/agent/mibgroup/ip-mib/data_access/systemstats_linux.c +index fbfd8a2..3ba8646 100644 +--- a/agent/mibgroup/ip-mib/data_access/systemstats_linux.c ++++ b/agent/mibgroup/ip-mib/data_access/systemstats_linux.c +@@ -271,7 +271,7 @@ _additional_systemstats_v4(netsnmp_systemstats_entry* entry, + FILE *devin; + char line[1024]; + int scan_count; +- unsigned long long scan_vals[6]; ++ unsigned long long scan_vals[12]; + int retval = 0; + + DEBUGMSGTL(("access:systemstats:container:arch", +@@ -301,9 +301,11 @@ _additional_systemstats_v4(netsnmp_systemstats_entry* entry, + memset(scan_vals, 0x0, sizeof(scan_vals)); + scan_count = sscanf(line, + "%*s" /* ignore `IpExt:' */ +- "%llu %llu %llu %llu %llu %llu", ++ "%llu %llu %llu %llu %llu %llu %llu %llu %llu %llu %llu %llu", + &scan_vals[0], &scan_vals[1], &scan_vals[2], +- &scan_vals[3], &scan_vals[4], &scan_vals[5]); ++ &scan_vals[3], &scan_vals[4], &scan_vals[5], ++ &scan_vals[6], &scan_vals[7], &scan_vals[8], ++ &scan_vals[9], &scan_vals[10], &scan_vals[11]); + if (scan_count < 6) { + snmp_log(LOG_ERR, + "error scanning addtional systemstats data" +@@ -331,6 +333,21 @@ _additional_systemstats_v4(netsnmp_systemstats_entry* entry, + entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCOUTMCASTPKTS] = 1; + entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCINBCASTPKTS] = 1; + entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCOUTBCASTPKTS] = 1; ++ if (scan_count >= 12) { ++ entry->stats.HCInOctets.low = scan_vals[6] & 0xffffffff; ++ entry->stats.HCInOctets.high = scan_vals[6] >> 32; ++ entry->stats.HCOutOctets.low = scan_vals[7] & 0xffffffff; ++ entry->stats.HCOutOctets.high = scan_vals[7] >> 32; ++ entry->stats.HCInMcastOctets.low = scan_vals[8] & 0xffffffff; ++ entry->stats.HCInMcastOctets.high = scan_vals[8] >> 32; ++ entry->stats.HCOutMcastOctets.low = scan_vals[9] & 0xffffffff; ++ entry->stats.HCOutMcastOctets.high = scan_vals[9] >> 32; ++ /* 10 and 11 are In/OutBcastOctets */ ++ entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCINOCTETS] = 1; ++ entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCOUTOCTETS] = 1; ++ entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCINMCASTOCTETS] = 1; ++ entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCOUTMCASTOCTETS] = 1; ++ } + } + } + diff --git a/SOURCES/net-snmp-5.7.2-trap-vartypes.patch b/SOURCES/net-snmp-5.7.2-trap-vartypes.patch new file mode 100644 index 0000000..30155ce --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-trap-vartypes.patch @@ -0,0 +1,474 @@ +commit 7f4a7b891332899cea26e95be0337aae01648742 +Author: Jan Safranek +Date: Thu Jul 31 13:46:49 2014 +0200 + + Added checks for printing variables with wrong types. + + When -OQ command line argument is used, variable formatter preffers the type + of the varible parsed from a MIB file instead of checking type of the variable + as parsed from SNMP message. + + This can lead to crashes when incoming packets contains a variable with + NULL type, while the MIB says the variable should be non-NULL, like Integer. + The formatter then tries to interpret the NULL (from packet) as Integer (from + MIB file). + +diff --git a/snmplib/mib.c b/snmplib/mib.c +index 9d3ca41..c6e0010 100644 +--- a/snmplib/mib.c ++++ b/snmplib/mib.c +@@ -439,17 +439,16 @@ sprint_realloc_octet_string(u_char ** buf, size_t * buf_len, + u_char *cp; + int output_format, cnt; + +- if ((var->type != ASN_OCTET_STR) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- const char str[] = "Wrong Type (should be OCTET STRING): "; +- if (snmp_cstrcat +- (buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_OCTET_STR) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ const char str[] = "Wrong Type (should be OCTET STRING): "; ++ if (!snmp_cstrcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + +@@ -702,16 +701,16 @@ sprint_realloc_float(u_char ** buf, size_t * buf_len, + const struct enum_list *enums, + const char *hint, const char *units) + { +- if ((var->type != ASN_OPAQUE_FLOAT) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- if (snmp_cstrcat(buf, buf_len, out_len, allow_realloc, +- "Wrong Type (should be Float): ")) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_OPAQUE_FLOAT) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Float): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -772,17 +771,16 @@ sprint_realloc_double(u_char ** buf, size_t * buf_len, + const struct enum_list *enums, + const char *hint, const char *units) + { +- if ((var->type != ASN_OPAQUE_DOUBLE) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- if (snmp_cstrcat +- (buf, buf_len, out_len, allow_realloc, +- "Wrong Type (should be Double): ")) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_OPAQUE_DOUBLE) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Double): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -847,20 +845,21 @@ sprint_realloc_counter64(u_char ** buf, size_t * buf_len, size_t * out_len, + { + char a64buf[I64CHARSZ + 1]; + +- if ((var->type != ASN_COUNTER64 ++ if (var->type != ASN_COUNTER64 + #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES + && var->type != ASN_OPAQUE_COUNTER64 + && var->type != ASN_OPAQUE_I64 && var->type != ASN_OPAQUE_U64 + #endif +- ) && (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- if (snmp_cstrcat(buf, buf_len, out_len, allow_realloc, +- "Wrong Type (should be Counter64): ")) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ ) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Counter64): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -948,23 +947,25 @@ sprint_realloc_opaque(u_char ** buf, size_t * buf_len, + const struct enum_list *enums, + const char *hint, const char *units) + { +- if ((var->type != ASN_OPAQUE ++ if (var->type != ASN_OPAQUE + #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES + && var->type != ASN_OPAQUE_COUNTER64 + && var->type != ASN_OPAQUE_U64 + && var->type != ASN_OPAQUE_I64 + && var->type != ASN_OPAQUE_FLOAT && var->type != ASN_OPAQUE_DOUBLE + #endif /* NETSNMP_WITH_OPAQUE_SPECIAL_TYPES */ +- ) && (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- if (snmp_cstrcat(buf, buf_len, out_len, allow_realloc, +- "Wrong Type (should be Opaque): ")) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ ) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Opaque): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } ++ + #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES + switch (var->type) { + case ASN_OPAQUE_COUNTER64: +@@ -1040,17 +1041,16 @@ sprint_realloc_object_identifier(u_char ** buf, size_t * buf_len, + { + int buf_overflow = 0; + +- if ((var->type != ASN_OBJECT_ID) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = +- "Wrong Type (should be OBJECT IDENTIFIER): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_OBJECT_ID) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be OBJECT IDENTIFIER): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -1110,16 +1110,16 @@ sprint_realloc_timeticks(u_char ** buf, size_t * buf_len, size_t * out_len, + { + char timebuf[40]; + +- if ((var->type != ASN_TIMETICKS) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be Timeticks): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_TIMETICKS) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Timeticks): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_NUMERIC_TIMETICKS)) { +@@ -1277,17 +1277,18 @@ sprint_realloc_integer(u_char ** buf, size_t * buf_len, size_t * out_len, + { + char *enum_string = NULL; + +- if ((var->type != ASN_INTEGER) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be INTEGER): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_INTEGER) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be INTEGER): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } ++ + for (; enums; enums = enums->next) { + if (enums->value == *var->val.integer) { + enum_string = enums->label; +@@ -1380,16 +1381,16 @@ sprint_realloc_uinteger(u_char ** buf, size_t * buf_len, size_t * out_len, + { + char *enum_string = NULL; + +- if ((var->type != ASN_UINTEGER) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be UInteger32): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_UINTEGER) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be UInteger32): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + for (; enums; enums = enums->next) { +@@ -1477,17 +1478,16 @@ sprint_realloc_gauge(u_char ** buf, size_t * buf_len, size_t * out_len, + { + char tmp[32]; + +- if ((var->type != ASN_GAUGE) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = +- "Wrong Type (should be Gauge32 or Unsigned32): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_GAUGE) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Gauge32 or Unsigned32): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -1550,16 +1550,16 @@ sprint_realloc_counter(u_char ** buf, size_t * buf_len, size_t * out_len, + { + char tmp[32]; + +- if ((var->type != ASN_COUNTER) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be Counter32): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_COUNTER) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be Counter32): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -1613,16 +1613,16 @@ sprint_realloc_networkaddress(u_char ** buf, size_t * buf_len, + { + size_t i; + +- if ((var->type != ASN_IPADDRESS) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be NetworkAddress): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_IPADDRESS) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be NetworkAddress): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -1679,16 +1679,16 @@ sprint_realloc_ipaddress(u_char ** buf, size_t * buf_len, size_t * out_len, + { + u_char *ip = var->val.string; + +- if ((var->type != ASN_IPADDRESS) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be IpAddress): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_IPADDRESS) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be IpAddress): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -1737,20 +1737,20 @@ sprint_realloc_null(u_char ** buf, size_t * buf_len, size_t * out_len, + const struct enum_list *enums, + const char *hint, const char *units) + { +- if ((var->type != ASN_NULL) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be NULL): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_NULL) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be NULL): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } +- } else { +- u_char str[] = "NULL"; +- return snmp_strcat(buf, buf_len, out_len, allow_realloc, str); + } ++ ++ u_char str[] = "NULL"; ++ return snmp_strcat(buf, buf_len, out_len, allow_realloc, str); + } + + +@@ -1785,16 +1785,16 @@ sprint_realloc_bitstring(u_char ** buf, size_t * buf_len, size_t * out_len, + u_char *cp; + char *enum_string; + +- if ((var->type != ASN_BIT_STR && var->type != ASN_OCTET_STR) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be BITS): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_BIT_STR && var->type != ASN_OCTET_STR) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be BITS): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { +@@ -1869,16 +1869,16 @@ sprint_realloc_nsapaddress(u_char ** buf, size_t * buf_len, + const struct enum_list *enums, const char *hint, + const char *units) + { +- if ((var->type != ASN_NSAP) && +- (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT))) { +- u_char str[] = "Wrong Type (should be NsapAddress): "; +- if (snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) { +- return sprint_realloc_by_type(buf, buf_len, out_len, ++ if (var->type != ASN_NSAP) { ++ if (!netsnmp_ds_get_boolean( ++ NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { ++ u_char str[] = "Wrong Type (should be NsapAddress): "; ++ if (!snmp_strcat(buf, buf_len, out_len, allow_realloc, str)) ++ return 0; ++ } ++ return sprint_realloc_by_type(buf, buf_len, out_len, + allow_realloc, var, NULL, NULL, + NULL); +- } else { +- return 0; +- } + } + + if (!netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICK_PRINT)) { + +commit 3da0c378b5cb1bbf35d05a6212a483abda84a201 +Author: Niels Baggesen +Date: Mon Sep 1 08:59:04 2014 +0200 + + Fix commit 7f4a7b891332899cea26e95be0337aae01648742: dont mix code and declarations. + +diff --git a/snmplib/mib.c b/snmplib/mib.c +index c6e0010..7dcf3d0 100644 +--- a/snmplib/mib.c ++++ b/snmplib/mib.c +@@ -1737,6 +1737,8 @@ sprint_realloc_null(u_char ** buf, size_t * buf_len, size_t * out_len, + const struct enum_list *enums, + const char *hint, const char *units) + { ++ u_char str[] = "NULL"; ++ + if (var->type != ASN_NULL) { + if (!netsnmp_ds_get_boolean( + NETSNMP_DS_LIBRARY_ID, NETSNMP_DS_LIB_QUICKE_PRINT)) { +@@ -1749,7 +1751,6 @@ sprint_realloc_null(u_char ** buf, size_t * buf_len, size_t * out_len, + NULL); + } + +- u_char str[] = "NULL"; + return snmp_strcat(buf, buf_len, out_len, allow_realloc, str); + } + diff --git a/SOURCES/net-snmp-5.7.2-udp6-clientaddr.patch b/SOURCES/net-snmp-5.7.2-udp6-clientaddr.patch new file mode 100644 index 0000000..97b7b37 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-udp6-clientaddr.patch @@ -0,0 +1,78 @@ +1190679 - In IPv6, snmp packet does not send from specified interface assigned by clientaddr option in snmpd.conf + +commit a92628a163ebf1ea62220684736300461c003875 +Author: Niels Baggesen +Date: Mon Jan 26 20:26:06 2015 +0100 + + BUG#a2584: Fix snmptrap to use clientaddr from snmp.conf. Thanks to rizwan + ++ restore clientaddrUsesPort functionality for UDPv6 + +diff -up net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c.udp6-clientaddr net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c +--- net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c.udp6-clientaddr 2015-06-17 15:00:50.178122151 +0200 ++++ net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c 2015-06-17 15:01:09.203194870 +0200 +@@ -284,6 +284,27 @@ netsnmp_udp6_transport(struct sockaddr_i + return NULL; + #endif /* NETSNMP_NO_LISTEN_SUPPORT */ + } else { ++ char *client_socket = NULL; ++ /* ++ * This is a client session. If we've been given a ++ * client address to send from, then bind to that. ++ * Otherwise the send will use "something sensible". ++ */ ++ ++ client_socket = netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID, ++ NETSNMP_DS_LIB_CLIENT_ADDR); ++ if (client_socket) { ++ struct sockaddr_in6 client_addr; ++ netsnmp_sockaddr_in6_2(&client_addr, client_socket, NULL); ++ rc = bind(t->sock, (struct sockaddr *)&client_addr, ++ sizeof(struct sockaddr_in6)); ++ if ( rc != 0 ) { ++ DEBUGMSGTL(("netsnmp_udp6", "failed to bind for clientaddr: %d %s\n", ++ errno, strerror(errno))); ++ netsnmp_socketbase_close(t); ++ netsnmp_transport_free(t); ++ } ++ } + /* + * This is a client session. Save the address in the + * transport-specific data pointer for later use by netsnmp_udp6_send. +diff -up net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c.old net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c +--- net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c.old 2015-06-17 16:34:09.120181912 +0200 ++++ net-snmp-5.7.2/snmplib/transports/snmpUDPIPv6Domain.c 2015-06-17 16:35:29.803192111 +0200 +@@ -294,8 +294,13 @@ netsnmp_udp6_transport(struct sockaddr_i + client_socket = netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID, + NETSNMP_DS_LIB_CLIENT_ADDR); + if (client_socket) { ++ int uses_port = netsnmp_ds_get_boolean(NETSNMP_DS_LIBRARY_ID, ++ NETSNMP_DS_LIB_CLIENT_ADDR_USES_PORT); + struct sockaddr_in6 client_addr; + netsnmp_sockaddr_in6_2(&client_addr, client_socket, NULL); ++ if (uses_port == 0) { ++ client_addr.sin6_port = 0; ++ } + rc = bind(t->sock, (struct sockaddr *)&client_addr, + sizeof(struct sockaddr_in6)); + if ( rc != 0 ) { +commit 1ee72102fbe722d232d74abc4660a8b134cec8d6 +Author: Bart Van Assche +Date: Sat May 23 07:32:53 2015 +0200 + + snmplib, UDPIPv6 transport: Add a missing return statement + + Detected by Coverity. + +diff --git a/snmplib/transports/snmpUDPIPv6Domain.c b/snmplib/transports/snmpUDPIPv6Domain.c +index 029b164..11c39bb 100644 +--- a/snmplib/transports/snmpUDPIPv6Domain.c ++++ b/snmplib/transports/snmpUDPIPv6Domain.c +@@ -285,6 +285,7 @@ netsnmp_udp6_transport(struct sockaddr_in6 *addr, int local) + errno, strerror(errno))); + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); ++ return NULL; + } + } + /* diff --git a/SOURCES/net-snmp-5.7.2-udpTable-index.patch b/SOURCES/net-snmp-5.7.2-udpTable-index.patch new file mode 100644 index 0000000..9575b52 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-udpTable-index.patch @@ -0,0 +1,21 @@ +Bug 1184433 - udpTable has wrong indices + +commit c5c435658032c26fde69978e2610c879b3a4bcc8 +Author: Niels Baggesen +Date: Thu Apr 16 18:56:55 2015 +0200 + + Patch #1300: Fix big endian / 64bit problem with Sparc by properly typing. Thanks to Eric Snowberg. + +diff --git a/agent/mibgroup/mibII/udpTable.c b/agent/mibgroup/mibII/udpTable.c +index 57e967c..cc00b13 100644 +--- a/agent/mibgroup/mibII/udpTable.c ++++ b/agent/mibgroup/mibII/udpTable.c +@@ -368,7 +368,7 @@ udpTable_next_entry( void **loop_context, + { + UDPTABLE_ENTRY_TYPE *entry = (UDPTABLE_ENTRY_TYPE *)*loop_context; + long port; +- long addr; ++ in_addr_t addr; + + if (!entry) + return NULL; diff --git a/SPECS/net-snmp.spec b/SPECS/net-snmp.spec index b0be614..ed6a59b 100644 --- a/SPECS/net-snmp.spec +++ b/SPECS/net-snmp.spec @@ -11,7 +11,7 @@ Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: 5.7.2 -Release: 20%{?dist}.1 +Release: 24%{?dist} Epoch: 1 License: BSD @@ -71,7 +71,23 @@ Patch34: net-snmp-5.7.2-hrProcessorLoad-many-cpus.patch Patch35: net-snmp-5.5-mvfs.patch Patch36: net-snmp-5.7.2-clientaddr-error-msg.patch Patch37: net-snmp-5.7.2-proxy-getnext.patch -Patch38: net-snmp-5.7.2-incomplete-parse.patch +Patch38: net-snmp-5.7.2-extend-reload.patch +Patch39: net-snmp-5.7.2-trap-vartypes.patch +Patch40: net-snmp-5.5-storageUseNFS.patch +Patch41: net-snmp-5.5-trap-forward-reqid.patch +Patch42: net-snmp-5.5-hrStorage-31bits.patch +Patch43: net-snmp-5.7.2-udp6-clientaddr.patch +Patch44: net-snmp-5.7.2-smux-logging.patch +Patch45: net-snmp-5.7.2-udpTable-index.patch +Patch46: net-snmp-5.7.2-client-write-var.patch +Patch47: net-snmp-5.7.2-smux-invalid-headers.patch +Patch48: net-snmp-5.7.2-diskio-whitelist.patch +Patch49: net-snmp-5.7.2-systemstats-ipv4.patch +Patch50: net-snmp-5.7.2-incomplete-parse.patch +Patch51: net-snmp-5.7.2-hrFSTable-read-write.patch +Patch52: net-snmp-5.5-sensors-duplicate.patch +Patch53: net-snmp-5.7.2-extend-close.patch +Patch54: net-snmp-5.7.2-python-addr-size.patch Requires(post): chkconfig Requires(preun): chkconfig @@ -261,7 +277,23 @@ The net-snmp-sysvinit package provides SysV init scripts for Net-SNMP daemons. %patch35 -p1 -b .mvfs %patch36 -p1 -b .clientaddr-error-msg %patch37 -p1 -b .proxy-getnext -%patch38 -p1 -b .incomplete-parse +%patch38 -p1 -b .extend-reload +%patch39 -p1 -b .trap-vartypes +%patch40 -p1 -b .storageUseNFS +%patch41 -p1 -b .trap-forward-reqid +%patch42 -p1 -b .hrStorage-31bits +%patch43 -p1 -b .udp6-clientaddr +%patch44 -p1 -b .smux-logging +%patch45 -p1 -b .udpTable-index +%patch46 -p1 -b .client-write-var +%patch47 -p1 -b .smux-invalid-headers +%patch48 -p1 -b .diskio-whitelist +%patch49 -p1 -b .systemstats-ipv4 +%patch50 -p1 -b .incomplete-parse +%patch51 -p1 -b .hrFSTable-read-write +%patch52 -p1 -b .sensors-duplicate +%patch53 -p1 -b .extend-close +%patch54 -p1 -b .python-addr-size %ifarch sparc64 s390 s390x # disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697 @@ -557,8 +589,35 @@ rm -rf ${RPM_BUILD_ROOT} %{_initrddir}/snmptrapd %changelog -* Thu Jul 30 2015 Jan Safranek - 1:5.7.2-20.el7_1.1 -- Fixed parsing of invalid variables in incoming packets (#1248412) +* Tue Aug 18 2015 Jan Safranek - 1:5.7.2-24 +- Fixed lmSensorsTable not reporting sensors with duplicate names + (#1252053) +- Fixed close() overhead of extend commands (#1252048) +- Fixed out-of-bounds write in python code (#1252034) + +* Thu Jul 30 2015 Jan Safranek - 1:5.7.2-23 +- Fixed parsing of invalid variables in incoming packets (#1248414) +- Fixed HOST-RESOURCES-MIB::hrFSAccess flag when read-only filesystem + becomes writable (#1241897) + +* Tue Jun 30 2015 Jan Safranek - 1:5.7.2-22 +- Fixed IP-MIB::ipSystemStatsInOctets and similar counters for IPv4 + (#1235697) + +* Tue Jun 16 2015 Jan Safranek - 1:5.7.2-21 +- Fixed crash on reloading 'exec' configuration options (#1228893) +- Fixed CVE-2014-3565, snmptrapd died when parsing certain traps (#1209361) +- Fixed storageUseNFS functionality in hrStorageTable (#1193006) +- Fixed forwarding of traps with RequestID=0 in snmptrapd (#1192511) +- Fixed hrStorageTable to contain 31 bits integers (#1192221) +- Fixed 'clientaddr' option for UDPv6 client messages (#1190679) +- Fixed log level of SMUX messages (#1189393) +- Fixed UDP-MIB::udpTable index on big-endian platforms (#1184433) +- Fixed client utilities reporting 'read_config_store open failure on + /var/lib/net-snmp/snmpapp.conf' (#1151310) +- Fixed snmpd crash when failed to parse SMUX message headers (#1140236) +- Added 'diskio' option to snmpd.conf, it's possible to monitor only + selected devices in diskIOTable (#1092308) * Mon Jan 19 2015 Jan Safranek - 1:5.7.2-20 - Fixed compiler warnings in previous build.