diff --git a/SOURCES/net-snmp-5.5-mvfs.patch b/SOURCES/net-snmp-5.5-mvfs.patch new file mode 100644 index 0000000..d629a09 --- /dev/null +++ b/SOURCES/net-snmp-5.5-mvfs.patch @@ -0,0 +1,25 @@ +Bug 1073237 - "skipNFSInHostResources" option in net-snmp does not skip mvfs type filesystem (IBM clearcase) +Bug 1086606 + +Non-ABI and non-behavior breaking patch. + +Upstream (upcoming 5.8.0 release) will report mvfs as 'NFS' filesystem, which +is then skipped when skipNFSInHostResources is set. We can't do so in RHEL +minor updates -> this patch. + +diff -up net-snmp-5.5/agent/mibgroup/hardware/fsys/fsys_mntent.c.mvfs net-snmp-5.5/agent/mibgroup/hardware/fsys/fsys_mntent.c +--- net-snmp-5.5/agent/mibgroup/hardware/fsys/fsys_mntent.c.mvfs 2014-04-08 12:56:42.419201488 +0200 ++++ net-snmp-5.5/agent/mibgroup/hardware/fsys/fsys_mntent.c 2014-04-11 09:41:13.374316570 +0200 +@@ -208,6 +208,12 @@ netsnmp_fsys_arch_load( void ) + + if ( _fsys_remote( entry->device, entry->type )) + entry->flags |= NETSNMP_FS_FLAG_REMOTE; ++ /* Mark also mvfs (reported as NETSNMP_FS_TYPE_OTHER) as remote. ++ * In upstream, it's solved as reporting mvfs as NFS ++ * (-> behavior change, forbidden in RHEL minor updates). ++ */ ++ if (!strcmp(m->NSFS_TYPE, MNTTYPE_MVFS)) ++ entry->flags |= NETSNMP_FS_FLAG_REMOTE; + #if HAVE_HASMNTOPT + if (hasmntopt( m, "ro" )) + entry->flags |= NETSNMP_FS_FLAG_RONLY; diff --git a/SOURCES/net-snmp-5.7.2-clientaddr-error-msg.patch b/SOURCES/net-snmp-5.7.2-clientaddr-error-msg.patch new file mode 100644 index 0000000..8f8afbd --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-clientaddr-error-msg.patch @@ -0,0 +1,21 @@ +1086925 - snmpd does not report error when clientaddr : cannot bind to the specified port + +commit 68d2c8fd4bf2390612f288ff488b7c08102bcd0a +Author: Jan Safranek +Date: Wed Jan 14 11:52:05 2015 +0100 + + Added error message when bind for clientaddr fails. + +diff --git a/snmplib/transports/snmpUDPIPv4BaseDomain.c b/snmplib/transports/snmpUDPIPv4BaseDomain.c +index fa39e4b..b8b6683 100644 +--- a/snmplib/transports/snmpUDPIPv4BaseDomain.c ++++ b/snmplib/transports/snmpUDPIPv4BaseDomain.c +@@ -221,6 +221,8 @@ netsnmp_udpipv4base_transport(struct sockaddr_in *addr, int local) + if ( rc != 0 ) { + DEBUGMSGTL(("netsnmp_udpbase", "failed to bind for clientaddr: %d %s\n", + errno, strerror(errno))); ++ snmp_log(LOG_ERR, "Cannot bind for clientaddr: %s\n", ++ strerror(errno)); + netsnmp_socketbase_close(t); + netsnmp_transport_free(t); + return NULL; diff --git a/SOURCES/net-snmp-5.7.2-hrProcessorLoad-many-cpus.patch b/SOURCES/net-snmp-5.7.2-hrProcessorLoad-many-cpus.patch new file mode 100644 index 0000000..da4fa47 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-hrProcessorLoad-many-cpus.patch @@ -0,0 +1,22 @@ +1070076 - SNMP HRPROCESSORLOAD RETURNS INCORRECT VALUES FOR PROCESSOR #'S > 100 + +commit eef2f64b46357b353c79504bc593535ebe7421e7 +Author: Niels Baggesen +Date: Thu Jan 23 16:27:07 2014 +0100 + + cpu_linux: support systems with more than 100 cpus. + +diff -up net-snmp-5.7.2/agent/mibgroup/hardware/cpu/cpu_linux.c.hrProcessorLoad-many-cpus net-snmp-5.7.2/agent/mibgroup/hardware/cpu/cpu_linux.c +--- net-snmp-5.7.2/agent/mibgroup/hardware/cpu/cpu_linux.c.hrProcessorLoad-many-cpus 2015-01-16 10:01:49.728398670 +0100 ++++ net-snmp-5.7.2/agent/mibgroup/hardware/cpu/cpu_linux.c 2015-01-16 10:02:58.796486160 +0100 +@@ -154,7 +154,9 @@ int netsnmp_cpu_arch_load( netsnmp_cache + snmp_log_perror("Missing CPU info entry"); + break; + } +- b1 = b2+5; /* Skip "cpuN " */ ++ b1 = b2; /* Skip "cpuN " */ ++ while(*b1 != ' ') b1++; ++ b1++; + } + + num_cpuline_elem = sscanf(b1, "%llu %llu %llu %llu %llu %llu %llu %llu %llu %llu", diff --git a/SOURCES/net-snmp-5.7.2-ipCidrRouteTable-duplicates.patch b/SOURCES/net-snmp-5.7.2-ipCidrRouteTable-duplicates.patch new file mode 100644 index 0000000..b3f9101 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-ipCidrRouteTable-duplicates.patch @@ -0,0 +1,131 @@ +1172013 - NetworkManager causes snmp OID not increasing + +commit 664ed943f63dfe9393e959840ecd23c31c9d8f89 +Author: Bill Fenner +Date: Wed Aug 27 16:02:57 2014 -0400 + + Handle duplicates in a binary_array container + + The CONTAINER_KEY_ALLOW_DUPLICATES setting is fundamentally flawed; + it really effectively meant "I promise I won't insert duplicates + so don't check at insert time". However, the ip-forward-mib + sets this flag but relies on the duplicate prevention at insert + time under certain scenarios (e.g., multiple attachments to the + same subnet on MacOS), resulting in a loop in ip-forward-mib + in these scenarios. So, now it means "check for duplicates at + getnext time" - the binary search will find an arbitrary one + of the entries with the same key, and when we've incremented + we have to check whether or not we've actually incremented past + any duplicates. This costs an extra key compare per getnext. + + If there's a scenario in the future where a MIB implementation + can really guarantee that it isn't inserting duplicates, we + might want to add a "CONTAINER_KEY_I_PROMISE_I_WONT_INSERT_DUPLICATES", + that disables the insertion check but doesn't perform the getnext + check. + +diff --git a/snmplib/container_binary_array.c b/snmplib/container_binary_array.c +index 249a3a9..10ae67f 100644 +--- a/snmplib/container_binary_array.c ++++ b/snmplib/container_binary_array.c +@@ -284,6 +284,22 @@ netsnmp_binary_array_get(netsnmp_container *c, const void *key, int exact) + if (key) { + if ((index = binary_search(key, c, exact)) == -1) + return NULL; ++ if (!exact && ++ c->flags & CONTAINER_KEY_ALLOW_DUPLICATES) { ++ int result; ++ ++ /* ++ * If duplicates are allowed, we have to be extra ++ * sure that we didn't just increment to a duplicate, ++ * thus causing a getnext loop. ++ */ ++ result = c->compare(t->data[index], key); ++ while (result == 0) { ++ if (++index == t->count) ++ return NULL; ++ result = c->compare(t->data[index], key); ++ } ++ } + } + + return t->data[index]; +diff --git a/testing/fulltests/unit-tests/T021binary_array_oid_duplicates_clib.c b/testing/fulltests/unit-tests/T021binary_array_oid_duplicates_clib.c +new file mode 100644 +index 0000000..c027329 +--- /dev/null ++++ b/testing/fulltests/unit-tests/T021binary_array_oid_duplicates_clib.c +@@ -0,0 +1,72 @@ ++/* HEADER Testing duplicate handling in binary OID array */ ++ ++/* Much copied from T012 */ ++static const char test_name[] = "binary-array-of-OIDs-duplicate-test"; ++oid o1 = 1; ++oid o2 = 2; ++oid o3 = 6; ++oid o4 = 8; ++oid o5 = 9; ++oid ox = 7; ++oid oy = 10; ++netsnmp_index i1, i2, i3, i4, i5, ix, iy, *ip; ++netsnmp_index *b[] = { &i4, &i2, &i3, &i1, &i5 }; ++netsnmp_container *c; ++int i; ++ ++init_snmp(test_name); ++ ++c = netsnmp_container_get_binary_array(); ++c->compare = netsnmp_compare_netsnmp_index; ++netsnmp_binary_array_options_set(c, 1, ++ CONTAINER_KEY_ALLOW_DUPLICATES); ++ ++i1.oids = &o1; ++i2.oids = &o2; ++i3.oids = &o3; ++i4.oids = &o4; ++i5.oids = &o5; ++ix.oids = &ox; ++iy.oids = &oy; ++i1.len = i2.len = i3.len = i4.len = i5.len = ix.len = iy.len = 1; ++ ++for (i = 0; i < sizeof(b)/sizeof(b[0]); ++i) ++ CONTAINER_INSERT(c, b[i]); ++ ++#define MAX_ROUNDS 6 ++/* Insert some duplicates of i4; also insert a duplicate of ++ * i1 to move the contents of the array around. */ ++for (i = 0; i < MAX_ROUNDS; ++i) { ++ switch (i) { ++ case 0: ++ /* First round: no insert */ ++ break; ++ case 1: ++ case 2: ++ case 4: ++ case 5: ++ /* Insert another duplicate of our target object */ ++ CONTAINER_INSERT(c, &i4); ++ break; ++ case 3: ++ /* Insert a dulicate of an earlier OID, so that it ++ * changes the binary search behavior */ ++ CONTAINER_INSERT(c, &i1); ++ break; ++ } ++ /* Primary requirement: getnext returns the next value! */ ++ ip = CONTAINER_FIND(c, &i4); ++ OKF(ip, ("FIND returned a value")); ++ OKF(c->compare(&i4, ip) == 0, ++ ("FIND returned oid %" NETSNMP_PRIo "d", ip->oids[0])); ++ ip = CONTAINER_NEXT(c, &i4); ++ OKF(ip, ("NEXT returned a value")); ++ OKF(c->compare(&i5, ip) == 0, ++ ("NEXT returned index 5 = %" NETSNMP_PRIo "d", i5.oids[0])); ++} ++ ++while ((ip = CONTAINER_FIRST(c))) ++ CONTAINER_REMOVE(c, ip); ++CONTAINER_FREE(c); ++ ++snmp_shutdown(test_name); diff --git a/SOURCES/net-snmp-5.7.2-proxy-getnext.patch b/SOURCES/net-snmp-5.7.2-proxy-getnext.patch new file mode 100644 index 0000000..39012a5 --- /dev/null +++ b/SOURCES/net-snmp-5.7.2-proxy-getnext.patch @@ -0,0 +1,16 @@ +1087801 - proxied OIDs unspecified in proxy statement in snmpd.conf + +From RHEL 6 patch. + +diff -up net-snmp-5.7.2/agent/mibgroup/ucd-snmp/proxy.c.test2 net-snmp-5.7.2/agent/mibgroup/ucd-snmp/proxy.c +--- net-snmp-5.7.2/agent/mibgroup/ucd-snmp/proxy.c.test2 2014-04-14 14:24:00.146782548 +0200 ++++ net-snmp-5.7.2/agent/mibgroup/ucd-snmp/proxy.c 2014-04-14 14:24:20.416760913 +0200 +@@ -412,7 +412,7 @@ proxy_handler(netsnmp_mib_handler *handl + if (sp->base_len && + reqinfo->mode == MODE_GETNEXT && + (snmp_oid_compare(ourname, ourlength, +- sp->base, sp->base_len) < 0)) { ++ sp->name, sp->name_len) < 0)) { + DEBUGMSGTL(( "proxy", "request is out of registered range\n")); + /* + * Create GETNEXT request with an OID so the diff --git a/SPECS/net-snmp.spec b/SPECS/net-snmp.spec index 2c1f3a7..fdc9623 100644 --- a/SPECS/net-snmp.spec +++ b/SPECS/net-snmp.spec @@ -11,7 +11,7 @@ Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: 5.7.2 -Release: 18%{?dist} +Release: 20%{?dist} Epoch: 1 License: BSD @@ -66,6 +66,11 @@ Patch29: net-snmp-5.7.2-btrfs.patch Patch30: net-snmp-5.7.2-trigger-crash.patch Patch31: net-snmp-5.5-python-retcodes.patch Patch32: net-snmp-5.7.2-icmp-mib.patch +Patch33: net-snmp-5.7.2-ipCidrRouteTable-duplicates.patch +Patch34: net-snmp-5.7.2-hrProcessorLoad-many-cpus.patch +Patch35: net-snmp-5.5-mvfs.patch +Patch36: net-snmp-5.7.2-clientaddr-error-msg.patch +Patch37: net-snmp-5.7.2-proxy-getnext.patch Requires(post): chkconfig Requires(preun): chkconfig @@ -250,6 +255,11 @@ The net-snmp-sysvinit package provides SysV init scripts for Net-SNMP daemons. %patch30 -p1 -b .trigger-crash %patch31 -p1 -b .python-retcodes %patch32 -p1 -b .icmp-mib +%patch33 -p1 -b .ipCidrRouteTable-duplicates +%patch34 -p1 -b .hrProcessorLoad-many-cpus +%patch35 -p1 -b .mvfs +%patch36 -p1 -b .clientaddr-error-msg +%patch37 -p1 -b .proxy-getnext %ifarch sparc64 s390 s390x # disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697 @@ -517,7 +527,7 @@ rm -rf ${RPM_BUILD_ROOT} %{perl_vendorarch}/auto/Bundle/*SNMP* %files python -%doc README +%doc python/README %{python_sitearch}/* %files gui @@ -545,6 +555,19 @@ rm -rf ${RPM_BUILD_ROOT} %{_initrddir}/snmptrapd %changelog +* Mon Jan 19 2015 Jan Safranek - 1:5.7.2-20 +- Fixed compiler warnings in previous build. + +* Fri Jan 16 2015 Jan Safranek - 1:5.7.2-19 +- Fixed not-increasing OIDs in IP-FORWARD-MIB::ipCidrRouteTable (#1172013) +- Fixed HOST-RESOURCES-MIB::hrProcessorTable on machines with >100 CPUs + (#1070076) +- skip 'mvfs' (ClearCase) when skipNFSInHostResources is enabled (#1086606) +- Added clear error message when port specified in 'clientaddrr' config + option cannot be bound (#1086925) +- fixed proxying of out-of-tree GETNEXT requests (#1087801) +- use python/README to net-snmp-python subpackage (#1158391) + * Tue Mar 4 2014 Jan Safranek - 1:5.7.2-18 - Fixed buffer overflow in ICMP-MIB (#1072092)