| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
| |
Handles malformed `setuptools.__version__` such as "41.4.0.post20191022"
|
|
|
| |
Travis CI: Add Python 3.8
|
| |
|
| |
|
|
|
|
|
|
|
| |
Fixed a regression in SNMPv3 `msgFlag` initialization on
authoritative SNMP engine ID discovery. This bug causes secure
communication with peer SNMP engines to stall at SNMP engine ID
discovery procedure.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This change introduces "wildcard" SNMP engine ID (0x00000000). Right
before deciding on firing up SNMP engine ID discovery and key
localization procedure, originating SNMP engine will check for
the presence of this magical engine ID (5 zeros), if it is present
in LCD along with the user name being used, localized keys from that
entry will be used.
Does this have security implications?
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This SNMP engine ID discovery procedure is spread across message
processing and security modules. This is weird!
Anyway, this change moves SNMP message rewriting, associated with
starting out SNMP discovery sequence, to security module. The
motivation is to let security module making the ultimate decision
whether or not SNMP engine discovery is required.
For example, if localized keys are committed directly to the DB,
security module may just use them without engine discovery phase.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds details debugging on USM initial configuration process
and runtime USM user cloning.
Besides that, this patch eliminates storing of incomplete
USM keys (in case when master/localized keys are configured
directly).
On top of that, this commit fixes a bug in USM configuration
which did not allow the same user names to be added under
different security names.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added new optional parameters to `addUsmUser()` and
`hlapi.UsmUserData()` functions allowing specifying key material
type being passed to the respective routines.
Plain-text pass-phrase remains the default, while user can change that
to `master` or `localized` types.
Refer to RFC3414 for technical details on SNMP USM key localization
algorithm.
|
|
|
|
| |
/me is hopeful to migrate to local tests
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously, MIB resolution errors were ignored (whenever possible)
for objects we were sending and receiving. This change tightens
outgoing objects MIB compliance (send will fail), but tolerate
non quite compliant objects we receive.
Also, extend the same policy onto `NotificationOriginator`.
|
|
|
|
|
| |
Added optional `ignoreErrors` parameter to `ObjectType.resolveWithMib()`
to control that behaviour.
|
|
|
|
| |
This fixes release 4.4.10 before it's actually released.
|
| |
|
|
|
|
|
|
|
|
|
| |
Most important changes include:
* Added subtree match negation support (vacmViewTreeFamilyType)
* Added subtree family mask support (vacmViewTreeFamilyMask)
* Added prefix content name matching support (vacmAccessContextMatch)
* Added key VACM tables caching for better lookup performance
|
|
|
|
|
| |
Fixed crash on uninitialized component serialization left out in
SNMP v1 TRAP PDU to SNMPv2/3 TRAP PDU translation routine.
|
| |
|
| |
|
|
|
|
|
|
|
| |
Set `var-bindings` to an empty sequence by default. Otherwise
it can remain a "pyasn1 schema object" failing to encode. This
can happen with newer pyasn1 versions where `SequenceOf` type
does not have default initializer.
|
|
|
|
| |
Also fixes bug in `imp`-based initialization
|
| |
|
| |
|
|
|
|
|
| |
Missing MIB condition has been ignored if MIB compiler is not
configured.
|
| |
|
|
|
|
|
| |
The sub-package is now known under the name `asyncore`
because of the presence of many other event loops.
|
|
|
|
| |
This patch massively reformats the whole codebase mainly wrapping
long lines and eliminating dundered private attributes.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Also, consistency ensuring code unified with v3arch piece what
has the side effect of *requiring* snmpTrapOID to be always
present anywhere among user-supplied variable-bindings.
|