[lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RF

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RF

From:	xuguizhou
Subject:	[lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RFC3414
Date:	Tue, 16 Jan 2018 07:12:22 -0500 (EST)
User-agent:	Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36

URL:
  <http://savannah.nongnu.org/bugs/?52911>

                 Summary: SNMPv3 time window check is not the same as RFC3414
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: xuguizhou
            Submitted on: Tue 16 Jan 2018 12:12:20 PM UTC
                Category: None
                Severity: 3 - Normal
              Item Group: Change Request
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None
            lwIP version: 2.0.3

    _______________________________________________________

Details:

In RFC3414 PAGE 27
   7)  If the securityLevel indicates an authenticated message, then the
       local values of snmpEngineBoots, snmpEngineTime and
       latestReceivedEngineTime corresponding to the value of the
       msgAuthoritativeEngineID field are extracted from the Local
       Configuration Datastore.

       a) If the extracted value of msgAuthoritativeEngineID is the same
          as the value of snmpEngineID of the processing SNMP engine
          (meaning this is the authoritative SNMP engine), then if any
          of the following conditions is true, then the message is
          considered to be outside of the Time Window:

          - the local value of snmpEngineBoots is 2147483647;

          - the value of the msgAuthoritativeEngineBoots field differs
            from the local value of snmpEngineBoots; or,

          - the value of the msgAuthoritativeEngineTime field differs
            from the local notion of snmpEngineTime by more than +/- 150
            seconds.

The time window should be +/- 150 seconds by local notion of snmpEngineTime.
So the msg_authoritative_engine_time check should be as follow:
snmp_msg.c
1050: if (request->msg_authoritative_engine_time > (time + 150))

Or see attach picture.





    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Tue 16 Jan 2018 12:12:20 PM UTC  Name: 1516104422.jpg  Size: 22KiB   By:
xuguizhou

<http://savannah.nongnu.org/bugs/download.php?file_id=42924>

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?52911>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RFC3414, xuguizhou <=
- [lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RFC3414, Dirk Ziegelmeier, 2018/01/16

Prev by Date: [lwip-devel] [bug #52902] memory leaks and more in altcp_tls_create_config_*
Next by Date: [lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RFC3414
Previous by thread: [lwip-devel] [patch #9430] altcp API multiples fixes
Next by thread: [lwip-devel] [bug #52911] SNMPv3 time window check is not the same as RFC3414
Index(es):
- Date
- Thread