Comments (7)
jinxka
commented on June 19, 2024
The debug from the gem:
test.get(oid: '1.3.6.1.4.5.4.2.3')
sending request...
encoding PDU in V3 message...
3081 9d02 0103 3011 0204 6d09 9ab7 0203
00ff e304 0107 0201 0304 4330 4104 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0206 d304 0973 696d
756c 6174 6f72 040c 0000 0000 0000 0000
0000 0000 0408 0000 0000 0000 0001 0440
70d0 1b28 1dbf c65d 4465 673b 5f82 8811
13e5 4758 b427 6fb1 ea80 704b f3d3 1ac0
359c d324 7d4f 06fb 36ef 75b5 67ed e322
190b c518 9d85 cd4d 1b99 1d74 abfc 3f84
signing V3 message...
3081 9d02 0103 3011 0204 6d09 9ab7 0203
00ff e304 0107 0201 0304 4330 4104 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0206 d304 0973 696d
756c 6174 6f72 040c b470 ce19 e203 1b5e
3194 541a 0408 0000 0000 0000 0001 0440
70d0 1b28 1dbf c65d 4465 673b 5f82 8811
13e5 4758 b427 6fb1 ea80 704b f3d3 1ac0
359c d324 7d4f 06fb 36ef 75b5 67ed e322
190b c518 9d85 cd4d 1b99 1d74 abfc 3f84
received encoded V3 message
3081 9d02 0103 3011 0204 6d09 9ab7 0203
00ff e304 0103 0201 0304 4330 4104 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0207 3b04 0973 696d
756c 6174 6f72 040c b149 e9e1 0138 f491
cd64 63a6 0408 bfd4 264a e8c3 2ede 0440
e564 fdcf 1413 7e17 bcc7 2b46 c3ec c9f4
5765 2161 28ba 64d8 b33e 15bc fd63 115a
d8aa 7f57 cc73 f433 7d3c f00b 2c30 be5c
4f3b cff2 cfaf 6186 dfe7 29e5 1374 2318
received response PDU
=> 0
from ruby-netsnmp.
HoneyryderChuck
commented on June 19, 2024
hi @jinxka ,
Can you run the example above with NETSNMP_DEBUG=2 and post the payload here?
from ruby-netsnmp.
jinxka
commented on June 19, 2024
Hi @HoneyryderChuck ,
Thanks for the quick response, here is the payload:
test.get(oid: '1.3.6.1.4.5.4.2.3')
sending probe...
pdu: 3014
engine_id: 0400 ("")
context: 0400 ("")
request: a00e
request_id: 0204 5ed6 1523 ("1591088419")
error: 0201 ("0")
error_index: 0201 ("0")
varbinds: 3000
encoding PDU in V3 message...
security_params: 3023
engine_id: 0400 ("")
engine_boots: 0201 ("0")
engine_time: 0201 ("0")
username: 0409 7369 6d75 6c61 746f ("simulator")
auth_mask: 040c 0000 0000 0000 0000 0000 0000 ("\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000")
OctetString: 0400 ("")
v3_message: 3053
message_version: 0201 ("3")
headers: 3011
message_id: 0204 0203 aa4e ("33794638")
max_message_size: 0203 00ff ("65507")
message_flags: 0401 ("\x04")
security_model: 0201 ("3")
security_params: 0425 3023 0400 0201 0002 0100 0409 7369 6d75 6c61 746f 7204 0c00 0000 0000 0000 0000 0000 0004 ("0#\x04\x00\x02\x01\x00\x02\x01\x00\x04\tsimulator\x04\f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00")
pdu: 3014
engine_id: 0400 ("")
context: 0400 ("")
request: a00e
request_id: 0204 5ed6 1523 ("1591088419")
error: 0201 ("0")
error_index: 0201 ("0")
varbinds: 3000
3053 0201 0330 1102 0402 03aa 4e02 0300
ffe3 0401 0402 0103 0425 3023 0400 0201
0002 0100 0409 7369 6d75 6c61 746f 7204
0c00 0000 0000 0000 0000 0000 0004 0030
1404 0004 00a0 0e02 045e d615 2302 0100
0201 0030
received encoded V3 message
3081 8402 0103 3011 0204 0203 aa4e 0203
00ff e304 0100 0201 0304 3030 2e04 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0300 fcad 0409 7369
6d75 6c61 746f 7204 0004 0030 3a04 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0400 a81f 0204 5ed6 1523 0201
0002 0100 3011 300f 060a 2b06 0106 030f
0101 0400 4101
v3_message: 3081
message_version: 0201 ("3")
headers: 3011
Integer: 0204 0203 aa4e ("33794638")
Integer: 0203 00ff ("65507")
message_flags: 0401 ("\x00")
Integer: 0201 ("3")
security_params: 0430 302e 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c 8002 0102 0203 00fc ad04 0973 696d 756c 6174 6f72 0400 0400 ("0.\x04\x15\x80\x00O\xB8\x05947fc54f1903\x00\al\x80\x02\x01\x02\x02\x03\x00\xFC\xAD\x04\tsimulator\x04\x00\x04\x00")
pdu: 303a
OctetString: 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c ("\x80\x00O\xB8\x05947fc54f1903\x00\al\x80")
OctetString: 0400 ("")
ASN1Data: a81f
Integer: 0204 5ed6 1523 ("1591088419")
Integer: 0201 ("0")
Integer: 0201 ("0")
Sequence: 3011
Sequence: 300f
ObjectId: 060a 2b06 0106 030f 0101 0400 ("1.3.6.1.6.3.15.1.1.4.0")
ASN1Data: 4101
security_params: 302e
engine_id: 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c ("\x80\x00O\xB8\x05947fc54f1903\x00\al\x80")
engine_boots: 0201 ("2")
engine_time: 0203 00fc ("64685")
username: 0409 7369 6d75 6c61 746f ("simulator")
auth_param: 0400 ("")
priv_param: 0400 ("")
received response PDU
pdu: 3025
engine_id: 0400 ("")
context: 0400 ("")
request: a81f
request_id: 0204 5ed6 1523 ("1591088419")
error: 0201 ("0")
error_index: 0201 ("0")
varbinds: 3011
Sequence: 300f
ObjectId: 060a 2b06 0106 030f 0101 0400 ("1.3.6.1.6.3.15.1.1.4.0")
Integer: 0201 ("10")
sending request...
pdu: 303d
engine_id: 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c ("\x80\x00O\xB8\x05947fc54f1903\x00\al\x80")
context: 0406 7075 626c 6963 ("public")
request: a01c
request_id: 0204 357c d1ca ("897372618")
error: 0201 ("0")
error_index: 0201 ("0")
varbinds: 300e
Sequence: 300c
ObjectId: 0608 2b06 0104 0504 0203 ("1.3.6.1.4.5.4.2.3")
Null: 0500
encoding PDU in V3 message...
security_params: 3042
engine_id: 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c ("\x80\x00O\xB8\x05947fc54f1903\x00\al\x80")
engine_boots: 0201 ("2")
engine_time: 0203 00fc ("64685")
username: 0409 7369 6d75 6c61 746f ("simulator")
auth_mask: 040c 0000 0000 0000 0000 0000 0000 ("\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000")
salt: 0408 0000 0000 0000 0000 ("\x00\x00\x00\x00\x00\x00\x00\x00")
v3_message: 3081
message_version: 0201 ("3")
headers: 3011
message_id: 0204 6765 ee0e ("1734733326")
max_message_size: 0203 00ff ("65507")
message_flags: 0401 ("\a")
security_model: 0201 ("3")
security_params: 0444 3042 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c 8002 0102 0203 00fc ad04 0973 696d 756c 6174 6f72 040c 0000 0000 0000 0000 0000 0000 0408 0000 0000 0000 0000 ("0B\x04\x15\x80\x00O\xB8\x05947fc54f1903\x00\al\x80\x02\x01\x02\x02\x03\x00\xFC\xAD\x04\tsimulator\x04\f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\b\x00\x00\x00\x00\x00\x00\x00\x00")
encrypted_pdu: 0440 bdc6 73e0 9921 eb4f c79e 620a c9ef aa84 1888 13ff 60c7 0fc3 7bdd 03d7 78ff 264f ad61 8955 a854 8dfe e009 e116 f0b8 3201 d478 20d5 8ef0 b265 2d28 16a4 9a39 773b ("\xBD\xC6s\xE0\x99!\xEBO\xC7\x9Eb\n\xC9\xEF\xAA\x84\x18\x88\x13\xFF`\xC7\x0F\xC3{\xDD\x03\xD7x\xFF&O\xADa\x89U\xA8T\x8D\xFE\xE0\t\xE1\x16\xF0\xB82\x01\xD4x \xD5\x8E\xF0\xB2e-(\x16\xA4\x9A9w;")
3081 9e02 0103 3011 0204 6765 ee0e 0203
00ff e304 0107 0201 0304 4430 4204 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0300 fcad 0409 7369
6d75 6c61 746f 7204 0c00 0000 0000 0000
0000 0000 0004 0800 0000 0000 0000 0004
40bd c673 e099 21eb 4fc7 9e62 0ac9 efaa
8418 8813 ff60 c70f c37b dd03 d778 ff26
4fad 6189 55a8 548d fee0 09e1 16f0 b832
01d4 7820 d58e f0b2 652d 2816 a49a 3977
signing V3 message...
auth: 040c b169 8d9b e16d a96e 454c 9684 ("\xB1i\x8D\x9B\xE1m\xA9nEL\x96\x84")
3081 9e02 0103 3011 0204 6765 ee0e 0203
00ff e304 0107 0201 0304 4430 4204 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0300 fcad 0409 7369
6d75 6c61 746f 7204 0cb1 698d 9be1 6da9
6e45 4c96 8404 0800 0000 0000 0000 0004
40bd c673 e099 21eb 4fc7 9e62 0ac9 efaa
8418 8813 ff60 c70f c37b dd03 d778 ff26
4fad 6189 55a8 548d fee0 09e1 16f0 b832
01d4 7820 d58e f0b2 652d 2816 a49a 3977
received encoded V3 message
3081 9e02 0103 3011 0204 6765 ee0e 0203
00ff e304 0103 0201 0304 4430 4204 1580
004f b805 3934 3766 6335 3466 3139 3033
0007 6c80 0201 0202 0300 fcad 0409 7369
6d75 6c61 746f 7204 0c89 b4cf 0fde b440
890d 4a84 fc04 08bf d426 4ae8 c32e df04
40e9 ec53 708e dad9 62c2 8a2f be5b 9bb2
6863 4643 78cc cc98 3870 dc50 0cd7 739a
d0cc e617 0946 4bd2 6b27 c08c 280a 7b03
93ff d679 d0b1 c1dc 812c c64c 9281 51fd
v3_message: 3081
message_version: 0201 ("3")
headers: 3011
Integer: 0204 6765 ee0e ("1734733326")
Integer: 0203 00ff ("65507")
message_flags: 0401 ("\x03")
Integer: 0201 ("3")
security_params: 0444 3042 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c 8002 0102 0203 00fc ad04 0973 696d 756c 6174 6f72 040c 89b4 cf0f deb4 4089 0d4a 84fc 0408 bfd4 264a e8c3 2edf ("0B\x04\x15\x80\x00O\xB8\x05947fc54f1903\x00\al\x80\x02\x01\x02\x02\x03\x00\xFC\xAD\x04\tsimulator\x04\f\x89\xB4\xCF\x0F\xDE\xB4@\x89\rJ\x84\xFC\x04\b\xBF\xD4&J\xE8\xC3.\xDF")
pdu: 0440 e9ec 5370 8eda d962 c28a 2fbe 5b9b b268 6346 4378 cccc 9838 70dc 500c d773 9ad0 cce6 1709 464b d26b 27c0 8c28 0a7b 0393 ffd6 79d0 b1c1 dc81 2cc6 4c92 8151 fd72 ("\xE9\xECSp\x8E\xDA\xD9b\xC2\x8A/\xBE[\x9B\xB2hcFCx\xCC\xCC\x988p\xDCP\f\xD7s\x9A\xD0\xCC\xE6\x17\tFK\xD2k'\xC0\x8C(\n{\x03\x93\xFF\xD6y\xD0\xB1\xC1\xDC\x81,\xC6L\x92\x81Q\xFDr")
security_params: 3042
engine_id: 0415 8000 4fb8 0539 3437 6663 3534 6631 3930 3300 076c ("\x80\x00O\xB8\x05947fc54f1903\x00\al\x80")
engine_boots: 0201 ("2")
engine_time: 0203 00fc ("64685")
username: 0409 7369 6d75 6c61 746f ("simulator")
auth_param: 040c 89b4 cf0f deb4 4089 0d4a 84fc ("\x89\xB4\xCF\x0F\xDE\xB4@\x89\rJ\x84\xFC")
priv_param: 0408 bfd4 264a e8c3 2edf ("\xBF\xD4&J\xE8\xC3.\xDF")
received response PDU
pdu: 3023
engine_id: 0400 ("")
context: 0400 ("")
request: a21d
request_id: 0204 357c d1ca ("897372618")
error: 0201 ("0")
error_index: 0201 ("0")
varbinds: 300f
Sequence: 300d
ObjectId: 0608 2b06 0104 0504 0203 ("1.3.6.1.4.5.4.2.3")
Integer: 0201 ("0")
=> 0
from ruby-netsnmp.
HoneyryderChuck
commented on June 19, 2024
Ok, so if I interpret this correctly, you send the "1.3.6.1.4.5.4.2.3" OID, and expect smth else than 0 (0 here probably meaning, "nothing is defined").
I believe this is a corner case which will be difficult to resolve due to the relative limited capabilities of netsnmp's MIB parser, which is currently only used to provide a translation from "mib to OID", but not to infer semantics about the particular object to be received, which is what most robust MIB parsers do.
So I assume that, if you inspect the mib file for "iso.3.6.1.4.5.4.2.3", you'll see the object definition stating that the response should return an IPAddress (feel free to paste it here for documentation purposes). So net-snmp does the right thing by analysing the Object MIB, expecting an IPAddress, seeing 0 and returning an error, whereas netsnmp doesn't do this, and just returns the value (0).
I think you can workaround it by testing the returned value type, if you know it must be an IP Address:
val = test.get(oid: '1.3.6.1.4.5.4.2.3')
raise "no ip" unless val.is_a?(IPAddr)I could provide this check as a "feature", i.e.:
val = test.get(oid: '1.3.6.1.4.5.4.2.3', value_type: :ipaddress) # would raise exception unless ipaddress ASN type would be returnedBut doesn't look very valuable, considering that the workaround is quite short to write.
The real improvement would be to put in the time to improve the MIB parser in order to collect Object types information that could be used for validation purposes, unfortunately I don't have the time to work on it (writing the existing MIB parser was already quite involved as is).
from ruby-netsnmp.
jinxka
commented on June 19, 2024
Hello,
I did some research and the usual error IPAddr::AddressFamilyError we get when retrieving a non-existent oid comes from:
ruby-netsnmp/lib/netsnmp/varbind.rb
Line 118 in 5ee6894
I tested the gem with a "valid" device (which raises an error when retrieving a non-existent oid) and the convert_application_asn receives:
#<OpenSSL::ASN1::ASN1Data:0x000055bb9e6c8f40 @tag=0, @value="", @tag_class=:CONTEXT_SPECIFIC, @indefinite_length=false>
When tag=0 the gem tries to do IPAddr.new_ntoh(asn.value) with asn.value="" which is not a valid IpAddress, so an error is raised.
With the "faulty" device, the method receives:
#<OpenSSL::ASN1::ASN1Data:0x000055bb9e493dd8 @tag=1, @value="", @tag_class=:CONTEXT_SPECIFIC, @indefinite_length=false>.
But with tag=1, the method does unpack_32bit_integer(asn.value) instead of IPAddr.new_ntoh(asn.value) which obviously doesn't raise an error and returns 0.
I don't think the method convert_application_asn should handle ASN with an empty value.
I propose to add a validation in the method to check the value and raise an error like No Such Object available on this agent at this OID if it's empty.
@HoneyryderChuck What do you think?
from ruby-netsnmp.
HoneyryderChuck
commented on June 19, 2024
ok, I see now. They're both faulty, i.e. the first one should have also raised the same error instead of "error parsing IPAddress".
For documentation sake, netsnmp only does what the rfc mandates, i.e. for application-specific OID data:
-- (this is a tagged type for historical reasons)
IpAddress ::=
[APPLICATION 0]
IMPLICIT OCTET STRING (SIZE (4))
-- this wraps
Counter32 ::=
[APPLICATION 1]
IMPLICIT INTEGER (0..4294967295)
-- this doesn't wrap
Gauge32 ::=
[APPLICATION 2]
IMPLICIT INTEGER (0..4294967295)
-- an unsigned 32-bit quantity
-- indistinguishable from Gauge32
Unsigned32 ::=
[APPLICATION 2]
IMPLICIT INTEGER (0..4294967295)
-- hundredths of seconds since an epoch
TimeTicks ::=
[APPLICATION 3]
IMPLICIT INTEGER (0..4294967295)
-- for backward-compatibility only
Opaque ::=
[APPLICATION 4]
IMPLICIT OCTET STRING
-- for counters that wrap in less than one hour with only 32 bits
Counter64 ::=
[APPLICATION 6]
IMPLICIT INTEGER (0..18446744073709551615)
so 0 means ipaddress, 1 means counter32. However, since both come "empty", both are wrong, and the error you mention should then be raised if there's nothing to unpack.
Could you then submit a patch for it? I think it's fine.
from ruby-netsnmp.
HoneyryderChuck
commented on June 19, 2024
released v0.6.3.
from ruby-netsnmp.
Related Issues (20)
- Counter32 and Counter64 Values Issue HOT 5
- Counter64 OID Values Are Returned as nil HOT 6
- Certain gauge / counter32 values are being encoded incorrectly HOT 11
- HMAC-SHA-2 Authentication Protocols in the User-based Security Model (USM) for SNMPv3 HOT 2
- SNMPSet two different OIDs in one request command? HOT 5
- MIB parser
- SNMPv3 with DES and MD5 fails: invalid message authentication salt HOT 31
- Different encoding of results HOT 2
- Bug AES decrypt when salt is empty HOT 1
- Cannot load MIB file HOT 10
- The gem does not recognize authentication failures HOT 2
- Occasional "Decryption error" with SNMPv3 HOT 14
- Not working with v1 (maybe) HOT 15
- uninitialized constant Socket::MSG_NOSIGNAL HOT 4
- passkey calculation into c extension
- SNMPv3 not working with APC UPS HOT 11
- V3 cannot parse TROPIC-GLOBAL-MIB HOT 2
- Cisco Mibs Brake when using mib names HOT 19
- SNMPV3. Failing to load some legacy MIBs. HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ruby-netsnmp.