fix to authoritative engine side snmpEngineID discovery procedure:

respond with notInTimeWindows rather then with unsupportedSecurityLevel at time synchronization phase
author: elie <elie> 2014-04-23 11:53:49 +0000
committer: elie <elie> 2014-04-23 11:53:49 +0000
commit: 70caa4259ac547d412af41d6c00212a3c8ff1d3c (patch)
tree: 5132e52e70b63a0fd6a944d969856a63a742dd73
parent: 11082b31367810bc736562872418a6be5fe89aa6 (diff)
download: pysnmp-70caa4259ac547d412af41d6c00212a3c8ff1d3c.tar.gz
2 files changed, 14 insertions, 8 deletions
diff --git a/CHANGES b/CHANGES
index 9b86d8e..6f75ac3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -55,6 +55,9 @@ Revision 4.2.6rc0
   be reused with many different snmpEngines.
 - Multiple fixes to verify pyasn1 decoder.decode() return to withstand
   broken SNMP messages or its components.
+- Fix to authoritative engine side snmpEngineID discovery procedure: 
+  respond with notInTimeWindows rather then with unsupportedSecurityLevel
+  at time synchronization phase.
 - Fix to rfc1902.Bits type to make it accepting hex and binary initializers,
   cope with missing bits identifieirs at prettyPrint().
 - Memory leak fixed in CommandForwarder examples.
@@ -275,7 +278,7 @@ Revision 4.2.3
 --------------
 
 - SECURITY FIX: USM subsystem did not verify securityLevel of a request
-  to an authoritative SNMP engineinbound against auth/priv protocols
+  to an authoritative SNMP engine against auth/priv protocols
   configured for the user in question. That allowed unauthenticated/unciphered
   access to pysnmp-based Agent even if USM user is configured to provide one.
 - Oneliner [Asyn]CommandGenerator now supports optional keyword args
diff --git a/pysnmp/proto/secmod/rfc3414/service.py b/pysnmp/proto/secmod/rfc3414/service.py
index 4c1087b..ecfe474 100644
--- a/pysnmp/proto/secmod/rfc3414/service.py
+++ b/pysnmp/proto/secmod/rfc3414/service.py
@@ -638,14 +638,15 @@ class SnmpUSMSecurityModel(AbstractSecurityModel):
         # 3.2.3
         if msgAuthoritativeEngineID not in self.__timeline:
             debug.logger & debug.flagSM and debug.logger('processIncomingMsg: unknown securityEngineID %r' % (msgAuthoritativeEngineID,))
-            if not msgAuthoritativeEngineID:
+            if not msgAuthoritativeEngineID or  \
+                    not 4 < len(msgAuthoritativeEngineID) < 33:
                 # 3.2.3b
                 usmStatsUnknownEngineIDs, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('__SNMP-USER-BASED-SM-MIB', 'usmStatsUnknownEngineIDs')
                 usmStatsUnknownEngineIDs.syntax = usmStatsUnknownEngineIDs.syntax+1
-                debug.logger & debug.flagSM and debug.logger('processIncomingMsg: null securityEngineID')
+                debug.logger & debug.flagSM and debug.logger('processIncomingMsg: null or malformed msgAuthoritativeEngineID')
                 pysnmpUsmDiscoverable, = snmpEngine.msgAndPduDsp.mibInstrumController.mibBuilder.importSymbols('__PYSNMP-USM-MIB', 'pysnmpUsmDiscoverable')
                 if pysnmpUsmDiscoverable.syntax:
-                    debug.logger & debug.flagSM and debug.logger('processIncomingMsg: request EngineID discovery')
+                    debug.logger & debug.flagSM and debug.logger('processIncomingMsg: starting snmpEngineID discovery procedure')
 
                     # Report original contextName
                     if scopedPduData.getName() != 'plaintext':
@@ -756,6 +757,9 @@ class SnmpUSMSecurityModel(AbstractSecurityModel):
             usmUserPrivKeyLocalized=usmUserPrivKeyLocalized
         )
 
+        msgAuthoritativeEngineBoots = securityParameters.getComponentByPosition(1)
+        msgAuthoritativeEngineTime = securityParameters.getComponentByPosition(2)
+
         # 3.2.5
         if msgAuthoritativeEngineID == snmpEngineID:
             # Authoritative SNMP engine: make sure securityLevel is sufficient
@@ -769,7 +773,9 @@ class SnmpUSMSecurityModel(AbstractSecurityModel):
                 if usmUserAuthProtocol == noauth.NoAuth.serviceID:
                     __badSecIndication = 'authNoPriv wanted while auth not expected'
                 if usmUserPrivProtocol != nopriv.NoPriv.serviceID:
-                    __badSecIndication = 'authNoPriv wanted while priv expected'
+                    # 4 (discovery phase always uses authenticated messages)
+                    if msgAuthoritativeEngineBoots or msgAuthoritativeEngineTime:
+                        __badSecIndication = 'authNoPriv wanted while priv expected'
 
             elif securityLevel == 1:
                 if usmUserAuthProtocol != noauth.NoAuth.serviceID:
@@ -864,9 +870,6 @@ class SnmpUSMSecurityModel(AbstractSecurityModel):
                 else:
                     raise error.ProtocolError('Peer SNMP engine info missing')
 
-            msgAuthoritativeEngineBoots = securityParameters.getComponentByPosition(1)
-            msgAuthoritativeEngineTime = securityParameters.getComponentByPosition(2)
-
             # 3.2.7a
             if msgAuthoritativeEngineID == snmpEngineID:
                 if snmpEngineBoots == 2147483647 or \
author	elie <elie>	2014-04-23 11:53:49 +0000
committer	elie <elie>	2014-04-23 11:53:49 +0000
commit	70caa4259ac547d412af41d6c00212a3c8ff1d3c (patch)
tree	5132e52e70b63a0fd6a944d969856a63a742dd73
parent	11082b31367810bc736562872418a6be5fe89aa6 (diff)
download	pysnmp-70caa4259ac547d412af41d6c00212a3c8ff1d3c.tar.gz