php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #37564 php-snmp with AES is broken
Submitted: 2006-05-23 17:53 UTC Modified: 2006-07-26 23:57 UTC
Votes:2
Avg. Score:4.5 ± 0.5
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: scott dot moynes+php at gmail dot com Assigned:
Status: Closed Package: SNMP related
PHP Version: 5.1.4 OS:
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: scott dot moynes+php at gmail dot com
New email:
PHP Version: OS:

 

 [2006-05-23 17:53 UTC] scott dot moynes+php at gmail dot com
Description:
------------
A bug in the source of php-snmp causes use of AES privacy encryption impossible.

Reproduce code:
---------------
//Assuming snmpd is configured appropriately for the user

$result = snmp3_walk("localhost", "user", "authPriv", "sha", "passphrase", "AES", "passphrase",  "system", 1000000, 10);
print_r($result);

Expected result:
----------------
//The output of the system OID
Array
(
  [0] => STRING: Linux smoynes 2.6.11.4-21.10-smp #1 SMP Tue Nov 29 14:32:49 UTC 2005 i686
...
)


Actual result:
--------------
PHP Warning:  %v%v(): An error occurred, quitting in aes_test.php on line 3


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-05-23 18:10 UTC] scott dot moynes+php at gmail dot com
In snmp.c, one cannot use the OIDSIZE macro for the usmAES128PrivProtocol symbol because it is defined as a oid pointer to usmAESPrivProtocol, not an oid array.
The fix is to change all OIDSIZE(usmAES128PrivProtocol) expressions to USM_PRIV_PROTO_AES_LEN.
This is with net-snmp; not sure about ucd-snmp.
 [2006-05-24 06:41 UTC] tony2001@php.net
We would appreciate a patch in unified diff format.
 [2006-05-24 14:15 UTC] scott dot moynes+php at gmail dot com
diff -ru php-5.1.4/ext/snmp/snmp.c php-5.1.4-cbn/ext/snmp/snmp.c
--- php-5.1.4/ext/snmp/snmp.c   2006-01-01 07:50:13.000000000 -0500
+++ php-5.1.4-cbn/ext/snmp/snmp.c       2006-05-24 10:12:40.000000000 -0400
@@ -831,10 +831,13 @@
 *
 * As we want this extension to compile on both versions, we use the latter
 * symbol on purpose, as it's defined to be the same as the former.
+*
+* However, in 5.2 the type of usmAES128PrivProtocol is a pointer, not an
+* array, so we cannot use the OIDSIZE macro because it uses sizeof().
 */
                        || !strcasecmp(prot, "AES")) {
                        s->securityPrivProto = usmAES128PrivProtocol;
-                       s->securityPrivProtoLen = OIDSIZE(usmAES128PrivProtocol);
+                       s->securityPrivProtoLen = USM_PRIV_PROTO_AES128_LEN;
                        return (0);
 #else
                ) {
 [2006-05-24 17:38 UTC] tony2001@php.net
From what I can see with this patch you're breaking support of SNMP < 5.2. Am I right?
 [2006-05-24 18:55 UTC] scott dot moynes+php at gmail dot com
I cannot confirm without compiling and my employer is not paying me to do that.

However, I do not think so. The patch only modifies the code within the #ifdef SNMP_VALIDATE_ERROR block and that macro was introduced in net-snmp 5.2; the #else block for net-snmp < 5.2 remains unchanged. By inspection of the source code of net-snmp 5.1, I have ensured that the OIDSIZE macro is appropriate for those releases, ie. usmAES128PrivProtocol is an array of oid values.

I have not confirmed that it does not create a compatibility problem for ucd-snmp, but I do not think so because it does not support AES and so the HAVE_AES macro will not be set.

So, by exhaustion of cases, I believe this patch does not break compatibility.
 [2006-07-26 23:57 UTC] sniper@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Oct 07 12:01:27 2024 UTC