php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #61197 SNMPv3 cannot connect after reboot
Submitted: 2012-02-27 21:17 UTC Modified: 2012-03-18 18:29 UTC
From: markn at ieee dot org Assigned: lytboris (profile)
Status: Not a bug Package: SNMP related
PHP Version: Irrelevant OS: Irrelevant
Private report: No CVE-ID: None
 [2012-02-27 21:17 UTC] markn at ieee dot org
Description:
------------
Under certain conditions, it is not possible to reconnect to a device that has 
rebooted while using SNMPv3.

This happens if a PHP script is connecting with authNoPriv or authPriv.

After the device reboots, PHP's SNMPv3 routines do not take note of the modified 
msgAuthoritativeEngineReboots count and the modified msgAuthoritativeEngineTime 
values - they continue trying to use the old values, and as a result are never 
able to communicate after a reboot.

During device maintenance, it is often necessary to reboot a device - such as 
after a firmware upgrade. So this is actually something that is needed.

Basically, there needs to be a way to discard existing session information.

Test script:
---------------
<?php
for ( ; ; ) {
$result =
snmp3_get( "192.168.1.1",
           "admin",
           "authNoPriv",
           "MD5",
           "Password01",
           "DES",
           "ciscocisco",
           "1.3.6.1.2.1.47.1.1.1.1.2.1",
           500000,
           0 );
var_dump( $result );
sleep(30);
}
?>

Expected result:
----------------
Run this script, verify that it successfully reads the data. Reboot the device and 
see that it is unable to read the data after the device is back up. Use Wireshark 
to observe that the boot count and time values have changed, but the PHP SNMP 
routines ignore the new values.



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-02-27 21:31 UTC] markn at ieee dot org
-: markn@iee.org +: markn at ieee dot org
 [2012-02-27 21:31 UTC] markn at ieee dot org
wrong email address. bad day at the keyboard.
 [2012-03-18 18:29 UTC] lytboris@php.net
-Status: Open +Status: Not a bug -Operating System: Linux +Operating System: Irrelevant -Assigned To: +Assigned To: lytboris
 [2012-03-18 18:29 UTC] lytboris@php.net
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

This is bug in Net-SNMP library: you can try this simple script as a proof that snmpwalk has the same flaw:
snmpwalk -v3 -l authNoPriv -a MD5 -u admin -A Password01 192.168.1.1 . >out &;sleep 0.2; /etc/init.d/snmpd restart

Basically this engine* stuff should be maintained in SNMP-library itself: php-snmp does not specify (and maintain) these variables at all.
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Wed Sep 23 04:01:25 2020 UTC