usmAddUserName v usmAddUser

Frank Fock Frank.Fock____t-online.de
Mon Sep 23 20:48:08 CEST 2002 

Hi Doc,

It is indeed very simple :-) When you are using
usm->add_localized_user(..)
you must provide *keys* not passwords. "meauth"
is obviously not a MD5 hash with a length of 64 bytes!

Please localize the passwords with the remote engine ID
(MD5 hash password+engineID+padding) with apPasswordToKeyMD5
first.

Hope this helps (finally ;-)

Best regards,
Frank

D. R. Evans wrote:
> On 21 Sep 2002 at 13:10, Frank Fock wrote:
> 
> 
>>Hi,
>>
>>Please take a look at the latest SNMP++, which is version 3.2.1b.
> 
> 
> Hmmm.... I am now using the new code, but getting the same result. This 
> almost certainly means that I'm doing something really stupid, so now I'm 
> floundering through the logs trying to figure out what could possibly be 
> going wrong in what should be a simple Inform/Response exchange.
> 
> In both snmpInform.cpp and receive_trap.cpp I have simply added:
> 
> usm->add_localized_user((unsigned char*)<other side's engineid>,
>                      strlen(<other side's engineid>),
>             (unsigned char*)"meauthnopriv", strlen("meauthnopriv"),  
>             (unsigned char*)"meauthnopriv", strlen("meauthnopriv"),
>             SNMPv3_usmHMACMD5AuthProtocol, (unsigned char*)"meauth",
>             strlen("meauth"), 
>             SNMPv3_usmNoPrivProtocol, (unsigned char*)"",
>             strlen(""));
> 
> So this should mean (I think) that both sides know how to send messages for 
> the user on the other side. 
> 
> I have full logging enabled on both processes.
> 
> When I send the following Inform:
> 
> snmpInform 127.0.0.1 -v3 -p10162 -sl2 -md5 -snmeauthnopriv
> 
> the following appears close to the end of the snmpInform log:
> 
> mp finished (OK)
> receive_snmp_response: engine_id (receive_trap), security_name 
> (meauthnopriv), security_model (3), security_level (1)
>  addtoengineidtable: (127.0.0.1/10162)
> receive_snmp_response requestID = 10971, returning SUCCESS.
> received oid: 1.3.6.1.6.3.15.1.1.3.0 with value: 2
> SNMPv3: USM: Unknown SecurityName
> 
> -----
> 
> The snmpBuild function on the snmpInform returns the non-error response, 
> and the snmpInform process happily sends the Inform.
> 
> The first sign that there is an error in the receive_trap log is:
> 
> usmAddUser: Adding user (meauthnopriv) engine_id (InformSender).
> ++ SNMP++: data received from 127.0.0.1/1783.
> 30 82 00 42  02 01 03 30  82 00 0F 02  03 19 00 00  
> 02 02 10 00  04 01 04 02  01 03 04 12  30 82 00 0E  
> 04 00 02 01  00 02 01 00  04 00 04 00  04 00 30 82  
> 00 14 04 00  04 00 A6 0E  02 02 59 B1  02 01 00 02  
> 01 00 30 82  00 00 
> mp is parsing incoming message:
> Parsing length = 42
> Parsing version = 0x3
> Parsing globalDataLength = 0xf
> Parsing msgID = 0x190000
> Parsing msgMaxSize = 0x1000
> Parsing msgFlags = 0x4
> Parsing msgSecurityModel = 0x3
> Parsing msgSecurityParameters with length = 0x12
> Parsing msgdata with length = 0x18
> Parsing securityParametersLength = 0xe
> Parsing securityEngineID, length = 0x0
> Parsing engineBoots = 0x0
> Parsing engineTime = 0x0
> Parsing usmUserName, length = 0x0
> Parsing msgAuthenticationParameters, length = 0x0
> Parsing msgPrivacyParameters, length = 0x0
> USM: EngineID unknown
> mp: error while executing USM::process_msg
> ErrorCode is -1406
> 
> This looks really bad.
> 
> Can anyone enlighten me as to what's going wrong? (I expect that it's 
> something very simple, but I sure don't understand what the problem is.)
> 
>   Doc Evans
> 
>

More information about the AGENTPP mailing list