[AGENT++] BER incompatibilty issue in SNMP++

Frank Fock fock at agentpp.com
Tue Mar 16 18:52:30 CET 2004 

Hi Henning,

Using the long form length for encoding BER sequences is totally
legal and decoding of such messages *must* be supported by
any SNMP compliant agent.

Using the long length can improve the performance of the encoding
process. That's why it has been used in SNMP++. 
There are a few broken SNMP APIs around there, that do not support
long length. That's why we tried to avoid it in SNMP++ (it seems that
we missed a few places) and we do not use them in SNMP4J.  Ideally,
the best performance for encoding BER is achieved, when the byte
stream is encoded from back to forth. But with this approach, always
the maximum buffer size used (needs to be allocated) for encoding the
message. In SNMP4J we decided to take another approach that
calculates most length in advance.

Best regards,
Frank

Henning Eggers wrote:

>Hi!
>I call this an "issue" (MS-style) because I am not sure if this is actually
>against the BERules or if the device in question does not implement them
>properly. Here is the issue:
>
>We had a device that did not answer to GET requests from SNMP++ but answered
>to others, like MIB-Explorer. I examined the requests and found that the
>only difference between them was that certain Length-fields were encoded in
>the long style when they could have been encoded in short style (length
>smaller than 0x80). After fixing this in SNMP++ the device did answer
>properly.
>
>The problem was in asn_build_sequence that always used long type length
>encoding (2 bytes) and snmp_build_var_op that assumed that
>asn_build_sequence did it this way. The problem here is that encoding a
>sequence requires to insert the length of the sequence before it gets
>actually calculated. The best way to solve this is to build the sequence in
>a temporary buffer, then to encode the sequence header and length (using
>asn_build_sequence) and finally to memcpy from the temp buffer behind the
>sequence header+length. Most functions using asn_build_sequence do it this
>way, except for snmp_build_var_op and snmp_auth_build. I corrected the first
>and added a comment to the latter because it calculates the sequence length
>beforehand assuming that the community string won't be longer than 0x7f.
>That seems to be a fairly safe guess.
>
>As I stated in the beginning I am not sure if a BER implementation is
>REQUIRED to always use the shortest encoding possible for the length field
>or if the agent should simply accept both styles, no matter if this is
>nescessary or not.
>
>I attached a diff-file for the asn1.cpp file from snmp++v3.2.10a that
>contains all the changes.
>
>Greetings,
>Henning Eggers
>
>
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>AGENTPP mailing list
>AGENTPP at agentpp.org
>http://agentpp.org/mailman/listinfo/agentpp
>  
>

More information about the AGENTPP mailing list