I have a question, and I found it asked before but not answered
satisfactorily. Can anyone shed some light on this for me? It looks like
in the code that in a message received the sec level bits only matter
for validation when they are set --in other words, privacy & auth
protocols are only checked when the appropriate secLevel is set
(specifically in usm_check_secLevel() - snmpusm.c). But if the bits are
not set, then the noAuthnoPriv message is accepted no matter what.
Is this the way it's meant to be, and am I reading this right? It seems
like it would defeat the purpose of a user setup for privacy if the
parsing/validation allowed noAuthnoPriv messages to be validated
successfully as well. I would expect a noAuthnoPriv message sent to a
user setup with SHA/AES to be rejected, but I'm seeing it accepted.
-----------
Brett Szudy
------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
