A recent change of mine initialized the certificate data stores in the
init_agent call, instead of trying to guess the app type in init_snmp. I put
it right above the other module inits, which unfortunately was right after the
return if the mode is agentx subagent. This means that the init function
doesn't get called for snmptrapd, and thus breaks (D)TLS, as the config token
to map fingerprints to security names is not recognized/parsed. The simple
fix is to move the function call up a few lines.
diff --git a/net-snmp/agent/snmp_vars.c b/net-snmp/agent/snmp_vars.c
index de8f959..8d91ea8 100644
--- a/net-snmp/agent/snmp_vars.c
+++ b/net-snmp/agent/snmp_vars.c
@@ -330,6 +330,11 @@ init_agent(const char *app)
init_perl();
#endif
+#if defined(NETSNMP_USE_OPENSSL) && defined(HAVE_LIBSSL)
+ /** init secname mapping */
+ netsnmp_certs_agent_init();
+#endif
+
#ifdef USING_AGENTX_SUBAGENT_MODULE
/*
* don't init agent modules for a sub-agent
@@ -339,11 +344,6 @@ init_agent(const char *app)
return r;
#endif
-#if defined(NETSNMP_USE_OPENSSL) && defined(HAVE_LIBSSL)
- /** init secname mapping */
- netsnmp_certs_agent_init();
-#endif
-
# include "agent_module_inits.h"
return r;
------------------------------------------------------------------------------
What happens now with your Lotus Notes apps - do you make another costly
upgrade, or settle for being marooned without product support? Time to move
off Lotus Notes and onto the cloud with Force.com, apps are easier to build,
use, and manage than apps on traditional platforms. Sign up for the Lotus
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
