Hi! I have upgraded about 20 boxes to current with the patch and everything works.
Rivo On 10/04/2017, 03:27, "Jeremie Courreges-Anglas" <j...@wxcvbn.org> wrote: Hi, when implementing support for multiple listening sockets, I broke AgentX support in a rather silly way. AgentX support is only used by relayd in base. Rivo Nurges (in cc) contacted me about this. Thanks to him and reyk@ for helping me reproduce the issue. The config below helps reproduce the problem. # cat /etc/snmpd.conf socket "/var/run/agentx.sock" agentx # cat /etc/relayd.conf snmp table <foo> { 127.0.0.1 } relay "bar" { listen on 0.0.0.0 port 1234 forward to <foo> check icmp } # There are two diffs below. The first part is the fix for the multiple socket support. The issue is that in control.c SNMP data is sent down the... AgentX socket. This obviously doesn't fly. We need to know which socket to use when sending SNMP replies, so let's store it in the snmp_message context (which already stores the remote and local addresses). Too obvious? The first problem tends to hide another bug: an uninitialized variable in trap.c. This fix was written by Rivo Nurges. Thoughts / ok? Index: control.c =================================================================== RCS file: /d/cvs/src/usr.sbin/snmpd/control.c,v retrieving revision 1.41 diff -u -p -r1.41 control.c --- control.c 9 Jan 2017 14:49:22 -0000 1.41 +++ control.c 9 Apr 2017 18:28:23 -0000 @@ -592,7 +592,7 @@ control_dispatch_agentx(int fd, short ev } } dispatch: - snmpe_dispatchmsg(msg, fd); + snmpe_dispatchmsg(msg); break; } Index: snmpd.h =================================================================== RCS file: /d/cvs/src/usr.sbin/snmpd/snmpd.h,v retrieving revision 1.74 diff -u -p -r1.74 snmpd.h --- snmpd.h 9 Jan 2017 14:49:22 -0000 1.74 +++ snmpd.h 9 Apr 2017 18:28:23 -0000 @@ -401,6 +401,7 @@ struct pfr_buffer { #define MSG_REPORT(m) (((m)->sm_flags & SNMP_MSGFLAG_REPORT) != 0) struct snmp_message { + int sm_sock; struct sockaddr_storage sm_ss; socklen_t sm_slen; char sm_host[HOST_NAME_MAX+1]; @@ -660,7 +661,7 @@ struct kif_arp *karp_getaddr(struct sock /* snmpe.c */ void snmpe(struct privsep *, struct privsep_proc *); void snmpe_shutdown(void); -void snmpe_dispatchmsg(struct snmp_message *, int); +void snmpe_dispatchmsg(struct snmp_message *); /* trap.c */ void trap_init(void); Index: snmpe.c =================================================================== RCS file: /d/cvs/src/usr.sbin/snmpd/snmpe.c,v retrieving revision 1.46 diff -u -p -r1.46 snmpe.c --- snmpe.c 18 Nov 2016 16:16:39 -0000 1.46 +++ snmpe.c 9 Apr 2017 18:28:23 -0000 @@ -42,7 +42,7 @@ void snmpe_init(struct privsep *, struct privsep_proc *, void *); int snmpe_parse(struct snmp_message *); int snmpe_parsevarbinds(struct snmp_message *); -void snmpe_response(int, struct snmp_message *); +void snmpe_response(struct snmp_message *); unsigned long snmpe_application(struct ber_element *); void snmpe_sig_handler(int sig, short, void *); @@ -489,6 +489,7 @@ snmpe_recvmsg(int fd, short sig, void *a if ((msg = calloc(1, sizeof(*msg))) == NULL) return; + msg->sm_sock = fd; msg->sm_slen = sizeof(msg->sm_ss); if ((len = recvfromto(fd, msg->sm_data, sizeof(msg->sm_data), 0, (struct sockaddr *)&msg->sm_ss, &msg->sm_slen, @@ -520,7 +521,7 @@ snmpe_recvmsg(int fd, short sig, void *a if (snmpe_parse(msg) == -1) { if (msg->sm_usmerr != 0 && MSG_REPORT(msg)) { usm_make_report(msg); - snmpe_response(fd, msg); + snmpe_response(msg); return; } else { snmp_msgfree(msg); @@ -528,22 +529,22 @@ snmpe_recvmsg(int fd, short sig, void *a } } - snmpe_dispatchmsg(msg, fd); + snmpe_dispatchmsg(msg); } void -snmpe_dispatchmsg(struct snmp_message *msg, int sock) +snmpe_dispatchmsg(struct snmp_message *msg) { if (snmpe_parsevarbinds(msg) == 1) return; /* not dispatched to subagent; respond directly */ msg->sm_context = SNMP_C_GETRESP; - snmpe_response(sock, msg); + snmpe_response(msg); } void -snmpe_response(int fd, struct snmp_message *msg) +snmpe_response(struct snmp_message *msg) { struct snmp_stats *stats = &snmpd_env->sc_stats; u_int8_t *ptr = NULL; @@ -580,7 +581,7 @@ snmpe_response(int fd, struct snmp_messa goto done; usm_finalize_digest(msg, ptr, len); - len = sendtofrom(fd, ptr, len, 0, + len = sendtofrom(msg->sm_sock, ptr, len, 0, (struct sockaddr *)&msg->sm_ss, msg->sm_slen, (struct sockaddr *)&msg->sm_local_ss, msg->sm_local_slen); if (len != -1) Index: trap.c =================================================================== RCS file: /d/cvs/src/usr.sbin/snmpd/trap.c,v retrieving revision 1.28 diff -u -p -r1.28 trap.c --- trap.c 9 Nov 2016 20:31:56 -0000 1.28 +++ trap.c 9 Apr 2017 18:28:23 -0000 @@ -70,6 +70,7 @@ trap_agentx(struct agentx_handle *h, str *varcpy = NULL; varbind = NULL; + iter = NULL; seensysuptime = seentrapoid = 0; if (pdu->hdr->flags & AGENTX_NON_DEFAULT_CONTEXT) { -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE