| Age | Commit message (Collapse) | Author |
|---|
|
Dear all,
it's almost a year since I sent the patch attached to this e-mail, and I
just found out that I have not yet gotten a response to it.
I would consider this patch important because it fixes an issue with the
interpretation of data that might be critical for SNMPv3 operation. I
confirmed at that time that erlangs interpretation of
vacmViewTreeFamilyMask is indeed not interoperable with other SNMP
stacks.
Kind regards,
> > > the implementation of SNMP-VIEW-BASED-ACM.mib assumes that the input for
> > > vacmViewTreeFamilyMask is an OID consisting of 1's and 0's only to form
> > > the mask. However, the MIB states that the input should be a bitstring.
> > >
> > > The OID representation of the mask is useful in the code as it speeds up
> > > time-critical code paths when checking access permissions for EACH SNMP
> > > access. Reading/writing the view mask objects is less time-critical.
> > >
> > > Therefore, to fix the issue, convert between OID representation and
> > > bitstring when the vacmViewTreeFamilyMask objects are accessed. This is
> > > done by the patch attached to this e-mail.
>
>
> I'm very sorry for the troubles that I am causing but it seems that the
> previous version of the patch did more than it should: the OID-bitstring
> conversion was also applied to other tables in the same MIB on
> get/get-next requests.
>
> The version of the patch that is attached to this e-mail restricts the
> OID-bitstring conversion to vacmViewTreeFamilyMask alone.
--
Dr. Stefan Zegenhagen
arcutronix GmbH
Garbsener Landstr. 10
30419 Hannover
Germany
Tel: +49 511 277-2734
Fax: +49 511 277-2709
Email: [email protected]
Web: www.arcutronix.com
*Synchronize the Ethernet*
General Managers: Dipl. Ing. Juergen Schroeder, Dr. Josef Gfrerer -
Legal Form: GmbH, Registered office: Hannover, HRB 202442, Amtsgericht
Hannover; Ust-Id: DE257551767.
Please consider the environment before printing this message.
>From aa2acfb8a0b5ae05fc5ba982d78ee5607384a2be Mon Sep 17 00:00:00 2001
From: Stefan Zegenhagen <[email protected]>
Date: Wed, 1 Aug 2012 09:56:15 +0200
Subject: [PATCH] bugfix for vacmViewTreeFamilyMask
The vacmViewTreeFamilyMask is defined to be a bit string in the MIB, not
an OID. However, the MIB implementation assumed the latter, effectively
rendering all attempts to read/set masks via SNMP unsuccessful.
Since the mask is used in hot paths (e.g. access permission checks for
each SNMP operation, the OID representation of the mask has benefits
(e.g. faster processing). Therefore, convert the bitstring to/from its
OID representation when reading/setting any mask object.
|
|
* dgud/mnesia-unsubscribe-fix:
mnesia: Fix (timing issue) testcase
mnesia: Fix unsubscribe error handling
|
|
* ia/crypto/doc:
crypto & public_key: Clearify documentation.
|
|
* ia/ssl/public_key/warnings:
ssl: Correct rebase mistakes
|
|
* ia/ssl/dialyzer:
ssl: Fix dialyzer warnings
|
|
* bjorn/asn1/not-small-bugs/OTP-11153:
PER/UPER: Correct decoding of SEQUENCEs with more than 64 extensions
testConstraints: Improve tests of semi-constrained INTEGERs
Test ENUMERATED with many extended values
UPER: Correct encoding of ENUMERATED with more than 63 extended values
Add asn1_test_lib:hex_to_bin/1
|
|
* bjorn/asn1/fix-extension-addition-groups/OTP-11154:
PER, UPER: Fix record name mismatch between HRL file and decoding code
|
|
|
|
Make sure that semi-constrained integers are correctly encoded
in the mininum number of bytes. (The roundtrip test does not
catch problems with non-minimal encodings.) Also test huge
values that must be encoded in 128 or 256 bytes.
|
|
|
|
When a SEQUENCE was defined inline inside extension addition group
like this:
InlinedSeq ::= SEQUENCE {
...,
[[
s SEQUENCE {
a INTEGER,
b BOOLEAN
}
]]
}
the decoding code would return the contents of the SEQUENCE in a
record named 'InlinedSeq_ExtAddGroup1_s', while the record definition
in the generated HRL file would be 'InlinedSeq_s'.
Since there is no reason to use the longer record name (no risk for
ambiguity), correct the name in the decoding code.
|
|
|
|
|
|
|
|
|
|
* fredrik/ssh/appup_r16b01:
ssh: appup changes
|
|
* ia/ssl/prepare-for-release:
ssl: Prepare for release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* pan/unicode_error_wrong_offset:
Fix faulty rest on error in unicode:characters_to_list
OTP-11080
|
|
* pan/r16b01/system_monitor_long_schedule/OTP-11067:
Minor spelling correction
Add system_monitor of long_schedule
|
|
* egil/increase-eprof-usability/OTP-11144:
tools: Document new eprof options
tools: Add options to eprof
tools: Add testcase to eprof_SUITE
tools: Refactor away ?line macro in eprof_SUITE
|
|
* jv/erl_lint-default_types/OTP-11143:
Updated primary bootstrap
stdlib: re-factored erl_lint.erl
Improve erl_lint performance
|
|
|
|
|
|
|
|
* ia/ssl/prep-dtls:
ssl: Structural perarparation to support DTLS
ssl: Rename ssl_certificate_db to ssl_pkix_db for clarity
|
|
* fredrik/tools/emacs_bifs:
tools: Added gather_gc_info_result to bifs
|
|
Also phase in tls module as main API instead of ssl. To
make API clearer. As TLS is the new protocol name.
Maybe keep some API functions in ssl
|
|
Conflicts:
lib/ssl/src/ssl.app.src
lib/ssl/src/ssl_manager.erl
|
|
* rickard-sverker/carrier-migration/OTP-10279:
stdlib: Fix ets_SUITE memory tests
|
|
Need to take 'mbcs_pool' into account.
|
|
into maint
* origin/peppe/common_test/remove_end_per_tc_warning:
Remove incorrect warning about missing end_per_testcase
OTP-11052
|
|
* origin/peppe/common_test/ct_conn_handling:
Add test suite
Fix faulty connection handling
OTP-10126
|
|
|
|
* ia/crypto/tests:
crypto: Document enhancement
crypto: Test suite completeness
|
|
|
|
* nox/erl_pp-callback/OTP-11140:
Update primary bootstrap
Support callback attributes in erl_pp
|
|
* rickard-sverker/carrier-migration/OTP-10279:
erts: Document the +M<S>acul command line argument
erts: Carrier pool information in allocator information
erts: Use carrier pool for migration of carriers
erts: Implement test case for carrier pool
erts: Implement carrier pool
erts: Fix type errors in info functions
erts: Use Uint64 for call counts
erts: Fix failing testcase alloc_SUITE:rbtree
erts: Rename allocator aoffcbf to aoffcaobf
erts: Remove unnecessary flag arguments in allocators
erts: Remove SBMBC allocator
erts: Add test for add_mbc and remove_mbc callbacks
erts: Fix deallocation in removed carrier
erts: Change naive list to rb-tree of carriers in AOFF allocator
erts: Prepare aoff allocator for carrier migration
erts: Make carrier header sizes customizable
erts: Add "bestfit within carrier" for aoff allocator (aoffcbf)
|
|
* siri/cuddle-with-tests:
Delete 'icky' dirs and symlinks after kernel tests
[ct_netconfc] Improve error printout
Fix interactive_shell_SUITE to handle node name with quotes
|
|
This is to avoid lingering files on windows.
|
|
|
|
* siri/cdv/memory-info/OTP-10604:
[observer] Add mbcs_pool to allocator info in system window
[observer] Add mbcs_pool to allocator summary in crashdump_viewer
observer: Improve initial call info
observer: Add allocator info to gui
[observer] Present Memory for each process in crashdump_viewer
[observer] Add allocator summary in crashdump_viewer
|
|
|
|
|
|
The function was updated in 5805b576, but not the type specificatin.
|
