net-snmp 3.5.8 → 3.6.2

package/README.md

@@ -243,8 +243,8 @@ This object contains constants to select a supported encryption algorithm for
 SNMPv3 messages that require privacy:
  * `des` - for DES encryption (CBC-DES)
  * `aes` - for 128-bit AES encryption (CFB-AES-128)
- * `aes256b` - for 256-bit AES encryption (CFB-AES-256) with "Blumenthal" key localiztaion
- * `aes256r` - for 256-bit AES encryption (CFB-AES-256) with "Reeder" key localiztaion
+ * `aes256b` - for 256-bit AES encryption (CFB-AES-256) with "Blumenthal" key localization
+ * `aes256r` - for 256-bit AES encryption (CFB-AES-256) with "Reeder" key localization
 
 DES is the sole encryption algorithm specified in the original SNMPv3 User-Based
 Security Model RFC (RFC 3414); 128-bit AES for SNMPv3 was added later in RFC 3826.
@@ -1062,7 +1062,7 @@ The `table()` method fetches the value for all OIDs lexicographically
 following a specified OID in the MIB tree which have the specified OID as
 their base, much like the `subtree()` method.
 
-This method is designed to fetch conceptial tables, for example the ifTable
+This method is designed to fetch conceptual tables, for example the ifTable
 (`1.3.6.1.2.1.2.2`) table.  The values for returned varbinds will be structured
 into objects to represent conceptual rows.  Each row is then placed into an
 object with the rows index being the key, e.g.:
@@ -1171,7 +1171,7 @@ be in the resulting table.
 
 This method should be used when only selected columns are required, and
 will be many times faster than the `table()` method since a much smaller
-amount of data will be fected.
+amount of data will be fetched.
 
 The following example fetches the ifTable (`1.3.6.1.2.1.2.2`) table, and
 specifies that only the ifDescr (`1.3.6.1.2.1.2.2.1.2`) and ifPhysAddress
@@ -1259,7 +1259,7 @@ returned by the `process.uptime ()` function multiplied by `100`.
 SNMP version 2c messages are quite different in comparison with version 1.
 The version 2c trap has a much simpler format, simply a sequence of varbinds.
 The first varbind to be placed in the trap message will be for the
-`sysUptime.0` OID (`1.3.6.1.6.3.1.1.4.1.0`).  The value for this varbind will
+`sysUptime.0` OID (`1.3.6.1.2.1.1.3.0`).  The value for this varbind will
 be the value returned by the `process.uptime ()` function multiplied by 100
 (this can be overridden by providing `upTime` in the optional `options`
 parameter, as documented below).
@@ -1280,7 +1280,7 @@ following items:
 
  * `agentAddr` - IP address used to populate the agent-addr field for SNMP
    version 1 type traps, and defaults to `127.0.0.1`
- * `upTime` - Value of the `sysUptime.0` OID (`1.3.6.1.6.3.1.1.4.1.0`) in the
+ * `upTime` - Value of the `sysUptime.0` OID (`1.3.6.1.2.1.1.3.0`) in the
    trap, defaults to the value returned by the `process.uptime ()` function
    multiplied by 100
 
@@ -1452,6 +1452,7 @@ class:
 var options = {
     port: 162,
     disableAuthorization: false,
+    includeAuthentication: false,
     accessControlModelType: snmp.AccessControlModelType.None,
     engineID: "8000B98380XXXXXXXXXXXXXXXXXXXXXXXX", // where the X's are random hex digits
     address: null,
@@ -1483,6 +1484,8 @@ an object, possibly empty, and can contain the following fields:
  * `transport` - the transport family to use - defaults to `udp4`
  * `address` - the IP address to bind to - default to `null`, which means bind to all IP
  addresses
+ * `includeAuthentication` - adds the community (v1/2c) or user name (v3) information
+ to the notification callback - defaults to `false`
 
 The `callback` parameter is a callback function of the form
 `function (error, notification)`.  On an error condition, the `notification`
@@ -3166,6 +3169,18 @@ Example programs are included under the module's `example` directory.
 
  * Fix processing of negative integers larger than 32 bits
 
+## Version 3.6.0 - 18/02/2022
+
+ * Add calculated key cache to remove authNoPriv and authPriv performance bottleneck
+
+## Version 3.6.1 - 21/03/2022
+
+ * Add v3 context to non-initial PDUs
+
+## Version 3.6.2 - 07/04/2022
+
+ * Add option for receiver to receive client authentication identity
+
 # License
 
 Copyright (c) 2020 Mark Abrahams <mark@abrahams.co.nz>

package/example/snmp-receiver.js

@@ -7,7 +7,8 @@ var snmpOptions = {
     disableAuthorization: options.n,
     port: options.p,
 	transport: options.t,
-    engineID: options.e
+    engineID: options.e,
+    includeAuthentication: options.a
 };
 
 var cb = function(error, trap) {

package/index.js

@@ -427,16 +427,16 @@ function readUint (buffer, isSigned) {
 		value *= 256;
 		value += buffer.readByte ();
 
-        if (isSigned && i <= 0) {
-            if ((value & 0x80) == 0x80) {
-                signedBitSet = true;
-            }
-        }
+		if (isSigned && i <= 0) {
+			if ((value & 0x80) == 0x80) {
+				signedBitSet = true;
+			}
+		}
 	}
 	
-    if (signedBitSet) {
-        value -= 2 ** (i * 8);
-    }
+	if (signedBitSet) {
+		value -= 2 ** (i * 8);
+	}
 
 	return value;
 }
@@ -934,17 +934,32 @@ Authentication.algorithms[AuthProtocols.sha] = {
 	CRYPTO_ALGORITHM: 'sha1'
 };
 
+Authentication.authToKeyCache = {};
+
+Authentication.computeCacheKey = function (authProtocol, authPasswordString, engineID) {
+	var engineIDString = engineID.toString('base64');
+	return authProtocol + authPasswordString + engineIDString;
+};
+
 // Adapted from RFC3414 Appendix A.2.1. Password to Key Sample Code for MD5
 Authentication.passwordToKey = function (authProtocol, authPasswordString, engineID) {
 	var hashAlgorithm;
 	var firstDigest;
 	var finalDigest;
-	var buf = Buffer.alloc (Authentication.HMAC_BUFFER_SIZE);
+	var buf;
 	var bufOffset = 0;
 	var passwordIndex = 0;
 	var count = 0;
-	var password = Buffer.from (authPasswordString);
+	var password;
 	var cryptoAlgorithm = Authentication.algorithms[authProtocol].CRYPTO_ALGORITHM;
+
+	var cacheKey = Authentication.computeCacheKey(authProtocol, authPasswordString, engineID);
+	if (Authentication.authToKeyCache[cacheKey] !== undefined) {
+		return Authentication.authToKeyCache[cacheKey];
+	}
+
+	buf = Buffer.alloc (Authentication.HMAC_BUFFER_SIZE);
+	password = Buffer.from (authPasswordString);
 	
 	while (count < Authentication.HMAC_BUFFER_SIZE) {
 		for (var i = 0; i < Authentication.HMAC_BLOCK_SIZE; i++) {
@@ -964,6 +979,7 @@ Authentication.passwordToKey = function (authProtocol, authPasswordString, engin
 	finalDigest = hashAlgorithm.digest();
 	// debug ("Localized key: " + finalDigest.toString('hex'));
 
+	Authentication.authToKeyCache[cacheKey] = finalDigest;
 	return finalDigest;
 };
 
@@ -2322,6 +2338,7 @@ Session.prototype.set = function (varbinds, responseCb) {
 Session.prototype.simpleGet = function (pduClass, feedCb, varbinds,
 		responseCb, options) {
 	var id = _generateId (this.idBitsSize);
+	options = Object.assign({}, options, { context: this.context });
 	var pdu = SimplePdu.createFromVariables (pduClass, id, varbinds, options);
 	var message;
 	var req;
@@ -3109,6 +3126,7 @@ var Receiver = function (options, callback) {
 	this.port = options.port || 162;
 	options.port = this.port;
 	this.disableAuthorization = options.disableAuthorization || false;
+	this.includeAuthentication = options.includeAuthentication || false;
 	this.context = (options && options.context) ? options.context : "";
 	this.listener = new Listener (options, this);
 };
@@ -3145,29 +3163,38 @@ Receiver.prototype.onMsg = function (buffer, rinfo) {
 	// Inform/trap processing
 	// debug (JSON.stringify (message.pdu, null, 2));
 	if ( message.pdu.type == PduType.Trap || message.pdu.type == PduType.TrapV2 ) {
-		this.callback (null, this.formatCallbackData (message.pdu, rinfo) );
+		this.callback (null, this.formatCallbackData (message, rinfo) );
 	} else if ( message.pdu.type == PduType.InformRequest ) {
 		message.pdu.type = PduType.GetResponse;
 		message.buffer = null;
 		message.setReportable (false);
 		this.listener.send (message, rinfo);
 		message.pdu.type = PduType.InformRequest;
-		this.callback (null, this.formatCallbackData (message.pdu, rinfo) );
+		this.callback (null, this.formatCallbackData (message, rinfo) );
 	} else {
 		this.callback (new RequestInvalidError ("Unexpected PDU type " + message.pdu.type + " (" + PduType[message.pdu.type] + ")"));
 	}
 };
 
-Receiver.prototype.formatCallbackData = function (pdu, rinfo) {
-	if ( pdu.contextEngineID ) {
-		pdu.contextEngineID = pdu.contextEngineID.toString('hex');
+Receiver.prototype.formatCallbackData = function (message, rinfo) {
+	if ( message.pdu.contextEngineID ) {
+		message.pdu.contextEngineID = message.pdu.contextEngineID.toString('hex');
 	}
-	delete pdu.nonRepeaters;
-	delete pdu.maxRepetitions;
-	return {
-		pdu: pdu,
-		rinfo: rinfo 
+	delete message.pdu.nonRepeaters;
+	delete message.pdu.maxRepetitions;
+	const formattedData = {
+		pdu: message.pdu,
+		rinfo: rinfo
 	};
+	if (this.includeAuthentication) {
+		if (message.community) {
+			formattedData.pdu.community = message.community;
+		} else if (message.user) {
+			formattedData.pdu.user = message.user.name;
+		}
+	}
+
+	return formattedData;
 };
 
 Receiver.prototype.close  = function() {
@@ -3546,11 +3573,11 @@ MibNode.prototype.getConstraintsFromProvider = function () {
 };
 
 MibNode.prototype.setValue = function (newValue) {
-    var len;
-    var min;
-    var max;
-    var range;
-    var found = false;
+	var len;
+	var min;
+	var max;
+	var range;
+	var found = false;
 	var constraints = this.getConstraintsFromProvider ();
 	if ( ! constraints ) {
 		this.value = newValue;
@@ -3561,35 +3588,35 @@ MibNode.prototype.setValue = function (newValue) {
 			return false;
 		}
 	} else if ( constraints.ranges ) {
-        for ( range of constraints.ranges ) {
-            min = "min" in range ? range.min : Number.MIN_SAFE_INTEGER;
-            max = "max" in range ? range.max : Number.MAX_SAFE_INTEGER;
-            if ( newValue >= min && newValue <= max ) {
-                found = true;
-                break;
-            }
-        }
-        if ( ! found ) {
-            return false;
-        }
-    } else if ( constraints.sizes ) {
-        // if size is constrained, value must have a length property
-        if ( ! ( "length" in newValue ) ) {
-            return false;
-        }
-        len = newValue.length;
-        for ( range of constraints.sizes ) {
-            min = "min" in range ? range.min : Number.MIN_SAFE_INTEGER;
-            max = "max" in range ? range.max : Number.MAX_SAFE_INTEGER;
-            if ( len >= min && len <= max ) {
-                found = true;
-                break;
-            }
-        }
-        if ( ! found ) {
-            return false;
-        }
-    }
+		for ( range of constraints.ranges ) {
+			min = "min" in range ? range.min : Number.MIN_SAFE_INTEGER;
+			max = "max" in range ? range.max : Number.MAX_SAFE_INTEGER;
+			if ( newValue >= min && newValue <= max ) {
+				found = true;
+				break;
+			}
+		}
+		if ( ! found ) {
+			return false;
+		}
+	} else if ( constraints.sizes ) {
+		// if size is constrained, value must have a length property
+		if ( ! ( "length" in newValue ) ) {
+			return false;
+		}
+		len = newValue.length;
+		for ( range of constraints.sizes ) {
+			min = "min" in range ? range.min : Number.MIN_SAFE_INTEGER;
+			max = "max" in range ? range.max : Number.MAX_SAFE_INTEGER;
+			if ( len >= min && len <= max ) {
+				found = true;
+				break;
+			}
+		}
+		if ( ! found ) {
+			return false;
+		}
+	}
 	this.value = newValue;
 	return true;
 };
@@ -3977,25 +4004,25 @@ Mib.prototype.setTableRowDefaultValues = function (name, values) {
 };
 
 Mib.prototype.setScalarRanges = function (name, ranges ) {
-    let provider = this.getProvider(name);
-    provider.constraints = { ranges };
+	let provider = this.getProvider(name);
+	provider.constraints = { ranges };
 };
 
 Mib.prototype.setTableColumnRanges = function(name, column, ranges ) {
-    let provider = this.getProvider(name);
-    let tc = provider.tableColumns;
-    tc[column].constraints = { ranges };
+	let provider = this.getProvider(name);
+	let tc = provider.tableColumns;
+	tc[column].constraints = { ranges };
 };
 
 Mib.prototype.setScalarSizes = function (name, sizes ) {
-    let provider = this.getProvider(name);
-    provider.constraints = { sizes };
+	let provider = this.getProvider(name);
+	provider.constraints = { sizes };
 };
 
 Mib.prototype.setTableColumnSizes = function(name, column, sizes ) {
-    let provider = this.getProvider(name);
-    let tc = provider.tableColumns;
-    tc[column].constraints = { sizes };
+	let provider = this.getProvider(name);
+	let tc = provider.tableColumns;
+	tc[column].constraints = { sizes };
 };
 
 Mib.prototype.registerProviders = function (providers) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "net-snmp",
-  "version": "3.5.8",
+  "version": "3.6.2",
   "description": "JavaScript implementation of the Simple Network Management Protocol (SNMP)",
   "main": "index.js",
   "directories": {

package/test/receiver-test.sh

@@ -61,8 +61,8 @@ node ${HOME_DIR}/example/snmp-trap.js -v 3 -l authNoPriv -u ${USER_AUTH} -a ${AU
 node ${HOME_DIR}/example/snmp-trap.js -v 3 -l authPriv -u ${USER_PRIV} -a ${AUTH_PROTOCOL} -A ${AUTH_KEY} -x ${PRIV_PROTOCOL} -X ${PRIV_KEY} ${PARAMS} ${HOST} ${TRAP_OID}
 node ${HOME_DIR}/example/snmp-inform.js -v 2c -c ${COMMUNITY} ${PARAMS} ${HOST} ${TRAP_OID}
 node ${HOME_DIR}/example/snmp-inform.js -v 3 -l noAuthNoPriv -u ${USER_NONE} ${PARAMS} ${HOST} ${TRAP_OID}
-node ${HOME_DIR}/example/snmp-inform.js -v 3 -u ${USER_AUTH} -a ${AUTH_PROTOCOL} -A ${AUTH_KEY} ${PARAMS} ${HOST} ${TRAP_OID}
-node ${HOME_DIR}/example/snmp-inform.js -v 3 -u ${USER_PRIV} -a ${AUTH_PROTOCOL} -A ${AUTH_KEY} -x ${PRIV_PROTOCOL} -X ${PRIV_KEY} ${PARAMS} ${HOST} ${TRAP_OID}
+node ${HOME_DIR}/example/snmp-inform.js -v 3 -l authNoPriv -u ${USER_AUTH} -a ${AUTH_PROTOCOL} -A ${AUTH_KEY} ${PARAMS} ${HOST} ${TRAP_OID}
+node ${HOME_DIR}/example/snmp-inform.js -v 3 -l authPriv -u ${USER_PRIV} -a ${AUTH_PROTOCOL} -A ${AUTH_KEY} -x ${PRIV_PROTOCOL} -X ${PRIV_KEY} ${PARAMS} ${HOST} ${TRAP_OID}
 ENDOFCMDS
 
 COUNT=1
@@ -81,4 +81,3 @@ while read CMD ; do
 done <${CMDS}
 
 rm -f ${CMDS}
-