From afb6abb8e3bf06336eb7babd121e67dc3be84b36 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Mon, 2 Jul 2018 21:25:48 +0200 Subject: T652: SNMP: bugfix for default auth and priv type If no auth or no priv type was specified for a v3 user this resulted in a commit error, but CLI said there would be ssane defaults. * auth type defaults to 'md5' * priv type defaults to 'des' --- src/conf_mode/snmp.py | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/conf_mode/snmp.py b/src/conf_mode/snmp.py index 1590e5de4..0ac454197 100755 --- a/src/conf_mode/snmp.py +++ b/src/conf_mode/snmp.py @@ -137,7 +137,6 @@ SysDescr {{ description }} # Listen agentaddress unix:/run/snmpd.socket{% if listen_on %}{% for li in listen_on %},{{ li }}{% endfor %}{% else %},udp:161,udp6:161{% endif %}{% if v3_tsm_key %},tlstcp:{{ v3_tsm_port }},dtlsudp::{{ v3_tsm_port }}{% endif %} - # SNMP communities {% if communities -%} {% for c in communities %} @@ -470,7 +469,7 @@ def get_config(): 'name': user, 'authMasterKey': '', 'authPassword': '', - 'authProtocol': '', + 'authProtocol': 'md5', 'authOID': 'none', 'engineID': '', 'group': '', @@ -479,7 +478,7 @@ def get_config(): 'privPassword': '', 'privOID': '', 'privTsmKey': '', - 'privProtocol': '' + 'privProtocol': 'des' } # @@ -491,10 +490,14 @@ def get_config(): if conf.exists('v3 user {0} auth plaintext-key'.format(user)): user_cfg['authPassword'] = conf.return_value('v3 user {0} auth plaintext-key'.format(user)) + # load default value + type = user_cfg['authProtocol'] if conf.exists('v3 user {0} auth type'.format(user)): type = conf.return_value('v3 user {0} auth type'.format(user)) - user_cfg['authProtocol'] = type - user_cfg['authOID'] = OIDs[type] + + # (re-)update with either default value or value from CLI + user_cfg['authProtocol'] = type + user_cfg['authOID'] = OIDs[type] # # v3 user {0} engineid @@ -526,10 +529,14 @@ def get_config(): if conf.exists('v3 user {0} privacy tsm-key'.format(user)): user_cfg['privTsmKey'] = conf.return_value('v3 user {0} privacy tsm-key'.format(user)) + # load default value + type = user_cfg['privProtocol'] if conf.exists('v3 user {0} privacy type'.format(user)): type = conf.return_value('v3 user {0} privacy type'.format(user)) - user_cfg['privProtocol'] = type - user_cfg['privOID'] = OIDs[type] + + # (re-)update with either default value or value from CLI + user_cfg['privProtocol'] = type + user_cfg['privOID'] = OIDs[type] snmp['v3_users'].append(user_cfg) @@ -651,9 +658,6 @@ def verify(snmp): if user['authPassword'] == '' and user['authMasterKey'] == '': raise ConfigError('Must specify encrypted-key or plaintext-key for user auth') - if user['authProtocol'] == '': - raise ConfigError('Must specify auth type') - # seclevel 'priv' is more restrictive if seclevel is 'priv': if user['privPassword'] and user['privMasterKey']: @@ -668,9 +672,6 @@ def verify(snmp): if user['authPassword'] == '' and user['authMasterKey'] == '' and user['privTsmKey'] == '': raise ConfigError('Must specify auth or tsm-key for user auth') - if user['privProtocol'] == '': - raise ConfigError('Must specify privacy type') - if user['mode'] == '': raise ConfigError('Must specify user mode ro/rw') -- cgit v1.2.3