head 1.5; access; symbols pkgsrc-2022Q3:1.4.0.62 pkgsrc-2022Q3-base:1.4 pkgsrc-2022Q2:1.4.0.60 pkgsrc-2022Q2-base:1.4 pkgsrc-2022Q1:1.4.0.58 pkgsrc-2022Q1-base:1.4 pkgsrc-2021Q4:1.4.0.56 pkgsrc-2021Q4-base:1.4 pkgsrc-2021Q3:1.4.0.54 pkgsrc-2021Q3-base:1.4 pkgsrc-2021Q2:1.4.0.52 pkgsrc-2021Q2-base:1.4 pkgsrc-2021Q1:1.4.0.50 pkgsrc-2021Q1-base:1.4 pkgsrc-2020Q4:1.4.0.48 pkgsrc-2020Q4-base:1.4 pkgsrc-2020Q3:1.4.0.46 pkgsrc-2020Q3-base:1.4 pkgsrc-2020Q2:1.4.0.42 pkgsrc-2020Q2-base:1.4 pkgsrc-2020Q1:1.4.0.22 pkgsrc-2020Q1-base:1.4 pkgsrc-2019Q4:1.4.0.44 pkgsrc-2019Q4-base:1.4 pkgsrc-2019Q3:1.4.0.40 pkgsrc-2019Q3-base:1.4 pkgsrc-2019Q2:1.4.0.38 pkgsrc-2019Q2-base:1.4 pkgsrc-2019Q1:1.4.0.36 pkgsrc-2019Q1-base:1.4 pkgsrc-2018Q4:1.4.0.34 pkgsrc-2018Q4-base:1.4 pkgsrc-2018Q3:1.4.0.32 pkgsrc-2018Q3-base:1.4 pkgsrc-2018Q2:1.4.0.30 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.4.0.28 pkgsrc-2018Q1-base:1.4 pkgsrc-2017Q4:1.4.0.26 pkgsrc-2017Q4-base:1.4 pkgsrc-2017Q3:1.4.0.24 pkgsrc-2017Q3-base:1.4 pkgsrc-2017Q2:1.4.0.20 pkgsrc-2017Q2-base:1.4 pkgsrc-2017Q1:1.4.0.18 pkgsrc-2017Q1-base:1.4 pkgsrc-2016Q4:1.4.0.16 pkgsrc-2016Q4-base:1.4 pkgsrc-2016Q3:1.4.0.14 pkgsrc-2016Q3-base:1.4 pkgsrc-2016Q2:1.4.0.12 pkgsrc-2016Q2-base:1.4 pkgsrc-2016Q1:1.4.0.10 pkgsrc-2016Q1-base:1.4 pkgsrc-2015Q4:1.4.0.8 pkgsrc-2015Q4-base:1.4 pkgsrc-2015Q3:1.4.0.6 pkgsrc-2015Q3-base:1.4 pkgsrc-2015Q2:1.4.0.4 pkgsrc-2015Q2-base:1.4 pkgsrc-2015Q1:1.4.0.2 pkgsrc-2015Q1-base:1.4 pkgsrc-2014Q4:1.3.0.16 pkgsrc-2014Q4-base:1.3 pkgsrc-2014Q3:1.3.0.14 pkgsrc-2014Q3-base:1.3 pkgsrc-2014Q2:1.3.0.12 pkgsrc-2014Q2-base:1.3 pkgsrc-2014Q1:1.3.0.10 pkgsrc-2014Q1-base:1.3 pkgsrc-2013Q4:1.3.0.8 pkgsrc-2013Q4-base:1.3 pkgsrc-2013Q3:1.3.0.6 pkgsrc-2013Q3-base:1.3 pkgsrc-2013Q2:1.3.0.4 pkgsrc-2013Q2-base:1.3 pkgsrc-2013Q1:1.3.0.2 pkgsrc-2013Q1-base:1.3 pkgsrc-2012Q4:1.2.0.38 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.36 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.34 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.32 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.2.0.30 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q3:1.2.0.28 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.26 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.2.0.24 pkgsrc-2011Q1-base:1.2 pkgsrc-2010Q4:1.2.0.22 pkgsrc-2010Q4-base:1.2 pkgsrc-2010Q3:1.2.0.20 pkgsrc-2010Q3-base:1.2 pkgsrc-2010Q2:1.2.0.18 pkgsrc-2010Q2-base:1.2 pkgsrc-2010Q1:1.2.0.16 pkgsrc-2010Q1-base:1.2 pkgsrc-2009Q4:1.2.0.14 pkgsrc-2009Q4-base:1.2 pkgsrc-2009Q3:1.2.0.12 pkgsrc-2009Q3-base:1.2 pkgsrc-2009Q2:1.2.0.10 pkgsrc-2009Q2-base:1.2 pkgsrc-2009Q1:1.2.0.8 pkgsrc-2009Q1-base:1.2 pkgsrc-2008Q4:1.2.0.6 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.4 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.2 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.1.0.14 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.12 pkgsrc-2008Q1:1.1.0.10 pkgsrc-2008Q1-base:1.1 pkgsrc-2007Q4:1.1.0.8 pkgsrc-2007Q4-base:1.1 pkgsrc-2007Q3:1.1.0.6 pkgsrc-2007Q3-base:1.1 pkgsrc-2007Q2:1.1.0.4 pkgsrc-2007Q2-base:1.1 pkgsrc-2007Q1:1.1.0.2 pkgsrc-2007Q1-base:1.1; locks; strict; comment @# @; 1.5 date 2022.10.18.12.01.52; author adam; state dead; branches; next 1.4; commitid 1hob0RpCwfzracYD; 1.4 date 2014.12.31.10.06.57; author adam; state Exp; branches; next 1.3; commitid N1IZii06nj1K4b4y; 1.3 date 2013.03.17.00.15.29; author gdt; state Exp; branches; next 1.2; 1.2 date 2008.09.08.12.58.09; author adam; state Exp; branches; next 1.1; 1.1 date 2007.02.05.19.19.14; author joerg; state Exp; branches; next ; desc @@ 1.5 log @net-snmp py-netsnmp: updated to 5.9.3 *5.9.3*: security: - These two CVEs can be exploited by a user with read-only credentials: - CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - These CVEs can be exploited by a user with read-write credentials: - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously - CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. - To avoid these flaws, use strong SNMPv3 credentials and do not share them. If you must use SNMPv1 or SNMPv2c, use a complex community string and enhance the protection by restricting access to a given IP address range. - Thanks are due to Yu Zhang of VARAS@@IIE and Nanyu Zhong of VARAS@@IIE for reporting the following CVEs that have been fixed in this release, and to Arista Networks for providing fixes. misc: - Snmp-create-v3-user: Fix the snmpd.conf path @@datadir@@ is expanded in ${datarootdir} so datarootdir must be set before @@datadir@@ is used. general: Many bug fixes *5.9.2*: skipped due to a last minute library versioning found bug -- use 5.9.3 instead *5.9.1*: General: Many bug fixes *5.9* snmplib: - Add IPv6 support to DTLSUDP transport CHANGES: snmplib: use new netsnmp_sockaddr_storage in netsnmp_addr_pair CHANGES: snmplib: add base_transport ptr for tunneled transports snmpd: - Security vulnerabilty in the ping MIB reported by Christopher Ertl from Microsoft fixed - Changing to a different uid/gid can only be done once - The extend mib is now read-only by default snmptrap: - BUG: 2899: Patch from Drew Roedersheimer to set library engineboots/time values before sending unspecified: - Add pkg-config support for building applications and sub-agents Use the netsnmp package when building Net-SNMP applications. Use the netsnmp-agent package when building Net-SNMP subagents. @ text @$NetBSD: patch-du,v 1.4 2014/12/31 10:06:57 adam Exp $ --- agent/mibgroup/hardware/memory/memory_freebsd.c.orig 2014-12-08 20:23:22.000000000 +0000 +++ agent/mibgroup/hardware/memory/memory_freebsd.c @@@@ -36,6 +36,12 @@@@ int netsnmp_mem_arch_load( netsnmp_cache long pagesize; int nswap; +#ifdef dragonfly + struct vmstats vms; + size_t vms_size = sizeof(vms); + size_t vmem_size = sizeof(struct vmmeter); +#endif + #if !defined(VM_TOTAL) unsigned int free_mem; size_t free_size = sizeof(free_mem); @@@@ -76,11 +82,17 @@@@ int netsnmp_mem_arch_load( netsnmp_cache sysctlbyname("vm.stats.vm.v_inactive_count", &inact_count, &inact_size, NULL, 0); sysctlbyname("vfs.bufspace", &bufspace, &buf_size, NULL, 0); sysctlbyname("vfs.maxbufspace", &maxbufspace, &buf_size, NULL, 0); +#ifdef dragonfly + pagesize = getpagesize(); + sysctlbyname("vm.vmstats", &vms, &vms_size, NULL, 0); + sysctlbyname("vm.vmmeter", &vmem, &vmem_size, NULL, 0); +#else #ifndef freebsd4 pagesize = 1024; #else pagesize = getpagesize(); #endif +#endif /* * ... and save this in a standard form. @@@@ -91,6 +103,11 @@@@ int netsnmp_mem_arch_load( netsnmp_cache } else { if (!mem->descr) mem->descr = strdup("Physical memory"); +#ifdef dragonfly + mem->units = vms.v_page_size; + mem->size = vms.v_cache_max; + mem->free = vms.v_cache_max - vms.v_cache_count; +#else mem->units = pagesize; mem->size = phys_mem/pagesize; #if !defined(VM_TOTAL) @@@@ -98,6 +115,7 @@@@ int netsnmp_mem_arch_load( netsnmp_cache #else mem->free = total.t_free; #endif +#endif } mem = netsnmp_memory_get_byIdx( NETSNMP_MEM_TYPE_USERMEM, 1 ); @ 1.4 log @Changes 5.7.3: Many many bug fixes and minor improvements snmpd, snmptrapd and apps: - Patch 2525: from Ryan Steinmetz: Fix argument length parsing of the host resources mib - Make ENV_SEPARATOR_CHAR configurable - SECURITY: a denial of service attack vector was discovered on the linux implementation of the ICMP-MIB. This release fixes this bug and all users are encouraged to update their SNMP agent if they make use of the ICMP-MIB table objects. perl: - BUG: 2402: Add support for SNMPv3 traps Windows: - Port batch build infrastructure to Visual Studio 2010 and later From Visual Studio 2010 on it is no longer possible to specify include or library directories globally - these have to be specified per project. Hence two additional menu entries in build.bat that allow to specify these directories. - Patch from Bart Van Assche to improve cygwin building @ text @d1 1 a1 1 $NetBSD$ @ 1.3 log @Update to 5.7.2. This is a major update in terms of pkgsrc patches, of which there are far far too many. Analysis of patches was done by Karen Sirois of BBN, and I have remvoed patches that have been applied upstream. This builds fine and passes tests on NetBSD 6 i386. If you look after some other platform (Dragonfly, Darwin, FreeBSD, etc.), please make sure any problems are filed as upstream tickets; pkgsrc is not appropriate to carry patches long-term that should be fixed upstream, and this package has gotten out of hand. (OK by adam@@ to do the update, but he has not reviewed the changes, so errors are my fault. It's quite likely there are issues on other platforms.) Upstream NEWS: *5.7.2* snmp: - BUG: 3526549: CVE-2012-2141 Array index error leading to crash snmpd: - BUG: 3532090: Fix high ifIndex values crashing hrDeviceDescr building: - PATCH: 2091156: correctly declare dependencies in Makefile. 'make -j ' should work now. Backport this to V5-4 as it is needed for correct operation in the single threaded case of make miblib as well. Many other miscellaneous minor bug fixes *5.7.1* libnetsnmp: - Fixed the mib-parsing-bug introduced shortly before 5.7 agent: - fixed rounding errors for disk percentage calculations openbsd: - better support for recent openbsd releases features: - bug fixes with minimalist support after additional user feedback Many other miscellaneous minor bug fixes *5.7* snmpd: - Delivery of data via regularily scheduled notifications. (see "Data Delivery via Notfications" in snmpd.conf) - Many time-based config options can take (m)ins, (h)ours, ... arguments (see the snmpd.conf manual page) - The PING and TRACEROUTE MIBs now compile and work-ish on linux http://www.net-snmp.org/wiki/index.php/DISMAN - Mib handlers can now implement a data_clone function for cloning the myvoid structure variable to avoid dangling pointers - Fixed persistent storage of VACM MIB configuration - Multi-homed agents send UDP responses from the proper IP address - The hrStorageTable implementation now supports large filesystems better - optimizations for large route tables - Added a deliveryByNotify config token for regular data delivery (see the snmpd.conf manual page and the NET-SNMP-PERIODIC-NOTIFY-MIB) - [PATCH 3141462]: fix agentx subagent issues with multiple-object requests - [PATCH 3057093]: linux uses libpci for creating useful ifDescr strings - [PATCH 3131397]: huge speedups of the TCP/UDP Tables libnetsnmp: - Removed the older CMU compatibility support - The SSH transport is now configurable TLS/DTLS support: - The SNMP over DTLS transport now properly supports IPv6 - Introduced new configuration tokens: localCert/peerCert (deprecating serverCert, clientCert, defX509ServerPub, defX509ClientPub) - Various fixes for the TLS/DTLS transports apps: - Added a per-variable timed output support to snmpwalk using -CT - snmpinform now correctly uses the local engineID for informs - A number of mib2c bug fixes - New snmp.conf tokens for timeouts and retries building: - New flags to reduce the amount of compiled code to bare minimums. This is provided by a new generic feature marking/selection mechanism. http://www.net-snmp.org/wiki/index.php/Feature_Marking_and_Selection - It's now possible to build without SNMPv3/USM (e.g., if you only want TLS/DTLS with SNMPv3/TSM) - It's possible to build the suite with no SET support configure using --enable-read-only - It's possible to build the agent as a notify-only agent configure using --enable-notify-only - Added a script to test memory usage with various config options (see the local/minimalist/sizetests script) - Net-SNMP can now be built to perform local DNSSEC validation (install DNSSEC-Tools' libval and use --with-local-dnssec-validation) testing: - a number of new API unit-tests have been added to the suite (to run the tests: cd testing && ./RUNFULLTESTS -g unit-tests) - The unit tests can be more easily run under valgrind (See http://bit.ly/jsgRnv for details) openbsd: - Support for updating the routing table via SNMP win32: - The testing suite works better under win32 environments - Many building fixes for the win32 environment(s) solaris: - Net-SNMP now supports the SCTP-MIB DragonFlyBSD, FreeBSD8: - Net-SNMP should now work on DragonFlyBSD and FreeBSD8 And of course: - Many other bug fixes. See the CHANGES and ChangeLog for details. @ text @d1 1 a1 1 $NetBSD: patch-du,v 1.2 2008/09/08 12:58:09 adam Exp $ d3 1 a3 1 --- agent/mibgroup/hardware/memory/memory_freebsd.c.orig 2012-10-09 22:28:58.000000000 +0000 d15 4 a18 4 struct vmtotal total; size_t total_size = sizeof(total); int total_mib[] = { CTL_VM, VM_METER }; @@@@ -65,11 +71,17 @@@@ int netsnmp_mem_arch_load( netsnmp_cache d36 1 a36 1 @@@@ -80,9 +92,15 @@@@ int netsnmp_mem_arch_load( netsnmp_cache d47 3 d51 1 @ 1.2 log @Changes 5.4.2: snmplib: - [PATCH 1921861]: Avoid endless loop after truncating 64bit int - Better handling of CONTAINER_INSERT failures with multiple indices snmpd: - [PATCH 2023633]: add SCTP-MIB implementation (Linux only) - suppress annoying "registration != duplicate" warning for root oids build: - [BUG 2023803]: Compilation problems on HP-UX 11.31 - Update to libtool 1.5.26 AIX: - Add support for AIX 6.x. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- agent/mibgroup/hardware/memory/memory_freebsd.c.orig 2008-05-28 13:48:46.000000000 +0200 a14 1 struct vmmeter vmem; d17 3 a19 2 @@@@ -58,12 +64,18 @@@@ int netsnmp_mem_arch_load( netsnmp_cache sysctl(user_mem_mib, 2, &user_mem, &mem_size, NULL, 0); a26 1 auto_nlist(SUM_SYMBOL, (char *) &vmem, sizeof(vmem)); d36 1 a36 1 @@@@ -129,9 +141,15 @@@@ int netsnmp_mem_arch_load( netsnmp_cache d39 1 a39 1 mem->descr = strdup("Cached memory"); d45 3 a47 3 mem->units = vmem.v_page_size; mem->size = vmem.v_cache_max; mem->free = vmem.v_cache_max - vmem.v_cache_count; d51 1 a51 1 nswap = swapmode(pagesize); @ 1.1 log @Forgotten patch in last commit. @ text @d3 1 a3 1 --- agent/mibgroup/hardware/memory/memory_freebsd.c.orig 2007-02-05 18:25:59.000000000 +0000 d18 1 a18 3 @@@@ -53,12 +59,18 @@@@ int netsnmp_mem_arch_load( netsnmp_cache sysctl(total_mib, 2, &total, &total_size, NULL, 0); sysctl(phys_mem_mib, 2, &phys_mem, &mem_size, NULL, 0); d20 2 d24 2 a25 2 + sysctlbyname("vm.vmstats", & vms, &vms_size, NULL, 0); + sysctlbyname("vm.vmmeter", & vmem, &vmem_size, NULL, 0); d37 1 a37 1 @@@@ -124,8 +136,13 @@@@ int netsnmp_mem_arch_load( netsnmp_cache d43 2 a44 1 + mem->size = vms.v_cache_count; d47 2 a48 1 mem->size = vmem.v_cache_count; a49 1 mem->free = -1; d52 1 @