oops, the file format for the users file is the next: #engine-id username auth_pass priv_pass auth_model priv_model # engine-id, username and passwds can be either "quoted" or hex # double quoted strings are c-style strings and take escape chars 80001F888059DC486145A26322 "pippo" "plutoxxx" "PLUTOxxx" MD5 DES
80001F888059DC486145A26322 "pippo2" "plutoxxx" "PLUTOxxx" #defaults to MD5 DES 000000000000000000000002 "test1" "maplesyrup" "XXX" # example from RFC3414 On 1/9/07, LEGO <[EMAIL PROTECTED]> wrote: > Here we go! > > what's missing is: > > * auth SHA1 -- RFC3414 section 7 > * crypt AES -- RFC3826 > > * localized key cahching -- so that if a (mentally stable) system > administrator uses the same username/password for all nodes in a > network he has to add just one line to the users file, instead of one > for each authoritative engine as it works now. We want to do caching > instead of calculating the localized key every time because key > localization is a very intensive task) > > sha1 and aes are (relatively) simple implementations (one function > mimics md5 the other one does the same with des), if you (or someone > else) takes care of those I'll go for the caching and we can get it > out complete very soon. > > Testing with broken packets is welcome too, fuzz testing it against a > wide capture library would help but hand-crafted malformed packets > tests would have better aim. > > However the most important test to be done is that it does no harm > while disabled. Weird runtime linking problems disallow me to build > with net-snmp so I cannot test it that way. I do not think that > net-snmp changes anything for this but verifying that everything that > worked before works afterwards it's a must. > > Luis > > On 1/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > http://anonsvn.wireshark.org/viewvc/viewvc.cgi?view=rev&revision=20353 > > > > User: lego > > Date: 2007/01/09 06:38 PM > > > > Log: > > SNMPv3 USM decryption/authentication phase 1 > > > > Directory: /trunk/epan/crypt/ > > Changes Path Action > > +3 -1 Makefile.common Modified > > +120 -0 hmac.c Added > > +34 -0 hmac.h Added > > > > Directory: /trunk/epan/dissectors/ > > Changes Path Action > > +603 -122 packet-snmp.c Modified > > +73 -0 packet-snmp.h Modified > > > > Directory: /trunk/epan/ > > Changes Path Action > > +5 -0 Makefile.am Modified > > +1 -0 Makefile.common Modified > > > > Directory: /trunk/asn1/snmp/ > > Changes Path Action > > +436 -8 packet-snmp-template.c Modified > > +73 -0 packet-snmp-template.h Modified > > +103 -20 snmp.cnf Modified > > > > _______________________________________________ > > Wireshark-commits mailing list > > Wireshark-commits@wireshark.org > > http://www.wireshark.org/mailman/listinfo/wireshark-commits > > > > > -- > This information is top security. When you have read it, destroy yourself. > -- Marshall McLuhan > -- This information is top security. When you have read it, destroy yourself. -- Marshall McLuhan _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-dev
