EngineID doesn't match RFC3411

Check for format 1 or 2 and don’t add random to them.
The RFC sets the length for those types.

                    The fifth octet indicates how the rest (6th and
                    following octets) are formatted. The values for
                    the fifth octet are:

                      0     - reserved, unused.

                      1     - IPv4 address (4 octets)
                              lowest non-special IP address

                      2     - IPv6 address (16 octets)
                              lowest non-special IP address
        engineID[4] = 2;
        OctetString os = new OctetString();
        try {
            byte[] b = InetAddress.getLocalHost().getAddress();
            if (b.length == 4) {
                engineID[4] = 1;

Is this a question or bug report?
In the latter case, please specify what you expect and why and what you get with which SNMP4J version in which context!

(It was meant to be a discussion. When RFCs/standards are involved they are just a starting point sometimes.) :slight_smile:

No context or engineID options were specified on the snmp4j command line. (defaults used)

    -E    contextEngineID   Set the context engine ID used for the SNMPv3
                            scoped PDU. The authoritative engine ID will be
                            used for the context engine ID, if the latter is
                            not specified.
    -e    engineID          Set the authoritative engine ID of the command
                            responder used for SNMPv3 request messages. If not
                            supplied, the engine ID will be discovered.
    -l    localEngineID     Set the local engine ID of the command generator
                            and the notification receiver used for SNMPv3
                            request messages. This option can be used to avoid
                            engine ID clashes through duplicate IDs leading to
                            usmStatsNotInTimeWindows reports.
    -n    contextName       Set the target context name for SNMPv3 messages.
                            Default is the empty string.

snmp4j-3.8.2/src/main/java/org/snmp4j/mp/MPv3.java decodes as in Wireshark 4.2.4:

    00.. .... = Class: UNIVERSAL (0)
    ..0. .... = P/C: Primitive Encoding
    ...0 0100 = Tag: OCTET STRING (4)
    Length: 13
    msgAuthoritativeEngineID: 80001370010a59fd10a8e7de2c
        1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
        Engine Enterprise ID: AGENT++ (4976)
        Engine ID Format: IPv4 address (1)
        Data not conforming to RFC3411
            [Expert Info (Warning/Protocol): Data not conforming to RFC3411]
                [Data not conforming to RFC3411]
                [Severity level: Warning]
                [Group: Protocol]

80001370    = AGENT++ (4976)
01          = IPv4 address (1)
0a 59 fd 10 =
a8e7de2c    = timestamp ???

The Wireshark dissector author interpreted the RFC to be specifying an exact length (epan/dissectors/packet-snmp.c):

		switch(format) {
			/* 4-byte IPv4 address */
			if (len_remain==4) {
				proto_tree_add_item(tree, hf_snmp_engineid_ipv4, tvb, offset, 4, ENC_BIG_ENDIAN);
			/* 16-byte IPv6 address */
			if (len_remain==16) {
				proto_tree_add_item(tree, hf_snmp_engineid_ipv6, tvb, offset, 16, ENC_NA);

The .cpp code for agent++-4.6.1 sets the type to 05 as an additional piece of text is passed in or extra text generated from the port number passed in:


OctetStr SnmpEngineID::create_engine_id(const OctetStr& userText) 
	// 8 = v3EngineID, 1370h = 4976 = AGENT++ enterprise ID
	OctetStr engineID((const unsigned char*)"\x80\x00\x13\x70\x05", 5);
OctetStr SnmpEngineID::create_engine_id(unsigned short p) 
	// 8 = v3EngineID, 1370h = 4976 = AGENT++ enterprise ID
	OctetStr engineID((const unsigned char*)"\x80\x00\x13\x70\x05", 5);

rfc3411: An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks

                      5     - Octets, administratively assigned
                              Maximum remaining length 27

If the defaults are used for snmp4j, could/should the type be changed to 05 in the cases where the engineID is automatically generated (random value appended) ? Or does the -l localEngineID text about duplicates give enough warning so that the random value is not needed and types 01 and 02 can continue to be used with the IP address only?