MIB Explorer 5.0.8 Release

Announcements
1

MIB Explorer 5.0.8 has been released 2022-06-26T22:00:00Z. The new release includes some security updates in dependencies (although the vulnerable features were not used) and a lot of internal fixes regarding TLS communication.

CHANGES

  • Updated: OpenJDK included in installer to version 18.0.1.
  • Changed: Removed OpenJFX support for the online help. If your OS does not provide a
    HTML browser, please visit MIB Explorer Manual
  • Fixed: Possible busy loop on writable key if outAppBuffer is there for a socket entry but contains no data to be sent.
  • Fixed: Concurrent reconnect (TCP,TLS) to use existing connect instead of always replacing it by new connection.
  • Fixed: TLS session not closed if inbound is done by TLS 1.3 remote (i.e., because of a TLS version mismatch).
  • Fixed: Possible race condition in Snmp.send() which could return null as ResponseEvent if the response was received shortly after the request timed out.
  • Improved: TLS handshaking “key is writable” looping when waiting for agent handshake response is now suppressed.
  • Added: TLS contextEngineID discovery cache to avoid rediscovery of context engine IDs for an address using RFC 5343 mechanism as long as the TLS connection to that address remains open.
  • Fixed [SFJ-245]: Possible Deadlock in Snmp.PendingRequest.resendRequest on behalf of (D)TLS context engine ID discovery.
  • Improved: Invalid as signed encoded 9 byte 64bit unsigned integer 64bit values will not be decoded by BER.decodeUnsignedInt64 anymore. Instead invalid length exception is thrown.
  • Fixed: Bug in DTLSTM.HandshakeTask.run() which caused DTLSTM handshake not to finish within timeout causing connect to fail or to be slow…
  • Fixed: Clean TLS session closing with TLSTM.SocketEntry.closeSession() and improved INFO logging when session is closed.
  • Fixed: NPE in DefaultTlsTmSecurityCallback if local fingerprint is null.
  • Fixed: Possible NPE when sending TLS message without tmStateReference.
  • Improved: Removed busy wait in DTLSTM.SocketEntry.
  • Improved: Transport state event sending for closed connections that are closed via TLS messages but not (yet) via closed TCP connections.
  • Fixed [SFJ-244]: Removed secret information (keys and passwords) from any log output (by default).
  • Added: Default non-printable character support for OctetString.toString().
  • Added [SFJ-243]: Add OSCP/CRL X500 certificate revocation checking support to SNMP4J (D)TLS. Set the System Property com.sun.net.ssl.checkRevocation to true and the Security Property ocsp.enable true to activate OSCP. Adding a revocation list URI in the UI will be added with the 5.0.9 release to activate CRL checking.
  • Added: Support for SHA384 and 512 to TLS cert fingerprint processing.