SNMP4J-Agent Release 3.8.0 (Security Fix)

Announcements
1

SNMP4J-Agent 3.8.0 has been released 2024-04-22T22:00:00Z with many fixed and one important security fix for inner ManagedObject VACM OID exclusion for GETNEXT/GETBULK operations. SET operations are not affected.

Dependencies

  • SNMP4J 3.8.1
  • Java 9

CHANGES (since 3.6.8)

  • SECURITY: VACM access rights limiting access within multi OID ManagedObjects like DefaultMOTable did not work
    properly for GETNEXT and GETBULK requests because accessible objects could have been ignored if non-accessible
    objects needed to be skipped by the NEXT operation before reaching the accessible object. If an accessible object,
    was found first on a sub-request non-included or excluded objects of an effective VACM view could have been disclosed
    if the view excludes access to certain objects within the scope of a ManagedObject, i.e., DefaultMOTable,
    StaticMOGroup, and MOSubtreeProxy.
    This has been fixed by adding the ManagedObject.find(MOQuery query, Function<OID, Boolean> filter) and
    ManagedObject.next(SR request, Function<OID, Boolean> filter) methods which filter out any OIDs that are not included
    in the VACM view.
    The CommandProcessor uses both methods as part of GETNEXT/GETBULK processing instead of calling ManagedObject.find
    (which is still called indirectly) and ManagedObject.next(SR request) which is not used anymore (now deprecated).
  • Fixed: Option CommandProcessor.setLockNonNextRequestsSortedByVbOid flag to enable reordering of locking
    SNMP sub-requests based on their OID did not work correctly if same OID was given more than once within same PDU.
  • Fixed: Implemented snmpUnknownContexts.0 Counter and corresponding checks in CommandProcessor.isContextNotSupported().
  • Improved: Info logging in NotificationOriginatorImpl.notify when INFORM response has not been received.

[2024-04-11] v3.7.2 (Requires SNMP4J v3.8.0 or later)

  • Added: Added MOPersistentProvider.close() method.

[2024-04-05] v3.7.1 (Requires SNMP4J v3.8.0 or later)

  • Fixed: Regression in 3.7.0 CommandProcessor.GetHandler NullPointerException on GET requests with noSuchObject exceptions.
  • Fixed: OID returned in RESPONSE PDU for a GET request was wrong if such an instance does not exist or such an object does not exist (noSuchInstance and noSuchObject exception). According to RFC 3416 §4.2.1, the returned OID must be the OID of the corresponding variable binding from the request. Instead, the OID of the scalar was returned managing the accessed OID region.

[2024-04-02] v3.7.0 (Requires SNMP4J v3.8.0 or later)

  • Fixed: SnmpNotificationMIB.passesFilter(OID notificationID, VariableBinding[] vbs, List<DefaultMOMutableRow2PC> profiles) did return false (i.e., “do not send notification”) when no matching filter was found for a matching profile. According to RFC 3413 §6 this behaviour is wrong and notification should be sent instead.
  • Fixed: Deadlock in DefaultMOServer.lock(..) if timeoutMillis are set to 0.
  • Fixed: Race condition in NotificationOriginatorImpl.notify(..) if notificationEventID is being modified by another thread before notifications are actually sent out.
  • Fixed: nlmLogTable: NotificationLogMib.NlmConfigGlobalEntryLimit.commit() tried update limits using profileName that is not available by this object. This update is now executed by NlmConfigLogEntryRow.commit(..).
  • Fixed: VacmMIB.VacmContextTableModel.tailIterator() did not return objects in correct order for all cases because it used the wrong comparator for its binarySearch operation.
  • Fixed: snmpTargetAddrTMask did not validate length of mask to match length of the corresponding snmpTargetAddrTAddress.
  • Fixed: MOPropertyInput threw NullPointerException on loading DefaultMOTable data from a config properties file when table data was defined for a supported context.
  • Fixed: Implemented snmpUnknownContexts.0 Counter and corresponding checks in CommandProcessor.isContextNotSupported().
  • Changed: Snmp4JLogMib’s textual convention LogLevel now allows to set notSpecified(0) too.
  • Improved: MOMutableColum.validate now takes 3rd parameter to be able to identify the cell instance to be validated.
    which is sometime necessary to verify a value against other values in a MIB.
  • Improved: Multi-threading support by copying notificationID before processing notifications.
  • Improved: NotificationOriginator uses common sysUpTime by default for the same notification sent to different targets.
  • Improved: coldStart notification is sent asynchronously.
  • Improved: Logging if a VB OID of a notification payload is not granted access and therefore notification is not sent.
  • Improved: Unlock of ManagedObjects now uses notifyAll() instead notify() to avoid temporary deadlocks across 3 or more ManagedObjects and SET requests.
  • Improved: GET, GETNEXT, and GETBULK requests can now be included in a lock strategy for locking too. GET requests and SET requests are first locked (if necessary by lock strategy) and then processed if are locks have been acquired.
    For GETNEXT and GETBULK locks are acquired by sub-request step-by-step. The search operation for NEXT-type request can require several locks per sub-requests. Locking all managed objects before processing the requests, would be not efficient for these request types.
  • Improved: LookupListener.useCompleted(SubRequest) is now called too for GET, GETNEXT, and GETBULK requests.
  • Improved: Even if exceptions are thrown while MangedObjects are locked by request processing, these ManagedObjects are properly unlocked when request is finished.
  • Added: Support for “configurable-only” SerializableManagedObjects. By setting setVolatile(true) and setConfigurable(false), the behaviour before <3.7.0 can be restored. If setConfigurable(true) (default) and isVolatile(true) objects can be configured using MOInput (for example from a properties file) but not persistently saved or restored. Although DefaultMOTable and MOScalar objects are configurable by default, MOScalar is not configurable if its value has the syntax Counter32, Counter64, or TimeTicks.
  • Added: Option CommandProcessor.setLockNonNextRequestsSortedByVbOid flag to enable/disable reordering of locking SNMP subrequests based on their OID to implement a hierarchy based deadlock prevention for processing SET and GET requests. This reordering is disabled by default. If enabled the sub-requests of SET and GET requests will be locked in the lexicographic order of the VB OIDs. This eliminates any likelihood of deadlocks caused by intersecting PDU requests (at least with the default LockStrategy that locks for SET requests only).
  • Added: Option DefaultMOServer.setDeadlockPreventionEnabled (disabled by default) to enable super-thread based deadlock prevention. Enabling this option reduces overall performance if deadlocks are prevented by OID hierarchy based lock access (see SnmpRequest.USE_VBS_REORDERING_ON_SET_TO_PREVENT_DEADLOCKS for SNMP requests) anyway.
  • Added: Unit tests for SNMP4J’s TableUtils with sparse table with null columns and fewer rows than columns and single max columns and repetitions per PDU.
  • Added: AgentConfigManager.getCommandProcessor()
  • Added: VACM.hasContext(OctetString contextName) with default implementation which returns true (which provides full backward compatibility).
  • Added: MOServer.unlockNow(..) which unlocks a ManagedObject for a specified owner regardless of any recursive locks.
  • Added: MOServer.waitForUnlockedState(long timeoutMillis) and AgentConfigManager.waitUntilPendingModificationsDone() to support a clean shutdown of a SNMP agent by waiting for write access operations to complete on managed objects before saving agent state to persistent storage.