Bug 1768908

Summary: Misleading "Address family for hostname not supported" from snmptrapd
Product: Red Hat Enterprise Linux 8 Reporter: Amey <abetkike>
Component: net-snmpAssignee: Josef Ridky <jridky>
Status: CLOSED ERRATA QA Contact: Evgeny Fedin <efedin>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.4CC: peter.vreman, sbalasub
Target Milestone: rcKeywords: Patch, Triaged, Upstream
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: net-snmp-5.8-21.el8 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-11-09 19:48:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Amey 2019-11-05 14:12:01 UTC 
NOTE:- bug #1485755 is already open for same issue in RHEL 7, but it is marked as won't fix hence raising this for RHEL 8.

Description:-
"authCommunity" directive with an IP address as "SOURCE" parameter causes snmptrapd to generate an error log "Address family for hostname not supported", which is quite misleading.

Version-Release number of selected component (if applicable):
net-snmp-5.7.2-24.el7_2.1.x86_64

How reproducible:
when an IP address or an IP network address ( IP/mask-length ) in a "authCommunity" directive in /etc/snmp/snmptrapd.conf
ex. authCommunity log,execute,net public 192.168.0.1

Steps to Reproduce:
1. create snmptrapd.conf with the following command.
  # echo "authCommunity log,execute,net public 192.168.0.1" > /etc/snmp/snmptrapd.conf
2. start snmptrapd daemon.
  # snmptrapd -Lf /tmp/s.log

Actual results:
an error message appears in the log file "/tmp/s.log" like:
---
 /etc/snmp/snmptrapd.conf: line 1: Error: Address family for hostname not supported
 net-snmp: 1 error(s) in config file(s)
 NET-SNMP version 5.7.2
---

Expected results:
no errors should be reported.

Additional info:
this seems a bug in IP address parsing functionality of snmptrapd.
i watched with gdb how the daemon parse an address.
the daemon did parse twice per address, both as IPv4 at first and as IPv6 at second, even if the address had proved to be a valid IPv4 address.
i think this second trial ( parsing addres as IPv6 ) generated the error message.

the gdb log below shows:
 first, the daemon called inet_pton() with AF_INET(2) in netsnmp_udp_parse_security(). this was IPv4 address parsing.
 second, the daemon called inet_pton() with AF_INET6(10) in netsnmp_udp6_parse_security(). this was IPv6 address parsing.
---
# gdb /usr/sbin/snmptrapd
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/sbin/snmptrapd...Reading symbols from /usr/sbin/snmptrapd...(no debugging symbols found)...done.
(no debugging symbols found)...done.
Missing separate debuginfos, use: debuginfo-install net-snmp-5.7.2-24.el7_2.1.x86_64
(gdb) b main
Breakpoint 1 at 0x2ea0
(gdb) run -Lf /tmp/s.log
Starting program: /usr/sbin/snmptrapd -Lf /tmp/s.log
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".

Breakpoint 1, 0x0000555555556ea0 in main ()
(gdb) b inet_pton
Breakpoint 2 at 0x7ffff5a42240
(gdb) c
Continuing.

Breakpoint 2, 0x00007ffff5a42240 in inet_pton () from /lib64/libc.so.6
(gdb) p $rdi
$1 = 2
(gdb) x/s $rsi
0x7fffffff5290: "192.168.0.1"
(gdb) where
#0  0x00007ffff5a42240 in inet_pton () from /lib64/libc.so.6
#1  0x00007ffff6b88548 in netsnmp_udp_parse_security () from /lib64/libnetsnmp.so.31
#2  0x00007ffff74fb79b in vacm_gen_com2sec () from /lib64/libnetsnmpagent.so.31
#3  0x00007ffff74fc800 in vacm_create_simple () from /lib64/libnetsnmpagent.so.31
#4  0x00007ffff74fc8d0 in vacm_parse_authcommunity () from /lib64/libnetsnmpagent.so.31
#5  0x00007ffff6b5c436 in run_config_handler () from /lib64/libnetsnmp.so.31
#6  0x00007ffff6b5cffd in read_config () from /lib64/libnetsnmp.so.31
#7  0x00007ffff6b5dffb in read_config_files_in_path () from /lib64/libnetsnmp.so.31
#8  0x00007ffff6b5e418 in read_config_files_of_type () from /lib64/libnetsnmp.so.31
#9  0x00007ffff6b5e4a3 in read_config_files () from /lib64/libnetsnmp.so.31
#10 0x00007ffff6b5e5f4 in read_configs () from /lib64/libnetsnmp.so.31
#11 0x00005555555577eb in main ()
(gdb) c
Continuing.

Breakpoint 2, 0x00007ffff5a42240 in inet_pton () from /lib64/libc.so.6
(gdb) p $rdi
$2 = 10
(gdb) x/s $rsi
0x7fffffff5270: "192.168.0.1"
(gdb) where
#0  0x00007ffff5a42240 in inet_pton () from /lib64/libc.so.6
#1  0x00007ffff6b865b1 in netsnmp_udp6_parse_security () from /lib64/libnetsnmp.so.31
#2  0x00007ffff74fb79b in vacm_gen_com2sec () from /lib64/libnetsnmpagent.so.31
#3  0x00007ffff74fc226 in vacm_create_simple () from /lib64/libnetsnmpagent.so.31
#4  0x00007ffff74fc8d0 in vacm_parse_authcommunity () from /lib64/libnetsnmpagent.so.31
#5  0x00007ffff6b5c436 in run_config_handler () from /lib64/libnetsnmp.so.31
#6  0x00007ffff6b5cffd in read_config () from /lib64/libnetsnmp.so.31
#7  0x00007ffff6b5dffb in read_config_files_in_path () from /lib64/libnetsnmp.so.31
#8  0x00007ffff6b5e418 in read_config_files_of_type () from /lib64/libnetsnmp.so.31
#9  0x00007ffff6b5e4a3 in read_config_files () from /lib64/libnetsnmp.so.31
#10 0x00007ffff6b5e5f4 in read_configs () from /lib64/libnetsnmp.so.31
#11 0x00005555555577eb in main ()
(gdb) c
Continuing.
Detaching after fork from child process 15338.
[Inferior 1 (process 15320) exited normally]
---
Comment 19 errata-xmlrpc 2021-11-09 19:48:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (net-snmp bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2021:4439