Bug 574035

Summary: snmpget return 0 return code on short passphrase error
Product: Red Hat Enterprise Linux 5 Reporter: Jan Friesse <jfriesse>
Component: net-snmpAssignee: Jan Safranek <jsafrane>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.5CC: ksrot, rvokal
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 574061 668390 (view as bug list) Environment:
Last Closed: 2011-07-21 09:10:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 574061    

Description Jan Friesse 2010-03-16 13:04:55 UTC 
Description of problem:
snmpget/snmpwalk/... returns error code 0 (= success) on passphrase error (error is correctly written to stderr). snmpget/... should return error code different than zero in such situation.

This is major problem. Minor problem is, that snmpcmd SHOULD ignore settings not applicable to selected version of SNMP (like -A should be ignored in case of -v 1/2c)

How reproducible:
Run snmpget with password shorter than 8 characters.

[honza@daemon ~]$ /usr/bin/snmpget -v '1' -c 'private' -A 'x' -u 'x' '127.0.0.1:161'  1.2.3
Error: passphrase chosen is below the length requirements of the USM (min=8).
/usr/bin/snmpget:  (The supplied password length is too short.)
Error generating a key (Ku) from the supplied authentication pass phrase.
[honza@daemon ~]$ echo $?
0


Steps to Reproduce:
1. /usr/bin/snmpget -v '1' -c 'private' -A 'x' -u 'x' '127.0.0.1:161'  1.2.3
2. echo $?
  
Actual results:
0


Expected results:
Value different from zero
Comment 1 Jan Safranek 2010-04-26 13:40:51 UTC 
Oops, wrong bug, moving back to ASSIGNED.
Comment 9 errata-xmlrpc 2011-07-21 09:10:16 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1076.html
Comment 10 errata-xmlrpc 2011-07-21 12:21:41 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-1076.html