Bug 347711 - Port net-snmp to use NSS library for cryptography
Port net-snmp to use NSS library for cryptography
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: net-snmp (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jan Safranek
Fedora Extras Quality Assurance
: FutureFeature
Depends On:
Blocks: CryptoConsolidation
  Show dependency treegraph
 
Reported: 2007-10-23 06:21 EDT by Peter Vrabec
Modified: 2014-09-01 04:18 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-09-01 04:18:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Peter Vrabec 2007-10-23 06:21:07 EDT
net-snmp should be ported to use NSS library for cryptography.
See the tracking bug for details and links on how it could be done.
Comment 1 John Poelstra 2008-08-12 00:01:56 EDT
triaged
Comment 2 Bob Lord 2008-08-27 16:57:44 EDT
What cryptography does SNMP require?
Comment 3 Jan Safranek 2008-08-28 03:16:14 EDT
(In reply to comment #2)
> What cryptography does SNMP require?

See rfc 3414.
Comment 4 Bob Lord 2008-08-28 11:30:29 EDT
It looks like it just needs DES in CBC mode.  Is that the only encryption it needs?  

Does it do any other PKI operations like digital signing?
Comment 5 Bob Lord 2008-08-29 11:44:50 EDT
What about RFC 3826? Is that mode supported in Fedora/RHEL?
Comment 6 Jan Safranek 2008-09-03 04:32:38 EDT
(In reply to comment #5)
> What about RFC 3826? Is that mode supported in Fedora/RHEL?

Yes, it is. It would be best if you looked into the sources by yourself (there is no list of supported RFCs). You can look into the sources by yourself, or look at what symbols it uses from openssl.
Comment 7 Jan Safranek 2014-09-01 04:18:02 EDT
I think it's time to close this bug. I personally think that NSS has all the necessary features, we just miss the code. Patches are welcome upstream.

Note You need to log in before you can comment on or make changes to this bug.