ISSUES - vendor/opensource/netsnmp - Git at Google

 # This file contains a list of issues and ownership of those issues.  It
 # is meant to be a convenient but trivial method of logging work that
 # people are doing so as to avoid conflict when possible as well as
 # logging thoughts/errors/yet-to-be-done-features before they are
 # forgotten about.  This file should be committed _immediately_ after you
 # modify it.
 #
 # Format:
 #   SYMBOL USER/DATE : USER/DATE/DATE
 #       DESCRIPTION
 #
 # Where the first USER/DATE pair is the date it was created in this
 # file, and the second USER/DATE/DATE is the person working on the issue
 # and the date began and the date finished.
 #
 # Symbols:
 #
 # * Needed by next release/demo                 (oct)
 # + Needed by the following release/demo        (feb)
 # - Needed at some point later                  (phase II)
 # . Completed
 #
 # (a given symbol doesn't mean that they can't be completed earlier...
 # They are a deadline indicator)

 . hardaker/Sep 23 hardaker/Nov 15 1998/Nov 15 1998
     snmplib/snmpusm.c: snmp_clone_user() should be split into two
     functions, namely snmp_create_user() and snmp_cloneFrom_user().

 . hardaker/Sep 23 : hardaker/Nov 15 1998/Nov 15 1998
     snmplib/snmpusm.c: snmp_clone_user() shouldn't clone the name and
     engineid when cloneFrom is set?

 + hardaker/Sep 23
     Is creation of users via sets to something other than the
     usmUserStatus object going to be allowed?  For the time being, for
     ease of implementation, the status column *must* be set first.  This
     might need to change later if we so decide.

 + hardaker/Sep 23
     usmUserSpinLock needs to be done better and to return an error asap,
     rather than at commit.  Undo should undo the set as well.

 + hardaker/Sep 23
     Actually, the usm code should be careful about backing out of a set
     (currently at COMMIT, it happens regardless of past or future fails).

 . hardaker/Sep 23 hardaker/Nov 15 1998/Nov 15 1998
     The EngineBoots incrementer needs to be reset upon a engineID change.

 + hardaker/Sep 23
     When cloning, what do we do when a malloc fails in mid stream?  Do
     we need to revert all the back to the pre-attempt version of the
     user?  Probably, and this needs to be fixed in snmpusm.c.

 + hardaker/Sep 23
     usmUser.c: check all user->statusUserStorageType before modifying
     a user that can't be saved later.

 + hardaker/Sep 23
     general question:  notReady can never be set as a RowStatus, but
     what error is the proper error to return if someone tries?

 - hardaker/Sep 27
     currently the persistent cache assumes name and secName don't have
     NULLs in them.

 + hardaker/Sep 27
     usmUser parsing will fill the structure if parsed twice.  The free
     routine in the config_handler needs to be created.

 + hardaker/Sep 29
     snmp_agent.c:474: Correctly map error codes from mib modules from
     v2/v3 errors to v1.

 + hardaker/Sep 30
     snmp_agent.c:359: I don't think a write_() function gets called if
     the first pass (RESERVE1) gets an error.  Should a ACTION/UNDO be
     called?  Yes? No?

 - hardaker/Sep 30
     None of the libraries asn_parse_objid() and similar functions are
     passed a max length to look into the data, and therefore if the
     data is corrupted a segfault (or whatever) could occur.  Repeat
     after me:  "I love CMU".

 - hardaker/Sep 30
     snmp_agent.c: parse_var_op_list() spends too much overhead
     building data repeatedly on sets (for RESERVEs, COMMIT, ...)?

 + hardaker/Oct 05
     snmp_agent.c: complete rewrite of the agent packet handling to use
     a pdu structure instead of encoding/decoding as it goes along.
     Advantages:  more code reuse from the library.
     Disadvantages:  possibly more overhead.

 . hardaker/Oct 05 niels/long ago/long ago
     snmptrapd still doesn't handle informs...  it should...

 + hardaker/Oct 06
     fix all asn_parse/build_int() to use longs.

 - dreeder/Oct  7 1998
         Check that all exec'ed or system'ed files or files opened for
         reading/writing have file characteristics we expect (eg, not a
         symbolic link to /etc/passwd...), and abort operations for files
         set with improper permission bits.

 - dreeder/Oct 12 1998
 	Check returns on malloc's/strdup's; zero freshly malloc'd bytes where
 	appropriate; be sure to zero out sensitive bytes before free'ing.

 - dreeder/Oct 12 1998
 	Add time stamps to log files.
 	(This will require creation of a logging API, FYI -- Wes)

 . hardaker/Oct 12 1998 hardaker/Nov 15 1998/Nov 15 1998
 	memory leak in the agent due to non-freed PDU (my fault).
 	(fix possible thanks to Joe's nuke of the internal pdu).

 + hardaker/Oct 12 1998
 	in variable_list, only string is ever malloced?
 	(snmp_free_var only frees a string, but everything is a pointer?)

 . dreeder/Oct 28 1998 hardaker/Dec 29 1998/Dec 29 1998/
 	Create snmp_hash() under which *all* hash implementations can live.
 	Notably, "internal" MD5 and KMT.
         (-> sc_hash())

 * hardaker/Dec 29 1998
 	From email:
 		Can you tell me what went wrong with the messages
 		encrypted with IDEA (I received very long replies)?

 * hardaker/Dec 29 1998
 	snmpInASNParseErrs should be incremented all over the place.

 * hardaker/Dec 29 1998
 	From email:
 		* Minor: agent returns noError on gets with msgMaxSize
 		  above and below the valid range.  This appears to be
 		  fairly common.

 * hardaker/Dec 29 1998
 	From email:
 		msgFlags:

 		[Note: I'm not sure what the current consensus is on
 		reportableFlag, etc.  I think it may have changed
 		since I wrote these tests].

 		* The agent drops requests with msgFlags = 0x01
 		  (auth/nopriv/not reportable).

 		* snmpInvalidMsgs is not being incremented for
 		  msgFlags = 0x02 (no auth/priv/not reportable).  Not
 		  sure if another counter is.

 		* usmStatsUnsupportedSecLevels is incremented/reported
 		  for msgFlags = 0x06 (no auth/priv/not reportable).
 		  This may be ok. Presently the test expects
 		  snmpInvalidMsgs instead.

 		* Agent returns noError with msgFlags encoded as an
 		  INTEGER with value 0x00 (instead of an octet
 		  string).

 		* FYI: The agent drops packets with various
 		  combinations of msgSecurityParameters and
 		  msgSecurityModel other than USM.  The test currently
 		  expects snmpUnknownSecurityModels, but at the time
 		  of the writing the behavior was mostly undefined
 		  (ie., whether or no to send a report).

 * hardaker/Dec 29 1998
 	We should use "" instead of "initial" for sending/receiving
 	engineID probes (opps).


 * hardaker/Jan 06 1998
 	The use of the known integer, instead of a random value, for
 	the salt initialization is a bad thing.
	# This file contains a list of issues and ownership of those issues. It
	# is meant to be a convenient but trivial method of logging work that
	# people are doing so as to avoid conflict when possible as well as
	# logging thoughts/errors/yet-to-be-done-features before they are
	# forgotten about. This file should be committed _immediately_ after you
	# modify it.
	#
	# Format:
	# SYMBOL USER/DATE : USER/DATE/DATE
	# DESCRIPTION
	#
	# Where the first USER/DATE pair is the date it was created in this
	# file, and the second USER/DATE/DATE is the person working on the issue
	# and the date began and the date finished.
	#
	# Symbols:
	#
	# * Needed by next release/demo (oct)
	# + Needed by the following release/demo (feb)
	# - Needed at some point later (phase II)
	# . Completed
	#
	# (a given symbol doesn't mean that they can't be completed earlier...
	# They are a deadline indicator)

	. hardaker/Sep 23 hardaker/Nov 15 1998/Nov 15 1998
	snmplib/snmpusm.c: snmp_clone_user() should be split into two
	functions, namely snmp_create_user() and snmp_cloneFrom_user().

	. hardaker/Sep 23 : hardaker/Nov 15 1998/Nov 15 1998
	snmplib/snmpusm.c: snmp_clone_user() shouldn't clone the name and
	engineid when cloneFrom is set?

	+ hardaker/Sep 23
	Is creation of users via sets to something other than the
	usmUserStatus object going to be allowed? For the time being, for
	ease of implementation, the status column must be set first. This
	might need to change later if we so decide.

	+ hardaker/Sep 23
	usmUserSpinLock needs to be done better and to return an error asap,
	rather than at commit. Undo should undo the set as well.

	+ hardaker/Sep 23
	Actually, the usm code should be careful about backing out of a set
	(currently at COMMIT, it happens regardless of past or future fails).

	. hardaker/Sep 23 hardaker/Nov 15 1998/Nov 15 1998
	The EngineBoots incrementer needs to be reset upon a engineID change.

	+ hardaker/Sep 23
	When cloning, what do we do when a malloc fails in mid stream? Do
	we need to revert all the back to the pre-attempt version of the
	user? Probably, and this needs to be fixed in snmpusm.c.

	+ hardaker/Sep 23
	usmUser.c: check all user->statusUserStorageType before modifying
	a user that can't be saved later.

	+ hardaker/Sep 23
	general question: notReady can never be set as a RowStatus, but
	what error is the proper error to return if someone tries?

	- hardaker/Sep 27
	currently the persistent cache assumes name and secName don't have
	NULLs in them.

	+ hardaker/Sep 27
	usmUser parsing will fill the structure if parsed twice. The free
	routine in the config_handler needs to be created.

	+ hardaker/Sep 29
	snmp_agent.c:474: Correctly map error codes from mib modules from
	v2/v3 errors to v1.

	+ hardaker/Sep 30
	snmp_agent.c:359: I don't think a write_() function gets called if
	the first pass (RESERVE1) gets an error. Should a ACTION/UNDO be
	called? Yes? No?

	- hardaker/Sep 30
	None of the libraries asn_parse_objid() and similar functions are
	passed a max length to look into the data, and therefore if the
	data is corrupted a segfault (or whatever) could occur. Repeat
	after me: "I love CMU".

	- hardaker/Sep 30
	snmp_agent.c: parse_var_op_list() spends too much overhead
	building data repeatedly on sets (for RESERVEs, COMMIT, ...)?

	+ hardaker/Oct 05
	snmp_agent.c: complete rewrite of the agent packet handling to use
	a pdu structure instead of encoding/decoding as it goes along.
	Advantages: more code reuse from the library.
	Disadvantages: possibly more overhead.

	. hardaker/Oct 05 niels/long ago/long ago
	snmptrapd still doesn't handle informs... it should...

	+ hardaker/Oct 06
	fix all asn_parse/build_int() to use longs.

	- dreeder/Oct 7 1998
	Check that all exec'ed or system'ed files or files opened for
	reading/writing have file characteristics we expect (eg, not a
	symbolic link to /etc/passwd...), and abort operations for files
	set with improper permission bits.

	- dreeder/Oct 12 1998
	Check returns on malloc's/strdup's; zero freshly malloc'd bytes where
	appropriate; be sure to zero out sensitive bytes before free'ing.

	- dreeder/Oct 12 1998
	Add time stamps to log files.
	(This will require creation of a logging API, FYI -- Wes)

	. hardaker/Oct 12 1998 hardaker/Nov 15 1998/Nov 15 1998
	memory leak in the agent due to non-freed PDU (my fault).
	(fix possible thanks to Joe's nuke of the internal pdu).

	+ hardaker/Oct 12 1998
	in variable_list, only string is ever malloced?
	(snmp_free_var only frees a string, but everything is a pointer?)

	. dreeder/Oct 28 1998 hardaker/Dec 29 1998/Dec 29 1998/
	Create snmp_hash() under which all hash implementations can live.
	Notably, "internal" MD5 and KMT.
	(-> sc_hash())

	* hardaker/Dec 29 1998
	From email:
	Can you tell me what went wrong with the messages
	encrypted with IDEA (I received very long replies)?

	* hardaker/Dec 29 1998
	snmpInASNParseErrs should be incremented all over the place.

	* hardaker/Dec 29 1998
	From email:
	* Minor: agent returns noError on gets with msgMaxSize
	above and below the valid range. This appears to be
	fairly common.

	* hardaker/Dec 29 1998
	From email:
	msgFlags:

	[Note: I'm not sure what the current consensus is on
	reportableFlag, etc. I think it may have changed
	since I wrote these tests].

	* The agent drops requests with msgFlags = 0x01
	(auth/nopriv/not reportable).

	* snmpInvalidMsgs is not being incremented for
	msgFlags = 0x02 (no auth/priv/not reportable). Not
	sure if another counter is.

	* usmStatsUnsupportedSecLevels is incremented/reported
	for msgFlags = 0x06 (no auth/priv/not reportable).
	This may be ok. Presently the test expects
	snmpInvalidMsgs instead.

	* Agent returns noError with msgFlags encoded as an
	INTEGER with value 0x00 (instead of an octet
	string).

	* FYI: The agent drops packets with various
	combinations of msgSecurityParameters and
	msgSecurityModel other than USM. The test currently
	expects snmpUnknownSecurityModels, but at the time
	of the writing the behavior was mostly undefined
	(ie., whether or no to send a report).

	* hardaker/Dec 29 1998
	We should use "" instead of "initial" for sending/receiving
	engineID probes (opps).


	* hardaker/Jan 06 1998
	The use of the known integer, instead of a random value, for
	the salt initialization is a bad thing.