- Download Diff

Summary:

AE-558 SNMP stop working after reboot |ePassport |AS-18023|

Review Request #803 — Created April 16, 2025 and submitted April 25, 2025, 2:21 p.m.

Information
Owner:	rvempati
Repository:	APV10
Branch:	rel_apv_10_7_2
Bugs:	https://arraynetworks.atlassian.net/browse/AE-558
Depends On:
Reviewers
Groups:
People:	mmiriam, pradeep, prajesh, tanya

Description

For Array Enterprise ID 7564, used SHA1 Hashing then base64 encoding on serial number to generate engineID to persist across reboots

Testing Done

APV -1:
Before reboot:
/etc/snmp/snmpd.conf
engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
[root@APV-1 test]#

After reboot:
/etc/snmp/snmpd.conf
engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
[root@APV-1 test]#

APV -2:
Before reboot:
/etc/snmp/snmpd.conf
engineID gAAAHYw3QTNBNEZFMEQ4NTRDMDA
[root@APV-2 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.148 1.3.6.1.6.3.10.2.1.1.0
SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 33 51 54 4E 42 4E 45 5A 46 4D 45 51 34 4E 54 52 44 4D 44 41
[root@APV-2 test]#

After reboot:
/etc/snmp/snmpd.conf
engineID gAAAHYw3QTNBNEZFMEQ4NTRDMDA
[root@APV-2 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.148 1.3.6.1.6.3.10.2.1.1.0
SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 33 51 54 4E 42 4E 45 5A 46 4D 45 51 34 4E 54 52 44 4D 44 41
[root@APV-2 test]#

Issues

Description	From	Last Updated
define MAX_CA_ENGINE_ID_LEN 28	prajesh	April 20, 2025, 2:50 p.m.
Update in comment format / * /	mmiriam	April 20, 2025, 2:51 p.m.
enterprise id for array is ::= { enterprises 7564 } in ./usr/click/lib/libca_snmp_mib/CA-SNMP-MIB.txt. Confirm if we need to use this OID?	mmiriam	April 20, 2025, 2:52 p.m.
use #define.	prajesh	April 20, 2025, 2:51 p.m.
if it fails, dont return.. just log and write other configurations.	prajesh	April 20, 2025, 2:51 p.m.
I dont think we need this..	prajesh	April 20, 2025, 2:51 p.m.
remove whitespace in red.	prajesh	April 21, 2025, 3:48 p.m.
we still do hash ?	prajesh	April 21, 2025, 3:48 p.m.
where do we do this? What is the logic now?	prajesh	April 21, 2025, 3:48 p.m.
Not using this function anywhere	mmiriam	April 23, 2025, 5:20 p.m.
In apv this file is already present. who created this? Is there already a function available filling these details?	mmiriam	April 21, 2025, 5:30 p.m.
Are these values used by anybody else?	mmiriam	April 21, 2025, 5:24 p.m.
will these values won't change? why are we giving hardcoded value?	mmiriam	April 21, 2025, 5:24 p.m.
We are removing the persist file.. then your changes will go away .. How is the fix working?	prajesh	April 21, 2025, 6:38 p.m.
calling two times	mmiriam	April 23, 2025, 5:20 p.m.
this goes and deletes the PERSIST FILE. Is not our then your changes are not persisting?	prajesh	April 21, 2025, 6:28 p.m.
Dont think it is useful. Anyway the string will be b54 encoded.	prajesh	April 24, 2025, 4:11 p.m.
Just log an error and do not return -1.	prajesh	April 23, 2025, 5:35 p.m.
directly print pInfo->engineID_b64 instead of calling generate_snmp_engineID again?	mmiriam	April 24, 2025, 4:12 p.m.
Or remove this call. I think new struct mem is not required. are we going to use it? if not …	mmiriam	April 24, 2025, 4:11 p.m.
Log and silently ignore the error so that it can still work without your changes.	prajesh	April 23, 2025, 5:36 p.m.
what is the need for this?	prajesh	April 23, 2025, 5:39 p.m.
why to take it as global? you are using it only in one function	mmiriam	April 25, 2025, 10:48 a.m.
Why do we need this..	prajesh	April 25, 2025, 10:47 a.m.
if you do unlock here it can be a problem and add call to generate_snmp_engineID in snmp_update function and remove …	mmiriam	April 25, 2025, 10:49 a.m.
this function already writes that into snmpd.conf.	prajesh	April 25, 2025, 10:48 a.m.
remove whitespace.	prajesh	April 25, 2025, 1:40 p.m.
this should be printed only else or success case.	prajesh	April 25, 2025, 1:39 p.m.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 1)
Show all issues
```
define MAX_CA_ENGINE_ID_LEN  28
```
1. rvempati April 20, 2025, 2:52 p.m.
  Used as Macro in snmpcli.h file
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 1)
Show all issues
```
use #define.
```
1. rvempati April 20, 2025, 2:52 p.m.
  Used as Macro in snmpcli.h file
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 1)
Show all issues
```
if it fails, dont return.. just log and write other configurations.
```
1. rvempati April 20, 2025, 2:52 p.m.
  Sure,
  Changed as suggested.
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 1)
Show all issues
```
I dont think we need this..
```
1. rvempati April 20, 2025, 2:52 p.m.
  Reverted.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 1)
Show all issues
```
Update in comment format 

/

 *
 /
```
1. rvempati April 20, 2025, 2:52 p.m.
  Updated

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 1)

Show all issues

enterprise id for array is ::= { enterprises 7564 }
in ./usr/click/lib/libca_snmp_mib/CA-SNMP-MIB.txt. Confirm if we need to use this OID?

rvempati April 20, 2025, 2:52 p.m.

Used the same Enterprise ID as Macro in snmpcli.h file

Change Summary:

Updated the SNMP EngineID generation using Serial Number by SHA1 Hashing then encoding it with Base64.

Description:

~		Used base64 encoding on serial number to generate engineID persistent across reboots
	~	For Array Enterprise ID 7564, used SHA1 Hashing then base64 encoding on serial number to generate engineID to persist across reboots

Testing Done:

~		rrayOS Rel.APV.10.7.2.17 - untagged unofficial build by uid=0(root) gid=0(root) groups=0(root) on devclient: on Tue Apr 15 17:15:37 2025
	~	ArrayOS Rel.APV.10.7.2.17 - untagged unofficial build by uid=0(root) gid=0(root) groups=0(root) on devclient: on Sun Apr 20 00:20:37 2025
		Copyright (c) 2000-2025 Array Networks Inc. All rights reserved.

		Type "?" for available commands

		!!Reminder!! Please log on to the WebUI to register this system.





		APV-1>en
		Enable password:

		APV-1#c t

		APV-1(config)#sh run snmp

		APV-1(config)#show running "snmp"

		snmp configuration

		snmp community "public"
		snmp contact ""
		snmp location ""
		snmp host 192.168.162.171 3 "rohith" "12345678" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" 161 "SHA1"
~		snmp enable traps
	~	no snmp enable traps
		snmp traps loglevel crit
		snmp v3user "rohith" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" "SHA1"
		snmp ipcontrol on
		snmp on default

		APV-1(config)#

-		[root@APV-1 test]# vi /var/lib/net-snmp/snmpd.conf
-		setserialno 227675036
-		oldEngineID 0x80001f88803a8936440fcdfe6700000000
-
-		[root@APV-1 test]# vi /etc/snmp/snmpd.conf
-		engineID gAAfiAAzRjM5NTU5RDExNUY5MDA
-
		[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
~		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 66 69 41 41 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
~
	~	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 00 1D 8C 05 F0 58 24 4B DE 36 55 63 BC D8 18 70 BC 5D 8A CA 99 EF 03 8B 84 78 38 DF FE 5B
	~	[root@APV-1 test]#
-		[root@APV-1 test]# ps -ef \| grep snmpd
-		root 10131 1 0 21:18 ? 00:00:00 /usr/sbin/snmpd -I -ifTable -I -ifXTable -LS0-6d -p /var/run/snmpd.pid
-		root 10303 1 0 21:18 ? 00:00:00 /usr/sbin/snmpd -C -c /ca/etc/snmpdp.conf -LS0-6d -p /var/run/snmpdp.pid
-		root 11290 10650 0 21:20 pts/1 00:00:00 grep --color=auto snmpd
-
-		[root@APV-1 test]# kill -9 10131
-		[root@APV-1 test]# kill -9 10303

~		[root@APV-1 test]# sh /ca/bin/snmpd
	~	APV-1(config)#sys reb

~		[root@APV-1 test]# ps -ef \| grep snmpd
~		root 11318 1 0 21:20 ? 00:00:00 /usr/sbin/snmpd -I -ifTable -I -ifXTable -LS0-6d -p /var/run/snmpd.pid
~		root 11333 1 0 21:21 ? 00:00:00 /usr/sbin/snmpd -C -c /ca/etc/snmpdp.conf -LS0-6d -p /var/run/snmpdp.pid
~		root 11445 10650 0 21:21 pts/1 00:00:00 grep --color=auto snmpd
	~	APV-1(config)#system reboot
	~	Unsaved configuration changes will be lost
	~	This will reboot the system immediately
	~	type "YES" to continue:YES
	+	Rebooting...

		[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
~		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 66 69 41 41 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
~
	~	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 00 1D 8C 05 F0 58 24 4B DE 36 55 63 BC D8 18 70 BC 5D 8A CA 99 EF 03 8B 84 78 38 DF FE 5B
	~	[root@APV-1 test]#
-
-
-		Also checked with another APV:
-		[root@APV-2 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.148 1.3.6.1.6.3.10.2.1.1.0
-		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 66 69 41 41 33 51 54 4E 42 4E 45 5A 46 4D 45 51 34 4E 54 52 44 4D 44 41
-		[root@APV-2 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.148 1.3.6.1.6.3.10.2.1.1.0
-		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 66 69 41 41 33 51 54 4E 42 4E 45 5A 46 4D 45 51 34 4E 54 52 44 4D 44 41

Diff:

Revision 2 (+125)

Show changes

	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c
	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmpcli.h

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 2)
Show all issues
```
remove whitespace in red.
```
1. rvempati April 21, 2025, 3:49 p.m.
  removed
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 2)
Show all issues
```
we still do hash ?
```
1. rvempati April 21, 2025, 3:49 p.m.
  Updated the SNMP engineID generation.
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 2)
Show all issues
```
where do we do this? What is the logic now?
```
1. rvempati April 21, 2025, 3:49 p.m.
  Removed.

Change Summary:

Updated the EngineID generation using SHA1 hashing only

Diff:

Revision 3 (+115)

Show changes

	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c
	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmpcli.h

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)

Show all issues

In apv this file is already present. who created this? Is there already a function available filling these details?

rvempati April 21, 2025, 6:28 p.m.

Initially this SNMP_PERSIST_FILE is not available.
When snmp is enabled, the SNMP daemon will generate this file automatically.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)

Show all issues

Are these values used by anybody else?

rvempati April 21, 2025, 6:28 p.m.

Uptime in seconds since the last reboot. 100 is an arbitrary value, just enough to avoid invalid/expired time.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)

Show all issues

will these values won't change? why are we giving hardcoded value?

rvempati April 21, 2025, 6:28 p.m.

These lines are writing to the SNMP persistent file, to initialize SNMP engine state when it doesn't yet exist.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)

Show all issues

this goes and deletes the PERSIST FILE. Is not our then your changes are not persisting?

rvempati April 21, 2025, 6:28 p.m.

Yes, my changes are making the engineID persisting.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)

Show all issues

We are removing the persist file.. then your changes will go away .. How is the fix working?

rvempati April 21, 2025, 6:38 p.m.

Here, I'm calling the persist_snmp_engine_id() function before snmpd starts again, it will:

Create the SNMPD_PERSIST_FILE, ite the engineID and engineBoots.
On next snmpd start, it will read this file and not auto-generate a new engineID
We can comment out this line "remove(SNMP_PERSIST_FILE)", or we can make it to a conditional line.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)
Show all issues
```
Not using this function anywhere
```
1. rvempati April 23, 2025, 5:20 p.m.
  Updated the code, thankyou.
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 3)
Show all issues
```
calling two times
```
1. rvempati April 23, 2025, 5:20 p.m.
  Updated the code, thank you.

Change Summary:

Using the base64 encoding for persisting the engineID across reboots.

Testing Done:

~		ArrayOS Rel.APV.10.7.2.17 - untagged unofficial build by uid=0(root) gid=0(root) groups=0(root) on devclient: on Sun Apr 20 00:20:37 2025
	~	ArrayOS Rel.APV.10.7.2.17 - untagged unofficial build by uid=0(root) gid=0(root) groups=0(root) on devclient: on Wed Apr 23 01:02:55 2025
		Copyright (c) 2000-2025 Array Networks Inc. All rights reserved.

		Type "?" for available commands

		!!Reminder!! Please log on to the WebUI to register this system.





		APV-1>en
		Enable password:

		APV-1#c t

		APV-1(config)#sh run snmp

-		APV-1(config)#show running "snmp"
-
		snmp configuration

		snmp community "public"
		snmp contact ""
		snmp location ""
		snmp host 192.168.162.171 3 "rohith" "12345678" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" 161 "SHA1"
		no snmp enable traps
		snmp traps loglevel crit
		snmp v3user "rohith" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" "SHA1"
		snmp ipcontrol on
		snmp on default

		APV-1(config)#

~		[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
~		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 00 1D 8C 05 F0 58 24 4B DE 36 55 63 BC D8 18 70 BC 5D 8A CA 99 EF 03 8B 84 78 38 DF FE 5B
~		[root@APV-1 test]#
	~	[root@APV-1 test]# vi /var/lib/net-snmp/snmpd.conf
	~	setserialno 67872007
	~	oldEngineID 0x80001f88803b44b413099f086800000000
	+
	+	[root@APV-1 test]# vi /etc/snmp/snmpd.conf
	+	engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
	+
	+

~		APV-1(config)#sys reb
	~	APV-1(config)#sys rebo

		APV-1(config)#system reboot
		Unsaved configuration changes will be lost
		This will reboot the system immediately
		type "YES" to continue:YES
		Rebooting...

~		[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
~		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 00 1D 8C 05 F0 58 24 4B DE 36 55 63 BC D8 18 70 BC 5D 8A CA 99 EF 03 8B 84 78 38 DF FE 5B
~		[root@APV-1 test]#
	~
	~
	~	APV-1(config)#sh run snmp
	+
	+	snmp configuration
	+
	+	snmp community "public"
	+	snmp contact ""
	+	snmp location ""
	+	snmp host 192.168.162.171 3 "rohith" "12345678" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" 161 "SHA1"
	+	no snmp enable traps
	+	snmp traps loglevel crit
	+	snmp v3user "rohith" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" "SHA1"
	+	snmp ipcontrol on
	+	snmp on default
	+
	+	APV-1(config)#
	+
	+	[root@APV-1 test]# vi /var/lib/net-snmp/snmpd.conf
	+	setserialno 368258201
	+	oldEngineID 0x80001f8880e850f336a7a0086800000000
	+
	+	[root@APV-1 test]# vi /etc/snmp/snmpd.conf
	+	engineID gAAAHYwzRjM5NTU5RDExNUY5MDA

Diff:

Revision 4 (+130)

Show changes

	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c
	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmpcli.h

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 4)
Show all issues
```
Just log an error and do not return -1.
```
1. rvempati April 23, 2025, 5:39 p.m.
  removed the return
branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 4)
Show all issues
```
Log and silently ignore the error so that it can still work without your changes.
```
1. rvempati April 23, 2025, 5:39 p.m.
  sure, removed the return

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 4)

Show all issues

what is the need for this?

rvempati April 23, 2025, 5:39 p.m.

After generating the B64_engineID, we are storing it in the pInfo structure which is used to print enigneID in "/etc/snmp/snmpd.conf" file

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 4)
Show all issues
```
directly print pInfo->engineID_b64 instead of calling generate_snmp_engineID again?
```
1. rvempati April 24, 2025, 4:12 p.m.
  Okay,
  Modified the code.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 4)
Show all issues
```
Or remove this call. I think new struct mem is not required. are we going to use it? if not then remove this
```
1. rvempati April 24, 2025, 4:12 p.m.
  Done.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 4)

Show all issues

Dont think it is useful. Anyway the string will be b54 encoded.

rvempati April 24, 2025, 4:11 p.m.

Enterprise ID is also encoded and included with the generated engine ID.
we need it.
Thanks.

Change Summary:

Modified the code as per reviews.

Testing Done:

~		ArrayOS Rel.APV.10.7.2.17 - untagged unofficial build by uid=0(root) gid=0(root) groups=0(root) on devclient: on Wed Apr 23 01:02:55 2025
	~	Before Reboot:
-		Copyright (c) 2000-2025 Array Networks Inc. All rights reserved.

~		Type "?" for available commands
	~	engineID gAAAHYwzRjM5NTU5RDExNUY5MDA ---> /etc/snmp/snmpd.conf

~		!!Reminder!! Please log on to the WebUI to register this system.
	~	[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
	+	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41



~
	~	After Reboot:
-
-		APV-1>en
-		Enable password:
-
-		APV-1#c t
-
-		APV-1(config)#sh run snmp
-
-		snmp configuration
-
-		snmp community "public"
-		snmp contact ""
-		snmp location ""
-		snmp host 192.168.162.171 3 "rohith" "12345678" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" 161 "SHA1"
-		no snmp enable traps
-		snmp traps loglevel crit
-		snmp v3user "rohith" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" "SHA1"
-		snmp ipcontrol on
-		snmp on default
-
-		APV-1(config)#
-
-		[root@APV-1 test]# vi /var/lib/net-snmp/snmpd.conf
-		setserialno 67872007
-		oldEngineID 0x80001f88803b44b413099f086800000000
-
-		[root@APV-1 test]# vi /etc/snmp/snmpd.conf
-		engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
-
-
-
-		APV-1(config)#sys rebo
-
-		APV-1(config)#system reboot
-		Unsaved configuration changes will be lost
-		This will reboot the system immediately
-		type "YES" to continue:YES
-		Rebooting...
-
-
-
-		APV-1(config)#sh run snmp
-
-		snmp configuration
-
-		snmp community "public"
-		snmp contact ""
-		snmp location ""
-		snmp host 192.168.162.171 3 "rohith" "12345678" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" 161 "SHA1"
-		no snmp enable traps
-		snmp traps loglevel crit
-		snmp v3user "rohith" "XXXXXXXXXOqOFmBOldAd2neCJOTMiMA==" authNopriv "" "SHA1"
-		snmp ipcontrol on
-		snmp on default
-
-		APV-1(config)#

~		[root@APV-1 test]# vi /var/lib/net-snmp/snmpd.conf
	~	engineID gAAAHYwzRjM5NTU5RDExNUY5MDA ---> /etc/snmp/snmpd.conf
-		setserialno 368258201
-		oldEngineID 0x80001f8880e850f336a7a0086800000000

~		[root@APV-1 test]# vi /etc/snmp/snmpd.conf
~		engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
	~	[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
	~	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41

Diff:

Revision 5 (+114 -1)

Show changes

	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c
	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmpcli.h

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 5)

Show all issues

Why do we need this..

rvempati April 25, 2025, 10:48 a.m.
```
Modified this code block.
```

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 5)
Show all issues
```
this function already writes that into snmpd.conf.
```
1. rvempati April 25, 2025, 10:48 a.m.
  Yes, modified.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 5)
Show all issues
```
why to take it as global? you are using it only in one function
```
1. rvempati April 25, 2025, 10:49 a.m.
  Yes, changed.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 5)

Show all issues

if you do unlock here it can be a problem and add call to generate_snmp_engineID in snmp_update function and remove from here and remove global varibale for engineID

rvempati April 25, 2025, 10:49 a.m.
```
changed.
```

Change Summary:

Changes are made only in snmp_update_snmpd_conf() function and printing the engineID in SNMP_CONF_FILE.

Diff:

Revision 6 (+114 -2)

Show changes

	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c
	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmpcli.h

Change Summary:

Added the UT from 2 APV units

Testing Done:

~		Before Reboot:
	~	APV -1:
	+	Before reboot:
	+	/etc/snmp/snmpd.conf
	+	engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
	+	[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
	+	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
	+	[root@APV-1 test]#

~		engineID gAAAHYwzRjM5NTU5RDExNUY5MDA ---> /etc/snmp/snmpd.conf
~
~		[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
~		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
	~	After reboot:
	~	/etc/snmp/snmpd.conf
	~	engineID gAAAHYwzRjM5NTU5RDExNUY5MDA
	~	[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
	+	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
	+	[root@APV-1 test]#



~		After Reboot:
	~

~		engineID gAAAHYwzRjM5NTU5RDExNUY5MDA ---> /etc/snmp/snmpd.conf
	~	APV -2:
	+	Before reboot:
	+	/etc/snmp/snmpd.conf
	+	engineID gAAAHYw3QTNBNEZFMEQ4NTRDMDA
	+	[root@APV-2 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.148 1.3.6.1.6.3.10.2.1.1.0
	+	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 33 51 54 4E 42 4E 45 5A 46 4D 45 51 34 4E 54 52 44 4D 44 41
	+	[root@APV-2 test]#

~		[root@APV-1 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.171 1.3.6.1.6.3.10.2.1.1.0
~		SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 7A 52 6A 4D 35 4E 54 55 35 52 44 45 78 4E 55 59 35 4D 44 41
	~	After reboot:
	~	/etc/snmp/snmpd.conf
	+	engineID gAAAHYw3QTNBNEZFMEQ4NTRDMDA
	+	[root@APV-2 test]# snmpget -v 3 -u "rohith" -l authNoPriv -a SHA -A "12345678" 192.168.162.148 1.3.6.1.6.3.10.2.1.1.0
	+	SNMP-FRAMEWORK-MIB::snmpEngineID.0 = Hex-STRING: 80 00 1F 88 04 67 41 41 41 48 59 77 33 51 54 4E 42 4E 45 5A 46 4D 45 51 34 4E 54 52 44 4D 44 41
	+	[root@APV-2 test]#

Ship it!

```
Ship It!
```

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 6)
Show all issues
```
this should be printed only else or success case.
```
1. rvempati April 25, 2025, 1:39 p.m.
  Moved the fprintf line into the else block of the above if condition.

branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c (Diff revision 6)
Show all issues
```
remove whitespace.
```
1. rvempati April 25, 2025, 1 p.m.
  Done.

Change Summary:

Minor changes in code for logging the success case of udpating the engineID.

Diff:

Revision 7 (+114 -2)

Show changes

	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmp_cadmin.c
	branches/rel_apv_10_7_2/usr/click/lib/libca_snmp/snmpcli.h

Ship it!

```
Ship It!
```

Ship it!

```
Ship It!
```

Status: Closed (submitted)

Change Summary:

Code chagnes for the persistent snmp engineID generation and saving it.

You have a pending review.

Review Board 5.0.5

AE-558 SNMP stop working after reboot |ePassport |AS-18023|

define MAX_CA_ENGINE_ID_LEN 28

Change Summary:

Description:

Testing Done:

snmp configuration

Diff:

Change Summary:

Diff:

Change Summary:

Testing Done:

snmp configuration

snmp configuration

Diff:

Change Summary:

Testing Done:

snmp configuration

snmp configuration

Diff:

Change Summary:

Diff:

Change Summary:

Testing Done:

Change Summary:

Diff:

Status: Closed (submitted)

Change Summary: