OID handling and SNMP dissector rewrite

The usability objective of this is to be able to filter on values of SNMP variables like: SNMPv2-MIB.sysUpTime == 274602. The other reason behind this work is not to have a dependency on NET-SNMP which depends on the non-GPL compatible OpenSSL. We'll be using libsmi instead.

TO DO

MUST be done before the next release, SHOULD be there, MIGHT be there, :white_check_mark: It's being DONE already!

• SNMP

  • testing

    • OctetString Indexes (both implied and not) – Some RMON tables use them, capture files are welcome

    • :white_check_mark: Traps

    • :white_check_mark: fuzz testing

    • :white_check_mark: willfully malformed oids and stuff like that

      • :white_check_mark: review the PROTOS files in SampleCaptures

  • Fixing

    • It should only warn, (not inhibit decoding) if expects a different integer type (like Integer32 [APPLICATION 2], Timeticks [APPLICATION 3], or Counter32 [APPLICATION 1] and gets an Integer instead [UNIVERSAL 2] (and vice versa). Same for an Opaque,Nsap, IpAddr vs Octetstring as far as the length allow decoding.

    • :white_check_mark: Implement other types off indexing (AGREGATE, …) these show the following error: The COLUMS's parent is not a ROW. This is a BUG! please contact the wireshark developers.

    • :white_check_mark: Some OIds have a -2 hfid value, that means they are unregistered, do not use it.

  • Document (Always remember C is understood by compilers and programmers, people prefers english) !!!!

    • the changes (where?)
    • and add the smi_* tables to the doocbook files

  • de-bugs

    • :white_check_mark: new SNMP dissector shows convoluted tree (now it is a little less convoluted )

    • SNMP dissector shows a wrong Timestamp when the value is negative (I Won't get it fixed)

    • SNMP Object Names not displayed in the info column (see bellow)

  • :white_check_mark: regenerate the dissector with -T and -X

  • :white_check_mark: add trap oids to COL_INFO

  • add oids to COL_INFO

  • :white_check_mark: get the snmp.variable_oid dissector table back to life.

  • :white_check_mark: manage columns as well as scalars

  • :white_check_mark: put complete information in the labels of the VarBind Items

• COPS

  • the mapping of OID->attribute in COPS is still incomplete

  • :white_check_mark: we are missing the PIBs (like MIBs but for COPS) in the libsmi zipfile

  • testing

    • fuzz testing
    • willfully malformed oids and stuff like that
• GENERAL

  • :white_check_mark: There are oids being registered with long names like "itu-t(0) identified-organization(4) etsi(0) mobileDomain(0) gsm-Network(1) map-ac(0) networkLocUp(1) version3(3)"

  • :white_check_mark: get "the whole thing"^tm into nsis

    • :white_check_mark: get the mibs into nsis

    • :white_check_mark: get the pibs into nsis

  • protect the code from re-loading MIBS for modules that were already loaded. A Hard one as it would need to "pre-parse" the modules before asking libsmi to load them. I think I'll Document the potential issues and their symptoms instead.

  • :white_check_mark: There are some OIDs that attempt to be registered with "funky" oid strings "dop.agreement.2.5.19.1" or "x411.extension-attribute.27" which are not resolvable (these are in #.REGISTER sections in asn2wrs) (x411 and dop are resolved – StigBjørlykke)

  • :white_check_mark: Come up with a list of default MIBs and PIBs (there was a /*comment*/ in the snmp code (now gone with the surrounding code) saying that we should not, should we?)

  • :white_check_mark: add libsmi to autoconf

    • :white_check_mark: ./configure's --with-libsmi does not take a location as argument, run like: env LDFLAGS='-lsmi -L/base/lib' CFLAGS=-I/base/include ./configure [options]

    • :white_check_mark: remove net-snmp from autoconf

  • :white_check_mark: add a menu item or preference setting for the smi_modules UAT

    • add a link (button) for the tables in SNMP and COPS preference tabs

  • Some OIDs (not from explicitly included MIBs) are added more than once during protocol registration

  • implement "ALL" modules, i.e. implement file-name globing and use it on libsmi's MIB/PIB path.

  • :white_check_mark: Some macros in oids.h are used to replace the obsoleted oid-related calls in oid_resolv.h to_str.h and format-oid.h, it would be nice to actually rewrite the invocations.

  • :white_check_mark: have other users of oid_resolv.h get to use the new functions in oids.h

  • add the following MIBs and PIBs to the zipfile

    • H.335 http://www.itu.int/rec/T-REC-H.341-199905-I/en

    • :white_check_mark: PIBs included in libsmi

-- LuisOntanon

---

Imported from https://wiki.wireshark.org/Development/SNMP on 2020-08-11 23:13:06 UTC