Authentication was requested, but the received header has none specified.

[secit-pl]

Hi,

I'm trying to connect to Dell Switch using following code:

$snmp = new SnmpClient([
    'host' => '1.2.3.4',
    'version' => 3,
    'user' => 'user',
    'use_auth' => true,
    'auth_pwd' => 'PWD',
    'auth_mech' => 'md5',
    'use_priv' => true,
    'priv_pwd' => 'PWD',
    'priv_mech' => 'des',
]);

$uptime = $snmp->getValue('1.3.6.1.2.1.1.3.0');

But I get the following error:

Authentication was requested, but the received header has none specified.

The when I'm using the native php method all is ok:

snmp3_get('1.2.3.4', 'user', 'authPriv', 'MD5', 'PWD', 'DES', 'PWD', '1.3.6.1.2.1.1.3.0');

Could you please help?

[ChadSikorra]

Hello @secit-pl. Thanks for opening this issue. I haven't worked on this library in a bit due to lack of time. I'll try to take a look at this combo of auth over the coming weekend.

[secit-pl]

Thank you. I can confirm that connection also works when I'm using the brexis/phpsnmp bundle.

[kristk]

Hi, I am noticing the same issue. I have tried to look at the generated messages in Wireshark and it seems that the encrypted Scoped PDU in a request is missing the contextEngineID. The correct authoritative engine ID is set in the message header but not in the PDU itself. Hope this helps in the troubleshooting of this issue.

[kristk]

I can't really say that i fully understand the code in this package but I might have found the solution to this issue. Should line 701 in the UserSecurityModel class be changed from

$contextEngineIdProperty->setValue($message, $secParams->getEngineId());

to

$contextEngineIdProperty->setValue($message->getScopedPdu(), $secParams->getEngineId());

?

[ChadSikorra]

Apologies for the slow response on this! It's been a crazy 2 months for me personally. I really appreciate the investigate work @kristk! That certainly looks like it could be an issue. I hope to have some time to look at this in the next few days.

[ChadSikorra]

@kristk @secit-pl I pushed the following commit: https://github.com/FreeDSx/SNMP/commit/48ca5f6699b5a785ca55d19ad7b2da3c776993a7 . However, I have no good way to test that this fixes the specific issue you're reporting. If you want to give it a try (use dev-master in composer for this library) and let me know if it makes a difference. If so I can tag a new version of the library.

[kristk]

@ChadSikorra, this new version works in my use case. I have only tested it in in my current environment with equipment from one manufacturer but I would say that it safe to tag a new version. Thanks!

[secit-pl]

@ChadSikorra in my use case it also works. IMO it can be released. Thanks!

[ChadSikorra]

Thank you both for reporting the issue and testing the fix. I have tagged a new version (0.4.1) and updated the changelog.

[secit-pl]

@ChadSikorra did you pushed the tag? I cannot fid it on https://packagist.org/packages/freedsx/snmp and even on https://github.com/FreeDSx/SNMP/tags

[ChadSikorra]

@ChadSikorra did you pushed the tag? I cannot fid it on https://packagist.org/packages/freedsx/snmp and even on https://github.com/FreeDSx/SNMP/tags

Apologies! Forgot to check the button to push tags 😅 It should be out there now.