diff -Naur zabbix-2.0.4.orig/frontends/php/api/classes/CDRule.php zabbix-2.0.4/frontends/php/api/classes/CDRule.php --- zabbix-2.0.4.orig/frontends/php/api/classes/CDRule.php 2012-12-08 15:09:20.000000000 +0400 +++ zabbix-2.0.4/frontends/php/api/classes/CDRule.php 2013-02-13 15:42:38.969116143 +0400 @@ -506,6 +506,7 @@ $dChecks[$dcnum]['snmpv3_authpassphrase'] = $dChecks[$dcnum]['snmpv3_privpassphrase'] = ''; break; case ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA: $dChecks[$dcnum]['snmpv3_privpassphrase'] = ''; break; } diff -Naur zabbix-2.0.4.orig/frontends/php/disc_prototypes.php zabbix-2.0.4/frontends/php/disc_prototypes.php --- zabbix-2.0.4.orig/frontends/php/disc_prototypes.php 2012-12-08 15:09:20.000000000 +0400 +++ zabbix-2.0.4/frontends/php/disc_prototypes.php 2013-02-13 16:11:55.153583665 +0400 @@ -86,11 +86,19 @@ 'snmpv3_securityname' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.'))'), 'snmpv3_authpassphrase' => array(T_ZBX_STR, O_OPT, null, null, - 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.')&&({snmpv3_securitylevel}=='. - ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV.'||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV.'))'), + 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3. + ')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA.'))'), 'snmpv3_privpassphrase' => array(T_ZBX_STR, O_OPT, null, null, - 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.')&&({snmpv3_securitylevel}=='. - ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV.'))'), + 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3. + ')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES.'))'), 'ipmi_sensor' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_IPMI.'))', _('IPMI sensor')), 'trapper_hosts' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&isset({type})&&({type}==2)'), diff -Naur zabbix-2.0.4.orig/frontends/php/host_discovery.php zabbix-2.0.4/frontends/php/host_discovery.php --- zabbix-2.0.4.orig/frontends/php/host_discovery.php 2012-12-08 15:09:20.000000000 +0400 +++ zabbix-2.0.4/frontends/php/host_discovery.php 2013-02-13 16:09:55.756698358 +0400 @@ -82,11 +82,19 @@ 'snmpv3_securityname' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.'))'), 'snmpv3_authpassphrase' => array(T_ZBX_STR, O_OPT, null, null, - 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.')&&({snmpv3_securitylevel}=='. - ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV.'||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV.'))'), + 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3. + ')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA.'))'), 'snmpv3_privpassphrase' => array(T_ZBX_STR, O_OPT, null, null, - 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.')&&({snmpv3_securitylevel}=='. - ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV.'))'), + 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3. + ')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES.'))'), 'ipmi_sensor' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_IPMI.'))', _('IPMI sensor')), 'trapper_hosts' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&isset({type})&&({type}==2)'), diff -Naur zabbix-2.0.4.orig/frontends/php/include/defines.inc.php zabbix-2.0.4/frontends/php/include/defines.inc.php --- zabbix-2.0.4.orig/frontends/php/include/defines.inc.php 2012-12-08 15:09:18.000000000 +0400 +++ zabbix-2.0.4/frontends/php/include/defines.inc.php 2013-02-13 15:22:16.139656819 +0400 @@ -361,6 +361,10 @@ define('ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV', 0); define('ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV', 1); define('ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV', 2); +define('ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES', 3); +define('ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES', 4); +define('ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES', 5); +define('ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA', 6); define('ITEM_AUTHTYPE_PASSWORD', 0); define('ITEM_AUTHTYPE_PUBLICKEY', 1); diff -Naur zabbix-2.0.4.orig/frontends/php/include/views/configuration.item.edit.php zabbix-2.0.4/frontends/php/include/views/configuration.item.edit.php --- zabbix-2.0.4.orig/frontends/php/include/views/configuration.item.edit.php 2012-12-08 15:09:17.000000000 +0400 +++ zabbix-2.0.4/frontends/php/include/views/configuration.item.edit.php 2013-02-13 15:45:02.734602840 +0400 @@ -147,8 +147,12 @@ // append snmpv3 security level to form list $securityLevelComboBox = new CComboBox('snmpv3_securitylevel', $this->data['snmpv3_securitylevel']); $securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV, 'noAuthNoPriv'); -$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV, 'authNoPriv'); -$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'authPriv'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV, 'authNoPriv MD5'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA, 'authNoPriv SHA'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'authPriv MD5-DES'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES, 'authPriv MD5-AES'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES, 'authPriv SHA-DES'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES, 'authPriv SHA-AES'); $itemFormList->addRow(_('SNMPv3 security level'), $securityLevelComboBox, false, 'row_snmpv3_securitylevel'); $itemFormList->addRow(_('SNMPv3 auth passphrase'), new CTextBox('snmpv3_authpassphrase', $this->data['snmpv3_authpassphrase'], ZBX_TEXTBOX_STANDARD_SIZE, 'no', 64), @@ -650,10 +654,25 @@ $this->data['securityLevelVisibility'] = array(); zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV, 'snmpv3_authpassphrase'); zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV, 'row_snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA, 'snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA, 'row_snmpv3_authpassphrase'); zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'snmpv3_privpassphrase'); zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'row_snmpv3_privpassphrase'); zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'snmpv3_authpassphrase'); zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'row_snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES, 'snmpv3_privpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES, 'row_snmpv3_privpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES, 'snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES, 'row_snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES, 'snmpv3_privpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES, 'row_snmpv3_privpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES, 'snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES, 'row_snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES, 'snmpv3_privpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES, 'row_snmpv3_privpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES, 'snmpv3_authpassphrase'); +zbx_subarray_push($this->data['securityLevelVisibility'], ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES, 'row_snmpv3_authpassphrase'); + $this->data['authTypeVisibility'] = array(); zbx_subarray_push($this->data['authTypeVisibility'], ITEM_AUTHTYPE_PUBLICKEY, 'publickey'); diff -Naur zabbix-2.0.4.orig/frontends/php/include/views/configuration.item.massupdate.php zabbix-2.0.4/frontends/php/include/views/configuration.item.massupdate.php --- zabbix-2.0.4.orig/frontends/php/include/views/configuration.item.massupdate.php 2012-12-08 15:09:17.000000000 +0400 +++ zabbix-2.0.4/frontends/php/include/views/configuration.item.massupdate.php 2013-02-13 15:34:17.475037791 +0400 @@ -112,8 +112,12 @@ // append snmpv3 securitylevel to form list $securityLevelComboBox = new CComboBox('snmpv3_securitylevel', $this->data['snmpv3_securitylevel']); $securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV, 'noAuthNoPriv'); -$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV, 'authNoPriv'); -$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'authPriv'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV, 'authNoPriv MD5'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA, 'authNoPriv SHA'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV, 'authPriv MD5-DES'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES, 'authPriv MD5-AES'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES, 'authPriv SHA-DES'); +$securityLevelComboBox->addItem(ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES, 'authPriv SHA-AES'); $itemFormList->addRow( array( _('SNMPv3 security level'), diff -Naur zabbix-2.0.4.orig/frontends/php/include/views/js/configuration.discovery.edit.js.php zabbix-2.0.4/frontends/php/include/views/js/configuration.discovery.edit.js.php --- zabbix-2.0.4.orig/frontends/php/include/views/js/configuration.discovery.edit.js.php 2012-12-08 15:09:17.000000000 +0400 +++ zabbix-2.0.4/frontends/php/include/views/js/configuration.discovery.edit.js.php 2013-02-13 15:51:16.297640220 +0400 @@ -254,9 +254,16 @@ var showAuthPass = (isset(dcheckType, SecNameRowTypes) && (dcheckSecLevType == - || dcheckSecLevType == )); + || dcheckSecLevType == + || dcheckSecLevType == + || dcheckSecLevType == + || dcheckSecLevType == + || dcheckSecLevType == )); var showPrivPass = (isset(dcheckType, SecNameRowTypes) - && dcheckSecLevType == ); + && (dcheckSecLevType == + || dcheckSecLevType == + || dcheckSecLevType == + || dcheckSecLevType == )); toggleInputs('newCheckAuthPassRow', showAuthPass); toggleInputs('newCheckPrivPassRow', showPrivPass); diff -Naur zabbix-2.0.4.orig/frontends/php/items.php zabbix-2.0.4/frontends/php/items.php --- zabbix-2.0.4.orig/frontends/php/items.php 2012-12-08 15:09:20.000000000 +0400 +++ zabbix-2.0.4/frontends/php/items.php 2013-02-13 16:13:21.772675728 +0400 @@ -117,11 +117,18 @@ 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.'))'), 'snmpv3_securityname' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3.'))'), - 'snmpv3_authpassphrase' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='. - ITEM_TYPE_SNMPV3.')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV.'||{snmpv3_securitylevel}=='. - ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV.'))'), - 'snmpv3_privpassphrase' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='. - ITEM_TYPE_SNMPV3.')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV.'))'), + 'snmpv3_authpassphrase' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3. + ')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA.'))'), + 'snmpv3_privpassphrase' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_SNMPV3. + ')&&({snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES. + '||{snmpv3_securitylevel}=='.ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES.'))'), 'ipmi_sensor' => array(T_ZBX_STR, O_OPT, NO_TRIM, NOT_EMPTY, 'isset({save})&&(isset({type})&&({type}=='.ITEM_TYPE_IPMI.'))', _('IPMI sensor')), 'trapper_hosts' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&isset({type})&&({type}==2)'), diff -Naur zabbix-2.0.4.orig/include/common.h zabbix-2.0.4/include/common.h --- zabbix-2.0.4.orig/include/common.h 2012-12-08 15:09:14.000000000 +0400 +++ zabbix-2.0.4/include/common.h 2013-02-13 15:16:57.068945717 +0400 @@ -289,6 +289,10 @@ #define ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV 0 #define ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV 1 #define ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV 2 +#define ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES 3 +#define ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES 4 +#define ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES 5 +#define ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA 6 /* item multiplier types */ #define ITEM_MULTIPLIER_DO_NOT_USE 0 diff -Naur zabbix-2.0.4.orig/src/zabbix_server/poller/checks_snmp.c zabbix-2.0.4/src/zabbix_server/poller/checks_snmp.c --- zabbix-2.0.4.orig/src/zabbix_server/poller/checks_snmp.c 2012-12-08 15:09:15.000000000 +0400 +++ zabbix-2.0.4/src/zabbix_server/poller/checks_snmp.c 2013-02-13 15:15:44.957203724 +0400 @@ -298,40 +298,37 @@ session.securityName = item->snmpv3_securityname; session.securityNameLen = strlen(session.securityName); - /* set the security level to authenticated, but not encrypted */ - if (item->snmpv3_securitylevel == ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV) - { + /* set authentication key - if any */ + switch (item->snmpv3_securitylevel) { + case ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV: session.securityLevel = SNMP_SEC_LEVEL_NOAUTH; - } - else if (item->snmpv3_securitylevel == ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV) - { - session.securityLevel = SNMP_SEC_LEVEL_AUTHNOPRIV; + break; + + case ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES: /* set the authentication method to MD5 */ session.securityAuthProto = usmHMACMD5AuthProtocol; session.securityAuthProtoLen = USM_AUTH_PROTO_MD5_LEN; session.securityAuthKeyLen = USM_AUTH_KU_LEN; - if (SNMPERR_SUCCESS != generate_Ku(session.securityAuthProto, - session.securityAuthProtoLen, - (u_char *)item->snmpv3_authpassphrase, - strlen(item->snmpv3_authpassphrase), - session.securityAuthKey, - &session.securityAuthKeyLen)) - { - zbx_snprintf(err, MAX_STRING_LEN, "Error generating Ku from authentication pass phrase"); - goto end; - } - } - else if (item->snmpv3_securitylevel == ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV) - { - session.securityLevel = SNMP_SEC_LEVEL_AUTHPRIV; + break; - /* set the authentication method to MD5 */ - session.securityAuthProto = usmHMACMD5AuthProtocol; - session.securityAuthProtoLen = USM_AUTH_PROTO_MD5_LEN; + case ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES: + + /* set the authentication method to SHA1 */ + session.securityAuthProto = usmHMACSHA1AuthProtocol; + session.securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN; session.securityAuthKeyLen = USM_AUTH_KU_LEN; + break; + } + + if (session.securityLevel != SNMP_SEC_LEVEL_NOAUTH) + { if (SNMPERR_SUCCESS != generate_Ku(session.securityAuthProto, session.securityAuthProtoLen, (u_char *)item->snmpv3_authpassphrase, @@ -342,12 +339,47 @@ zbx_snprintf(err, MAX_STRING_LEN, "Error generating Ku from authentication pass phrase"); goto end; } + } + + /* set privacy key */ + switch (item->snmpv3_securitylevel) { + case ITEM_SNMPV3_SECURITYLEVEL_NOAUTHNOPRIV: + break; + + case ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHNOPRIV_SHA: + + session.securityLevel = SNMP_SEC_LEVEL_AUTHNOPRIV; + + break; + + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV: /* MD5_DES */ + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_DES: + + session.securityLevel = SNMP_SEC_LEVEL_AUTHPRIV; /* set the privacy method to DES */ session.securityPrivProto = usmDESPrivProtocol; session.securityPrivProtoLen = USM_PRIV_PROTO_DES_LEN; session.securityPrivKeyLen = USM_PRIV_KU_LEN; + break; + + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_MD5_AES: + case ITEM_SNMPV3_SECURITYLEVEL_AUTHPRIV_SHA_AES: + + session.securityLevel = SNMP_SEC_LEVEL_AUTHPRIV; + + /* set the privacy method to AES */ + session.securityPrivProto = usmAESPrivProtocol; + session.securityPrivProtoLen = USM_PRIV_PROTO_AES_LEN; + session.securityPrivKeyLen = USM_PRIV_KU_LEN; + + break; + } + + if (session.securityLevel == SNMP_SEC_LEVEL_AUTHPRIV) + { if (SNMPERR_SUCCESS != generate_Ku(session.securityAuthProto, session.securityAuthProtoLen, (u_char *)item->snmpv3_privpassphrase,