RHEL9 requires AES replacemed instead of DES at one point in the Code
Closed this issue · 3 comments
pdolinic commented
RHEL9 Systems will complain about DES Cipher use,
- and the following will need to be changed in
snmp_bulkget.c
:
/session->securityPrivProto = snmp_duplicate_objid(usmDESPrivProtocol, USM_PRIV_PROTO_DES_LEN);
to
/session->securityPrivProto = snmp_duplicate_objid(usmAESPrivProtocol, USM_PRIV_PROTO_DES_LEN);
- recompilation then is required (for example like this), and everything should work after :
gcc -o check_interfaces snmp_bulkget.o utils.o -lrt -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -fPIE -lm -L/usr/lib64 -lnetsnmp -lssl -lcrypto -lm -lnetsnmp
RincewindsHat commented
@pdolinic Could you put that into a PR?
RincewindsHat commented
ok, the original reason for this problem is, that in Red Hat packages DES
has patches to remove the DES algorithms completely ( https://src.fedoraproject.org/rpms/net-snmp/blob/rawhide/f/net-snmp-5.9.1-remove-des.patch ) which breaks compiling here.
RincewindsHat commented
Fixed with 31cdf0a