MIB Smithy SDK 4.6.1 Released
MIB Smithy SDK 4.6.1 is now available for download. This release fixes two issues introduced in the earlier 4.6 release.
The first was a bug introduced in the report handling whereby a synchronous SNMPv3 request returned prematurely when a report (e.g. usmStatsUnknownEngineIDs
) was returned by the agent and request reissued–the API returned and left things in an inconsistent state with the SDK still waiting for a response to the second request.
The second corrects an oversight in the new support for specifying unlocalized or localized SNMPv3 keys rather than passwords. A little background:
A handy trick for creating a new SNMP session with the same (or slightly different) configuration as an existing session is automatic expansion of a single argument to the $session configure
command, with or without an intermediate array. For example, a new session with the same settings but different timeout/retries as another can be created thus:
% array set options [$session1 configure]
% set options(-timeout) 1000
% set options(-retries) 5
% $session2 configure [array get options]
As previously implemented, arguments were processed purely in the order specified, which was fine before because there were no potential conflicts between arguments.. but the new options for [un]localized keys and existing options for passwords interact with each other (set the -authkey
property and the -authpass
property is cleared because the password is not recoverable from the key), and the result order for [array get options]
is undefined (in reality, it depends on the order of hash values for the array keys). [$session1 configure]
returns the options in the proper order, but after going through the intermediate array, they could be reordered and give the empty string precedence, and configuration would not match the source configuration.
So, the fix was to implement hard precedence rules for the order that auth/priv protocols, Engine IDs, passwords, and keys are processed from the arguments, ignoring any that aren’t a change from the existing configuration, and applied such that this design pattern works properly again (i.e., independent of the order the arguments are specified, except that if the same option is specified more than once then the last value given for that option is used).
MIB Smithy SDK 4.6 Released
MIB Smithy SDK 4.6 is now available for download. It’s been an unusually long time since the last round of releases, for which I apologize. I’d been putting a lot of time and focus into internal code refactoring and cleanup in preparation for (and part of) some new features and products in the works–changes that were extensive, but largely invisible from the Tcl API. I wanted to get things to a stable point and that took longer than I’d hoped. But now it’s a much more maintainable and reusable code base. New versions of MIB Smithy and MIB Views based on this release of the SDK will follow soon.
In addition to those internal changes, and many minor clarifications and rewording of MIB parser/validator messages that were done (but didn’t warrant a specific case), the following changes are in this release:
309: Clarify “bad option -asn1type” error
Performing an SNMP Set Request without specifying the syntax to use no longer reports an unhelpful “bad option -asn1type” error if the required MIB definition isn’t found in the database. This error came from attempting the query as if done from Tcl on the closest matching known OID (which wouldn’t support the option). Instead, the lookup is done directly and a more specific error about the actual nature problem is given.
2121: Add support for pre-localized and unlocalized keys
SNMPv3 sessions can now be configured directly with unlocalized or localized auth/priv keys, rather than requiring passwords and letting the session manage conversion to keys and key localization.
5801: Add options to CLI tools to specify keys rather than passwords
The bundled CLI tools/sample scripts now have options for specifying SNMPv3 auth/priv keys directly (localized or unlocalized), rather than only allowing passwords to be specified.
5807: Option to generate new Local Engine ID
An SNMP session’s -localengid property can now be set to an empty string to trigger a new Engine ID to be generated and assigned. Previously this required either a new session (since new sessions are given a generated default) or manually generating a value of appropriate length to be assigned.
2277: Give validator messages unique IDs
All parser and validator messages have been moved to a message table with unique IDs, which are provided in messages printed to the configured log channel and in arguments to the configured log command. The actual IDs are still subject to change with reorganization, but this allows one to (for example) implement filters to effectively disable messages that aren’t desired.
1839: ASN.1 Type Assignment with type BITS
An error is now generated at parse time when attempting to use ASN.1 Type Assignment notation (Name ::= Type) with the “BITS” construct (which is not allowed in this form), rather than just quietly correcting it.
5397: XML-SMI XSD: use xsd:token type where appropriate
The XML-SMI Schema was changed to use “xsd:token” rather than “xsd:string” for some types where appropriate. Semantically the schema is unchanged by this as “xsd:token” is a subset of “xsd:string”, but “xsd:token” more closely matches the (existing) value restrictions.
1870: Add support for MODULE-CONFORMANCE (RFC-1303)
Support was added for parsing and validating the MODULE-CONFORMANCE construct from RFC 1303 (the SMIv1 predecessor to SMIv2’s AGENT-CAPABILITIES). The XML-SMI Schema was also updated to add support.
5551: Orphans tree should not be shared
The orphans tree (where MIB definitions are indexed that have unresolved parent OID dependencies) was erroneously implemented as shared between MIB databases, which would result in index corruption when multiple databases are in use. Each MIB database now has its own orphans tree to prevent definitions from one database moving to another as loaded MIBs are changed and indexing updated.
5398: Return Unsigned32 rather than Gauge32 in response varbinds
The reported syntax in varbinds of received SNMPv2c or v3 messages for tag [APPLICATION 2] was changed from “Gauge32” to “Unsigned32”. These types are indistinguishable on the wire, but Gauge32 has specific semantics that are not applicable to every object with that tag.
5103: Configured message delay should be consistently applied
In some cases, such as in handling of SNMPv3 reports requiring a message resend, the session’s configured delay would be ignored before sending a message. The delay (if non-zero) should now be consistently applied.
5104: Retries should be treated as per-request
An SNMPv3 request could be timed out prematurely if the -retries setting was too low and the first resend after Engine ID Discovery and Time Synchronization timed out. The retry counter is now treated as number of consecutive retries with no response, rather than total messages sent (which previously counted resending due to these reports).
5505: Invoke snmpwalk callback on timeout/cancel
When using the $session walk command in asynchronous mode, the callback will now be invoked if the walk is canceled or times out. Previously there was no way to distinguish these exit modes from an async walk terminating normally.
5050: Async Tnm walk command should not return result
Using the Tnm SNMP walk command in asynchronous mode could leave an extraneous result in the interpreter from an internal function call, which would be returned as the result for the command. Interpreter state is now saved/restored so this doesn’t happen.
MIB Smithy 4.6 Released [updated]
MIB Smithy 4.6 is now available for download. In addition to some bug fixes and new features brought in from the MIB Smithy SDK 4.5 and MIB Views 1.9 releases, there are a few cool new features in this release I’d like to highlight that are designed to simplify your MIB editing workflow a bit:
First, MIB Smithy has always had a single “Preview” tab. Whenever you “Preview” a file, or a module, or any other record within a module, whatever was in the Preview was replaced. You could show and hide the tab, but you could not preview more than one thing or in more than one format at a time. You could not preview two different modules at the same time. You could not see how your changes look before and after. That’s no longer the case! Now a new tab is opened whenever you tell MIB Smithy to generate a preview of an item, and there’s an [X] button in the upper right corner to close the tab:
Second (and third) are two new features for the Tasks tab, where compiler/MIB validation messages appear to inform you of errors and warnings in your MIB/PIB modules. There’s now a check box next to each entry in the Tasks list, and two below the list indicating the number of errors and warnings detected:
In past versions, after you’d made changes to your module to address the issues, you needed to re-validate to get rid of any messages that were no longer pertinent. You might have to re-sort and re-find your place to continue working. Now, once you’ve addressed an item (or believe so, or simply want to hide it temporarily), you can click the check box next to the item. After a short delay (in case you clicked the wrong item or changed your mind) it will be deleted from the list, and will only return when you re-validate if the issue still remains.
Second, in addition to now having a clear count of the number of errors and warnings (previously only available from the Log tab), you can check or uncheck the boxes next to the error and warning counts to choose to show or hide errors or warnings separately. If you have a handful of errors and many warnings, for example, you may choose to hide the warnings while you focus on first making sure your modules are error-free.
Release Notes
The following changes are in this release:
5027: Options to filter compiler/validation results for errors/warnings
New checkbuttons were added below the Tasks tab where validation errors and warnings appear. The checkbuttons show the current error and warning count and can be checked/unchecked to show/hide errors or warnings (for example, hiding warnings to focus on fixing errors first).
674: Add checkbutton to Tasks list entries
Each validation error or warning message in the Tasks tab now has a checkbutton associated with it. Checking a task off removes the message after a short delay so that you can mark an item as resolved without having to re-validate to clear it. If the issue has not been corrected it will reappear the next time the module is validated.
1233: Support for multiple preview windows
Previous versions of MIB Smithy used a single Preview tab in the Workspace that was updated each time a preview was requested. Now, each time a preview is requested, a new tab is opened (and can be closed with the X button in the upper right corner). This allows you to preview multiple records, in multiple formats, or visually compare previews.
2381: Rename File->Open to File->Open Project
The File->Open and File->Open Project menu entries performed the same task (namely, closing the current project and opening a new one). File->Open is now File->Open Project, and the redundant entry removed.
493: Auto-hide Workspace panel when no tabs visible
When no tabs are open in the Workspace panel for previewing or editing records, the panel is now automatically hidden, allowing the Project panel/tree to expand into the unoccupied space.
5006: Add format for TimeTicks values
TimeTicks values (such as sysUpTime) in the SNMP Tools are now rendered in “Nd HH:MM:SS.ss” format (days, hours, minutes, seconds, deciseconds) rather than leaving them as an integer value, by default, unless there’s an associated TEXTUAL-CONVENTION with a different DISPLAY-HINT.
5046: More reliable methods to get Host IDs on Unix
Another/new method is used to determine Host IDs on FreeBSD, Linux and Mac OS X. This method should be able to see interfaces that are disconnected or unconfigured. In some cases, these were previously not seen, which could be a hassle for multi-homing or laptop use with no active network connection.
4806: Warning for tables with only accessible-for-notify columns
It is now a warning rather than an error if at least one column of a table is accessible-for-notify and all others not-accessible, rather than an error as it is for all columns to be not-accessible. There is one IETF standard MIB (RAQMON-RDS-MIB) where this is used, so accessible-for-notify should be sufficient to satisfy RFC2578 section 7.7 requirement that at least one column be accessible.
5095: Improve handling of MIB ambiguities in SNMP Tools
Several improvements were made in handling of issues with looking up MIB definitions (such as “search string is ambiguous” errors). The Tree View in particular previously would report the ambiguity and not allow further expansion, but now will ignore it and continue, and (for all tools) message dialogs reporting a problem looking up the entered OID will provide more/better details about what the issue is.
393: Add option to show additional columns in tools
You can now show additional columns in most tools, either through the View menu or by right-clicking on the table header. For example, for the Table View you can opt to show the instance identifiers, which previously only appeared if the index values could not be parsed. For other tools, you can opt to show the OID and module name.
4210: Invalid type reference ” setting object with unimported type
An “Invalid type reference ”” error could occur in the SNMP Query tool when setting object with an undefined/unimported type.
3916: When Tcl error occurs, stop button no longer works
In some cases, an error that occurred during an SNMP operation in a tool that caused the tool to cancel the operation would leave other parts of the GUI (such as the stop button) in a state thinking the operation was still in progress. Typically this required having to open a new window to make the tool usable again.
3915: Error: Don’t know how to encode objects of type ‘SEQUENCE’
The SNMP Query tool will no longer allow entering an ASN.1 type (such as SEQUENCE) that is not legal for an accessible OBJECT-TYPE. Doing so would result in a “Don’t know how to encode …” error (which, while correct, would leave the tool in an unusable state).
338: Hide EXPORTS property in SMIv2 modules
The EXPORTS tab will no longer appear in the SMIv2 or COPS-PR-SPPI module workspaces, unless the loaded modules already specify EXPORTS. This property is only legal in SMIv1 and true ASN.1 modules, so should not otherwise be available.
341: Hide SMIv2 data types in SMIv1 modules
The data type/filter comboboxes in the Syntax/Write-Syntax tabs for object/typedef/variation records now only shows base types that are appropriate for the module’s SMI version (e.g. Counter for SMIv1 vs Counter32 for SMIv2), rather than making all base types available for direct selection. Such incorrect usage would be caught during validation, but better to not make the wrong type selectable in the first place.
5062: Add COPS-PR-SPPI types to Syntax tab’s class filter
The data type/filter comboboxes in the Syntax/Write-Syntax tabs for object/typedef/variation records now lists COPS-PR-SPPI base types when editing PIB modules.
3967: “Root identifier doesn’t exist” error with IMPORTS auto-update
A “Root identifier doesn’t exist” error could occur when editing a record’s OID property if the OID used an imported symbol and the module imported from was not loaded into the project, or other changes in similar conditions where a module’s IMPORTS are being updated automatically.
5031: No such variable error removing MIB files from project
A “no such variable” error would occur when removing certain records without OID properties from a project (such as removing a file). The record would actually be removed, but the error would cause the Project tree to not update, so a subsequent attempt would otherwise appear successful without error.
340: Do not allow structured types in variations
The data type/filter comboboxes in the Syntax/Write-Syntax tabs for variations no longer allow selecting data types that aren’t appropriate for variations (such as SEQUENCE).
1657: Wrong PIB-MIN-ACCESS values for COPS MODULE-COMPLIANCE
The PIB-MIN-ACCESS property for COPS-PR-SPPI (PIB) MODULE-COMPLIANCE OBJECTs listed SMIv2 access values for selection rather than the legal/proper COPS access values (install, install-notify, etc).
4822: MIB Smithy should not bind port at startup
Earlier versions of MIB Smithy SDK would bind port to a socket upon doing any SNMP session configuration that would be used for subsequent SNMP messaging. The introduction of SNMPv3 inform support in MIB Smithy 4.5 stores and configures an snmpEngineID value at startup, which would cause the socket to be created, even if the user was not intending to use the SNMP Tools. MIB Smithy will no longer open/configure a socket unless/until the SNMP Tools are used.
Update: The initial build had a bug introduced with 5027 (error/warning filters) that caused double-clicking the Tasks list to open the associated record’s properties to generate a Tcl error, and I accidentally forgot to include a handful of items in the release notes. I’ve re-built the 4.6 releases to correct these issues.
For MIB Smithy Professional users, also refer to the MIB Smithy SDK 4.5 Release Notes for additional changes.
MIB Views 1.9 Released
MIB Views 1.9 is now available for download. The following changes are in this release:
393: Add option to show additional columns in tools
You can now show additional columns in most tools, either through the View menu or by right-clicking on the table header. For example, for the Table View you can opt to show the instance identifiers, which previously only appeared if the index values could not be parsed. For other tools, you can opt to show the OID and module name.
5006: Add format for TimeTicks values
TimeTicks values (such as sysUpTime) are now rendered in “Nd HH:MM:SS.ss” format (days, hours, minutes, seconds, deciseconds) rather than leaving them as an integer value, by default, unless there’s an associated TEXTUAL-CONVENTION with a different DISPLAY-HINT.
5095: Improve handling of MIB ambiguities in SNMP Tools
Several improvements were made in handling of issues with looking up MIB definitions (such as “search string is ambiguous” errors). The Tree View in particular previously would report the ambiguity and not allow further expansion, but now will ignore it and continue, and (for all tools) message dialogs reporting a problem looking up the entered OID will provide more/better details about what the issue is.
4210: Invalid type reference ” setting object with unimported type
An “Invalid type reference ”” error could occur in the SNMP Query tool when setting object with an undefined/unimported type.
3916: When Tcl error occurs, stop button no longer works
In some cases, an error that occurred during an SNMP operation in a tool that caused the tool to cancel the operation would leave other parts of the GUI (such as the stop button) in a state thinking the operation was still in progress. Typically this required having to open a new window to make the tool usable again.
3915: Error: Don’t know how to encode objects of type ‘SEQUENCE’
The SNMP Query tool will no longer allow entering an ASN.1 type (such as SEQUENCE) that is not legal for an accessible OBJECT-TYPE. Doing so would result in a “Don’t know how to encode …” error (which, while correct, would leave the tool in an unusable state).
5046: More reliable methods to get Host IDs on Unix
Another/new method is used to determine Host IDs on FreeBSD, Linux and Mac OS X. This method should be able to see interfaces that are disconnected or unconfigured. In some cases, these were previously not seen, which could be a hassle for multi-homing or laptop use with no active network connection.
MIB Smithy SDK 4.5 Released
MIB Smithy SDK 4.5 is now available for download. This release brings a number of new features, improvements to the Scotty/TNM compatibility wrapper, and bug fixes. The following changes are in this release:
372: Add support for decoding KeyChange values
The [$session usm authKeyChange] and [$session usm privKeyChange] commands now accept a -direction encode|decode argument allowing KeyChange values to be decoded. If unspecified, the default is encode, which was the previous behavior.
273: oidcmp should allow record search specs
The [$db oidcmp] function no longer requires strict OIDs for comparison, but can instead take a normal record search specification, such as SNMPv2-MIB!sysDescr (where previously only sysDescr would be allowed).
5008: Return proper key/value pair on SNMP timeout/cancel
When issuing an SNMP request without a callback, a timeout or cancel would result in “timeout” or “cancelled” being returned as the result, rather than a proper key/value pair like a normal result, which required a check before using the result as a dictionary or list for [array set]. It will now return “-status timeout” or “-status cancelled” as it would with a callback.
5006: Add format for TimeTicks values
The [$db format] command now has a default format for TimeTicks values to render them as “Nd HH:MM:SS.ss” (days, hours, minutes, seconds, deciseconds) rather than leaving them as an integer value. This can be disabled with the -ticksformat option specified either to the format command or configured globally for the database.
5007: Add support for session config aliases
Support for session config aliases has been added both for Scotty/TNM compatibility and natively. Aliases allow defining a named set of options (through the [$session alias] command) that can be assigned to a session by specifying the alias (e.g. [$session configure -alias $aliasname]). Additionally, the native version allows using aliases for overriding session configuration for individual SNMP requests (e.g. [$session next -alias $aliasname 0.0]).
5057: Allow single subid with oidcmp
The [$db oidcmp] function no longer requires a minimum of two subidentifiers in each OID to be compared. Allowing a single subidentifier makes it possible, for example, to check if a given OID is a subtree if iso(1).
5056: Suppress unnecessary lookups with oidcmp
The [$db oidcmp] function will no longer perform a database lookup for a given OID if it is not necessary because all subidentifiers are provided. This allows OIDs to be compared (without error) even if they are unknown or ambiguous due to multiple MIB definitions being loaded for the OID.
5010: Support for send/recv bind events
The [$session bind] command can now take a -send or -recv option to specify a callback to be invoked for all messages sent or received, respectively, including any reports and retries that are otherwise handled transparently at the Tcl level. A -dir key (value “send” or “recv”) is added to the callback arguments to indicate which, in case both are bound to call the same function. Support for the similar feature was added to the Scotty/TNM compatibility wrapper.
5046: More reliable methods to get Host IDs on Unix
Another/new method is used to determine Host IDs on FreeBSD, Linux and Mac OS X. This method should be able to see interfaces that are disconnected or unconfigured. In some cases, these were previously not seen, which could be a hassle for multi-homing or laptop use with no active network connection.
4767: Add environment variable for default MIB search path
The SMITHY_MIB_PATH environment variable can now be set to specify one or more directories that the [$db import] command should search when given a relative path for a MIB file to be imported that can not be found from the current directory (e.g. [$db import -filename “IF-MIB.mib”] would now work from anywhere provided the mibs/IETF directory is in SMITHY_MIB_PATH). Similarly, the $tnm(library)/site and $tnm(library)/mibs directories are now searched by the Scotty/TNM compatibility wrapper’s [mib load] command.
5009: Exceptions reversed in scotty-compat varbinds
The format for SNMPv2/v3 exceptions in varbinds returned by Scotty/TNM compatibility wrapper was using the native format, which uses NULL for the syntax and the exception for the value (e.g. {{2.0 NULL endOfMibView}}), whereas the proper Scotty/TNM format has the exception for syntax and 0 or empty string for value (e.g. {{2.0 endOfMibView 0}}). The wrapper now uses the proper format for proper compatibility. However, since many users may have adapted their code to use the SDK’s exception format but not yet native APIs, the global tnm(tnmexcept) variable can be set to false to continue using the SDK’s exception format and preserve compatibility with their code.
5061: smilib find command should not error with no matches
The [$db find] command will now return an empty list rather than generate an error if no matches are found for the given search specification.
5080: Disallow session binding trap port that’s already in use
The SO_REUSEADDR option will no longer be set on the a session’s trap receiver socket. The intent of adding it (in SDK 4.0) was to allow multiple sessions or processes to each receive traps on the same port, but it doesn’t work that way and behavior was inconsistent between platforms (typically the result was the first one to bind would quietly stop receiving traps when the second binding was made). As with pre-4.0 it will now generate an error if trying to bind to a port that’s already in use.
4806: Warning for tables with only accessible-for-notify columns
It is now a warning rather than an error if at least one column of a table is accessible-for-notify and all others not-accessible, rather than an error as it is for all columns to be not-accessible. There is one IETF standard MIB (RAQMON-RDS-MIB) where this is used, so accessible-for-notify should be sufficient to satisfy RFC2578 section 7.7 requirement that at least one column be accessible.