Wireshark-users: Re: [Wireshark-users] V1.0.0pre1 & MIB Files
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Andrew Hood <ajhood@xxxxxxxxx>
Date: Sat, 22 Mar 2008 23:11:40 +1100
Jaap Keuter wrote:
> Hi,
> 
> Frankly, I don't get warm fuzzy feelings with libraries which are to *support* 
> our program and make it crash when fed bad data. Especially since the data is 
> not in our control (UAT configurable).
> Bottom line: It should be fixed in the lib, not with (commandline) tools that 
> are alien to the users.

The inability of manufacturers to write syntactically correct MIBs is
legendary. Users also need to understand IMPORT clauses.

The switch to libsmi was a conscious decision on the part of one or more
Wireshark developers. I was one of those who suggested it, but having
been a long time libsmi user I knew it would require work to be
reliable, and was somewhat surprised at the speed in which it went into
the mainline.

NetSNMP "silently" ignores OIDs it can't resolve but has its problems
too. If compiled with OpenSSL it is liable to all the potential OpenSSL
vulnerabilities, and runs into issues with the difference between the
Wireshark, NetSNMP and OpenSSL licenses.

Most Linux systems will have NetSNMP installed, usually linked with
OpenSSL. Many other *nixes may have NetSNMP too, usually linked with
OpenSSL. You would need to statically link with a Wireshark provided
non-SSL version to avoid any such issues.

Today you have a choice. Switch back to NetSNMP, or contribute to libsmi
development to make it more usable in Wireshark.

-- 
There's no point in being grown up if you can't be childish sometimes.
                -- Dr. Who