Switch default snmpd and snmp auth back to hmac-sha1.

Practical experience on several machines after updates suggests the snmp
world isn't really ready for hmac-sha2-256, and the HMAC construction doesn't
require collision resistance (which is the weakness of MD5/SHA1; see e.g.
"New proofs for NMAC and HMAC: Security without collision-resistance",
Bellare 2014).

Feedback from martijn@ (who would prefer to keep using the sha2 hmac),
deraadt@, tb@.

diff --git a/usr.bin/snmp/snmp.1 b/usr.bin/snmp/snmp.1
index 09a255a..cfbc68f 100644 (file)
--- a/usr.bin/snmp/snmp.1
+++ b/usr.bin/snmp/snmp.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: snmp.1,v 1.18 2021/06/20 20:02:14 martijn Exp $
+.\" $OpenBSD: snmp.1,v 1.19 2021/08/08 13:41:26 sthen Exp $
 .\"
 .\" Copyright (c) 2019 Martijn van Duren <martijn@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: June 20 2021 $
+.Dd $Mdocdate: August 8 2021 $
 .Dt SNMP 1
 .Os
 .Sh NAME
@@ -197,7 +197,7 @@ Options are
 or
 .Cm SHA-512 .
 This option defaults to
-.Cm SHA-256 .
+.Cm SHA .
 This option is only used by
 .Fl v Cm 3 .
 .It Fl C Ar appopt

diff --git a/usr.bin/snmp/snmpc.c b/usr.bin/snmp/snmpc.c
index 3328ee4..a77ef54 100644 (file)
--- a/usr.bin/snmp/snmpc.c
+++ b/usr.bin/snmp/snmpc.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: snmpc.c,v 1.34 2021/06/20 20:02:14 martijn Exp $      */
+/*     $OpenBSD: snmpc.c,v 1.35 2021/08/08 13:41:26 sthen Exp $        */
 
 /*
  * Copyright (c) 2019 Martijn van Duren <martijn@openbsd.org>
@@ -476,7 +476,7 @@ main(int argc, char *argv[])
                        err(1, "usm_init");
                if (seclevel & SNMP_MSGFLAG_AUTH) {
                        if (md == NULL)
-                               md = EVP_sha256();
+                               md = EVP_sha1();
                        if (authkey == NULL)
                                errx(1, "No authKey or authPassword specified");
                        if (usm_setauth(sec, md, authkey, authkeylen,

diff --git a/usr.sbin/snmpd/snmpd.conf.5 b/usr.sbin/snmpd/snmpd.conf.5
index 38c587b..640afe5 100644 (file)
--- a/usr.sbin/snmpd/snmpd.conf.5
+++ b/usr.sbin/snmpd/snmpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: snmpd.conf.5,v 1.51 2021/08/08 13:28:06 sthen Exp $
+.\" $OpenBSD: snmpd.conf.5,v 1.52 2021/08/08 13:41:26 sthen Exp $
 .\"
 .\" Copyright (c) 2007, 2008, 2012 Reyk Floeter <reyk@openbsd.org>
 .\"
@@ -280,7 +280,7 @@ must be either
 or
 .Ic hmac-sha512 .
 If omitted the default is
-.Ic hmac-sha256 .
+.Ic hmac-sha1 .
 .Pp
 With
 .Ic enckey
@@ -346,17 +346,14 @@ oid 1.3.6.1.4.1.30155.42.2 name myStatus read-only integer 1
 .Pp
 The next example will enforce SNMPv3 with authenticated and encrypted
 communication and the user-based security model.
-The configuration defines two users,
-the first one is using the
-.Ic aes
-encryption algorithm and the second one the default
-.Ic des
-algorithm.
+The configuration defines several users using varying encryption and
+authentication algorithms.
 .Bd -literal -offset indent
 seclevel enc
 
-user "hans" authkey "password123" enc aes enckey "321drowssap"
-user "sophie" authkey "password456" enc des enckey "654drowssap"
+user "mgmt" auth hmac-sha256 authkey "password123" enc aes enckey "321drowssap"
+user "hans" auth hmac-sha1 authkey "password456" enc aes enckey "654drowssap"
+user "sophie" auth hmac-md5 authkey "password789" enc des enckey "987drowssap"
 .Ed
 .Sh SEE ALSO
 .Xr snmp 1 ,

diff --git a/usr.sbin/snmpd/snmpd.h b/usr.sbin/snmpd/snmpd.h
index c43fa50..fbd9ce5 100644 (file)
--- a/usr.sbin/snmpd/snmpd.h
+++ b/usr.sbin/snmpd/snmpd.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: snmpd.h,v 1.97 2021/06/20 19:59:42 martijn Exp $      */
+/*     $OpenBSD: snmpd.h,v 1.98 2021/08/08 13:41:26 sthen Exp $        */
 
 /*
  * Copyright (c) 2007, 2008, 2012 Reyk Floeter <reyk@openbsd.org>
@@ -529,7 +529,7 @@ enum usmauth {
        AUTH_SHA512     /* usmHMAC384SHA512AuthProtocol. RFC7860 */
 };
 
-#define AUTH_DEFAULT   AUTH_SHA256     /* Default digest */
+#define AUTH_DEFAULT   AUTH_SHA1       /* Default digest */
 
 enum usmpriv {
        PRIV_NONE = 0,