Fix bug #52911: SNMPv3 time window check is not the same as RFC3414

This commit is contained in:
Dirk Ziegelmeier 2018-01-16 13:30:31 +01:00
parent 72fc4a6ca5
commit 51369854b5

View File

@ -1051,13 +1051,13 @@ snmp_parse_inbound_frame(struct snmp_request *request)
}
{
s32_t time = snmpv3_get_engine_time_internal();
if (request->msg_authoritative_engine_time > time) {
if (request->msg_authoritative_engine_time > (time + 150)) {
snmp_stats.notintimewindows++;
request->msg_flags = SNMP_V3_AUTHNOPRIV;
request->error_status = SNMP_ERR_NOTINTIMEWINDOW;
return ERR_OK;
} else if (time > 150) {
if (request->msg_authoritative_engine_time < time - 150) {
if (request->msg_authoritative_engine_time < (time - 150)) {
snmp_stats.notintimewindows++;
request->msg_flags = SNMP_V3_AUTHNOPRIV;
request->error_status = SNMP_ERR_NOTINTIMEWINDOW;