From 78fcd2bffab5637dca617e41887d397dfa27da56 Mon Sep 17 00:00:00 2001
From: c29m <c29.hunter@gmail.com>
Date: Wed, 21 Jul 2021 18:06:39 +0100
Subject: [PATCH] replaced test snmpsim layer with an updated one which
 supports SHA256, and added the necessary test user

---
 docker-compose.yml               | 12 +++---
 spec/client_spec.rb              | 70 ++++++++++++++++----------------
 spec/handlers/celluloid_spec.rb  | 22 +++++-----
 spec/support/Dockerfile          | 14 -------
 spec/support/request_examples.rb | 17 ++++++--
 5 files changed, 66 insertions(+), 69 deletions(-)
 delete mode 100644 spec/support/Dockerfile

diff --git a/docker-compose.yml b/docker-compose.yml
index c2b4073..ae7feaa 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,12 +16,15 @@ services:
       /home/spec/support/specs.sh
 
   snmp-server-emulator:
-    image: honeyryderchuck/snmp-server-emulator:latest
+    image: tandrup/snmpsim:latest
     ports:
       - 1161:1161/udp
     volumes:
       - ./spec/support/snmpsim/:/home/snmp_server/.snmpsim
     command:
+      - /usr/local/bin/snmpsimd.py
+      - --process-user=snmpsim
+      - --process-group=nogroup
       - --v3-engine-id=000000000000000000000002
       - --agent-udpv4-endpoint=0.0.0.0:1161
       - --agent-udpv6-endpoint=[::0]:1161
@@ -31,11 +34,12 @@ services:
       - --v3-user=authmd5
       - --v3-auth-key=maplesyrup
       - --v3-auth-proto=MD5
-      - --v3-priv-proto=NONE
       - --v3-user=authsha
       - --v3-auth-key=maplesyrup
       - --v3-auth-proto=SHA
-      - --v3-priv-proto=NONE
+      - --v3-user=authsha256
+      - --v3-auth-key=maplesyrup
+      - --v3-auth-proto=SHA256
       - --v3-user=authprivshaaes
       - --v3-auth-key=maplesyrup
       - --v3-auth-proto=SHA
@@ -57,5 +61,3 @@ services:
       - --v3-priv-key=maplesyrup
       - --v3-priv-proto=DES
       - --v3-user=unsafe
-      - --v3-auth-proto=NONE
-      - --v3-priv-proto=NONE
diff --git a/spec/client_spec.rb b/spec/client_spec.rb
index b9b6558..e8cf41a 100644
--- a/spec/client_spec.rb
+++ b/spec/client_spec.rb
@@ -23,19 +23,19 @@
       let(:next_oid) { "1.3.6.1.2.1.1.6.0" }
       let(:walk_oid) { "1.3.6.1.2.1.1" }
       let(:set_oid) { "sysUpTime.0" } # sysUpTimeInstance
-      let(:get_result) { "DEVICE-192.168.1.1" }
-      let(:next_result) { "The Cloud" }
+      let(:get_result) { "zeus.snmplabs.com (you can change this!)" }
+      let(:next_result) { "San Francisco, California, United States" }
       let(:walk_result) do
-        <<-WALK
-1.3.6.1.2.1.1.1.0: Device description
-1.3.6.1.2.1.1.2.0: 1.3.6.1.4.1.3454
-1.3.6.1.2.1.1.3.0: Timeticks: (78171676) 9 days, 1:8:36.76
-1.3.6.1.2.1.1.4.0: The Owner
-1.3.6.1.2.1.1.5.0: DEVICE-192.168.1.1
-1.3.6.1.2.1.1.6.0: The Cloud
-1.3.6.1.2.1.1.7.0: 72
-1.3.6.1.2.1.1.8.0: Timeticks: (0) 0 days, 0:0:0.0
-        WALK
+        {
+          "1.3.6.1.2.1.1.1.0" => "Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686",
+          "1.3.6.1.2.1.1.2.0" => "1.3.6.1.4.1.8072.3.2.10",
+          "1.3.6.1.2.1.1.3.0" => /Timeticks: \(\d+\) \d+ days, \d+:\d+:\d+\.\d+/,
+          "1.3.6.1.2.1.1.4.0" => "SNMP Laboratories, info@snmplabs.com",
+          "1.3.6.1.2.1.1.5.0" => "zeus.snmplabs.com (you can change this!)",
+          "1.3.6.1.2.1.1.6.0" => "San Francisco, California, United States",
+          "1.3.6.1.2.1.1.7.0" => "72",
+          "1.3.6.1.2.1.1.8.0" => /Timeticks: \(\d+\) \d+ days, \d+:\d+:\d+\.\d+/
+        }
       end
       let(:set_oid_result) { 43 }
     end
@@ -52,19 +52,19 @@
       let(:next_oid) { "1.3.6.1.2.1.1.6.0" }
       let(:walk_oid) { "system" }
       let(:set_oid) { "sysUpTime.0" }
-      let(:get_result) { "DEVICE-192.168.1.1" }
-      let(:next_result) { "The Cloud" }
+      let(:get_result) { "zeus.snmplabs.com (you can change this!)" }
+      let(:next_result) { "San Francisco, California, United States" }
       let(:walk_result) do
-        <<-WALK
-1.3.6.1.2.1.1.1.0: Device description
-1.3.6.1.2.1.1.2.0: 1.3.6.1.4.1.3454
-1.3.6.1.2.1.1.3.0: Timeticks: (78171676) 9 days, 1:8:36.76
-1.3.6.1.2.1.1.4.0: The Owner
-1.3.6.1.2.1.1.5.0: DEVICE-192.168.1.1
-1.3.6.1.2.1.1.6.0: The Cloud
-1.3.6.1.2.1.1.7.0: 72
-1.3.6.1.2.1.1.8.0: Timeticks: (0) 0 days, 0:0:0.0
-        WALK
+        {
+          "1.3.6.1.2.1.1.1.0" =>  "Linux zeus 4.8.6.5-smp #2 SMP Sun Nov 13 14:58:11 CDT 2016 i686",
+          "1.3.6.1.2.1.1.2.0" =>  "1.3.6.1.4.1.8072.3.2.10",
+          "1.3.6.1.2.1.1.3.0" =>  /Timeticks: \(\d+\) \d+ days, \d+:\d+:\d+\.\d+/,
+          "1.3.6.1.2.1.1.4.0" =>  "SNMP Laboratories, info@snmplabs.com",
+          "1.3.6.1.2.1.1.5.0" =>  "zeus.snmplabs.com (you can change this!)",
+          "1.3.6.1.2.1.1.6.0" =>  "San Francisco, California, United States",
+          "1.3.6.1.2.1.1.7.0" =>  "72",
+          "1.3.6.1.2.1.1.8.0" =>  /Timeticks: \(\d+\) \d+ days, \d+:\d+:\d+\.\d+/
+        }
       end
       let(:set_oid_result) { 43 }
 
@@ -101,18 +101,18 @@
     let(:set_oid) { "sysUpTime.0" } # sysUpTimeInstance
     let(:walk_oid) { "1.3.6.1.2.1.1.9.1.3" }
     let(:get_result) { "tt" }
-    let(:next_result) { "KK12" }
+    let(:next_result) { "KK12 (edit /etc/snmp/snmpd.conf)" }
     let(:walk_result) do
-      <<-WALK
-1.3.6.1.2.1.1.9.1.3.1: The SNMP Management Architecture MIB.
-1.3.6.1.2.1.1.9.1.3.2: The MIB for Message Processing and Dispatching.
-1.3.6.1.2.1.1.9.1.3.3: The management information definitions for the SNMP User-based Security Model.
-1.3.6.1.2.1.1.9.1.3.4: The MIB module for SNMPv2 entities
-1.3.6.1.2.1.1.9.1.3.5: The MIB module for managing TCP implementations
-1.3.6.1.2.1.1.9.1.3.6: The MIB module for managing IP and ICMP implementations
-1.3.6.1.2.1.1.9.1.3.7: The MIB module for managing UDP implementations
-1.3.6.1.2.1.1.9.1.3.8: View-based Access Control Model for SNMP.
-      WALK
+      {
+        "1.3.6.1.2.1.1.9.1.3.1" => "The SNMP Management Architecture MIB.",
+        "1.3.6.1.2.1.1.9.1.3.2" => "The MIB for Message Processing and Dispatching.",
+        "1.3.6.1.2.1.1.9.1.3.3" => "The management information definitions for the SNMP User-based Security Model.",
+        "1.3.6.1.2.1.1.9.1.3.4" => "The MIB module for SNMPv2 entities",
+        "1.3.6.1.2.1.1.9.1.3.5" => "The MIB module for managing TCP implementations",
+        "1.3.6.1.2.1.1.9.1.3.6" => "The MIB module for managing IP and ICMP implementations",
+        "1.3.6.1.2.1.1.9.1.3.7" => "The MIB module for managing UDP implementations",
+        "1.3.6.1.2.1.1.9.1.3.8" => "View-based Access Control Model for SNMP."
+      }
     end
     let(:set_oid_result) { 43 }
     context "with a no auth no priv policy" do
diff --git a/spec/handlers/celluloid_spec.rb b/spec/handlers/celluloid_spec.rb
index 08575fd..3b7bcb4 100644
--- a/spec/handlers/celluloid_spec.rb
+++ b/spec/handlers/celluloid_spec.rb
@@ -17,18 +17,18 @@
   let(:set_oid) { "1.3.6.1.2.1.1.3.0" } # sysUpTimeInstance
   let(:walk_oid) { "1.3.6.1.2.1.1.9.1.3" }
   let(:get_result) { "tt" }
-  let(:next_result) { "KK12" }
+  let(:next_result) { "KK12 (edit /etc/snmp/snmpd.conf)" }
   let(:walk_result) do
-    <<-WALK
-1.3.6.1.2.1.1.9.1.3.1: The SNMP Management Architecture MIB.
-1.3.6.1.2.1.1.9.1.3.2: The MIB for Message Processing and Dispatching.
-1.3.6.1.2.1.1.9.1.3.3: The management information definitions for the SNMP User-based Security Model.
-1.3.6.1.2.1.1.9.1.3.4: The MIB module for SNMPv2 entities
-1.3.6.1.2.1.1.9.1.3.5: The MIB module for managing TCP implementations
-1.3.6.1.2.1.1.9.1.3.6: The MIB module for managing IP and ICMP implementations
-1.3.6.1.2.1.1.9.1.3.7: The MIB module for managing UDP implementations
-1.3.6.1.2.1.1.9.1.3.8: View-based Access Control Model for SNMP.
-    WALK
+    {
+      "1.3.6.1.2.1.1.9.1.3.1" => "The SNMP Management Architecture MIB.",
+      "1.3.6.1.2.1.1.9.1.3.2" => "The MIB for Message Processing and Dispatching.",
+      "1.3.6.1.2.1.1.9.1.3.3" => "The management information definitions for the SNMP User-based Security Model.",
+      "1.3.6.1.2.1.1.9.1.3.4" => "The MIB module for SNMPv2 entities",
+      "1.3.6.1.2.1.1.9.1.3.5" => "The MIB module for managing TCP implementations",
+      "1.3.6.1.2.1.1.9.1.3.6" => "The MIB module for managing IP and ICMP implementations",
+      "1.3.6.1.2.1.1.9.1.3.7" => "The MIB module for managing UDP implementations",
+      "1.3.6.1.2.1.1.9.1.3.8" => "View-based Access Control Model for SNMP."
+    }
   end
 
   before(:all) { Celluloid.boot }
diff --git a/spec/support/Dockerfile b/spec/support/Dockerfile
deleted file mode 100644
index 8d72fc4..0000000
--- a/spec/support/Dockerfile
+++ /dev/null
@@ -1,14 +0,0 @@
-FROM python:2.7-alpine
-Maintainer Tiago Cardoso <cardoso_tiago@hotmail.com>
-
-RUN easy_install snmpsim==0.3.0
-RUN easy_install pycrypto==2.6.1
-EXPOSE 1161
-# Create non-privileged user
-RUN useradd -m snmp_server
-
-
-USER snmp_server
-ENTRYPOINT ["/usr/local/bin/snmpsimd.py"]
-
-CMD ["--help"]
diff --git a/spec/support/request_examples.rb b/spec/support/request_examples.rb
index dc4bfe0..c13a760 100644
--- a/spec/support/request_examples.rb
+++ b/spec/support/request_examples.rb
@@ -22,8 +22,8 @@
       let(:value) { subject.get({ oid: get_oid }, oid: next_oid) }
       it "returns the values for both" do
         expect(value).to be_a(Array)
-        expect(value).to include(/#{get_result}/)
-        expect(value).to include(/#{next_result}/)
+        expect(value).to include(get_result)
+        expect(value).to include(next_result)
       end
     end
   end
@@ -40,8 +40,17 @@
   describe "#walk" do
     let(:value) { subject.walk(oid: walk_oid) }
     it "fetches the varbinds for the next oid" do
-      values = value.map { |oid, val| "#{oid}: #{val}" }.join("\n") << "\n"
-      expect(values).to eq(walk_result)
+      value.each do |oid, val|
+        match = walk_result[oid]
+        case match
+        when String
+          expect(val.to_s).to eq(match)
+        when Regexp
+          expect(val.to_s).to match(match)
+        else
+          next
+        end
+      end
     end
   end
 end