* Added new authalgo support for SNMPv3
* Update 2020_07_27_00522_alter_authalgo_column.php
Fixed case
* Update addhost.inc.php
Fixed case
* Update snmp.inc.php
Fixed case
* Update db_schema.yaml
Fixed case
* Fixed SHA-* order to ascending
* Update 2020_07_27_00522_alter_authalgo_column.php
Fixed space
* Update db_schema.yaml
Fixed line to be of type string
* Update config_definitions.json
Fixed sorting
* Fixed test file case sensitivity
* Fixed rollback function
* SourceDoctor code for checks
* Fixed indentation issues on Travis test
* Update to re-trigger testing stuck on CLA step
* Added crypto-algo updates
* Incorporated suggestions from Jellyfrog
* Added documentation entry
* Fixed travis spacing error
* Fixed validations
* Delete snmpv3_version_compare.patch
Sorry, this one was not supposed to be there.
* Added poller evaluation
* Added poller comparison
* Fixed merge-conflicts
* Fixed typo in test unit
* code refinements
only can check on webui that it supports the algorithms, hopefully, the eventlog is enough to notify users of distributed pollers.
* style fixes and remove openssl setting
* fix device access
* fix missing migration column
Co-authored-by: Tony Murray <murraytony@gmail.com>
* Don't call clean() on the inputs to the SNMP settings form, it'll call
strip_tags() and break values with angle brackets in.
* Call htmlspecialchars when outputting DB values to HTML instead
* Escape other stuff that should have been validated elsewhere, just in case
* Fixed device SNMP edit form (and better feedback)
* snmp.inc.php: Fix SNMP Edit form (better feedback)
* The feedback for Max Repeaters and Max OIDs is much better. The constant false errors on save have been corrected. The are no longer applicable and muted when SNMP is turned off. Their feedback now clearly shows the user what has been done.
* Rename & relabel $no_checks as $force_save (Force Save) because that's simpler and more clearly defines what the code is doing when you turn it on.
* Reorder the Force Save checkbox to be right above the Save button so it's even more clear what it does. Force Save and Save are the only elements on the form that do *not* have a database setting. They're ephemeral and now grouped as such.
* Embedded comments about the use of === false as tests for setAttrib() and forgetAttrib()
* snmp.inc.php: code climate updates, round 1
* remove blank lines
* refactor duplicate code blocks
* remove join on string
* move print_messages to the bottom of the form
* snmp.inc.php: code climate, round 2
* avoid deeply nested control flow statements (8)
* snmp.inc.php: when to $force_save and $device_isssnmable
* move $force_save outside of if ($snmp_enabled) so it works properly
when snmp is disabled.
* only check isSNMPable() if snmp is enabled
* snmp.inc.php: move $device_snmp_details
* $device_snmp_details are only needed for isSNMPable(), so only call
them within the same contingency
* snmp.inc.php: cleanup & hardening
* add SNMP Settings header (to better mimic Device Settings, etc)
* use Toastr for feedback, rather than print_message & print_error
* after editing, always unset($_POST) and the other variables used for editing
* unless the save is forced, if !$device_issnpable then don't save *anything* in the database and revert *all* previous form settings (some already were being reverted & some weren't)
* more variables were ordered alphabetically, unused variables were and removed
* for snmpver, don't use .toggle(); use .hide() & .show() so the form reverts properly when it fails
* snmp.inc.php: clarify placeholder for max repeaters
* snmp.inc.php: code climate, round 3
* correct blank line found at the end of control structure (2)
* correct space before opening parenthesis of a function call prohibited (3)
* Remove auth use of $_SESSION
Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()
* revert accidental replacement
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)
Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input
* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
Hans Erasmus
Jellyfrog
Tony Murray
cjwbath
Arjit Chaudhary
Joseph Tingiris
SourceDoctor