net-snmp: Improved SNMPv3 authentication and privacy support.

Enabled SHA authentication and AES privacy (encryption) using OpenSSL.
Disable minimal agent when privacy is enabled.

Tested SNMPv3 with USM (User-based Security Model) SHA auth + AES priv, minimal agent option disabled.

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
[mol: stay with libnl1]
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>

1 files changed, 11 insertions, 0 deletions

diff --git a/rules/net-snmp.in b/rules/net-snmp.in
index 982132887..e0846fa15 100644
--- a/rules/net-snmp.in
+++ b/rules/net-snmp.in
@@ -7,6 +7,8 @@ menuconfig NET_SNMP
 	select LIBC_DL		if NET_SNMP_AGENT || NET_SNMP_APPLICATIONS
 	select LIBNL		if NET_SNMP_AGENT || NET_SNMP_APPLICATIONS
 	select LM_SENSORS	if NET_SNMP_MIB_MODULES_LM_SENSORS
+	select OPENSSL		if NET_SNMP_SHA_AES
+	select NET_SNMP_PRIVACY	if NET_SNMP_SHA_AES || NET_SNMP_DES
 
 if NET_SNMP
 
@@ -174,6 +176,7 @@ endchoice
 config NET_SNMP_MINI_AGENT
 	bool
 	default y
+	depends on ! NET_SNMP_PRIVACY
 	prompt "minimal agent"
 
 config NET_SNMP_AGENT
@@ -200,6 +203,10 @@ config NET_SNMP_SNMPV2C
 	bool
 	prompt "support for SNMPv2c"
 
+config NET_SNMP_PRIVACY
+	bool
+	prompt "support for privacy (encryption)"
+
 config NET_SNMP_DES
 	bool
 	prompt "DES encryption"
@@ -208,6 +215,10 @@ config NET_SNMP_MD5
 	bool
 	prompt "MD5 authentication"
 
+config NET_SNMP_SHA_AES
+	bool
+	prompt "SHA authentication and AES encryption"
+
 config NET_SNMP_DOM_SOCK_ONLY
 	bool "Disable UDP/TCP transports for agentx" if NET_SNMP_AGENT
 	default y