Net-SNMP 5.6.1 has been released. Get it from:
http://www.net-snmp.org/download.html
It contains the following NEWS items, which include those changes in 5.6 that weren't previously announced:
*5.6.1*
General:
- The DTLS and TLS transports and the TSM security model are no
longer "beta" (they've undergone rigorous interoperability testing).
- Many Bug Fixes (see the CHANGES and ChangeLog files for full details)
snmpd: \- Patch 3141462: from fenner: fix agentx subagent issues with multiple-object requests \- Patch from Niels to fix VACM persistant storage.
*5.6*
all: \- Implemented the SNMP over TLS and SNMP over DTLS protocols \[RFC-to-be\] See http://www.net-snmp.org/wiki/index.php/TUT:Using\_TLS \- Implemented the "Transport Security Model" \[RFC5591\] \- Generic host-specific configuration .conf files are now read. See the HOST-SPECIFIC FILES section of the snmp.conf manual page and http://www.net-snmp.org/wiki/index.php/Configuration \- Include statements can now be used in .conf files. See http://www.net-snmp.org/wiki/index.php/Configuration snmpd: \- Fix handling of multiple matching VACM entries. \(Use the "best" match, rather than the first one\). Reported by Adam Lewis. Note that this could potentially affect the behaviour of existing access control configurations. \- Agent will no longer call table handlers if a set request for the handler has invalid indexes \- table\_data/tdata next handler will not be called during get processing if no valid rows are found for the handler \- \[PATCH 2952708\]: Added Perl implementation of BRIDGE-MIB \- moved all functions defined in libnetsnmphelpers to libnetsnmpagent. libnetsnmphelpers is now an empty library. \- Implemented the TSM-MIB and the TLSTM-MIB \- new API for indicating that persistent store needs to be saved after the current request finishes processing \- \[PATCH 2931446\]: make the load averages writable. apps: \- A new tool 'net-snmp-cert' that easily creates and manages X.509 certificates for use with the SNMP over \(D\)TLS protocols. \- Added an 'agentxtrap' command to send notifications via AgentX \(See http://www.net-snmp.org/wiki/index.php/TUT:agentxtrap for details\) \- -T command line flag can be used to pass configuration directly to transports that can accept configuration tokens \- A new 'snmptls' command for manipulating the agent's TLS configuration snmplib: \- A more modular transport subsystem that allows third party extensions and dependencies for code reuse. \- New transport functions: f\_config, f\_open, f\_copy and f\_setup\_session \- Transports can now specify session defaults \- E.G. dtlsudp: auto-sets the SNMP version and the security model. \- \[PATCH 2942940\]: Add a new function, netsnmp\_parse\_args, that is like snmp\_parse\_args but takes an additional bitmask, flags, to affect the behaviour. Also remove the magic handling of some application names. \- A new X.509 certificate API for indexing and reading certificates \- new experimental row creation API which uses a state machine to try really hard to create a row from a given varbind list \- netsnmp\_container enhancements: \- added a free\_item function \- added a CONTAINER\_FREE\_ALL macro/function \- added an interface for duplicating a container \(CONTAINER\_DUP\) \- added a remove function to container\_iterators \- added an ability to set options on binary\_array containers \- new snmp token logOption allows specifying log destinations via configuration conf files \- A very significant reduction in compiler warning output \- new experimental simple state machine handling API building: \- Support for a stream-line stripped down version of internal OpenSSL support using --with-openssl=internal. \- Do not require that the UDP transport is included. \- Building Net-SNMP with dmalloc support enabled is again possible. mib2c: \- mib2c can now optionally run sed on generated code testing: \- A brand new test infrastructure supporting multiple test suites See perldoc testing/RUNFULLTESTS for details python: \- walking broken agents won't cause an infinite loop win32: \- IPv6 is only supported under Cygwin 1.7 or later. \- \[BUG 2939168\]: byte order of udpLocalPort is now correct. \- \[BUG 2939168\]: fixed test infrastructure \("make test"\). This has been fixed by using the proper environment separator character and by adding the path of the netstat executable for Cygwin in testing/TESTCONF.sh. \- building with another OpenSSL package than the Cygwin-provided packages openssl and openssl-devel is again possible. \- running the regression test suite is again possible \('make test'\). \- winExtDLL compiles now under MinGW. \- the snmpd.conf keyword 'extend' is now supported under MinGW \- the snmptrapd.conf keyword traphandle is now supported under MinGW qnx6: \- \[PATCH 2836895\]: support for QNX6