lextm
commented
10 months ago You can read #429 first to gain some insights on the current ecosystem status.
Open anyn99 opened 10 months ago
lextm
commented
10 months ago You can read #429 first to gain some insights on the current ecosystem status.
Hi there!
I am in the process of implementing a SNMPv3 agent here at work.
For testing purposes i test our agent with net-snmp (v5.10-git@82862da) with OpenSSL-1.1.1.
And i also test against the pysnmp testserver demo.pysnmp.com. I actually do not know who is responsible for the testserver and what version it is...
While doing so i found that some authentication/privacy algorythms are maybe not working as expected?
I am interested in finding out why and how, also to make my own implementation better.
As far as i can tell the error could also be on the net-snmp side, but i am unsure.
Is anyone interested in working on this?
Here a table of all tested combinations:
legend:
"---": impossible combination
"not supported": net-snmp does not support 3DES, so it can't be tested
"Timeout": pysnmp is not sending anything after time syncronisation -> needs fix!
"Decryption error": pysnmp has sent an answer, but net-snmp couldn't decrypt -> those ones need fix
The "C" at the end of privacy algos is for "Cisco", which means key localization is done with reeder-draft.
Those without the "C" have key localization according to blumethal-draft.
While it seems that the reeder implementation is the "standard" for pysnmp, the blumenthal ones don't seem to work at a