[fpc-pascal] roadblock with Synapse and SNMPv3 authentication

[Seth Grover]

I posted a similar email to the Synapse mailing list a while ago, but
nobody ever replied so I thought I'd broaden my audience. Apologies if
you're a member of both lists and have already read this. Also, before
I go any further, I just want to make it totally clear that my
*entire* understanding of SNMP comes from looking at the Synapse
SNMP-related code and reading RFCs, so if I say something stupid, I'm
not really stupid... just ignorant. :)

I've made some additions to snmpsend.pas to allow implementation of an
SNMP agent (server) which can do authentication (AuthNoPriv using MD5
and SHA1) of SNMP packets sent by SNMP clients. This code seems to
work when both the server and the client are both written using
FreePascal and Synapse. However, when I try to use another third-party
SNMP library (particularly Net::SNMP with Perl) the same
authentication code which works perfectly for Synapse-sent SNMP
messages fails to authenticate the Net::SNMP-sent SNMP messages. I've
kind of hit a brick wall with this. Since my authentication code works
perfectly authenticating SNMP messages sent with the existing Synapse
code, but not with messages from Net::SNMP, does that mean that
there's something wrong with the existing Synapse code?

Anyway, I was hoping that someone among the Synapse developers, or
(now) someone else on the FreePascal mailing list would be willing to
lend a second pair of eyes to this and help me figure out what I'm
doing wrong.

Here's a URL of a tarball containing what you need to duplicate what
I'm doing: http://maemobox.org/tlacuache/snmpAuthTest.tar.gz

This contains:
- snmp-changes.patch = a patch generated against release 38 of the
Synapse source code containing my modifications for SNMPv3
authentication
- server = contains a small server program which listens for SNMP
messages (traps and informrequests), authenticates them if needed and
displays the contents
- client = contains a test program for sending SNMP messages to the
server (works perfectly for me with the server)
- clientPerl = contains a perl script to send an SNMP message to the
server (my server fails to authenticate it correctly)

You should just be able to apply my patch to your synapse code and
build the projects as-is (although I suppose you might need to change
the unit search paths to point to the location of the synapse source
code you patched).

I'd certainly appreciate any help anyone could offer. Of course my
hope is that all of the code I've written and anything else that comes
from this could benefit the Synapse project and FPC community.

Thanks,

-SG

========================
My eyes! The goggles do nothing!

Seth Grover
sethdgrover[at]gmail[dot]com