net-snmp 3.21.2 → 3.23.0

package/README.cn.md

@@ -100,6 +100,7 @@ var session = snmp.createSession ("127.0.0.1", "public", options);
 * `version` - `snmp.Version1`或`snmp.Version2c`，默认为`snmp.Version1`。
 * "backwardsGetNexts"----允许进行GetNext操作的布尔值，以检索词法上在前的OIDs。
 * `idBitsSize` - `16`或`32`，默认为`32`。用来减少生成的id的大小，以便与一些旧设备兼容。
+* `dgramModule` – 一个与 Node.js [`dgram`](https://nodejs.org/api/dgram.html) 模块接口兼容的模块。您可以通过提供自定义或包装的 `dgram` 实现来扩展或覆盖默认的 UDP 套接字行为。
 
 当一个会话结束后，应该关闭它。
 

package/README.md

@@ -344,7 +344,7 @@ Actions
 - `4 -  ECouldNotDecrypt`
 - `5 -  EAuthFailure`
 - `6 -  EReqResOidNoMatch`
-- `7 -  (no longer used)
+- `7 -  (no longer used)`
 - `8 -  EOutOfOrder`
 - `9 -  EVersionNoMatch`
 - `10 -  ECommunityNoMatch`
@@ -588,7 +588,8 @@ var options = {
     version: snmp.Version1,
     backwardsGetNexts: true,
     reportOidMismatchErrors: false,
-    idBitsSize: 32
+    idBitsSize: 32,
+    dgramModule: dgram
 };
 
 var session = snmp.createSession ("127.0.0.1", "public", options);
@@ -620,6 +621,10 @@ is an object, and can contain the following items:
    requests and responses, defaults to `false`
  * `idBitsSize` - Either `16` or `32`, defaults to `32`.  Used to reduce the size
     of the generated id for compatibility with some older devices.
+ * `dgramModule` – A module that is interface-compatible with the Node.js [`dgram`](https://nodejs.org/api/dgram.html) module.
+    This can be used to extend or override the default UDP socket behavior by supplying
+    a custom or wrapped implementation of `dgram`.
+         
 
 When a session has been finished with it should be closed:
 
@@ -2493,6 +2498,27 @@ pre-loaded "base" modules is:
  * SNMPv2-TC
  * SNMPv2-MIB
 
+By default, the `createModuleStore()` function creates a new `ModuleStore` instance with all the base modules pre-loaded. 
+However, you can now customize which base modules are loaded by passing an options object:
+
+```js
+// Example of selecting only SNMPv2 MIBs
+const store = snmp.createModuleStore({
+  baseModules: [
+    'SNMPv2-SMI',
+    'SNMPv2-CONF',
+    'SNMPv2-TC',
+    'SNMPv2-MIB',
+  ],
+});
+```
+
+The `options` object can contain:
+
+* `baseModules` - An array of module names to use as the base modules. This allows you to explicitly control which MIBs are loaded, which can be useful to avoid unexpected type overrides that might occur with the full set of base modules.
+
+This feature is helpful when dealing with constraints for SNMPv2-TC defined textual conventions like DisplayString that might get preempted by subsequent definitions as plain OCTET STRING in RFC MIBs.
+
 ## store.loadFromFile (fileName)
 
 Loads all MIB modules in the given file into the module store.  By convention, there is
@@ -3529,6 +3555,16 @@ Example programs are included under the module's `example` directory.
 
  * Add custom base module list
 
+# Version 3.22.0 - 27/04/2025
+
+ * Fix incorrect SNMPv3 engineID handling
+
+ * Add custom base module list
+
+# Version 3.23.0 - 20/06/2025
+
+ * Add support for custom dgram module
+
 # License
 
 Copyright (c) 2020 Mark Abrahams <mark@abrahams.co.nz>

package/index.js

@@ -1,4 +1,3 @@
-
 // Copyright 2013 Stephen Vickers <stephen.vickers.sv@gmail.com>
 
 const ber = require ("asn1-ber").Ber;
@@ -2038,12 +2037,13 @@ var Session = function (target, authenticator, options) {
 	DEBUG |= options.debug;
 
 	this.engine = new Engine ({
-		engineId: options.engineID
+		engineID: options.engineID
 	});
 	this.reqs = {};
 	this.reqCount = 0;
 
-	this.dgram = dgram.createSocket (this.transport);
+	const dgramMod = options.dgramModule || dgram;
+	this.dgram = dgramMod.createSocket (this.transport);
 	this.dgram.unref();
 
 	var me = this;
@@ -3009,7 +3009,7 @@ Session.createV3 = function (target, user, options) {
 };
 
 var Engine = function (engineOptions) {
-	const { engineID } = engineOptions;
+	let { engineID } = engineOptions;
 	if ( engineID ) {
 		if ( ! (engineID instanceof Buffer) ) {
 			engineID = engineID.replace('0x', '');
@@ -3035,10 +3035,8 @@ Engine.prototype.generateEngineID = function() {
 var Listener = function (options, receiver) {
 	this.receiver = receiver;
 	this.callback = receiver.onMsg;
-	// this.transport = options.transport || 'udp4';
-	// this.port = options.port || 161;
-	// this.address = options.address;
 	this.disableAuthorization = options.disableAuthorization || false;
+	this.dgramModule = options.dgramModule || dgram;
 	if ( options.sockets ) {
 		this.socketOptions = options.sockets;
 	} else {
@@ -3061,7 +3059,8 @@ Listener.prototype.startListening = function () {
 	var me = this;
 	this.sockets = {};
 	for ( const socketOptions of this.socketOptions ) {
-		const socket = dgram.createSocket (socketOptions.transport);
+		const dgramMod = this.dgramModule;
+		const socket = dgramMod.createSocket (socketOptions.transport);
 		socket.on ("error", me.receiver.callback);
 		socket.bind (socketOptions.port, socketOptions.address);
 		socket.on ("message", me.callback.bind (me.receiver, socket));
@@ -3355,7 +3354,7 @@ var Receiver = function (options, callback) {
 	DEBUG |= options.debug;
 	this.authorizer = new Authorizer (options);
 	this.engine = new Engine ({
-		engineId: options.engineID
+		engineID: options.engineID
 	});
 
 	this.engineBoots = 0;
@@ -4874,7 +4873,7 @@ var Agent = function (options, callback, mib) {
 	DEBUG |= options.debug;
 	this.listener = new Listener (options, this);
 	this.engine = new Engine ({
-		engineId: options.engineID
+		engineID: options.engineID
 	});
 	this.authorizer = new Authorizer (options);
 	this.callback = callback || function () {};

package/package.json

@@ -1,19 +1,16 @@
 {
   "name": "net-snmp",
-  "version": "3.21.2",
+  "version": "3.23.0",
   "description": "JavaScript implementation of the Simple Network Management Protocol (SNMP)",
+  "author": "Mark Abrahams <mark@abrahams.co.nz>",
+  "license": "MIT",
   "main": "index.js",
   "directories": {
     "example": "example"
   },
-  "dependencies": {
-    "asn1-ber": "^1.2.1",
-    "smart-buffer": "^4.1.0"
-  },
-  "devDependencies": {
-    "eslint": "^9.9.1",
-    "getopts": "^2.3.0",
-    "mocha": "^11.0.1"
+  "scripts": {
+    "lint": "eslint . ./**/*.js",
+    "test": "node --openssl-legacy-provider ./node_modules/mocha/bin/mocha.js"
   },
   "contributors": [
     {
@@ -45,10 +42,13 @@
     "monitor",
     "monitoring"
   ],
-  "author": "Mark Abrahams <mark@abrahams.co.nz>",
-  "license": "MIT",
-  "scripts": {
-    "lint": "eslint . ./**/*.js",
-    "test": "./node_modules/mocha/bin/mocha.js"
+  "dependencies": {
+    "asn1-ber": "^1.2.1",
+    "smart-buffer": "^4.1.0"
+  },
+  "devDependencies": {
+    "eslint": "^9.9.1",
+    "getopts": "^2.3.0",
+    "mocha": "^11.0.1"
   }
 }

package/test/crypto.test.js

@@ -0,0 +1,384 @@
+const assert = require('assert');
+// crypto is used indirectly by Authentication and Encryption modules
+const snmp = require('../');
+const { SecurityLevel, AuthProtocols, PrivProtocols, Authentication, Encryption } = snmp;
+
+describe('SNMPv3 Authentication and Encryption', function () {
+    // Sample data for tests
+    const authPassword = 'test_auth_password';
+    const privPassword = 'test_priv_password';
+    const engineID = Buffer.from('8000B98380ABCDEF', 'hex');
+
+    // Test data that will be encrypted/authenticated
+    const testData = Buffer.from('Test data for SNMP authentication and privacy tests', 'utf8');
+
+    describe('Authentication', function () {
+        it('should support noAuthNoPriv security level', function () {
+            // noAuthNoPriv doesn't use authentication, verify this is handled appropriately
+            const user = {
+                name: 'noAuthUser',
+                level: SecurityLevel.noAuthNoPriv,
+            };
+
+            // No authentication should be required for this user
+            assert.strictEqual(user.level, SecurityLevel.noAuthNoPriv);
+            assert.strictEqual(user.authProtocol, undefined);
+            assert.strictEqual(user.authKey, undefined);
+        });
+
+        it('should support MD5 authentication protocol', function () {
+            // Generate authentication key using MD5
+            const authKey = Authentication.passwordToKey(AuthProtocols.md5, authPassword, engineID);
+
+            // Verify key length matches expected MD5 output length
+            assert.strictEqual(authKey.length, Authentication.algorithms[AuthProtocols.md5].KEY_LENGTH);
+
+            // Create a test digest
+            const digest = Authentication.calculateDigest(testData, AuthProtocols.md5, authPassword, engineID);
+
+            // Verify digest length
+            assert.strictEqual(digest.length, Authentication.algorithms[AuthProtocols.md5].AUTHENTICATION_CODE_LENGTH);
+
+            // Verify authentication works
+            const testBuffer = Buffer.concat([testData]);
+            const digestInMessage = Buffer.alloc(
+                Authentication.algorithms[AuthProtocols.md5].AUTHENTICATION_CODE_LENGTH
+            );
+            Authentication.writeParameters(testBuffer, AuthProtocols.md5, authPassword, engineID, digestInMessage);
+
+            assert.strictEqual(
+                Authentication.isAuthentic(testBuffer, AuthProtocols.md5, authPassword, engineID, digestInMessage),
+                true
+            );
+        });
+
+        it('should support SHA authentication protocol', function () {
+            // Generate authentication key using SHA
+            const authKey = Authentication.passwordToKey(AuthProtocols.sha, authPassword, engineID);
+
+            // Verify key length matches expected SHA output length
+            assert.strictEqual(authKey.length, Authentication.algorithms[AuthProtocols.sha].KEY_LENGTH);
+
+            // Create a test digest
+            const digest = Authentication.calculateDigest(testData, AuthProtocols.sha, authPassword, engineID);
+
+            // Verify digest length
+            assert.strictEqual(digest.length, Authentication.algorithms[AuthProtocols.sha].AUTHENTICATION_CODE_LENGTH);
+
+            // Verify authentication works
+            const testBuffer = Buffer.concat([testData]);
+            const digestInMessage = Buffer.alloc(
+                Authentication.algorithms[AuthProtocols.sha].AUTHENTICATION_CODE_LENGTH
+            );
+            Authentication.writeParameters(testBuffer, AuthProtocols.sha, authPassword, engineID, digestInMessage);
+
+            assert.strictEqual(
+                Authentication.isAuthentic(testBuffer, AuthProtocols.sha, authPassword, engineID, digestInMessage),
+                true
+            );
+        });
+
+        it('should support SHA-256 authentication protocol', function () {
+            // Generate authentication key using SHA-256
+            const authKey = Authentication.passwordToKey(AuthProtocols.sha256, authPassword, engineID);
+
+            // Verify key length matches expected SHA-256 output length
+            assert.strictEqual(authKey.length, Authentication.algorithms[AuthProtocols.sha256].KEY_LENGTH);
+
+            // Create a test digest
+            const digest = Authentication.calculateDigest(testData, AuthProtocols.sha256, authPassword, engineID);
+
+            // Verify digest length
+            assert.strictEqual(
+                digest.length,
+                Authentication.algorithms[AuthProtocols.sha256].AUTHENTICATION_CODE_LENGTH
+            );
+
+            // Verify authentication works
+            const testBuffer = Buffer.concat([testData]);
+            const digestInMessage = Buffer.alloc(
+                Authentication.algorithms[AuthProtocols.sha256].AUTHENTICATION_CODE_LENGTH
+            );
+            Authentication.writeParameters(testBuffer, AuthProtocols.sha256, authPassword, engineID, digestInMessage);
+
+            assert.strictEqual(
+                Authentication.isAuthentic(testBuffer, AuthProtocols.sha256, authPassword, engineID, digestInMessage),
+                true
+            );
+        });
+
+        it('should support SHA-512 authentication protocol', function () {
+            // Generate authentication key using SHA-512
+            const authKey = Authentication.passwordToKey(AuthProtocols.sha512, authPassword, engineID);
+
+            // Verify key length matches expected SHA-512 output length
+            assert.strictEqual(authKey.length, Authentication.algorithms[AuthProtocols.sha512].KEY_LENGTH);
+
+            // Create a test digest
+            const digest = Authentication.calculateDigest(testData, AuthProtocols.sha512, authPassword, engineID);
+
+            // Verify digest length
+            assert.strictEqual(
+                digest.length,
+                Authentication.algorithms[AuthProtocols.sha512].AUTHENTICATION_CODE_LENGTH
+            );
+
+            // Verify authentication works
+            const testBuffer = Buffer.concat([testData]);
+            const digestInMessage = Buffer.alloc(
+                Authentication.algorithms[AuthProtocols.sha512].AUTHENTICATION_CODE_LENGTH
+            );
+            Authentication.writeParameters(testBuffer, AuthProtocols.sha512, authPassword, engineID, digestInMessage);
+
+            assert.strictEqual(
+                Authentication.isAuthentic(testBuffer, AuthProtocols.sha512, authPassword, engineID, digestInMessage),
+                true
+            );
+        });
+    });
+
+    describe('Encryption', function () {
+        // Create a mock engine for encryption tests
+        const engine = {
+            engineID: engineID,
+            engineBoots: 1,
+            engineTime: 123,
+        };
+
+        it('should support DES encryption protocol', function () {
+            // Test DES encryption/decryption with SHA authentication
+            const authProtocol = AuthProtocols.sha;
+            const privProtocol = PrivProtocols.des;
+
+            // Encrypt the test data
+            const { encryptedPdu, msgPrivacyParameters } = Encryption.encryptPdu(
+                privProtocol,
+                testData,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify encryption was done (output should be different from input)
+            assert.notDeepStrictEqual(encryptedPdu, testData);
+
+            // Decrypt the data
+            const decryptedPdu = Encryption.decryptPdu(
+                privProtocol,
+                encryptedPdu,
+                msgPrivacyParameters,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify decryption works
+            assert.deepStrictEqual(decryptedPdu.slice(0, testData.length), testData);
+        });
+
+        it('should support AES encryption protocol', function () {
+            // Test AES encryption/decryption with SHA authentication
+            const authProtocol = AuthProtocols.sha;
+            const privProtocol = PrivProtocols.aes;
+
+            // Encrypt the test data
+            const { encryptedPdu, msgPrivacyParameters } = Encryption.encryptPdu(
+                privProtocol,
+                testData,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify encryption was done (output should be different from input)
+            assert.notDeepStrictEqual(encryptedPdu, testData);
+
+            // Decrypt the data
+            const decryptedPdu = Encryption.decryptPdu(
+                privProtocol,
+                encryptedPdu,
+                msgPrivacyParameters,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify decryption works
+            assert.deepStrictEqual(decryptedPdu.slice(0, testData.length), testData);
+        });
+
+        it('should support AES-256b (Blumenthal) encryption protocol', function () {
+            // Test AES-256 Blumenthal encryption/decryption with SHA authentication
+            const authProtocol = AuthProtocols.sha;
+            const privProtocol = PrivProtocols.aes256b;
+
+            // Encrypt the test data
+            const { encryptedPdu, msgPrivacyParameters } = Encryption.encryptPdu(
+                privProtocol,
+                testData,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify encryption was done (output should be different from input)
+            assert.notDeepStrictEqual(encryptedPdu, testData);
+
+            // Decrypt the data
+            const decryptedPdu = Encryption.decryptPdu(
+                privProtocol,
+                encryptedPdu,
+                msgPrivacyParameters,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify decryption works
+            assert.deepStrictEqual(decryptedPdu.slice(0, testData.length), testData);
+        });
+
+        it('should support AES-256r (Reeder) encryption protocol', function () {
+            // Test AES-256 Reeder encryption/decryption with SHA authentication
+            const authProtocol = AuthProtocols.sha;
+            const privProtocol = PrivProtocols.aes256r;
+
+            // Encrypt the test data
+            const { encryptedPdu, msgPrivacyParameters } = Encryption.encryptPdu(
+                privProtocol,
+                testData,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify encryption was done (output should be different from input)
+            assert.notDeepStrictEqual(encryptedPdu, testData);
+
+            // Decrypt the data
+            const decryptedPdu = Encryption.decryptPdu(
+                privProtocol,
+                encryptedPdu,
+                msgPrivacyParameters,
+                privPassword,
+                authProtocol,
+                engine
+            );
+
+            // Verify decryption works
+            assert.deepStrictEqual(decryptedPdu.slice(0, testData.length), testData);
+        });
+    });
+
+    describe('SecurityLevel combinations', function () {
+        it('should support authNoPriv security level', function () {
+            // Create a user with authentication but no privacy
+            const user = {
+                name: 'authNoPrivUser',
+                level: SecurityLevel.authNoPriv,
+                authProtocol: AuthProtocols.sha,
+                authKey: 'authPassword',
+            };
+
+            assert.strictEqual(user.level, SecurityLevel.authNoPriv);
+            assert.strictEqual(user.authProtocol, AuthProtocols.sha);
+            assert.strictEqual(user.authKey, 'authPassword');
+            assert.strictEqual(user.privProtocol, undefined);
+            assert.strictEqual(user.privKey, undefined);
+        });
+
+        it('should support authPriv security level', function () {
+            // Create a user with authentication and privacy
+            const user = {
+                name: 'authPrivUser',
+                level: SecurityLevel.authPriv,
+                authProtocol: AuthProtocols.sha256,
+                authKey: 'authPassword',
+                privProtocol: PrivProtocols.aes,
+                privKey: 'privPassword',
+            };
+
+            assert.strictEqual(user.level, SecurityLevel.authPriv);
+            assert.strictEqual(user.authProtocol, AuthProtocols.sha256);
+            assert.strictEqual(user.authKey, 'authPassword');
+            assert.strictEqual(user.privProtocol, PrivProtocols.aes);
+            assert.strictEqual(user.privKey, 'privPassword');
+        });
+
+        it('should validate all required parameters are provided for each security level', function () {
+            // noAuthNoPriv only requires username and level
+            const user1 = {
+                name: 'user1',
+                level: SecurityLevel.noAuthNoPriv,
+            };
+
+            // authNoPriv requires authentication parameters
+            const user2 = {
+                name: 'user2',
+                level: SecurityLevel.authNoPriv,
+                authProtocol: AuthProtocols.sha,
+                authKey: 'authPassword',
+            };
+
+            // authPriv requires both authentication and privacy parameters
+            const user3 = {
+                name: 'user3',
+                level: SecurityLevel.authPriv,
+                authProtocol: AuthProtocols.sha,
+                authKey: 'authPassword',
+                privProtocol: PrivProtocols.aes,
+                privKey: 'privPassword',
+            };
+
+            // This function would typically be part of parameter validation
+            function validateUser(user) {
+                if (user.level === SecurityLevel.authNoPriv || user.level === SecurityLevel.authPriv) {
+                    assert.ok(user.authProtocol, 'authProtocol required for this security level');
+                    assert.ok(user.authKey, 'authKey required for this security level');
+                }
+
+                if (user.level === SecurityLevel.authPriv) {
+                    assert.ok(user.privProtocol, 'privProtocol required for this security level');
+                    assert.ok(user.privKey, 'privKey required for this security level');
+                }
+
+                return true;
+            }
+
+            assert.strictEqual(validateUser(user1), true);
+            assert.strictEqual(validateUser(user2), true);
+            assert.strictEqual(validateUser(user3), true);
+        });
+    });
+
+    describe('Custom engineID handling', function () {
+        it('should correctly use engineID parameter', function () {
+            // This test verifies the fix for issue #283
+            // Create a session with default settings (no engineID)
+            const defaultSession = new snmp.Session({
+                host: 'example.org',
+                version: snmp.Version3
+            });
+            
+            // Default session should have an engineID of expected format (17 bytes)
+            assert.strictEqual(defaultSession.engine.engineID.length, 17);
+            
+            // Convert to hex string for easier inspection
+            const defaultEngineIDHex = defaultSession.engine.engineID.toString('hex');
+            // First 5 bytes should match the standard format 8000B98380
+            assert.strictEqual(defaultEngineIDHex.substring(0, 10), '8000b98380');
+            
+            // Create a second session - should generate a different random engineID
+            const anotherDefaultSession = new snmp.Session({
+                host: 'example.org',
+                version: snmp.Version3
+            });
+            
+            // The two sessions should have different engineIDs (random part differs)
+            assert.notStrictEqual(
+                defaultSession.engine.engineID.toString('hex'),
+                anotherDefaultSession.engine.engineID.toString('hex')
+            );
+        });
+    });
+});

package/test/dgram-module.test.js

@@ -0,0 +1,71 @@
+const assert = require('assert');
+const snmp = require('../');
+
+describe('Custom dgram module support', function () {
+	it('should use custom dgram module in Session', function (done) {
+		let createSocketCalled = false;
+		const mockDgram = {
+			createSocket: function (transport) {
+				createSocketCalled = true;
+				assert.equal(transport, 'udp4');
+				
+				// Return a mock socket
+				return {
+					unref: function () {},
+					on: function () {},
+					bind: function () {},
+					close: function () {}
+				};
+			}
+		};
+
+		const session = snmp.createSession('127.0.0.1', 'public', {
+			dgramModule: mockDgram
+		});
+
+		assert(createSocketCalled, 'Custom dgram module createSocket should have been called');
+		session.close();
+		done();
+	});
+
+	it('should use custom dgram module in Receiver', function (done) {
+		let createSocketCalled = false;
+		const mockDgram = {
+			createSocket: function (transport) {
+				createSocketCalled = true;
+				assert.equal(transport, 'udp4');
+				
+				// Return a mock socket
+				return {
+					on: function () {},
+					bind: function () {},
+					close: function () {},
+					address: function () {
+						return { address: '127.0.0.1', family: 'IPv4', port: 162 };
+					}
+				};
+			}
+		};
+
+		const receiver = snmp.createReceiver({
+			dgramModule: mockDgram,
+			port: 1162
+		}, function () {});
+
+		assert(createSocketCalled, 'Custom dgram module createSocket should have been called');
+		receiver.close();
+		done();
+	});
+
+	it('should fallback to default dgram when no custom module provided', function (done) {
+		// This should not throw an error
+		const session = snmp.createSession('127.0.0.1', 'public', {
+			// No dgramModule specified
+		});
+
+		// Session should be created successfully
+		assert(session);
+		session.close();
+		done();
+	});
+});

package/test/transport-option.test.js

@@ -0,0 +1,53 @@
+const assert = require('assert');
+const snmp = require('../index.js');
+
+describe('Transport Option Handling in createV3Session', function() {
+    const user = {
+        name: "testuser",
+        level: snmp.SecurityLevel.noAuthNoPriv
+    };
+
+    afterEach(function() {
+        // Clean up any open sessions
+        // Note: sessions are closed in individual tests
+    });
+
+    it('should use default transport when not specified', function() {
+        const session = snmp.createV3Session("127.0.0.1", user);
+        assert.strictEqual(session.transport, "udp4");
+        session.close();
+    });
+
+    it('should use default transport when options is empty object', function() {
+        const session = snmp.createV3Session("127.0.0.1", user, {});
+        assert.strictEqual(session.transport, "udp4");
+        session.close();
+    });
+
+    it('should preserve explicit udp4 transport', function() {
+        const session = snmp.createV3Session("127.0.0.1", user, { transport: "udp4" });
+        assert.strictEqual(session.transport, "udp4");
+        session.close();
+    });
+
+    it('should preserve udp6 transport', function() {
+        const session = snmp.createV3Session("127.0.0.1", user, { transport: "udp6" });
+        assert.strictEqual(session.transport, "udp6");
+        session.close();
+    });
+
+    it('should handle null transport by using default', function() {
+        const session = snmp.createV3Session("127.0.0.1", user, { transport: null });
+        assert.strictEqual(session.transport, "udp4");
+        session.close();
+    });
+
+    it('should preserve invalid transport values (let Node.js validate)', function() {
+        assert.throws(function() {
+            snmp.createV3Session("127.0.0.1", user, { transport: "invalid" });
+        }, function(err) {
+            return err.code === 'ERR_SOCKET_BAD_TYPE';
+        });
+    });
+
+});