network plugin: Talk about “HMAC-SHA-256” in the documentation and error messages.

author Florian Forster <octo@leeloo.lan.home.verplant.org>

Sat, 11 Apr 2009 14:59:46 +0000 (16:59 +0200)

committer Florian Forster <octo@leeloo.lan.home.verplant.org>

Sat, 11 Apr 2009 14:59:46 +0000 (16:59 +0200)
author Florian Forster <octo@leeloo.lan.home.verplant.org>
Sat, 11 Apr 2009 14:59:46 +0000 (16:59 +0200)
committer Florian Forster <octo@leeloo.lan.home.verplant.org>
Sat, 11 Apr 2009 14:59:46 +0000 (16:59 +0200)
diff --git a/src/collectd.conf.pod b/src/collectd.conf.pod

index 581da28541db82e41b4cc71ee1dd572a918587cb..b335488c08a869d3f8eba6d2957fa53d105763f6 100644 (file)
--- a/src/collectd.conf.pod
+++ b/src/collectd.conf.pod
@@ -1596,10 +1596,12 @@ B<E<lt>ListenE<gt>> blocks:
  
  Set the security you require for network communication. When the security level
  has been set to B<Encrypt>, data sent over the network will be encrypted using
-I<AES-256> and only encrypted data will be accepted when receiving. When set to
-B<Sign>, transmitted data is signed using I<SHA-256> and only signed and
-encrypted data is accepted when receiving. When set to B<None>, data is sent
-without any security and all data is accepted when receiving.
+I<AES-256> and only encrypted data will be accepted when receiving. The
+integrity of encrypted packets is ensures using I<SHA-1>. When set to B<Sign>,
+transmitted data is signed using the I<HMAC-SHA-256> message authentication
+code and only signed and encrypted data is accepted when receiving. When set to
+B<None>, data is sent without any security and all data is accepted when
+receiving.
  
  This feature is only available if the I<network> plugin was linked with
  I<libgcrypt>.
diff --git a/src/network.c b/src/network.c

index 920b891342f56bfe954177204fe52e767cd0593d..ca63e9653f8dfb73d44671be7dc737f07710f69a 100644 (file)
--- a/src/network.c
+++ b/src/network.c
@@ -761,7 +761,7 @@ static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
    err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
    if (err != 0)
    {
-    ERROR ("network plugin: Creating HMAC object failed: %s",
+    ERROR ("network plugin: Creating HMAC-SHA-256 object failed: %s",
          gcry_strerror (err));
      return (-1);
    }
@@ -1030,7 +1030,7 @@ static int parse_packet (receive_list_entry_t *rle) /* {{{ */
                         status = parse_part_sign_sha256 (se, &buffer, &buffer_len);
                         if (status < 0)
                         {
-                               ERROR ("network plugin: Verifying SHA-256 "
+                               ERROR ("network plugin: Verifying HMAC-SHA-256 "
                                                 "signature failed "
                                                 "with status %i.", status);
                                 break;
@@ -1038,7 +1038,7 @@ static int parse_packet (receive_list_entry_t *rle) /* {{{ */
                         else if (status > 0)
                         {
                                 ERROR ("network plugin: Ignoring packet with "
-                                               "invalid SHA-256 signature.");
+                                               "invalid HMAC-SHA-256 signature.");
                                 break;
                         }
                         else
author	Florian Forster <octo@leeloo.lan.home.verplant.org>
	Sat, 11 Apr 2009 14:59:46 +0000 (16:59 +0200)
committer	Florian Forster <octo@leeloo.lan.home.verplant.org>
	Sat, 11 Apr 2009 14:59:46 +0000 (16:59 +0200)
src/collectd.conf.pod		patch \| blob \| history
src/network.c		patch \| blob \| history