#include "plugin.h"
#include "common.h"
-#include "configfile.h"
#include "utils_fbhash.h"
#include "utils_cache.h"
#include "utils_complain.h"
if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
{
WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
- "Hash mismatch.");
+ "Hash mismatch. Username: %s", pss.username);
}
else
{
/* Make sure at least the header if available. */
if (buffer_len <= PART_ENCRYPTION_AES256_SIZE)
{
- ERROR ("network plugin: Decryption failed: "
- "Discarding short packet.");
+ NOTICE ("network plugin: parse_part_encr_aes256: "
+ "Discarding short packet.");
return (-1);
}
if ((part_size <= PART_ENCRYPTION_AES256_SIZE)
|| (part_size > buffer_len))
{
- ERROR ("network plugin: Decryption failed: "
- "Discarding part with invalid size.");
+ NOTICE ("network plugin: parse_part_encr_aes256: "
+ "Discarding part with invalid size.");
return (-1);
}
if ((username_len == 0)
|| (username_len > (part_size - (PART_ENCRYPTION_AES256_SIZE + 1))))
{
- ERROR ("network plugin: Decryption failed: "
- "Discarding part with invalid username length.");
+ NOTICE ("network plugin: parse_part_encr_aes256: "
+ "Discarding part with invalid username length.");
return (-1);
}
assert (username_len > 0);
pea.username = malloc (username_len + 1);
if (pea.username == NULL)
- {
- ERROR ("network plugin: Decryption failed: "
- "malloc() failed.");
return (-ENOMEM);
- }
BUFFER_READ (pea.username, username_len);
pea.username[username_len] = 0;
pea.username);
if (cypher == NULL)
{
- ERROR ("network plugin: Decryption failed: "
- "Failed to get cypher. Username: %s", pea.username);
+ ERROR ("network plugin: Failed to get cypher. Username: %s", pea.username);
sfree (pea.username);
return (-1);
}
buffer + buffer_offset, payload_len);
if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
{
- ERROR ("network plugin: Decryption failed: "
- "Checksum mismatch. Username: %s", pea.username);
+ ERROR ("network plugin: Checksum mismatch. Username: %s", pea.username);
sfree (pea.username);
return (-1);
}
status = parse_part_encr_aes256 (se,
&buffer, &buffer_size, flags);
if (status != 0)
+ {
+ ERROR ("network plugin: Decrypting AES256 "
+ "part failed "
+ "with status %i.", status);
break;
+ }
}
#if HAVE_LIBGCRYPT
else if ((se->data.server.security_level == SECURITY_LEVEL_ENCRYPT)
}
else /* (se->type == SOCKENT_TYPE_SERVER) */
{
- if (se->data.server.security_level > SECURITY_LEVEL_NONE)
+ if ((se->data.server.security_level > SECURITY_LEVEL_NONE)
+ && (se->data.server.auth_file == NULL))
+ {
+ ERROR ("network plugin: Server socket with security requested, "
+ "but no \"AuthFile\" is configured.");
+ return (-1);
+ }
+ if (se->data.server.auth_file != NULL)
{
if (network_init_gcrypt () < 0)
{
- ERROR ("network plugin: Cannot configure server socket with "
- "security: Failed to initialize crypto library.");
+ ERROR ("network plugin: Cannot configure server socket with security: "
+ "Failed to initialize crypto library.");
return (-1);
}
- if (se->data.server.auth_file == NULL)
- {
- ERROR ("network plugin: Server socket with "
- "security requested, but no "
- "password file is configured.");
- return (-1);
- }
- }
- if (se->data.server.auth_file != NULL)
- {
se->data.server.userdb = fbh_create (se->data.server.auth_file);
if (se->data.server.userdb == NULL)
{
- ERROR ("network plugin: Reading password file "
- "`%s' failed.",
+ ERROR ("network plugin: Reading password file \"%s\" failed.",
se->data.server.auth_file);
- if (se->data.server.security_level > SECURITY_LEVEL_NONE)
- return (-1);
+ return (-1);
}
}
}
return (0);
have_init = 1;
-#if HAVE_LIBGCRYPT
- if (network_init_gcrypt () < 0)
- {
- ERROR ("network plugin: Failed to initialize crypto library.");
- return (-1);
- }
-#endif
-
if (network_config_stats)
plugin_register_read ("network", network_stats_read);