From: Pavel Rochnyack Date: Tue, 31 May 2016 08:21:53 +0000 (+0600) Subject: network plugin: Improved error logging on decrypt error (wrong/missing username/password) X-Git-Tag: collectd-5.6.0~93 X-Git-Url: https://git.octo.it/?p=collectd.git;a=commitdiff_plain;h=3e2272cea52a2dace364c82fbcfeecf9dd9fbd34 network plugin: Improved error logging on decrypt error (wrong/missing username/password) --- diff --git a/src/network.c b/src/network.c index 58ddb225..46ec059f 100644 --- a/src/network.c +++ b/src/network.c @@ -1233,8 +1233,8 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */ /* Make sure at least the header if available. */ if (buffer_len <= PART_ENCRYPTION_AES256_SIZE) { - NOTICE ("network plugin: parse_part_encr_aes256: " - "Discarding short packet."); + ERROR ("network plugin: Decryption failed: " + "Discarding short packet."); return (-1); } @@ -1249,8 +1249,8 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */ if ((part_size <= PART_ENCRYPTION_AES256_SIZE) || (part_size > buffer_len)) { - NOTICE ("network plugin: parse_part_encr_aes256: " - "Discarding part with invalid size."); + ERROR ("network plugin: Decryption failed: " + "Discarding part with invalid size."); return (-1); } @@ -1261,15 +1261,19 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */ if ((username_len == 0) || (username_len > (part_size - (PART_ENCRYPTION_AES256_SIZE + 1)))) { - NOTICE ("network plugin: parse_part_encr_aes256: " - "Discarding part with invalid username length."); + ERROR ("network plugin: Decryption failed: " + "Discarding part with invalid username length."); return (-1); } assert (username_len > 0); pea.username = malloc (username_len + 1); if (pea.username == NULL) + { + ERROR ("network plugin: Decryption failed: " + "malloc() failed."); return (-ENOMEM); + } BUFFER_READ (pea.username, username_len); pea.username[username_len] = 0; @@ -1284,6 +1288,8 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */ pea.username); if (cypher == NULL) { + ERROR ("network plugin: Decryption failed: " + "Failed to get cypher. Username: %s", pea.username); sfree (pea.username); return (-1); } @@ -1299,8 +1305,8 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */ if (err != 0) { sfree (pea.username); - ERROR ("network plugin: gcry_cipher_decrypt returned: %s", - gcry_strerror (err)); + ERROR ("network plugin: gcry_cipher_decrypt returned: %s. Username: %s", + gcry_strerror (err), pea.username); return (-1); } @@ -1316,8 +1322,9 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */ buffer + buffer_offset, payload_len); if (memcmp (hash, pea.hash, sizeof (hash)) != 0) { + ERROR ("network plugin: Decryption failed: " + "Checksum mismatch. Username: %s", pea.username); sfree (pea.username); - ERROR ("network plugin: Decryption failed: Checksum mismatch."); return (-1); } @@ -1396,7 +1403,7 @@ static int parse_packet (sockent_t *se, /* {{{ */ #if HAVE_LIBGCRYPT int packet_was_signed = (flags & PP_SIGNED); - int packet_was_encrypted = (flags & PP_ENCRYPTED); + int packet_was_encrypted = (flags & PP_ENCRYPTED); int printed_ignore_warning = 0; #endif /* HAVE_LIBGCRYPT */ @@ -1431,12 +1438,7 @@ static int parse_packet (sockent_t *se, /* {{{ */ status = parse_part_encr_aes256 (se, &buffer, &buffer_size, flags); if (status != 0) - { - ERROR ("network plugin: Decrypting AES256 " - "part failed " - "with status %i.", status); break; - } } #if HAVE_LIBGCRYPT else if ((se->data.server.security_level == SECURITY_LEVEL_ENCRYPT)