X-Git-Url: https://git.verplant.org/?a=blobdiff_plain;f=src%2Fnetwork.c;h=51c07573567dff4afb1b3f7953ad97db35509791;hb=f876292e5ce4be40ab5b031b2bcfb347f00da1f8;hp=1b560c4721750a2be34a221a2d9fd374dfe2a896;hpb=f8e1e81d433c5b4e06792c2617abf0e6ec9e76d9;p=collectd.git

diff --git a/src/network.c b/src/network.c
index 1b560c47..51c07573 100644
--- a/src/network.c
+++ b/src/network.c
@@ -29,7 +29,6 @@
 
 #include "plugin.h"
 #include "common.h"
-#include "configfile.h"
 #include "utils_fbhash.h"
 #include "utils_cache.h"
 #include "utils_complain.h"
@@ -490,7 +489,7 @@ static int network_dispatch_notification (notification_t *n) /* {{{ */
 } /* }}} int network_dispatch_notification */
 
 #if HAVE_LIBGCRYPT
-static void network_init_gcrypt (void) /* {{{ */
+static int network_init_gcrypt (void) /* {{{ */
 {
   gcry_error_t err;
 
@@ -498,7 +497,7 @@ static void network_init_gcrypt (void) /* {{{ */
    * Because you can't know in a library whether another library has
    * already initialized the library */
   if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
-    return;
+    return (0);
 
  /* http://www.gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
   * To ensure thread-safety, it's important to set GCRYCTL_SET_THREAD_CBS
@@ -512,7 +511,7 @@ static void network_init_gcrypt (void) /* {{{ */
   if (err)
   {
     ERROR ("network plugin: gcry_control (GCRYCTL_SET_THREAD_CBS) failed: %s", gcry_strerror (err));
-    abort ();
+    return (-1);
   }
 # endif
 
@@ -522,11 +521,12 @@ static void network_init_gcrypt (void) /* {{{ */
   if (err)
   {
     ERROR ("network plugin: gcry_control (GCRYCTL_INIT_SECMEM) failed: %s", gcry_strerror (err));
-    abort ();
+    return (-1);
   }
 
   gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
-} /* }}} void network_init_gcrypt */
+  return (0);
+} /* }}} int network_init_gcrypt */
 
 static gcry_cipher_hd_t network_get_aes256_cypher (sockent_t *se, /* {{{ */
     const void *iv, size_t iv_size, const char *username)
@@ -1148,7 +1148,7 @@ static int parse_part_sign_sha256 (sockent_t *se, /* {{{ */
   if (memcmp (pss.hash, hash, sizeof (pss.hash)) != 0)
   {
     WARNING ("network plugin: Verifying HMAC-SHA-256 signature failed: "
-        "Hash mismatch.");
+        "Hash mismatch. Username: %s", pss.username);
   }
   else
   {
@@ -1283,6 +1283,7 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
       pea.username);
   if (cypher == NULL)
   {
+    ERROR ("network plugin: Failed to get cypher. Username: %s", pea.username);
     sfree (pea.username);
     return (-1);
   }
@@ -1298,8 +1299,8 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
   if (err != 0)
   {
     sfree (pea.username);
-    ERROR ("network plugin: gcry_cipher_decrypt returned: %s",
-        gcry_strerror (err));
+    ERROR ("network plugin: gcry_cipher_decrypt returned: %s. Username: %s",
+        gcry_strerror (err), pea.username);
     return (-1);
   }
 
@@ -1315,8 +1316,8 @@ static int parse_part_encr_aes256 (sockent_t *se, /* {{{ */
       buffer + buffer_offset, payload_len);
   if (memcmp (hash, pea.hash, sizeof (hash)) != 0)
   {
+    ERROR ("network plugin: Checksum mismatch. Username: %s", pea.username);
     sfree (pea.username);
-    ERROR ("network plugin: Decryption failed: Checksum mismatch.");
     return (-1);
   }
 
@@ -1395,7 +1396,7 @@ static int parse_packet (sockent_t *se, /* {{{ */
 
 #if HAVE_LIBGCRYPT
 	int packet_was_signed = (flags & PP_SIGNED);
-        int packet_was_encrypted = (flags & PP_ENCRYPTED);
+	int packet_was_encrypted = (flags & PP_ENCRYPTED);
 	int printed_ignore_warning = 0;
 #endif /* HAVE_LIBGCRYPT */
 
@@ -2061,7 +2062,12 @@ static int sockent_init_crypto (sockent_t *se) /* {{{ */
 	{
 		if (se->data.client.security_level > SECURITY_LEVEL_NONE)
 		{
-			network_init_gcrypt ();
+			if (network_init_gcrypt () < 0)
+			{
+				ERROR ("network plugin: Cannot configure client socket with "
+						"security: Failed to initialize crypto library.");
+				return (-1);
+			}
 
 			if ((se->data.client.username == NULL)
 					|| (se->data.client.password == NULL))
@@ -2081,7 +2087,12 @@ static int sockent_init_crypto (sockent_t *se) /* {{{ */
 	{
 		if (se->data.server.security_level > SECURITY_LEVEL_NONE)
 		{
-			network_init_gcrypt ();
+			if (network_init_gcrypt () < 0)
+			{
+				ERROR ("network plugin: Cannot configure server socket with "
+						"security: Failed to initialize crypto library.");
+				return (-1);
+			}
 
 			if (se->data.server.auth_file == NULL)
 			{
@@ -2880,6 +2891,11 @@ static int network_write (const data_set_t *ds, const value_list_t *vl,
 {
 	int status;
 
+	/* listen_loop is set to non-zero in the shutdown callback, which is
+	 * guaranteed to be called *after* all the write threads have been shut
+	 * down. */
+	assert (listen_loop == 0);
+
 	if (!check_send_okay (vl))
 	{
 #if COLLECT_DEBUG
@@ -3434,7 +3450,11 @@ static int network_init (void)
 	have_init = 1;
 
 #if HAVE_LIBGCRYPT
-	network_init_gcrypt ();
+	if (network_init_gcrypt () < 0)
+	{
+		ERROR ("network plugin: Failed to initialize crypto library.");
+		return (-1);
+	}
 #endif
 
 	if (network_config_stats)