Set the security you require for network communication. When the security level
has been set to B<Encrypt>, data sent over the network will be encrypted using
-I<AES-256> and only encrypted data will be accepted when receiving. When set to
-B<Sign>, transmitted data is signed using I<SHA-256> and only signed and
-encrypted data is accepted when receiving. When set to B<None>, data is sent
-without any security and all data is accepted when receiving.
+I<AES-256> and only encrypted data will be accepted when receiving. The
+integrity of encrypted packets is ensures using I<SHA-1>. When set to B<Sign>,
+transmitted data is signed using the I<HMAC-SHA-256> message authentication
+code and only signed and encrypted data is accepted when receiving. When set to
+B<None>, data is sent without any security and all data is accepted when
+receiving.
This feature is only available if the I<network> plugin was linked with
I<libgcrypt>.
err = gcry_md_open (&hd, GCRY_MD_SHA256, GCRY_MD_FLAG_HMAC);
if (err != 0)
{
- ERROR ("network plugin: Creating HMAC object failed: %s",
+ ERROR ("network plugin: Creating HMAC-SHA-256 object failed: %s",
gcry_strerror (err));
return (-1);
}
status = parse_part_sign_sha256 (se, &buffer, &buffer_len);
if (status < 0)
{
- ERROR ("network plugin: Verifying SHA-256 "
+ ERROR ("network plugin: Verifying HMAC-SHA-256 "
"signature failed "
"with status %i.", status);
break;
else if (status > 0)
{
ERROR ("network plugin: Ignoring packet with "
- "invalid SHA-256 signature.");
+ "invalid HMAC-SHA-256 signature.");
break;
}
else
projects / collectd.git / commitdiff