Greetings~ I haven't submitted a bug report yet as I'm not sure if this is a problem with my setup. I would like to monitor the system performance of multiple machines with a central collectd server. I was very happy to see that collectd supports encrypted network traffic. I setup the network plugin with encryption per the instructions on the collectd website. When I start collectd on the server, I see a normal startup. When I start a client, I see the following in /var/log/messages:
"collectd[PID]: Libgcrypt warning: missing initialization - please fix the application" On the server, I see repeated entries reading: "collectd[PID]: network plugin: Decrypting AES256 part failed with status -1. collectd[PID]: network plugin: Decryption failed: Checksum mismatch." I've tried this on RHEL 6.2 & CentOS 5.7 using the collectd 4.10.3-1 RPMs from the EPEL repos and a hand compiled version of collectd 5.0.2. I tried this with libgcrypt-1.4.4 on CentOS 5.7, libgcrypt-1.4.5 on RHEL 6.2, and I hand compiled libgcrypt-1.5.0 (latest) for both. All versions returned the same result. Configurations for client & server at the bottom of the messages. Documentation for gcrypt here: http://gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html#Initializing-the-librarysays that gcrypt must be initialized with "gcry_check_version" before it can be used. The AIDE bugtracker has some discussion about this same issue: http://sourceforge.net/tracker/?func=detail&aid=2763470&group_id=86976&atid=581579 . I grep'd through the source but was unable to find such a line. I did some minimal testing to add such a function to network.c to see if I could force an initialization but not knowing the source very well, I was unable to find the spot in the control flow where this should go. My understanding from the gnupg documentation is that a gcry_version_check() call is requried before any libgcrypt work is done and without delving deeper into collectd's code, I don't know where that first call is made. I'm hoping someone with a deeper, current understanding of collectd either knows where this should go or knows what mistake I've made to produce these errors. #Client /etc/collectd.conf: #----------- LoadPlugin network <Plugin network> <Server "192.168.1.2"> SecurityLevel "Encrypt" Username "user0" Password "password0" </Server> </Plugin> #--------------- #Server /etc/collectd.conf: #-------------- <Plugin network> <Listen "192.168.1.2"> SecurityLevel "Encrypt" AuthFile "/etc/collectd_authfile.conf" Interface "eth0" </Listen> </Plugin> #---------------- #Server /etc/collectd_authfile.conf: #---------------- user0: password0 #----------------
_______________________________________________ collectd mailing list [email protected] http://mailman.verplant.org/listinfo/collectd
