You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In my configuration I don't enable any crypto for the Network plugin:
<Plugin network>
Server "10.0.1.21" "8096"
</Plugin>
As such, I expect libgcrypt to not be initialized at all.
Actual behavior
It appears that despite my config libgcrypt is still being initialized. This was discovered because I ran into issue #1870 which was causing collectd to crash.
Steps to reproduce
Configure collectd's network plugin as above
Start collectd, notice that libgcrypt is initialized
I can confirm that network_init_gcrypt() is called unconditionally from network_init(). I think this call can be removed, because gcrypt is (conditionally) initialized during the configuration phase:
Both, network_config_add_listen() and network_config_add_server() unconditionally call sockent_init_crypto().
sockent_init_crypto() calls network_init_gcrypt() only if the socket has security enabled.
The call in network_init() only has any effect, if a server is configured with:
SecurityLevel none
AuthFile "/some/path"
This config does not require clients to encrypt packets, but makes it possible to decrypt packets.
I think we can do the following change:
Call network_gcrypt_init() from sockent_init_crypto() when a server socket has a non-NULL auth_file (instead of looking at the security level setting). There is a separate check that complains if auth_file is NULL and the security level is not NONE.
Remove the network_gcrypt_init() call from network_init().
Expected behavior
In my configuration I don't enable any crypto for the Network plugin:
As such, I expect libgcrypt to not be initialized at all.
Actual behavior
It appears that despite my config libgcrypt is still being initialized. This was discovered because I ran into issue #1870 which was causing collectd to crash.
Steps to reproduce
For more context, see @rubenk's comment here: #1870 (comment)
The text was updated successfully, but these errors were encountered: