Commits
Andris Mednis authored a3ababc6138M
A.FGI..PS. [ZBXNEXT-1263] fixed number of bugs in encryption support Before this change: - minimum PSK length was not enforced, - both TLSConnect and TLSAccept were required in agent configuration if encryption was used even for fully passive or fully active agent, - long network error messages were truncated, - too general error messages when OpenSSL did not accept peer certificate, - potential crash in DCsync_hosts() in case of "impossible" conditions. After this change: - minimum PSK length is 128-bits, - TLSConnect is ignored in a fully passive agent and TLSAccept is ignored in a fully active agent, - increaed buffer length for reporting network socket errors, - more detailed error messages when OpenSSL does not accept peer certificate, - fixed bug in handling "impossible" conditions in DCsync_hosts().
Showing diff to2a16482b125