rsyslog/rsyslog
1
0
Fork 0
mirror of https://github.com/rsyslog/rsyslog.git synced 2025-12-19 23:10:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,796 Commits 67 Branches 505 Tags
Commit Graph

1796 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rainer Gerhards
492fb2ffe2 changed config directive name to reflect different use 
$ActionSendStreamDriverCertFingerprint is now
$ActionSendStreamDriverPermittedPeer and can be used both for
fingerprint and name authentication (similar to the input side)
 2008-05-22 18:58:04 +02:00
Rainer Gerhards
57b2032235 added x509/name authentication (so far based on dnsName only) 2008-05-22 18:48:09 +02:00
Rainer Gerhards
0b2e858a42 added code to pull the subjectAltName - dNSName 2008-05-21 18:18:20 +02:00
Rainer Gerhards
8c927a854e fixed invalid prototype 2008-05-21 18:04:54 +02:00
Rainer Gerhards
68a2c3d512 implemented x509/certvalid "authentication" 2008-05-21 14:59:24 +02:00
Rainer Gerhards
8cb6ec4cee added some forgotten doc 2008-05-21 11:45:40 +02:00
Rainer Gerhards
350f28efd9 added new transport auth methods to doc set 2008-05-21 11:41:15 +02:00
Rainer Gerhards
cb8188da16 re-enabled anon mode (failed if client did not provide cert) 2008-05-21 11:04:01 +02:00
Rainer Gerhards
2b90fa41fd changed default GnuTLS key material to more reasonable values 
We now also provide everything to sign with a common CA.
NOTE: none of this is for production use!
 2008-05-20 15:13:17 +02:00
Rainer Gerhards
85b587f93d first implementation of TLS server client authentication check 
The TLS server now checks the client fingerprint. This works, but
is highly experimental. Needs to be refined for practice. Also:
- implemented permittedPeers helper construct to store names
- changed omfwd implementation to use new permittedPeers
 2008-05-19 18:52:44 +02:00
Rainer Gerhards
48684ceac5 improved error messages and corrected fingerprint format 2008-05-19 09:43:37 +02:00
Rainer Gerhards
edf41396ef regained netstream driver genericity; improved drivers 
- made action logic pass optional auth params only if they are
  actually configured
- added new authMode and Fingerprint methods to ptcp netstream
  driver (keeping them once again generic)
- added diagnostics messages when invalid auth modes were
  configured
 2008-05-17 11:19:12 +02:00
Rainer Gerhards
6ea98ec5ff added first rough ability to authenticate the server against its certificate 
This is very experimental and needs some more work. It probably even
segfaults - but the base code is there and running. The rest is
refinement.

While working on this, I did these two bugfixes:
- bugfix: small mem leak in omfwd on exit (strmdriver name was not freed)
- bugfix: $ActionSendStreamDriver had no effect
 2008-05-16 18:26:25 +02:00
Rainer Gerhards
29ebd4ab3e Merge branch 'master' into ietf-tls 2008-05-16 15:11:24 +02:00
Rainer Gerhards
dfb1f20ce7 bumped version number 2008-05-16 15:11:14 +02:00
Rainer Gerhards
7b69ee0ff8 removed references to deleted files v3.19.2 2008-05-16 15:05:07 +02:00
Rainer Gerhards
770b709654 fixed potential uninitialzed var access (highly improbable) 2008-05-16 14:53:12 +02:00
Rainer Gerhards
c70d3cec69 preparing for 3.19.2 2008-05-16 14:46:03 +02:00
Rainer Gerhards
ed96dda644 Merge branch 'beta' 
Conflicts:

	ChangeLog
	rfc3195d.c
 2008-05-16 13:46:09 +02:00
Rainer Gerhards
09a3d4ef12 Merge branch 'v3-stable' into beta 2008-05-16 13:40:53 +02:00
Rainer Gerhards
09afe64f29 added fromhost-ip properties and some bugfixes 
- bugfix: TCP input modules did incorrectly set fromhost property
  (always blank)
- bugfix: imklog did not set fromhost property
- added "fromhost-ip" property
- added "RSYSLOG_DebugFormat" canned template
- bugfix: hostname and fromhost were swapped when a persisted message
  (in queued mode) was read in
 2008-05-16 13:36:41 +02:00
Rainer Gerhards
ffa17a25d2 client provides x.509 and server prints fingerprint 2008-05-15 16:58:25 +02:00
Rainer Gerhards
a58ad72051 bumped version number 2008-05-15 15:42:52 +02:00
Rainer Gerhards
07b447fcba Merge branch 'v2-stable' into v3-stable 
Conflicts:

	ChangeLog
	configure.ac
 2008-05-15 14:18:18 +02:00
Rainer Gerhards
5674b8ef46 bumped version number 2008-05-15 12:40:48 +02:00
Rainer Gerhards
3daa227bdd finalizing 2.0.5 release v2.0.5 2008-05-15 12:38:35 +02:00
Rainer Gerhards
e623b1a06b added TODO item 2008-05-15 11:57:18 +02:00
Rainer Gerhards
d8b191a1f3 bugfix: TLS server went into an endless loop in some situations. 
Thanks to Michael Biebl for reporting the problem.
 2008-05-15 07:58:01 +02:00
Rainer Gerhards
ce0569ec3e ugfix: lmtcpclt, lmtcpsrv and lmgssutil did all link to the static runtime library, 
resulting in a large size increase (and potential "interesting"
effects). Thanks to Michael Biebel for reporting the size issue.
 2008-05-14 18:52:53 +02:00
Rainer Gerhards
8aea6a1d9d bugfix: some whitespaces where incorrectly not ignored 
when parsing the config file. This is now corrected. Thanks
to Michael Biebl for pointing out the problem.
 2008-05-14 18:37:23 +02:00
varmojfekoj
aa983c583b fixed potential segfault due to invalid call to cfsysline 
thanks to varmojfekoj for the patch

Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
 2008-05-14 08:39:36 +02:00
varmojfekoj
d2b63414ef fixed potential segfault due to invalid call to cfsysline 
thanks to varmojfekoj for the patch

Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
 2008-05-14 08:32:40 +02:00
Rainer Gerhards
d594f83a89 server's X509 cert fingerprint is obtained by client on connect 2008-05-08 16:00:57 +02:00
Rainer Gerhards
3d74096021 added a bit of doc (at least something...) 2008-05-08 13:24:20 +02:00
Rainer Gerhards
664f7cab3f added tool to show fingerprints 
this is required for IETF I-D syslog-transport-tls-12. This is a very
rough first prototype
 2008-05-08 13:21:09 +02:00
Rainer Gerhards
7abd7f3dc6 added simple shell script to support creating self-signed certs 
this is necessary to comply to IETF I-D -syslog-transport-tls-12
 2008-05-08 12:42:21 +02:00
Rainer Gerhards
f027201679 bugfix: gtls netstram driver did not specify threading model 
(could possibly lead to "interesting effects" ;))
 2008-05-08 10:17:03 +02:00
Rainer Gerhards
b04d22a670 removed red hat specific files 
I could't maintain them and they are now handled by the
package maintainers They were orginally introduced when
there were no packages available. Over time, they became
outdated and thus a bit problematic.
 2008-05-07 20:54:08 +02:00
Rainer Gerhards
d6bc3db2ca preparing 3.19.1 v3.19.1 2008-05-07 19:53:56 +02:00
Rainer Gerhards
442dad3521 limited number of unavoidable compiler warnings when compiling with GnuTLS 2008-05-07 12:33:18 +02:00
Rainer Gerhards
0fe0489d83 updated ChangeLog (forgotten...) 2008-05-07 12:14:23 +02:00
Rainer Gerhards
5d76f2d5ca support for liblogging 0.7.1+ added 2008-05-07 12:11:26 +02:00
Rainer Gerhards
773ec2bb0a fixed problem with man pages thanks to Michael Biebl's help 2008-05-06 19:21:14 +02:00
Rainer Gerhards
66fd122ed5 configure help for --enable-gnutls wrong 
said default is "yes" but default actually is "no"
thanks to darix for pointing this out
 2008-05-06 18:35:54 +02:00
Rainer Gerhards
346a9e6379 added missing includes (noticed under SuSe Linux) 2008-05-06 18:32:59 +02:00
Rainer Gerhards
a100b9ebb8 bumping version number 2008-05-06 18:12:44 +02:00
Rainer Gerhards
7e4940e264 file dirty.h was missing - thanks to darix for pointing this out 2008-05-06 18:12:29 +02:00
Rainer Gerhards
e0a2745d3f some cleanup (gotten rid of some more plain chars) 2008-05-06 15:05:39 +02:00
Rainer Gerhards
02795031a3 final touches for 3.19.0 v3.19.0 2008-05-06 10:58:06 +02:00
Rainer Gerhards
9e0af15a32 Merge branch 'tls' 2008-05-06 10:25:42 +02:00