Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Regarding RFC 5425 compliance (i.e. "Transport Layer Security (TLS) Transport Mapping for Syslog") #231

Open
cipriancraciun opened this issue Dec 3, 2019 · 0 comments
Open

Regarding RFC 5425 compliance (i.e. "Transport Layer Security (TLS) Transport Mapping for Syslog") #231

cipriancraciun opened this issue Dec 3, 2019 · 0 comments

Comments

@cipriancraciun
Copy link

According to RFC 5425 "Transport Layer Security (TLS) Transport Mapping for Syslog" -- the counterpart of RFC 5424 -- namely section 4.3 "Sending data", the proper framing for syslog over TCP with TLS is:

APPLICATION-DATA = 1*SYSLOG-FRAME
SYSLOG-FRAME = MSG-LEN SP SYSLOG-MSG
MSG-LEN = NONZERO-DIGIT *DIGIT
SP = %d32
NONZERO-DIGIT = %d49-57
DIGIT = %d48 / NONZERO-DIGIT

(I.e. the message is prefixed with the bytes count of the entire frame.)

However looking in the remote_syslog2 implementation it seems it just appends an \n (and cleans the original message):

remote_syslog2/syslog/syslog.go

Lines 193 to 195 in 09062fc

case *net.TCPConn, *tls.Conn:
l.conn.netConn.SetWriteDeadline(deadline)
_, err = io.WriteString(l.conn.netConn, p.Generate(l.tcpMaxLineLength)+"\n")

Thus my question is if remote_syslog2 is actually compliant with RFC 5425?

(The documentation doesn't seem to state that it is compliant, however it keeps mentioning TLS and thus seems to hint so.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cipriancraciun