summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* added some forgotten docRainer Gerhards2008-05-212-12/+27
|
* added new transport auth methods to doc setRainer Gerhards2008-05-215-9/+86
|
* re-enabled anon mode (failed if client did not provide cert)Rainer Gerhards2008-05-212-4/+7
|
* changed default GnuTLS key material to more reasonable valuesRainer Gerhards2008-05-205-57/+55
| | | | | We now also provide everything to sign with a common CA. NOTE: none of this is for production use!
* first implementation of TLS server client authentication checkRainer Gerhards2008-05-1916-58/+347
| | | | | | | The TLS server now checks the client fingerprint. This works, but is highly experimental. Needs to be refined for practice. Also: - implemented permittedPeers helper construct to store names - changed omfwd implementation to use new permittedPeers
* improved error messages and corrected fingerprint formatRainer Gerhards2008-05-194-13/+32
|
* regained netstream driver genericity; improved driversRainer Gerhards2008-05-173-6/+56
| | | | | | | | | - made action logic pass optional auth params only if they are actually configured - added new authMode and Fingerprint methods to ptcp netstream driver (keeping them once again generic) - added diagnostics messages when invalid auth modes were configured
* added first rough ability to authenticate the server against its certificateRainer Gerhards2008-05-168-23/+174
| | | | | | | | | | This is very experimental and needs some more work. It probably even segfaults - but the base code is there and running. The rest is refinement. While working on this, I did these two bugfixes: - bugfix: small mem leak in omfwd on exit (strmdriver name was not freed) - bugfix: $ActionSendStreamDriver had no effect
* Merge branch 'master' into ietf-tlsRainer Gerhards2008-05-1630-81/+257
|\
| * bumped version numberRainer Gerhards2008-05-162-1/+3
| |
| * removed references to deleted filesv3.19.2Rainer Gerhards2008-05-161-4/+0
| |
| * fixed potential uninitialzed var access (highly improbable)Rainer Gerhards2008-05-161-0/+2
| |
| * preparing for 3.19.2Rainer Gerhards2008-05-163-19/+50
| |
| * Merge branch 'beta'Rainer Gerhards2008-05-163-3/+23
| |\ | | | | | | | | | | | | | | | | | | Conflicts: ChangeLog rfc3195d.c
| | * Merge branch 'v3-stable' into betaRainer Gerhards2008-05-166-8/+28
| | |\
| | | * Merge branch 'v2-stable' into v3-stableRainer Gerhards2008-05-152-3/+13
| | | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: ChangeLog configure.ac
| | | | * bumped version numberRainer Gerhards2008-05-152-1/+3
| | | | |
| | | | * finalizing 2.0.5 releasev2.0.5Rainer Gerhards2008-05-151-1/+1
| | | | |
| | | | * updated ChangeLog (forgotten...)Rainer Gerhards2008-05-071-0/+1
| | | | |
| | | | * support for liblogging 0.7.1+ addedRainer Gerhards2008-05-071-3/+3
| | | | |
| | | * | bugfix: some whitespaces where incorrectly not ignoredRainer Gerhards2008-05-143-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | when parsing the config file. This is now corrected. Thanks to Michael Biebl for pointing out the problem.
| | | * | fixed potential segfault due to invalid call to cfsyslinevarmojfekoj2008-05-143-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | thanks to varmojfekoj for the patch Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
| | * | | preparigng for 3.17.2 releasev3.17.2Rainer Gerhards2008-05-041-2/+2
| | | | |
| * | | | added fromhost-ip properties and some bugfixesRainer Gerhards2008-05-1619-32/+149
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - bugfix: TCP input modules did incorrectly set fromhost property (always blank) - bugfix: imklog did not set fromhost property - added "fromhost-ip" property - added "RSYSLOG_DebugFormat" canned template - bugfix: hostname and fromhost were swapped when a persisted message (in queued mode) was read in
| * | | | bumped version numberRainer Gerhards2008-05-152-4/+2
| | | | |
| * | | | added TODO itemRainer Gerhards2008-05-151-1/+1
| | | | |
| * | | | bugfix: TLS server went into an endless loop in some situations.Rainer Gerhards2008-05-154-13/+13
| | | | | | | | | | | | | | | | | | | | Thanks to Michael Biebl for reporting the problem.
| * | | | ugfix: lmtcpclt, lmtcpsrv and lmgssutil did all link to the static runtime ↵Rainer Gerhards2008-05-142-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | library, resulting in a large size increase (and potential "interesting" effects). Thanks to Michael Biebel for reporting the size issue.
| * | | | fixed potential segfault due to invalid call to cfsyslinevarmojfekoj2008-05-144-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | thanks to varmojfekoj for the patch Signed-off-by: Rainer Gerhards <rgerhards@adiscon.com>
* | | | | client provides x.509 and server prints fingerprintRainer Gerhards2008-05-152-6/+34
|/ / / /
* | | | server's X509 cert fingerprint is obtained by client on connectRainer Gerhards2008-05-083-189/+50
| | | |
* | | | added a bit of doc (at least something...)Rainer Gerhards2008-05-085-1/+245
| | | |
* | | | added tool to show fingerprintsRainer Gerhards2008-05-081-0/+2
| | | | | | | | | | | | | | | | | | | | this is required for IETF I-D syslog-transport-tls-12. This is a very rough first prototype
* | | | added simple shell script to support creating self-signed certsRainer Gerhards2008-05-081-0/+3
| | | | | | | | | | | | | | | | this is necessary to comply to IETF I-D -syslog-transport-tls-12
* | | | bugfix: gtls netstram driver did not specify threading modelRainer Gerhards2008-05-081-3/+7
| | | | | | | | | | | | | | | | (could possibly lead to "interesting effects" ;))
* | | | removed red hat specific filesRainer Gerhards2008-05-075-145/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | I could't maintain them and they are now handled by the package maintainers They were orginally introduced when there were no packages available. Over time, they became outdated and thus a bit problematic.
* | | | preparing 3.19.1v3.19.1Rainer Gerhards2008-05-072-5/+5
| | | |
* | | | limited number of unavoidable compiler warnings when compiling with GnuTLSRainer Gerhards2008-05-072-2/+18
| | | |
* | | | fixed problem with man pages thanks to Michael Biebl's helpRainer Gerhards2008-05-062-5/+3
| | | |
* | | | configure help for --enable-gnutls wrongRainer Gerhards2008-05-062-1/+3
| | | | | | | | | | | | | | | | | | | | said default is "yes" but default actually is "no" thanks to darix for pointing this out
* | | | added missing includes (noticed under SuSe Linux)Rainer Gerhards2008-05-062-0/+2
| | | |
* | | | bumping version numberRainer Gerhards2008-05-062-1/+4
| | | |
* | | | file dirty.h was missing - thanks to darix for pointing this outRainer Gerhards2008-05-061-0/+2
| | | |
* | | | some cleanup (gotten rid of some more plain chars)Rainer Gerhards2008-05-069-23/+21
| | | |
* | | | final touches for 3.19.0v3.19.0Rainer Gerhards2008-05-066-11/+10
| | | |
* | | | Merge branch 'tls'Rainer Gerhards2008-05-0635-266/+713
|\ \ \ \
| * | | | trying to remove compiler warningsRainer Gerhards2008-05-052-2/+3
| | | | |
| * | | | invalid strdup when no driver name was set caused segfaultRainer Gerhards2008-05-051-1/+2
| | | | |
| * | | | support for different forwarding stream drivers addedRainer Gerhards2008-05-057-8/+51
| | | | | | | | | | | | | | | | | | | | they can now be set on an action-by-action basis
| * | | | made default certificate file locations configurableRainer Gerhards2008-05-054-7/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - added $DefaultNetstreamDriverCAFile config directive - added $DefaultNetstreamDriverCertFile config directive - added $DefaultNetstreamDriverKeyFile config directive
generated by cgit (git 2.34.1) at 2024-11-16 16:18:13 +0000