summaryrefslogtreecommitdiffstats
path: root/runtime/rsyslog.h
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'v3-stable' into betaRainer Gerhards2008-09-121-1/+1
| | | | | | | Conflicts: runtime/datetime.h runtime/rsyslog.h
* bugfix: machine certificate was required for client even in TLS anon modeRainer Gerhards2008-07-021-0/+1
| | | | | | Reference: http://bugzilla.adiscon.com/show_bug.cgi?id=85 The fix also slightly improves performance by not storing certificates in client sessions when there is no need to do so.
* added (internal) error codes to error messagesRainer Gerhards2008-06-271-3/+9
| | | | | Also added redirector to web description of error codes closes bug http://bugzilla.adiscon.com/show_bug.cgi?id=20
* changed Rcv-Interface in tcpsrv subsystemRainer Gerhards2008-06-231-0/+3
| | | | | | It is now iRet based. This enables us to communicate more in-depth information to the upper peers. This is needed to handle the EGAIN case on rcv (not yet implemented)
* implemented wildcards inside certificate name check authenticationRainer Gerhards2008-05-271-0/+2
|
* client now provides cert even if it is not signed by one of the server's ↵Rainer Gerhards2008-05-271-0/+2
| | | | trusted CAs (gtls)
* added certificate validity date check (gtls)Rainer Gerhards2008-05-261-0/+3
|
* added gtls name authentication based on common name (inside DN)Rainer Gerhards2008-05-261-0/+1
| | | | also changed fingerprint gtls auth mode to new format fingerprint
* implemented x509/certvalid "authentication"Rainer Gerhards2008-05-211-0/+1
|
* first implementation of TLS server client authentication checkRainer Gerhards2008-05-191-0/+2
| | | | | | | The TLS server now checks the client fingerprint. This works, but is highly experimental. Needs to be refined for practice. Also: - implemented permittedPeers helper construct to store names - changed omfwd implementation to use new permittedPeers
* improved error messages and corrected fingerprint formatRainer Gerhards2008-05-191-1/+1
|
* added first rough ability to authenticate the server against its certificateRainer Gerhards2008-05-161-0/+3
| | | | | | | | | | This is very experimental and needs some more work. It probably even segfaults - but the base code is there and running. The rest is refinement. While working on this, I did these two bugfixes: - bugfix: small mem leak in omfwd on exit (strmdriver name was not freed) - bugfix: $ActionSendStreamDriver had no effect
* server's X509 cert fingerprint is obtained by client on connectRainer Gerhards2008-05-081-0/+1
|
* added a bit of doc (at least something...)Rainer Gerhards2008-05-081-0/+1
|
* server handshake now works with nonblocking socketsRainer Gerhards2008-04-301-0/+1
|
* ability to load proper select netstrm driverRainer Gerhards2008-04-291-1/+2
|
* added $ActionSendStreamDriverMode config directiveRainer Gerhards2008-04-281-0/+1
|
* added select() driver for GnuTlsRainer Gerhards2008-04-241-0/+1
|
* made this compile with the new abstracted socket server callsRainer Gerhards2008-04-241-3/+0
| | | | | undid some invalid changes during merge plus did a few wrappers. Compiles, but does not yet work.
* Merge branch 'sock-abstract' into tlsRainer Gerhards2008-04-241-0/+11
|\ | | | | | | | | | | | | | | | | | | Conflicts: runtime/Makefile.am runtime/netstrm.c runtime/nsd.h runtime/nsd_ptcp.c runtime/rsyslog.h
| * removed listener array from inidividual netstrm (mostly finished)Rainer Gerhards2008-04-231-0/+1
| |
| * added new netstrms classRainer Gerhards2008-04-231-0/+2
| | | | | | | | netstrms is at the top layer of the socket abstraction
| * objects for receive-side socket abstraction specifiedRainer Gerhards2008-04-231-0/+5
| | | | | | | | | | | | | | The objects for receiver-side socket abstraction have now be specified. The project as whole does not yet compile and definitely not run, but I'd like to commit some milestones along this way.
* | first working TLS-enabled plain TCP senderRainer Gerhards2008-04-181-0/+1
| | | | | | | | | | implemented a first working version of a TLS-enabled plain TCP sender (but, of course, the implementation is insecure as it is)
* | Merge branch 'master' into tlsRainer Gerhards2008-04-181-0/+1
|\ \
| * | bugfix: a recent change effectively disabled error messagesRainer Gerhards2008-04-181-0/+1
| | |
* | | set stage for TLS client implementationRainer Gerhards2008-04-181-0/+3
| |/ |/|
* | converted netstrm into generic netstrm and the nsd_pctp driverRainer Gerhards2008-04-181-0/+3
| |
* | imported tcp module from librelp as basis for new stream classRainer Gerhards2008-04-171-0/+5
| | | | | | | | | | we got permission to include the tcp module from librelp copyright holders
* | added new "netstrm" class (not yet implemented)Rainer Gerhards2008-04-171-1/+2
|/
* completed better modularity of runtimeRainer Gerhards2008-04-171-4/+4
| | | | | | | | | | - added the ability to specify an error log function for the runtime - removed dependency of core runtime on dirty.h Note that it is "better" modularity, not perfect. There is still work to do, but I think we can for the time being proceed with other things.
* moved "glblModPath" variable inside global data poolRainer Gerhards2008-04-171-0/+11
| | | | (but still as a variable, not part of glbl object)
* modularization workRainer Gerhards2008-04-171-1/+3
| | | | | cleanup + created an abstract class for global data items and moved glblGetWorkDir to it
* prevented segfault during runtime library init phaseRainer Gerhards2008-04-161-0/+1
|
* some more cleanupRainer Gerhards2008-04-161-0/+16
| | | | | reduced dependencies, moved non-runtime files to its own directory except for some whom's status is unclear
* provided ability to initialize the runtimeRainer Gerhards2008-04-161-0/+6
|
* moved files to the runtimeRainer Gerhards2008-04-161-0/+272
there are still some files left which could go into the runtime, but I think we will delete most of them once we are done with the full modularization.
generated by cgit (git 2.34.1) at 2024-11-01 12:24:44 +0000