Makura no Soshi

This week brought great news for my CRM114 plugin: The upcoming amavisd-new version 2.6.3 will completely support CRM114 (either standalone or as an SA plugin) so no more patches are required to include custom headers.

In addition Mark made several improvements to my plugin itself, so I am happy to release a new plugin version 0.8 (see the project page for the module, its documentation and additional notes).

Update: I just noticed that CRM114′s stable versions (those from 2007) do not support the “--report_only” option. Thus I made a last minute change after uploading and deactivated the option in line 653 (= line 607 in the SA3.3 version).

Today the RFCs for the new Syslog procol and transport were published:

• RFC 5424 on The Syslog Protocol
• RFC 5425 on Transport Layer Security (TLS) Transport Mapping for Syslog
• RFC 5426 on Transmission of Syslog Messages over UDP

Due to the BLIT preparations I nearly missed the important event for my GSoC project: I made it into the NetBSD CVS.  :-)

Read the rest of this entry »

Fuzzing is a great way to find input validation errors.

Just don’t use it in debug mode whith all input printed verbatim to the poor terminal… :-|

Now that I wrote my midterm summary and completed the survey for GSoC it is once again time to update the Trac-pages. The syslogd is my first try with Trac and so far it has not been too sucessful.

Read the rest of this entry »

Now the latest internet draft for transport-tls is out for two weeks now and it looks like a consensus on the text is found — at least there were no comments so far. I spent the better part of these two weeks changing and debugging my own implementation of transport-tls, which is far beyond the schedule but at least in time to have a working and usable program for mid-term evaluation…

So this is a good time to re-read the draft and check its requirements against my current syslogd code:

Read the rest of this entry »

I think OpenSSL needs a documentation project. My first week of GSoC coding was dedicated to transport-tls, so I started with establishing a TLS connection and accessing different parts of the X.509 certificates to check them. I would have thought these are basic tasks for every TLS-enabled application and yet I found this unexpectedly difficult.

Read the rest of this entry »

When I came to work on Syslog one of the most disturbing texts I came across was Rainer’s observation “On the (un)reliability of plain tcp syslog…“. The problem is that a sendmsg() system call is nearly always successful — it only indicates local errors (like a full send queue), but no network errors. So even after the other side initiated a connection shutdown one can happily write into the local buffer and only get an error on the second write.

Read the rest of this entry »