<div dir="auto">Thanks. Now waiting for Debian package<div dir="auto"><br></div><div dir="auto">Raghu</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Sep 26, 2019, 18:26 Attila Szakacs (aszakacs) <<a href="mailto:Attila.Szakacs@oneidentity.com">Attila.Szakacs@oneidentity.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">




<div dir="ltr">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Hi Raghu,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
It got merged to master! <span id="m_-380713941437746300🙂">🙂</span></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<a href="https://github.com/syslog-ng/syslog-ng/pull/2930" target="_blank" rel="noreferrer">https://github.com/syslog-ng/syslog-ng/pull/2930</a><br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Best regards,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Attila</div>
<div id="m_-380713941437746300appendonsend"></div>
<hr style="display:inline-block;width:98%">
<div id="m_-380713941437746300divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" target="_blank" rel="noreferrer">syslog-ng-bounces@lists.balabit.hu</a>> on behalf of Raghunath Adhyapak <<a href="mailto:funduraghu@gmail.com" target="_blank" rel="noreferrer">funduraghu@gmail.com</a>><br>
<b>Sent:</b> Wednesday, September 18, 2019 5:35 PM<br>
<b>To:</b> Syslog-ng users' and developers' mailing list <<a href="mailto:syslog-ng@lists.balabit.hu" target="_blank" rel="noreferrer">syslog-ng@lists.balabit.hu</a>><br>
<b>Subject:</b> Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection</font>
<div> </div>
</div>
<div>
<div style="background-color:#ffeb9c;width:100%;border-style:solid;border-color:#9c6500;border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:'Calibri';color:Black;text-align:left">
<span style="color:#9c6500;font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div dir="auto">That's awesome.
<div dir="auto"><br>
</div>
<div dir="auto">Thanks</div>
<div dir="auto">Raghu</div>
</div>
<br>
<div class="m_-380713941437746300x_gmail_quote">
<div dir="ltr" class="m_-380713941437746300x_gmail_attr">On Wed, Sep 18, 2019, 17:05 Attila Szakacs (aszakacs) <<a href="mailto:Attila.Szakacs@oneidentity.com" target="_blank" rel="noreferrer">Attila.Szakacs@oneidentity.com</a>> wrote:<br>
</div>
<blockquote class="m_-380713941437746300x_gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
To the other question: It will be merged on the master branch probably in a week.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Attila</div>
<div id="m_-380713941437746300x_m_-6275926718167767745appendonsend"></div>
<hr style="display:inline-block;width:98%">
<div id="m_-380713941437746300x_m_-6275926718167767745divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>>
 on behalf of Attila Szakacs (aszakacs) <<a href="mailto:Attila.Szakacs@oneidentity.com" rel="noreferrer noreferrer" target="_blank">Attila.Szakacs@oneidentity.com</a>><br>
<b>Sent:</b> Wednesday, September 18, 2019 1:28 PM<br>
<b>To:</b> Syslog-ng users' and developers' mailing list <<a href="mailto:syslog-ng@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">syslog-ng@lists.balabit.hu</a>><br>
<b>Subject:</b> Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection</font>
<div> </div>
</div>
<div dir="ltr">
<div style="background-color:#ffeb9c;width:100%;border-style:solid;border-color:#9c6500;border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:'Calibri';color:Black;text-align:left">
<span style="color:#9c6500;font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Hi Raghu,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
You are welcome! Thanks for the good idea.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
If everything goes well, this feature will be released in version 3.24, in 3-4 weeks.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
The packaging happens at the same time, you will find the 3.24 installer at <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696240437&sdata=M9xVXlbEAiGqeLtLx1DsoXM9Tviag8FZVNERp0Z6oBg%3D&reserved=0" rel="noreferrer noreferrer" target="_blank">https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/</a></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Best regards,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Attila</div>
<div id="m_-380713941437746300x_m_-6275926718167767745x_appendonsend"></div>
<hr style="display:inline-block;width:98%">
<div id="m_-380713941437746300x_m_-6275926718167767745x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>>
 on behalf of Raghunath Adhyapak <<a href="mailto:funduraghu@gmail.com" rel="noreferrer noreferrer" target="_blank">funduraghu@gmail.com</a>><br>
<b>Sent:</b> Wednesday, September 18, 2019 12:50 PM<br>
<b>To:</b> Syslog-ng users' and developers' mailing list <<a href="mailto:syslog-ng@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">syslog-ng@lists.balabit.hu</a>><br>
<b>Subject:</b> Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection</font>
<div> </div>
</div>
<div>
<div style="background-color:#ffeb9c;width:100%;border-style:solid;border-color:#9c6500;border-width:1pt;padding:2pt;font-size:10pt;line-height:12pt;font-family:'Calibri';color:Black;text-align:left">
<span style="color:#9c6500;font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div dir="ltr">Hi Atilla,
<div><br>
</div>
<div>I updated the code, compiled it and tested the changes.</div>
<div>The changes works as expected.</div>
<div>Thanks for the addressing the issue in such a short time.</div>
<div><br>
</div>
<div>Follow-up question:</div>
<div>When will this change get merged into the master branch?</div>
<div>Also, when will this get packaged in Debian package?</div>
<div><br>
</div>
<div>Thanks</div>
<div>Raghu</div>
</div>
<br>
<div class="m_-380713941437746300x_m_-6275926718167767745x_x_gmail_quote">
<div dir="ltr" class="m_-380713941437746300x_m_-6275926718167767745x_x_gmail_attr">On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) <<a href="mailto:Attila.Szakacs@oneidentity.com" rel="noreferrer noreferrer" target="_blank">Attila.Szakacs@oneidentity.com</a>> wrote:<br>
</div>
<blockquote class="m_-380713941437746300x_m_-6275926718167767745x_x_gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Hi Raghu,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Currently we are not sending SNI extension in the Client Hello message.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
However, I made a PR to implement this: <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696240437&sdata=GvVjWOS9Yi%2FJZdl1pblLIOWdtSTJ2gpJkEJVpH37oBQ%3D&reserved=0" rel="noreferrer noreferrer" target="_blank">https://github.com/balabit/syslog-ng/pull/2930</a></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Can you build syslog-ng from source? It would be great, if you tested the PR.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Best regards,</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0);background-color:rgb(255,255,255)">
Attila</div>
<div id="m_-380713941437746300x_m_-6275926718167767745x_x_gmail-m_2697251644428849068appendonsend"></div>
<hr style="display:inline-block;width:98%">
<div id="m_-380713941437746300x_m_-6275926718167767745x_x_gmail-m_2697251644428849068divRplyFwdMsg" dir="ltr">
<font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> syslog-ng <<a href="mailto:syslog-ng-bounces@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">syslog-ng-bounces@lists.balabit.hu</a>> on behalf of Raghunath Adhyapak <<a href="mailto:funduraghu@gmail.com" rel="noreferrer noreferrer" target="_blank">funduraghu@gmail.com</a>><br>
<b>Sent:</b> Tuesday, September 17, 2019 9:05 AM<br>
<b>To:</b> <a href="mailto:syslog-ng@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">
syslog-ng@lists.balabit.hu</a> <<a href="mailto:syslog-ng@lists.balabit.hu" rel="noreferrer noreferrer" target="_blank">syslog-ng@lists.balabit.hu</a>><br>
<b>Subject:</b> [syslog-ng] Enable SNI (Server Name Identification) in TLS connection</font>
<div> </div>
</div>
<div>
<div style="background-color:rgb(255,235,156);width:100%;border:1pt solid rgb(156,101,0);padding:2pt;font-size:10pt;line-height:12pt;font-family:Calibri;color:black;text-align:left">
<span style="color:rgb(156,101,0);font-weight:bold">CAUTION:</span> This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I am using TLS over TCP connection to forward my syslog events to a remote server.</div>
<div>My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers.</div>
<div><br>
</div>
<div>I observe that syslog-ng doesn't send SNI during TLS handshake.</div>
<div><br>
</div>
<div>How can I enable it?</div>
<div><br>
</div>
<div>My configuration is as follows:</div>
<div><br>
</div>
<div><span style="color:rgb(0,0,0);font-size:medium">===================================</span><br>
</div>
<div>source s_net { syslog(transport(udp) port(1514)); };<br>
</div>
<div>
<div>destination d_tcp {</div>
<div>        tcp(</div>
<div>                "<a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696250438&sdata=KNtS9zpawll0eH6U8VyuBAcp2QHgLzY3S2FdtY5o90s%3D&reserved=0" rel="noreferrer noreferrer" target="_blank">XX.example.net</a>"</div>
<div>                port(96)</div>
<div>                tls(</div>
<div>                        peer-verify(required-untrusted)</div>
<div>                        ca_dir("/etc/syslog-ng/ssl")</div>
<div>                        key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem")</div>
<div>                        cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem")</div>
<div>                  )</div>
<div>        );</div>
<div>};</div>
</div>
<div>
<div>log {</div>
<div>        source(s_net);</div>
<div>        destination(d_tcp);</div>
<div>};</div>
</div>
<div>===================================</div>
<div><br>
</div>
<div>I want syslog-ng to send <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696260431&sdata=5uJJlzHej7SoSTjS1Ov9n99bGQJGWIYfmL2%2FLJLWj1Q%3D&reserved=0" rel="noreferrer noreferrer" target="_blank">
XX.example.net</a> as SNI to my remote server</div>
<div><br>
</div>
<div>Please advise</div>
<div><br>
</div>
<div>Thanks</div>
<div>Raghu</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
______________________________________________________________________________<br>
Member info: <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696260431&sdata=KFw8wgQEfFdLo1EHd%2FHIMQlC6CpVJ1PdXaKL34Y9CnM%3D&reserved=0" rel="noreferrer noreferrer noreferrer" target="_blank">
https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696270436&sdata=M%2B74WHS6u07annIaxzoC1kdlvKmlD8oB5T5kqCDmUXc%3D&reserved=0" rel="noreferrer noreferrer noreferrer" target="_blank">
http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696280431&sdata=WZcQ9x7SUou61Z6k7lHTz%2BVT4jSd7zlenQWlAL%2BeXUk%3D&reserved=0" rel="noreferrer noreferrer noreferrer" target="_blank">
http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote>
</div>
</div>
</div>
</div>
</div>
</div>
______________________________________________________________________________<br>
Member info: <a href="https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696290423&sdata=iZX6zp8xHcGevLcRiTOHRDb2SqDb7Y7ZhOhyRJ0j2K0%3D&reserved=0" rel="noreferrer noreferrer noreferrer" target="_blank">
https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696290423&sdata=OgaDRImuMz3AflHKLq8TCUWvBT1mjANwipDJVhYRxW0%3D&reserved=0" rel="noreferrer noreferrer noreferrer" target="_blank">
http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696300417&sdata=xqYD9GcHStDP4DWTNEyOSG8JHN%2BmExrd4agc8Gwlr5Y%3D&reserved=0" rel="noreferrer noreferrer noreferrer" target="_blank">
http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote>
</div>
</div>
</div>
</div>

______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div>