Hi Raghu,

You are welcome! Thanks for the good idea.
If everything goes well, this feature will be released in version 3.24, in 3-4 weeks.
The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/

Best regards,
Attila
From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com>
Sent: Wednesday, September 18, 2019 12:50 PM
To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>
Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
 
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.

Hi Atilla,

I updated the code, compiled it and tested the changes.
The changes works as expected.
Thanks for the addressing the issue in such a short time.

Follow-up question:
When will this change get merged into the master branch?
Also, when will this get packaged in Debian package?

Thanks
Raghu

On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,

Currently we are not sending SNI extension in the Client Hello message.
However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930

Can you build syslog-ng from source? It would be great, if you tested the PR.

Best regards,
Attila
From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com>
Sent: Tuesday, September 17, 2019 9:05 AM
To: syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu>
Subject: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
 
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.

Hi,

I am using TLS over TCP connection to forward my syslog events to a remote server.
My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers.

I observe that syslog-ng doesn't send SNI during TLS handshake.

How can I enable it?

My configuration is as follows:

===================================
source s_net { syslog(transport(udp) port(1514)); };
destination d_tcp {
        tcp(
                "XX.example.net"
                port(96)
                tls(
                        peer-verify(required-untrusted)
                        ca_dir("/etc/syslog-ng/ssl")
                        key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem")
                        cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem")
                  )
        );
};
log {
        source(s_net);
        destination(d_tcp);
};
===================================

I want syslog-ng to send XX.example.net as SNI to my remote server

Please advise

Thanks
Raghu
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq