Hi, Sorry, to “reopen” an old thread, but theoretically syslog-ng would be able to use tls with udp connections.

 

This is called DTLS and defined in rfc4347. And openssl also support it. (But that is right, that syslog-ng currently does no support it.)

 

From: syslog-ng [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of Scheidler, Balázs
Sent: Tuesday, November 22, 2016 8:22 PM
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] Enable TLS encryption

 

Your conclusion is correct. It cannot.

 

On Nov 22, 2016 5:23 PM, "PÁSZTOR György" <pasztor@linux.gyakg.u-szeged.hu> wrote:

Hi,

"Scheidler, Balázs" <balazs.scheidler@balabit.com> írta 2016-11-22 17:38-kor:
> Thats a completely different matter, OpenVPN has its own tcp-like substrate
> running on top of UDP, and not TLS running on UDP.

Ah. So, that is openvpn specific?

I didn't dig into the code. I thought openssl has it's own layer to
establish a "connection" even over udp.

So the conclusion is that, syslog-ng can not run tls over udp?

Cheers,
Gyu
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq




NOTICE: Morgan Stanley is not acting as a municipal advisor and the opinions or views contained herein are not intended to be, and do not constitute, advice within the meaning of Section 975 of the Dodd-Frank Wall Street Reform and Consumer Protection Act. If you have received this communication in error, please destroy all electronic and paper copies and notify the sender immediately. Mistransmission is not intended to waive confidentiality or privilege. Morgan Stanley reserves the right, to the extent permitted under applicable law, to monitor electronic communications. This message is subject to terms available at the following link: http://www.morganstanley.com/disclaimers  If you cannot access these links, please notify us by reply message and we will send the contents to you. By communicating with Morgan Stanley you consent to the foregoing and to the voice recording of conversations with personnel of Morgan Stanley.