SoC status: Improve syslogd

[Martin Schütte <lists%mschuette.name@localhost>]

Hello,
now that it is midterm for the Google Summer of Code I would like to 
give you an overview of the general project status and progress.


= Completed milestones =
== TLS ==
I have implemented a TLS transport following the latest Internet Draft 
(http://tools.ietf.org/html/draft-ietf-syslog-transport-tls-13).

This means the user can configure syslogd to forward messages over a TLS 
connection and/or to be a TLS server and receive other host's messages 
with TLS. Both cases need X.509 certificates on client and server to 
allow mutual authentication, which checks the peer's certificate using a 
CA, a copy of the certificate, the subject, or the fingerprint. If 
necessary a self-signed certificate can be generated automatically (but 
will have to be configured on the other hosts for authentication).

== Buffering ==
A message that cannot be written immediately is buffered in memory and 
re-send after the destination becomes available again. To control memory 
usage the maximum number and memory space of buffered messages can be 
configured.

== Syslog-protocol ==
syslogd can be configured to write messages either in traditional BSD 
Syslog (RFC3164) or in syslog-protocol format. Messages in both formats 
are accepted and reformatted accordingly.


= Next Milestones =
== syslog-protocol for syslog(3) ==
Now that syslogd handles messages in syslog-protocol the next step is to 
have syslog(3) use the new format.
The biggest change here will be the more precise ISO-timestamp for all 
messages.

== syslog-sign ==
Syslog-sign is the third important Internet Draft to be implemented in 
syslogd and will provide digital signatures for all messages.
On the sender side this will use the same certificate as the TLS 
functions, so only one additional option is needed to activate message 
signing for one destination. On the receiver side the signature checking 
does not have to be part of syslogd; so it will be implemented as a 
separate program to be run on demand (e.g. in periodic daily).

== Testing and Documentation ==
At the end of coding I will install the new syslogd on several machines 
and document all required steps to write a HowTo guide for the new features.


= Experience =
== Problems ==
The biggest single problem was finding all necessary OpenSSL functions 
to read from certificates. The documentation is really sparse.

On a bigger scale I chose a wrong approach by implementing one 
functionality after another: TLS with blocking sockets, message buffers, 
change TLS to non-blocking sockets, revise buffering. This led to wrong 
assumptions and unnecessary problems on the way.

== Schedule ==
Both the TLS and the buffering took considerably longer than one week, 
so I am behind schedule now.
To compensate I gave up the plans for experimental implementations of
a) a new named-like format for syslog.conf and
b) a new API to log messages with structured data.


= Code =
A current version is available on the project homepage at 
http://netbsd-soc.sourceforge.net/projects/syslogd/
You are welcome to test it.


--
Martin