Use a TCP writer to `Write()` to a syslog server running with TLS only returns no `error` but actually failed

Question

Use a TCP writer to `Write()` to a syslog server running with TLS only returns no `error` but actually failed

YingmingHu opened this issue 6 years ago · 2 comments

I use

w, err := syslog.Dial("tcp", "192.168.0.51:514", syslog.LOG_ERR, "testtag")
if err != nil {
  if n, err := w.Write([]byte("these are some bytes")); err != nil {
    log.Println("Sent %d bytes to syslog server\n", n)
  }
}

to connect to a rsyslog server, and the server is set to $InputTCPServerStreamDriverMode 1, which means it accepts TLS connection only.

The running result is that I was told

Sent 21 bytes to syslog server

but actually it's not the truth. Because the rsyslog server said,

rsyslogd: gnutls returned error on handshake: An unexpected TLS packet was received. [v8.31.0 try http://www.rsyslog.com/e/2083 ]
rsyslogd: gnutls returned error on handshake: An unexpected TLS packet was received. [v8.31.0 try http://www.rsyslog.com/e/2083 ]

Answer 1 · 2018-07-09T15:50:06.000Z

If your syslog server only accepts TLS connections, you may have to try connecting with "tcp+tls" instead of just "tcp". Otherwise the client will try to connect without TCP and the server won't let it.

Answer 2 · 2018-07-10T01:13:52.000Z

Normally, I always use "tcp+tls" to connect a TLS-only syslog server. But I want to know how to raise an error if connecting by using "tcp" only.