Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS 1.3 log lines not parsed #85

Open
olvsa opened this issue Nov 8, 2021 · 0 comments
Open

TLS 1.3 log lines not parsed #85

olvsa opened this issue Nov 8, 2021 · 0 comments

Comments

@olvsa
Copy link

olvsa commented Nov 8, 2021

Current regex does not parse TLSv1.3 connections.

Log line example:
Nov 08 10:07:48 mx-3 postfix/smtpd[323791]: Trusted TLS connection established from mx-1..[192.168.1.1]:38929: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256

Regex for smtpd does not expect this format because log line has text after "with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)".

Regex smtpdTLSLine (0.3, 0.2 versions):
smtpdTLSLine = regexp.MustCompile(^(\S+) TLS connection established from \S+: (\S+) with cipher (\S+) \((\d+)/(\d+) bits\)$)

Same things for smtp.
BTW, thanks for exporter!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@olvsa