Free the mouse Replay RnsPutSyslog
Home | Changes | Index | Search | Go request

This request uploads the system log to Replay. It's a POST request that looks like:

In this requst, the X-Replay-Serial-Number value is hashed and hex-encoded. Given a serial number, this value can be generated, but given just this value, returning to a serial number is basically impossible; I assume this is done for privacy, so that users can't be identified solely by the syslog message.

The serial number is hashed to generate a key; that key is used in a stream cypher similar to the one used in RDDNS (but with different constants) to encrypt a particular block of daata. An MD5hash is taken of the serial number and the encrypted block, and used as the obfuscated serial number.

#include <openssl/md5.h>                                                        
static unsigned char obfusc_plaintext[32] = {                                   
    0x5b, 0xaf, 0x2f, 0x8b,  0x07, 0x03, 0x5e, 0xad,                            
    0x05, 0xe3, 0x87, 0xdc,  0xbb, 0xe4, 0x5f, 0xef,                            
    0xbc, 0x8c, 0x9d, 0x01,  0xd3, 0x96, 0xeb, 0xe9,                            
    0x7f, 0x23, 0x46, 0xdb,  0xed, 0x2a, 0xd0, 0x87                             
static void obfuscate_sn(unsigned char * source, unsigned char * dest)          
    int i;                                                                      
    MD5_CTX md5ctx;                                                             
    unsigned char cyphertext[32];                                               
    unsigned long k;                                                            
    k = 1;                                                                      
    for (i = 0; i < strlen(source); i++)                                        
        k = k * 0x159c1 + source[i];                                            
    for (i = 0; i < 32; i++) {                                                  
        cyphertext[i] = obfusc_plaintext[i] ^ k;                                
        k = k * 0x17573 + 0xf750;                                               
    MD5_Update(&md5ctx, source, strlen(source));                                
    MD5_Update(&md5ctx, cyphertext, 32);                                        
    MD5_Final(dest, &md5ctx);                                                   

The POSTed data has content-type vnd.replay.syslog. Its format is the same as the on-system SysLog.

There is no body in the response; the only purpose is to make the system log available to Replay.

-- ToddLarason - 17 Mar 2002

Topic RnsPutSyslog . { Edit | Attach | Ref-By | Printable | Diffs | r1.4 | > | r1.3 | > | r1.2 | More }
Revision r1.4 - 02 Jun 2002 - 00:09 GMT - ToddLarason
Parents: WebHome > RnsProtocol
Copyright © 2001 by the contributing authors. All material on this collaboration tool is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback.

Replay.RnsPutSyslog moved from Replay.RnsSyslog on 17 Mar 2002 - 09:23 by ToddLarason - put it back