pacs_system/atna__syslog__transport_8h_source.html

#ifndef PACS_SECURITY_ATNA_SYSLOG_TRANSPORT_HPP

#define PACS_SECURITY_ATNA_SYSLOG_TRANSPORT_HPP


#include "kcenon/pacs/core/result.h"


#include <atomic>

#include <cstdint>

#include <string>


namespace kcenon::pacs::security {


// =============================================================================

// Syslog Facility Codes (RFC 5424 Section 6.2.1)

// =============================================================================


enum class syslog_facility : uint8_t {

    kern = 0,

    user = 1,

    mail = 2,

    daemon = 3,

    auth = 4,

    syslog = 5,

    lpr = 6,

    news = 7,

    uucp = 8,

    cron = 9,

    authpriv = 10,

    ftp = 11,

    ntp = 12,

    log_audit = 13,

    log_alert = 14,

    clock = 15,

    local0 = 16,

    local1 = 17,

    local2 = 18,

    local3 = 19,

    local4 = 20,

    local5 = 21,

    local6 = 22,

    local7 = 23

};


// =============================================================================

// Syslog Severity (RFC 5424 Section 6.2.1)

// =============================================================================


enum class syslog_severity : uint8_t {

    emergency = 0,

    alert = 1,

    critical = 2,

    error = 3,

    warning = 4,

    notice = 5,

    informational = 6,

    debug = 7

};


// =============================================================================

// Transport Protocol

// =============================================================================


enum class syslog_transport_protocol : uint8_t {

    udp,

    tls

};


// =============================================================================

// Configuration

// =============================================================================


struct syslog_transport_config {

    syslog_transport_protocol protocol{syslog_transport_protocol::udp};


    std::string host{"localhost"};


    uint16_t port{514};


    std::string app_name{"pacs_system"};


    std::string hostname;


    syslog_facility facility{syslog_facility::authpriv};


    syslog_severity severity{syslog_severity::informational};


    // -- TLS-specific options (RFC 5425) --


    std::string ca_cert_path;


    std::string client_cert_path;


    std::string client_key_path;


    bool verify_server{true};

};


// =============================================================================

// ATNA Syslog Transport

// =============================================================================


class atna_syslog_transport {

public:

    // =========================================================================

    // Construction

    // =========================================================================


    explicit atna_syslog_transport(const syslog_transport_config& config);


    ~atna_syslog_transport();


    // Non-copyable

    atna_syslog_transport(const atna_syslog_transport&) = delete;

    atna_syslog_transport& operator=(const atna_syslog_transport&) = delete;


    // Movable

    atna_syslog_transport(atna_syslog_transport&& other) noexcept;

    atna_syslog_transport& operator=(atna_syslog_transport&& other) noexcept;


    // =========================================================================

    // Send Operations

    // =========================================================================


    [[nodiscard]] kcenon::pacs::VoidResult send(const std::string& xml_message);


    // =========================================================================

    // RFC 5424 Message Formatting

    // =========================================================================


    [[nodiscard]] std::string format_syslog_message(

        const std::string& xml_message) const;


    // =========================================================================

    // Connection Management

    // =========================================================================


    [[nodiscard]] bool is_connected() const noexcept;


    void close();


    // =========================================================================

    // Statistics

    // =========================================================================


    [[nodiscard]] size_t messages_sent() const noexcept;

    [[nodiscard]] size_t send_errors() const noexcept;

    void reset_statistics() noexcept;


    // =========================================================================

    // Configuration Access

    // =========================================================================


    [[nodiscard]] const syslog_transport_config& config() const noexcept;


private:

    // =========================================================================

    // Private Implementation

    // =========================================================================


    [[nodiscard]] kcenon::pacs::VoidResult send_udp(const std::string& syslog_message);

    [[nodiscard]] kcenon::pacs::VoidResult send_tls(const std::string& syslog_message);

    [[nodiscard]] kcenon::pacs::VoidResult ensure_tls_connected();


    [[nodiscard]] static std::string get_local_hostname();

    [[nodiscard]] static std::string get_timestamp();

    [[nodiscard]] static uint8_t compute_priority(

        syslog_facility facility, syslog_severity severity);


    // =========================================================================

    // Private Members

    // =========================================================================


    syslog_transport_config config_;


    // Socket handle (-1 = not connected)

#ifdef _WIN32

    using socket_type = unsigned long long;  // SOCKET

    static constexpr socket_type invalid_socket = ~static_cast<socket_type>(0);

#else

    using socket_type = int;

    static constexpr socket_type invalid_socket = -1;

#endif

    socket_type socket_{invalid_socket};


    // Opaque TLS context (avoids OpenSSL includes in header)

    struct tls_context;

    tls_context* tls_{nullptr};


    std::atomic<size_t> messages_sent_{0};

    std::atomic<size_t> send_errors_{0};

};


}  // namespace kcenon::pacs::security


#endif  // PACS_SECURITY_ATNA_SYSLOG_TRANSPORT_HPP

kcenon::pacs::security::atna_syslog_transport
Sends ATNA audit messages via Syslog protocol.
Definition atna_syslog_transport.h:164

kcenon::pacs::security::atna_syslog_transport::config_
syslog_transport_config config_
Definition atna_syslog_transport.h:267

kcenon::pacs::security::atna_syslog_transport::reset_statistics
void reset_statistics() noexcept
Definition atna_syslog_transport.cpp:217

kcenon::pacs::security::atna_syslog_transport::invalid_socket
static constexpr socket_type invalid_socket
Definition atna_syslog_transport.h:275

kcenon::pacs::security::atna_syslog_transport::tls_
tls_context * tls_
Definition atna_syslog_transport.h:281

kcenon::pacs::security::atna_syslog_transport::~atna_syslog_transport
~atna_syslog_transport()
Definition atna_syslog_transport.cpp:99

kcenon::pacs::security::atna_syslog_transport::atna_syslog_transport
atna_syslog_transport(const syslog_transport_config &config)
Construct transport with configuration.
Definition atna_syslog_transport.cpp:91

kcenon::pacs::security::atna_syslog_transport::is_connected
bool is_connected() const noexcept
Check if the transport is connected (TLS only)
Definition atna_syslog_transport.cpp:188

kcenon::pacs::security::atna_syslog_transport::messages_sent_
std::atomic< size_t > messages_sent_
Definition atna_syslog_transport.h:283

kcenon::pacs::security::atna_syslog_transport::send_errors_
std::atomic< size_t > send_errors_
Definition atna_syslog_transport.h:284

kcenon::pacs::security::atna_syslog_transport::send_errors
size_t send_errors() const noexcept
Definition atna_syslog_transport.cpp:213

kcenon::pacs::security::atna_syslog_transport::get_local_hostname
static std::string get_local_hostname()
Definition atna_syslog_transport.cpp:456

kcenon::pacs::security::atna_syslog_transport::messages_sent
size_t messages_sent() const noexcept
Definition atna_syslog_transport.cpp:209

kcenon::pacs::security::atna_syslog_transport::format_syslog_message
std::string format_syslog_message(const std::string &xml_message) const
Format an XML audit message as an RFC 5424 Syslog message.
Definition atna_syslog_transport.cpp:159

kcenon::pacs::security::atna_syslog_transport::config
const syslog_transport_config & config() const noexcept
Definition atna_syslog_transport.cpp:222

kcenon::pacs::security::atna_syslog_transport::send_tls
kcenon::pacs::VoidResult send_tls(const std::string &syslog_message)
Definition atna_syslog_transport.cpp:285

kcenon::pacs::security::atna_syslog_transport::compute_priority
static uint8_t compute_priority(syslog_facility facility, syslog_severity severity)
Definition atna_syslog_transport.cpp:487

kcenon::pacs::security::atna_syslog_transport::atna_syslog_transport
atna_syslog_transport(const atna_syslog_transport &)=delete

kcenon::pacs::security::atna_syslog_transport::close
void close()
Close the transport connection.
Definition atna_syslog_transport.cpp:195

kcenon::pacs::security::atna_syslog_transport::send_udp
kcenon::pacs::VoidResult send_udp(const std::string &syslog_message)
Definition atna_syslog_transport.cpp:230

kcenon::pacs::security::atna_syslog_transport::socket_
socket_type socket_
Definition atna_syslog_transport.h:277

kcenon::pacs::security::atna_syslog_transport::get_timestamp
static std::string get_timestamp()
Definition atna_syslog_transport.cpp:465

kcenon::pacs::security::atna_syslog_transport::socket_type
int socket_type
Definition atna_syslog_transport.h:274

kcenon::pacs::security::atna_syslog_transport::ensure_tls_connected
kcenon::pacs::VoidResult ensure_tls_connected()
Definition atna_syslog_transport.cpp:320

kcenon::pacs::security::atna_syslog_transport::send
kcenon::pacs::VoidResult send(const std::string &xml_message)
Send an RFC 3881 XML audit message via Syslog.
Definition atna_syslog_transport.cpp:137

kcenon::pacs::security::atna_syslog_transport::operator=
atna_syslog_transport & operator=(const atna_syslog_transport &)=delete

kcenon::pacs::security
Definition access_control_manager.h:27

kcenon::pacs::security::atna_object_type::other
@ other

kcenon::pacs::security::syslog_transport_protocol
syslog_transport_protocol
Syslog transport protocol.
Definition atna_syslog_transport.h:90

kcenon::pacs::security::syslog_transport_protocol::udp
@ udp
UDP (RFC 5426) — Fire-and-forget.

kcenon::pacs::security::syslog_transport_protocol::tls
@ tls
TLS over TCP (RFC 5425) — Secure.

kcenon::pacs::security::syslog_severity
syslog_severity
Syslog severity levels.
Definition atna_syslog_transport.h:72

kcenon::pacs::security::syslog_severity::informational
@ informational
Default for audit events.

kcenon::pacs::security::syslog_severity::warning
@ warning

kcenon::pacs::security::syslog_severity::critical
@ critical

kcenon::pacs::security::syslog_severity::alert
@ alert

kcenon::pacs::security::syslog_severity::debug
@ debug

kcenon::pacs::security::syslog_severity::emergency
@ emergency

kcenon::pacs::security::syslog_severity::error
@ error

kcenon::pacs::security::syslog_severity::notice
@ notice

kcenon::pacs::security::syslog_facility
syslog_facility
Syslog facility values.
Definition atna_syslog_transport.h:38

kcenon::pacs::security::syslog_facility::clock
@ clock

kcenon::pacs::security::syslog_facility::syslog
@ syslog

kcenon::pacs::security::syslog_facility::local1
@ local1

kcenon::pacs::security::syslog_facility::local5
@ local5

kcenon::pacs::security::syslog_facility::local7
@ local7

kcenon::pacs::security::syslog_facility::daemon
@ daemon

kcenon::pacs::security::syslog_facility::authpriv
@ authpriv
Security/authorization (recommended for ATNA)

kcenon::pacs::security::syslog_facility::local2
@ local2

kcenon::pacs::security::syslog_facility::log_audit
@ log_audit
Log audit.

kcenon::pacs::security::syslog_facility::uucp
@ uucp

kcenon::pacs::security::syslog_facility::news
@ news

kcenon::pacs::security::syslog_facility::local6
@ local6

kcenon::pacs::security::syslog_facility::local0
@ local0

kcenon::pacs::security::syslog_facility::lpr
@ lpr

kcenon::pacs::security::syslog_facility::log_alert
@ log_alert

kcenon::pacs::security::syslog_facility::local4
@ local4

kcenon::pacs::security::syslog_facility::cron
@ cron

kcenon::pacs::security::syslog_facility::mail
@ mail

kcenon::pacs::security::syslog_facility::ntp
@ ntp

kcenon::pacs::security::syslog_facility::kern
@ kern

kcenon::pacs::security::syslog_facility::local3
@ local3

kcenon::pacs::security::syslog_facility::auth
@ auth

kcenon::pacs::security::syslog_facility::ftp
@ ftp

kcenon::pacs
Definition ai_result_handler.h:36

kcenon
Definition ai_result_handler.h:36

result.h
Result<T> type aliases and helpers for PACS system.

kcenon::pacs::security::atna_syslog_transport::tls_context
Definition atna_syslog_transport.cpp:42

kcenon::pacs::security::syslog_transport_config
Configuration for the Syslog transport.
Definition atna_syslog_transport.h:102

kcenon::pacs::security::syslog_transport_config::client_key_path
std::string client_key_path
Path to client private key file (mutual TLS)
Definition atna_syslog_transport.h:133

kcenon::pacs::security::syslog_transport_config::ca_cert_path
std::string ca_cert_path
Path to CA certificate file for server verification.
Definition atna_syslog_transport.h:127

kcenon::pacs::security::syslog_transport_config::protocol
syslog_transport_protocol protocol
Transport protocol (UDP or TLS)
Definition atna_syslog_transport.h:104

kcenon::pacs::security::syslog_transport_config::port
uint16_t port
Port number (514 for UDP, 6514 for TLS per IANA)
Definition atna_syslog_transport.h:110

kcenon::pacs::security::syslog_transport_config::host
std::string host
Audit Record Repository hostname or IP.
Definition atna_syslog_transport.h:107

kcenon::pacs::security::syslog_transport_config::app_name
std::string app_name
Application name in Syslog header.
Definition atna_syslog_transport.h:113

kcenon::pacs::security::syslog_transport_config::client_cert_path
std::string client_cert_path
Path to client certificate file (mutual TLS)
Definition atna_syslog_transport.h:130

kcenon::pacs::security::syslog_transport_config::hostname
std::string hostname
Hostname to report in Syslog header (auto-detected if empty)
Definition atna_syslog_transport.h:116

kcenon::pacs::security::syslog_transport_config::severity
syslog_severity severity
Syslog severity for audit events.
Definition atna_syslog_transport.h:122

kcenon::pacs::security::syslog_transport_config::verify_server
bool verify_server
Whether to verify server certificate (disable only for testing)
Definition atna_syslog_transport.h:136

kcenon::pacs::security::syslog_transport_config::facility
syslog_facility facility
Syslog facility.
Definition atna_syslog_transport.h:119