Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rsyslog for openSUSE:Factory checked in at 2022-11-16 15:42:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rsyslog (Old) and /work/SRC/openSUSE:Factory/.rsyslog.new.1597 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rsyslog" Wed Nov 16 15:42:35 2022 rev:170 rq:1035886 version:8.2210.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rsyslog/rsyslog.changes 2022-08-30 14:48:23.347953411 +0200 +++ /work/SRC/openSUSE:Factory/.rsyslog.new.1597/rsyslog.changes 2022-11-16 15:42:41.275684800 +0100 @@ -1,0 +2,13 @@ +Tue Oct 18 19:54:15 UTC 2022 - Michael Ströder <mich...@stroeder.com> + +- Upgrade to rsyslog 8.2210.0 + * 2022-10-13: fix NetBSD build issue + * 2022-10-12: omrabbitmq: Add TLS support + * 2022-09-14: config: add "abortOnFailedQueueStartup" global config parameter + * 2022-09-07: cor bugfix: leak in helper function SetString + * 2022-09-07: core bugfix: correct local host name after config processing + * 2022-08-31: imtcp: add option notifyonconnectionopen + * 2022-08-26: openssl TLS driver: add mechanism to include extra CA files parameter + * 2022-08-19: fix compile issue with older gcc compilers + +------------------------------------------------------------------- Old: ---- rsyslog-8.2208.0.tar.gz rsyslog-doc-8.2208.0.tar.gz New: ---- rsyslog-8.2210.0.tar.gz rsyslog-doc-8.2210.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rsyslog.spec ++++++ --- /var/tmp/diff_new_pack.8ro9Hp/_old 2022-11-16 15:42:42.107687816 +0100 +++ /var/tmp/diff_new_pack.8ro9Hp/_new 2022-11-16 15:42:42.111687831 +0100 @@ -22,7 +22,7 @@ %endif # drop this with next release when doc tarball version lines up -%define rsyslog_major 8.2208 +%define rsyslog_major 8.2210 %define rsyslog_patch 0 Name: rsyslog Summary: The enhanced syslogd for Linux and Unix ++++++ rsyslog-8.2208.0.tar.gz -> rsyslog-8.2210.0.tar.gz ++++++ ++++ 1734 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/.tarball-version new/rsyslog-8.2210.0/.tarball-version --- old/rsyslog-8.2208.0/.tarball-version 2022-08-09 09:10:31.000000000 +0200 +++ new/rsyslog-8.2210.0/.tarball-version 2022-10-16 17:49:09.000000000 +0200 @@ -1 +1 @@ -8.2208.0 +8.2210.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/ChangeLog new/rsyslog-8.2210.0/ChangeLog --- old/rsyslog-8.2208.0/ChangeLog 2022-08-09 09:08:44.000000000 +0200 +++ new/rsyslog-8.2210.0/ChangeLog 2022-10-16 17:46:52.000000000 +0200 @@ -1,4 +1,60 @@ ---------------------------------------------------------------------------------------- +Scheduled Release 8.2210.0 (aka 2022.10) 2022-10-18 +- 2022-10-13: fix NetBSD build issue + On NetBSD, time_t has for a long time now been __int64_t. + On 32-bit CPUs, the compiler is not obliged to define + __sync_bool_compare_and_swap_8, so instead this ends up + as an undefined symbol when linking rsyslog. This makes + the code fall back to the pthread / locking method on these + systems, but at least lets the program build. + Thanks to Havard Eidnes for the patch. +- 2022-10-12: omrabbitmq: Add TLS support + Thanks to github user 21stcavenan for the patch. +- 2022-09-14: config: add "abortOnFailedQueueStartup" global config parameter + similiar to "abortONUncleanConfig", this parameter aborts rsyslog + when a queue has problems during startup. Some users perfer rsyslog + to terminate in this case. By default, nothing changes. + closes https://github.com/rsyslog/rsyslog/issues/4902 +- 2022-09-07: cor bugfix: leak in helper function SetString + A part of rsyslog runtime, SetString(), had a small memory leak when a value was + assigned multiple times. While this could potentially consume larger amounts of + memory, this did not happen in practice. The reason is that multiple assignments + to the same object occur very seldom. + Thanks to github user seuzw930 for the patch. + closes: https://github.com/rsyslog/rsyslog/issues/4961 +- 2022-09-07: core bugfix: correct local host name after config processing + rsyslog.conf may affect the host's local name. These changes were + so far only activated after the first HUP. This patch now ensures + that the configured local host name is applied correctly throughout + all processing, including early startup. + This patch causes a slight change of behaviour. However, the behaviour + was inconsitent before. Now it is consistent and according to the config. + Please note: this patch also exposes a global entry point via "regular" + dynamic loading as this makes things much easier to do. This is in-line + with ongoing simplification effort. + Finally, we also remove a CI test that we do no longer need because + the problem covered is now addressed differently and the original issue + can no longer occur. + closes https://github.com/rsyslog/rsyslog/issues/4975 +- 2022-08-31: imtcp: add option notifyonconnectionopen + Add this both as module an input parameter. Complements already-existing + config param notifyonconnectionclose and mirrors the similar feature from + imptcp. + The module parameter acts as default, similarly to notifyonconnectionclose. + Note that in contrast to imptcp, we emit IP addresses and not host + names. This sticks with the traditional semantics of imtcp. + Note that we also fixed a mislading error message in the case when a + disallowed sender tried to connect. + Thanks to John Chivian for suggesting the addition. +- 2022-08-26: openssl TLS driver: add mechanism to include extra CA files parameter + This change allows to include extra CA files so that no "unable to get issuer + certificates" issue is obtained when using chained cert files. New parameter name is + "NetstreamDriverCAExtraFiles". + Thanks to Sergio Arroutbi for the patch. + closes: https://github.com/rsyslog/rsyslog/issues/4851 +- 2022-08-19: fix compile issue with older gcc compilers + Thanks to Julien Thomas for the contribution. +---------------------------------------------------------------------------------------- Scheduled Release 8.2208.0 (aka 2022.08) 2022-08-09 - 2022-08-09: ksi bugfix: request cache size and send timeout issue fixed. Async service send timeout is not configurable and request cache size is too diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/action.c new/rsyslog-8.2210.0/action.c --- old/rsyslog-8.2208.0/action.c 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/action.c 2022-10-16 17:46:21.000000000 +0200 @@ -64,7 +64,7 @@ * beast. * rgerhards, 2011-06-15 * - * Copyright 2007-2019 Rainer Gerhards and Adiscon GmbH. + * Copyright 2007-2022 Rainer Gerhards and Adiscon GmbH. * * This file is part of rsyslog. * @@ -1988,6 +1988,12 @@ action_t * const pThis = (action_t*) pData; localRet = qqueueStart(runConf, pThis->pQueue); if(localRet != RS_RET_OK) { + if(runConf->globals.bAbortOnFailedQueueStartup) { + fprintf(stderr, "rsyslogd: error %d starting up action queue, " + "abortOnFailedQueueStartup is set, so we abort rsyslog now.", localRet); + fflush(stderr); + exit(1); /* "good" exit, this is intended here */ + } LogError(0, localRet, "error starting up action queue"); if(localRet == RS_RET_FILE_PREFIX_MISSING) { LogError(0, localRet, "file prefix (work directory?) " diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/configure.ac new/rsyslog-8.2210.0/configure.ac --- old/rsyslog-8.2208.0/configure.ac 2022-08-09 09:08:51.000000000 +0200 +++ new/rsyslog-8.2210.0/configure.ac 2022-10-16 17:47:00.000000000 +0200 @@ -2,9 +2,9 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([rsyslog],[8.2208.0],[rsys...@lists.adiscon.com]) # UPDATE on release +AC_INIT([rsyslog],[8.2210.0],[rsys...@lists.adiscon.com]) # UPDATE on release AC_DEFINE(VERSION_YEAR, 22, [year part of real rsyslog version]) # UPDATE on release -AC_DEFINE(VERSION_MONTH, 8, [month part of real rsyslog version]) # UPDATE on release +AC_DEFINE(VERSION_MONTH, 10, [month part of real rsyslog version]) # UPDATE on release AM_INIT_AUTOMAKE([subdir-objects]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/contrib/omrabbitmq/omrabbitmq.c new/rsyslog-8.2210.0/contrib/omrabbitmq/omrabbitmq.c --- old/rsyslog-8.2208.0/contrib/omrabbitmq/omrabbitmq.c 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/contrib/omrabbitmq/omrabbitmq.c 2022-10-16 17:46:21.000000000 +0200 @@ -4,6 +4,7 @@ * * Copyright 2012-2013 Vaclav Tomec * Copyright 2014 Rainer Gerhards + * Copyright 2022 Hamid Maadani * * This program is free software: you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public License @@ -21,6 +22,11 @@ * * Author: Vaclav Tomec * <vaclav.to...@gmail.com> + * + * TLS & AMQP heartbeat support added by: + * Hamid Maadani + * <ha...@dexo.tech> + * */ #include "config.h" #include <pthread.h> @@ -51,6 +57,7 @@ #include "amqp.h" #include "amqp_framing.h" #include "amqp_tcp_socket.h" +#include "amqp_ssl_socket.h" #if (AMQP_VERSION_MAJOR == 0) && (AMQP_VERSION_MINOR < 4) #error "rabbitmq-c version must be >= 0.4.0" #endif @@ -130,6 +137,13 @@ char *user; /* rabbitmq username */ char *password; /* rabbitmq username's password */ + int ssl; /* should amqp connection be made over TLS? */ + int initOpenSSL; /* should rabbitmq-c initialize OpenSSL? */ + int verifyPeer; /* should peer be verified for TLS? */ + int verifyHostname; /* should hostname be verified for TLS? */ + int heartbeat; /* AMQP heartbeat interval in seconds (0 means disabled, which is default) */ + char *caCert; /* CA certificate to be used for TLS connection */ + recover_t recover_policy; } instanceData; @@ -174,8 +188,14 @@ { "host", eCmdHdlrString, 0 }, { "port", eCmdHdlrInt, 0 }, { "virtual_host", eCmdHdlrGetWord, 0 }, + { "heartbeat_interval", eCmdHdlrNonNegInt, 0 }, { "user", eCmdHdlrGetWord, 0 }, { "password", eCmdHdlrGetWord, 0 }, + { "ssl", eCmdHdlrBinary, 0 }, + { "init_openssl", eCmdHdlrBinary, 0 }, + { "verify_peer", eCmdHdlrBinary, 0 }, + { "verify_hostname", eCmdHdlrBinary, 0 }, + { "ca_cert", eCmdHdlrGetWord, 0 }, { "exchange", eCmdHdlrGetWord, 0 }, { "routing_key", eCmdHdlrGetWord, 0 }, { "routing_key_template", eCmdHdlrGetWord, 0 }, @@ -257,7 +277,7 @@ int frame_size = (glbl.GetMaxLine(runConf)<130000) ? 131072 : (glbl.GetMaxLine(runConf)+1072); /* authenticate */ - ret = amqp_login(a_conn, (char const *)self->pData->vhost, 1, frame_size, 0, + ret = amqp_login(a_conn, (char const *)self->pData->vhost, 1, frame_size, self->pData->heartbeat, AMQP_SASL_METHOD_PLAIN, self->pData->user, self->pData->password); if (ret.reply_type != AMQP_RESPONSE_NORMAL) @@ -343,12 +363,35 @@ struct timeval delay; delay.tv_sec = 1; delay.tv_usec = 0; + amqp_socket_t *sockfd = NULL; amqp_connection_state_t a_conn = amqp_new_connection(); - amqp_socket_t *sockfd = (a_conn) ? amqp_tcp_socket_new(a_conn) : NULL; + if (a_conn) { + if (self->pData->ssl) { + if (!self->pData->initOpenSSL) { + // prevent OpenSSL double initialization + amqp_set_initialize_ssl_library(0); + } + sockfd = amqp_ssl_socket_new(a_conn); + } else { + sockfd = amqp_tcp_socket_new(a_conn); + } + } if (sockfd) { + if (self->pData->ssl) { +#if (AMQP_VERSION_MAJOR == 0) && (AMQP_VERSION_MINOR < 8) + amqp_ssl_socket_set_verify(sockfd, self->pData->verifyPeer); +#else + amqp_ssl_socket_set_verify_peer(sockfd, self->pData->verifyPeer); + amqp_ssl_socket_set_verify_hostname(sockfd, self->pData->verifyHostname); +#endif + if (self->pData->caCert) { + amqp_ssl_socket_set_cacert(sockfd, self->pData->caCert); + } + } + LogError(0, RS_RET_RABBITMQ_CHANNEL_ERR, "omrabbitmq module %d/%d: server %s port %d.", self->iidx, self->widx, server->host, server->port); @@ -366,6 +409,11 @@ /* the connection failed so free it and return NULL */ amqp_connection_close(a_conn, 200); amqp_destroy_connection(a_conn); +#if ((AMQP_VERSION_MAJOR == 0) && (AMQP_VERSION_MINOR > 8)) || (AMQP_VERSION_MAJOR > 0) + if (self->pData->ssl && self->pData->initOpenSSL) { + amqp_uninitialize_ssl_library(); + } +#endif return NULL; } @@ -413,6 +461,11 @@ self->iidx); amqp_connection_close(old_conn, 200); amqp_destroy_connection(old_conn); +#if ((AMQP_VERSION_MAJOR == 0) && (AMQP_VERSION_MINOR > 8)) || (AMQP_VERSION_MAJOR > 0) + if (self->pData->ssl && self->pData->initOpenSSL) { + amqp_uninitialize_ssl_library(); + } +#endif } } else { @@ -501,6 +554,11 @@ { amqp_connection_close(self->a_conn, 200); amqp_destroy_connection(self->a_conn); +#if ((AMQP_VERSION_MAJOR == 0) && (AMQP_VERSION_MINOR > 8)) || (AMQP_VERSION_MAJOR > 0) + if (self->pData->ssl && self->pData->initOpenSSL) { + amqp_uninitialize_ssl_library(); + } +#endif } self->a_conn = NULL; @@ -671,6 +729,11 @@ amqp_connection_close(self->a_conn, 200); amqp_destroy_connection(self->a_conn); self->a_conn = NULL; +#if ((AMQP_VERSION_MAJOR == 0) && (AMQP_VERSION_MINOR > 8)) || (AMQP_VERSION_MAJOR > 0) + if (self->pData->ssl && self->pData->initOpenSSL) { + amqp_uninitialize_ssl_library(); + } +#endif } self->thread_running = 0; @@ -908,6 +971,12 @@ pData->exchange_type = NULL; pData->durable = 0; pData->auto_delete = 1; + pData->ssl = 0; + pData->initOpenSSL = 0; + pData->verifyPeer = 0; + pData->verifyHostname = 0; + pData->caCert = NULL; + pData->heartbeat = 0; ENDcreateInstance BEGINfreeInstance @@ -927,6 +996,7 @@ if (pData->password) free(pData->password); if (pData->exchange_type) free(pData->exchange_type); if (pData->server1.host) free(pData->server1.host); + if (pData->caCert) free(pData->caCert); ENDfreeInstance BEGINisCompatibleWithFeature @@ -964,6 +1034,12 @@ dbgprintf("\tvirtual_host='%s'\n", pData->vhost); dbgprintf("\tuser='%s'\n", pData->user == NULL ? "(not configured)" : pData->user); dbgprintf("\tpassword=(%sconfigured)\n", pData->password == NULL ? "not " : ""); + dbgprintf("\tssl=%d\n", pData->ssl); + dbgprintf("\tinit_openssl=%d\n", pData->initOpenSSL); + dbgprintf("\tverify_peer=%d\n", pData->verifyPeer); + dbgprintf("\tverify_hostname=%d\n", pData->verifyHostname); + dbgprintf("\tca_cert='%s'\n", pData->caCert); + dbgprintf("\theartbeat_interval=%d\n", pData->heartbeat); dbgprintf("\texchange='%*s'\n", (int)pData->exchange.len, (char*)pData->exchange.bytes); @@ -1015,6 +1091,18 @@ user = (char*)es_str2cstr(pvals[i].val.d.estr, NULL); } else if (!strcmp(actpblk.descr[i].name, "password")) { password = (char*)es_str2cstr(pvals[i].val.d.estr, NULL); + } else if (!strcmp(actpblk.descr[i].name, "ssl")) { + pData->ssl = (int) pvals[i].val.d.n; + } else if (!strcmp(actpblk.descr[i].name, "ca_cert")) { + pData->caCert = (char*)es_str2cstr(pvals[i].val.d.estr, NULL); + } else if (!strcmp(actpblk.descr[i].name, "heartbeat_interval")) { + pData->heartbeat = (int) pvals[i].val.d.n; + } else if (!strcmp(actpblk.descr[i].name, "init_openssl")) { + pData->initOpenSSL = (int) pvals[i].val.d.n; + } else if (!strcmp(actpblk.descr[i].name, "verify_peer")) { + pData->verifyPeer = (int) pvals[i].val.d.n; + } else if (!strcmp(actpblk.descr[i].name, "verify_hostname")) { + pData->verifyHostname = (int) pvals[i].val.d.n; } else if (!strcmp(actpblk.descr[i].name, "exchange")) { pData->exchange = cstring_bytes(es_str2cstr(pvals[i].val.d.estr, NULL)); } else if (!strcmp(actpblk.descr[i].name, "routing_key")) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/m4/atomic_operations.m4 new/rsyslog-8.2210.0/m4/atomic_operations.m4 --- old/rsyslog-8.2208.0/m4/atomic_operations.m4 2020-10-03 19:06:47.000000000 +0200 +++ new/rsyslog-8.2210.0/m4/atomic_operations.m4 2022-10-16 17:46:21.000000000 +0200 @@ -10,39 +10,52 @@ AC_DEFUN([RS_ATOMIC_OPERATIONS], [AC_CACHE_CHECK([whether the compiler provides atomic builtins], [ap_cv_atomic_builtins], [AC_TRY_RUN([ +#include <sys/types.h> int main() { unsigned long val = 1010, tmp, *mem = &val; + time_t tval = 1010, ttmp, *tmem = &tval; if (__sync_fetch_and_add(&val, 1010) != 1010 || val != 2020) return 1; - tmp = val; - if (__sync_fetch_and_sub(mem, 1010) != tmp || val != 1010) return 1; - if (__sync_sub_and_fetch(&val, 1010) != 0 || val != 0) return 1; - tmp = 3030; - if (__sync_val_compare_and_swap(mem, 0, tmp) != 0 || val != tmp) return 1; - if (__sync_lock_test_and_set(&val, 4040) != 3030) return 1; - mem = &tmp; - if (__sync_val_compare_and_swap(&mem, &tmp, &val) != &tmp) return 1; + if (__sync_fetch_and_add(&tval, 1010) != 1010 || tval != 2020) + return 1; + ttmp = tval; + if (__sync_fetch_and_sub(tmem, 1010) != ttmp || tval != 1010) + return 1; + if (__sync_sub_and_fetch(&tval, 1010) != 0 || tval != 0) + return 1; + ttmp = 3030; + if (__sync_val_compare_and_swap(tmem, 0, ttmp) != 0 || tval != ttmp) + return 1; + if (__sync_lock_test_and_set(&tval, 4040) != 3030) + return 1; + tmem = &ttmp; + if (__sync_val_compare_and_swap(&tmem, &ttmp, &tval) != &ttmp) + return 1; + __sync_synchronize(); if (mem != &val) return 1; + if (tmem != &tval) + return 1; + return 0; }], [ap_cv_atomic_builtins=yes], [ap_cv_atomic_builtins=no], [ap_cv_atomic_builtins=no])]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/plugins/imfile/imfile.c new/rsyslog-8.2210.0/plugins/imfile/imfile.c --- old/rsyslog-8.2208.0/plugins/imfile/imfile.c 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/plugins/imfile/imfile.c 2022-10-16 17:46:21.000000000 +0200 @@ -854,13 +854,13 @@ * delay will never be reached and the file will be closed when the inode has changed. */ if (act->time_to_delete + FILE_DELETE_DELAY < ttNow) { - DBGPRINTF("detect_updates obj gone away, unlinking: '%s', ttDelete: %ld/%ld\n", - act->name, act->time_to_delete, ttNow); + DBGPRINTF("detect_updates obj gone away, unlinking: '%s', ttDelete: %lds, ttNow:%ld\n", + act->name, ttNow - (act->time_to_delete + FILE_DELETE_DELAY), ttNow); act_obj_unlink(act); restart = 1; } else { - DBGPRINTF("detect_updates obj gone away, keep '%s' open: %ld/%ld/%lds!\n", - act->name, act->time_to_delete, ttNow, ttNow - act->time_to_delete); + DBGPRINTF("detect_updates obj gone away, keep '%s' open: %ld/%ld/%lds!\n", + act->name, act->time_to_delete, ttNow, ttNow - act->time_to_delete); pollFile(act); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/plugins/imtcp/imtcp.c new/rsyslog-8.2210.0/plugins/imtcp/imtcp.c --- old/rsyslog-8.2208.0/plugins/imtcp/imtcp.c 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/plugins/imtcp/imtcp.c 2022-10-16 17:46:21.000000000 +0200 @@ -4,7 +4,7 @@ * File begun on 2007-12-21 by RGerhards (extracted from syslogd.c, * which at the time of the rsyslog fork was BSD-licensed) * - * Copyright 2007-2021 Adiscon GmbH. + * Copyright 2007-2022 Adiscon GmbH. * * This file is part of rsyslog. * @@ -104,6 +104,7 @@ int iKeepAliveProbes; int iKeepAliveTime; int bEmitMsgOnClose; + int bEmitMsgOnOpen; int iAddtlFrameDelim; int maxFrameSize; int bDisableLFDelim; @@ -136,6 +137,7 @@ int bDisableLFDelim; int discardTruncatedMsg; int bEmitMsgOnClose; + int bEmitMsgOnOpen; int bPreserveCase; uchar *pszStrmDrvrName; /* stream driver to use */ int iStrmDrvrMode; @@ -177,6 +179,7 @@ int iKeepAliveProbes; int iKeepAliveTime; sbool bEmitMsgOnClose; /* emit an informational message on close by remote peer */ + sbool bEmitMsgOnOpen; /* emit an informational message on close by remote peer */ uchar *gnutlsPriorityString; uchar *pszStrmDrvrName; /* stream driver to use */ uchar *pszStrmDrvrAuthMode; /* authentication mode to use */ @@ -199,6 +202,7 @@ { "discardtruncatedmsg", eCmdHdlrBinary, 0 }, { "octetcountedframing", eCmdHdlrBinary, 0 }, { "notifyonconnectionclose", eCmdHdlrBinary, 0 }, + { "notifyonconnectionopen", eCmdHdlrBinary, 0 }, { "addtlframedelimiter", eCmdHdlrNonNegInt, 0 }, { "maxframesize", eCmdHdlrInt, 0 }, { "maxsessions", eCmdHdlrPositiveInt, 0 }, @@ -234,6 +238,7 @@ { "disablelfdelimiter", eCmdHdlrBinary, 0 }, { "discardtruncatedmsg", eCmdHdlrBinary, 0 }, { "notifyonconnectionclose", eCmdHdlrBinary, 0 }, + { "notifyonconnectionopen", eCmdHdlrBinary, 0 }, { "addtlframedelimiter", eCmdHdlrNonNegInt, 0 }, { "maxframesize", eCmdHdlrInt, 0 }, { "preservecase", eCmdHdlrBinary, 0 }, @@ -383,6 +388,7 @@ inst->bDisableLFDelim = loadModConf->bDisableLFDelim; inst->discardTruncatedMsg = loadModConf->discardTruncatedMsg; inst->bEmitMsgOnClose = loadModConf->bEmitMsgOnClose; + inst->bEmitMsgOnOpen = loadModConf->bEmitMsgOnOpen; inst->bPreserveCase = loadModConf->bPreserveCase; inst->iTCPLstnMax = loadModConf->iTCPLstnMax; inst->iTCPSessMax = loadModConf->iTCPSessMax; @@ -482,6 +488,7 @@ CHKiRet(tcpsrv.SetbDisableLFDelim(pOurTcpsrv, inst->bDisableLFDelim)); CHKiRet(tcpsrv.SetDiscardTruncatedMsg(pOurTcpsrv, inst->discardTruncatedMsg)); CHKiRet(tcpsrv.SetNotificationOnRemoteClose(pOurTcpsrv, inst->bEmitMsgOnClose)); + CHKiRet(tcpsrv.SetNotificationOnRemoteOpen(pOurTcpsrv, inst->bEmitMsgOnOpen)); CHKiRet(tcpsrv.SetPreserveCase(pOurTcpsrv, inst->bPreserveCase)); /* now set optional params, but only if they were actually configured */ psz = (inst->pszStrmDrvrName == NULL) ? modConf->pszStrmDrvrName : inst->pszStrmDrvrName; @@ -629,6 +636,8 @@ inst->discardTruncatedMsg = (int) pvals[i].val.d.n; } else if(!strcmp(inppblk.descr[i].name, "notifyonconnectionclose")) { inst->bEmitMsgOnClose = (int) pvals[i].val.d.n; + } else if(!strcmp(inppblk.descr[i].name, "notifyonconnectionopen")) { + inst->bEmitMsgOnOpen = (int) pvals[i].val.d.n; } else if(!strcmp(inppblk.descr[i].name, "addtlframedelimiter")) { inst->iAddtlFrameDelim = (int) pvals[i].val.d.n; } else if(!strcmp(inppblk.descr[i].name, "maxframesize")) { @@ -691,6 +700,7 @@ loadModConf->iKeepAliveProbes = 0; loadModConf->iKeepAliveTime = 0; loadModConf->bEmitMsgOnClose = 0; + loadModConf->bEmitMsgOnOpen = 0; loadModConf->iAddtlFrameDelim = TCPSRV_NO_ADDTL_DELIMITER; loadModConf->maxFrameSize = 200000; loadModConf->bDisableLFDelim = 0; @@ -740,6 +750,8 @@ loadModConf->bSuppOctetFram = (int) pvals[i].val.d.n; } else if(!strcmp(modpblk.descr[i].name, "notifyonconnectionclose")) { loadModConf->bEmitMsgOnClose = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "notifyonconnectionopen")) { + loadModConf->bEmitMsgOnOpen = (int) pvals[i].val.d.n; } else if(!strcmp(modpblk.descr[i].name, "addtlframedelimiter")) { loadModConf->iAddtlFrameDelim = (int) pvals[i].val.d.n; } else if(!strcmp(modpblk.descr[i].name, "maxframesize")) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/glbl.c new/rsyslog-8.2210.0/runtime/glbl.c --- old/rsyslog-8.2208.0/runtime/glbl.c 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/glbl.c 2022-10-16 17:46:21.000000000 +0200 @@ -7,7 +7,7 @@ * * Module begun 2008-04-16 by Rainer Gerhards * - * Copyright 2008-2021 Rainer Gerhards and Adiscon GmbH. + * Copyright 2008-2022 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -38,6 +38,7 @@ #include <ctype.h> #include <assert.h> #include <stdint.h> +#include <string.h> #include <errno.h> #include "rsyslog.h" @@ -117,6 +118,7 @@ { "defaultnetstreamdriverkeyfile", eCmdHdlrString, 0 }, { "defaultnetstreamdrivercertfile", eCmdHdlrString, 0 }, { "defaultnetstreamdriver", eCmdHdlrString, 0 }, + { "netstreamdrivercaextrafiles", eCmdHdlrString, 0 }, { "maxmessagesize", eCmdHdlrSize, 0 }, { "oversizemsg.errorfile", eCmdHdlrGetWord, 0 }, { "oversizemsg.report", eCmdHdlrBinary, 0 }, @@ -151,6 +153,7 @@ { "net.enabledns", eCmdHdlrBinary, 0 }, { "net.permitACLwarning", eCmdHdlrBinary, 0 }, { "abortonuncleanconfig", eCmdHdlrBinary, 0 }, + { "abortonfailedqueuestartup", eCmdHdlrBinary, 0 }, { "variables.casesensitive", eCmdHdlrBinary, 0 }, { "environment", eCmdHdlrArray, 0 }, { "processinternalmessages", eCmdHdlrBinary, 0 }, @@ -260,6 +263,7 @@ SIMP_PROP_GET(DfltNetstrmDrvrCAF, pszDfltNetstrmDrvrCAF, uchar*) SIMP_PROP_GET(DfltNetstrmDrvrCertFile, pszDfltNetstrmDrvrCertFile, uchar*) SIMP_PROP_GET(DfltNetstrmDrvrKeyFile, pszDfltNetstrmDrvrKeyFile, uchar*) +SIMP_PROP_GET(NetstrmDrvrCAExtraFiles, pszNetstrmDrvrCAExtraFiles, uchar*) SIMP_PROP_GET(ParserControlCharacterEscapePrefix, parser.cCCEscapeChar, uchar) SIMP_PROP_GET(ParserDropTrailingLFOnReception, parser.bDropTrailingLF, int) SIMP_PROP_GET(ParserEscapeControlCharactersOnReceive, parser.bEscapeCCOnRcv, int) @@ -416,6 +420,36 @@ } static rsRetVal +setNetstrmDrvrCAExtraFiles(void __attribute__((unused)) *pVal, uchar *pNewVal) { + DEFiRet; + FILE *fp; + char* token; + int error = 0; + free(loadConf->globals.pszNetstrmDrvrCAExtraFiles); + + token = strtok((char*)pNewVal, ","); + // Here, fopen per strtok ... + while(token != NULL) { + fp = fopen((const char*)token, "r"); + if(fp == NULL) { + LogError(errno, RS_RET_NO_FILE_ACCESS, + "error: netstreamdrivercaextrafiles file '%s' " + "could not be accessed", token); + error = 1; + } else { + fclose(fp); + } + token = strtok(NULL, ","); + } + if(!error) { + loadConf->globals.pszNetstrmDrvrCAExtraFiles = pNewVal; + } else { + loadConf->globals.pszNetstrmDrvrCAExtraFiles = NULL; + } + RETiRet; +} + +static rsRetVal setDfltNetstrmDrvrCertFile(void __attribute__((unused)) *pVal, uchar *pNewVal) { DEFiRet; FILE *fp; @@ -629,8 +663,8 @@ /* return our local hostname. if it is not set, "[localhost]" is returned */ -static uchar* -GetLocalHostName(void) +uchar* +glblGetLocalHostName(void) { uchar *pszRet; @@ -894,12 +928,15 @@ pIf->GetDfltNetstrmDrvrCertFile = GetDfltNetstrmDrvrCertFile; pIf->GetDfltNetstrmDrvrKeyFile = GetDfltNetstrmDrvrKeyFile; pIf->GetDfltNetstrmDrvr = GetDfltNetstrmDrvr; + pIf->GetNetstrmDrvrCAExtraFiles = GetNetstrmDrvrCAExtraFiles; pIf->GetParserControlCharacterEscapePrefix = GetParserControlCharacterEscapePrefix; pIf->GetParserDropTrailingLFOnReception = GetParserDropTrailingLFOnReception; pIf->GetParserEscapeControlCharactersOnReceive = GetParserEscapeControlCharactersOnReceive; pIf->GetParserSpaceLFOnReceive = GetParserSpaceLFOnReceive; pIf->GetParserEscape8BitCharactersOnReceive = GetParserEscape8BitCharactersOnReceive; pIf->GetParserEscapeControlCharacterTab = GetParserEscapeControlCharacterTab; + pIf->GetLocalHostName = glblGetLocalHostName; + pIf->SetLocalHostName = SetLocalHostName; #define SIMP_PROP(name) \ pIf->Get##name = Get##name; \ pIf->Set##name = Set##name; @@ -907,7 +944,6 @@ SIMP_PROP(DropMalPTRMsgs); SIMP_PROP(mainqCnfObj); SIMP_PROP(LocalFQDNName) - SIMP_PROP(LocalHostName) SIMP_PROP(LocalDomain) SIMP_PROP(ParserEscapeControlCharactersCStyle) SIMP_PROP(ParseHOSTNAMEandTAG) @@ -1168,6 +1204,9 @@ } else if(!strcmp(paramblk.descr[i].name, "defaultnetstreamdriver")) { cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL); setDfltNetstrmDrvr(NULL, cstr); + } else if(!strcmp(paramblk.descr[i].name, "netstreamdrivercaextrafiles")) { + cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL); + setNetstrmDrvrCAExtraFiles(NULL, cstr); } else if(!strcmp(paramblk.descr[i].name, "preservefqdn")) { bPreserveFQDN = (int) cnfparamvals[i].val.d.n; } else if(!strcmp(paramblk.descr[i].name, @@ -1287,6 +1326,8 @@ SetOptionDisallowWarning(!((int) cnfparamvals[i].val.d.n)); } else if(!strcmp(paramblk.descr[i].name, "abortonuncleanconfig")) { loadConf->globals.bAbortOnUncleanConfig = cnfparamvals[i].val.d.n; + } else if(!strcmp(paramblk.descr[i].name, "abortonfailedqueuestartup")) { + loadConf->globals.bAbortOnFailedQueueStartup = cnfparamvals[i].val.d.n; } else if(!strcmp(paramblk.descr[i].name, "internalmsg.ratelimit.burst")) { loadConf->globals.intMsgRateLimitBurst = (int) cnfparamvals[i].val.d.n; } else if(!strcmp(paramblk.descr[i].name, "internalmsg.ratelimit.interval")) { @@ -1355,6 +1396,15 @@ stddbg = -1; } + /* we have now read the config. We need to query the local host name now + * as it was set by the config. + * + * Note: early messages are already emited, and have "[localhost]" as + * hostname. These messages are currently in iminternal queue. Once they + * are taken from that queue, the hostname will be adapted. + */ + queryLocalHostname(); + finalize_it: RETiRet; } @@ -1386,6 +1436,8 @@ setDfltNetstrmDrvrCertFile, NULL, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"localhostname", 0, eCmdHdlrGetWord, NULL, &LocalHostNameOverride, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"localhostipif", 0, eCmdHdlrGetWord, setLocalHostIPIF, NULL, NULL)); + CHKiRet(regCfSysLineHdlr((uchar *)"netstreamdrivercaextrafiles", 0, eCmdHdlrGetWord, setNetstrmDrvrCAExtraFiles, + NULL, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"optimizeforuniprocessor", 0, eCmdHdlrGoneAway, NULL, NULL, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"preservefqdn", 0, eCmdHdlrBinary, NULL, &bPreserveFQDN, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"maxmessagesize", 0, eCmdHdlrSize, legacySetMaxMessageSize, NULL, NULL)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/glbl.h new/rsyslog-8.2210.0/runtime/glbl.h --- old/rsyslog-8.2208.0/runtime/glbl.h 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/glbl.h 2022-10-16 17:46:21.000000000 +0200 @@ -8,7 +8,7 @@ * Please note that there currently is no glbl.c file as we do not yet * have any implementations. * - * Copyright 2008-2019 Rainer Gerhards and Adiscon GmbH. + * Copyright 2008-2022 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -96,6 +96,7 @@ SIMP_PROP(DfltNetstrmDrvr, uchar*) SIMP_PROP(DefPFFamily, int) SIMP_PROP(DisableDNS, int) + SIMP_PROP(NetstrmDrvrCAExtraFiles, uchar*) SIMP_PROP(ParserControlCharacterEscapePrefix, uchar) SIMP_PROP(ParserDropTrailingLFOnReception, int) SIMP_PROP(ParserEscapeControlCharactersOnReceive, int) @@ -152,5 +153,6 @@ int glblGetOversizeMsgInputMode(rsconf_t *cnf); int glblReportOversizeMessage(rsconf_t *cnf); void glblReportChildProcessExit(rsconf_t *cnf, const uchar *name, pid_t pid, int status); +uchar *glblGetLocalHostName(void); #endif /* #ifndef GLBL_H_INCLUDED */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/nsd_ossl.c new/rsyslog-8.2210.0/runtime/nsd_ossl.c --- old/rsyslog-8.2208.0/runtime/nsd_ossl.c 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/nsd_ossl.c 2022-10-16 17:46:21.000000000 +0200 @@ -1272,7 +1272,9 @@ int bHaveCA; int bHaveCert; int bHaveKey; + int bHaveExtraCAFiles; const char *caFile, *certFile, *keyFile; + char *extraCaFiles, *extraCaFile; /* Setup certificates */ caFile = (char*) ((pThis->pszCAFile == NULL) ? glbl.GetDfltNetstrmDrvrCAF(runConf) : pThis->pszCAFile); if(caFile == NULL) { @@ -1299,9 +1301,28 @@ } else { bHaveKey = 1; } + extraCaFiles = (char*) ((pThis->pszExtraCAFiles == NULL) ? glbl.GetNetstrmDrvrCAExtraFiles(runConf) : + pThis->pszExtraCAFiles); + if(extraCaFiles == NULL) { + bHaveExtraCAFiles = 0; + } else { + bHaveExtraCAFiles = 1; + } /* Create main CTX Object */ pThis->ctx = SSL_CTX_new(SSLv23_method()); + if(bHaveExtraCAFiles == 1) { + while((extraCaFile = strsep(&extraCaFiles, ","))) { + if(SSL_CTX_load_verify_locations(pThis->ctx, extraCaFile, NULL) != 1) { + LogError(0, RS_RET_TLS_CERT_ERR, "Error: Extra Certificate file could not be accessed. " + "Check at least: 1) file path is correct, 2) file exist, " + "3) permissions are correct, 4) file content is correct. " + "Open ssl error info may follow in next messages"); + osslLastSSLErrorMsg(0, NULL, LOG_ERR, "osslGlblInit", "SSL_CTX_load_verify_locations"); + ABORT_FINALIZE(RS_RET_TLS_CERT_ERR); + } + } + } if(bHaveCA == 1 && SSL_CTX_load_verify_locations(pThis->ctx, caFile, NULL) != 1) { LogError(0, RS_RET_TLS_CERT_ERR, "Error: CA certificate could not be accessed. " "Check at least: 1) file path is correct, 2) file exist, " diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/nsd_ossl.h new/rsyslog-8.2210.0/runtime/nsd_ossl.h --- old/rsyslog-8.2208.0/runtime/nsd_ossl.h 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/nsd_ossl.h 2022-10-16 17:46:21.000000000 +0200 @@ -50,6 +50,7 @@ int iMode; /* 0 - plain tcp, 1 - TLS */ int bAbortConn; /* if set, abort conncection (fatal error had happened) */ const uchar *pszCAFile; + const uchar *pszExtraCAFiles; const uchar *pszKeyFile; const uchar *pszCertFile; enum { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/prop.c new/rsyslog-8.2210.0/runtime/prop.c --- old/rsyslog-8.2208.0/runtime/prop.c 2020-10-03 19:06:47.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/prop.c 2022-10-16 17:46:21.000000000 +0200 @@ -84,6 +84,9 @@ if(len < CONF_PROP_BUFSIZE) { memcpy(pThis->szVal.sz, psz, len + 1); } else { + if(pThis->szVal.psz != NULL) { + free(pThis->szVal.psz); + } CHKmalloc(pThis->szVal.psz = malloc(len + 1)); memcpy(pThis->szVal.psz, psz, len + 1); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/rsconf.c new/rsyslog-8.2210.0/runtime/rsconf.c --- old/rsyslog-8.2208.0/runtime/rsconf.c 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/rsconf.c 2022-10-16 17:46:21.000000000 +0200 @@ -2,7 +2,7 @@ * * Module begun 2011-04-19 by Rainer Gerhards * - * Copyright 2011-2020 Adiscon GmbH. + * Copyright 2011-2022 Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -160,6 +160,7 @@ static void cnfSetDefaults(rsconf_t *pThis) { pThis->globals.bAbortOnUncleanConfig = 0; + pThis->globals.bAbortOnFailedQueueStartup = 0; pThis->globals.bReduceRepeatMsgs = 0; pThis->globals.bDebugPrintTemplateList = 1; pThis->globals.bDebugPrintModuleList = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/rsconf.h new/rsyslog-8.2210.0/runtime/rsconf.h --- old/rsyslog-8.2208.0/runtime/rsconf.h 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/rsconf.h 2022-10-16 17:46:21.000000000 +0200 @@ -1,6 +1,6 @@ /* The rsconf object. It models a complete rsyslog configuration. * - * Copyright 2011-2020 Rainer Gerhards and Adiscon GmbH. + * Copyright 2011-2022 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -93,6 +93,8 @@ int maxErrMsgToStderr; /* how many messages to forward at most to stderr? */ int bAbortOnUncleanConfig; /* abort run (rather than starting with partial config) if there was any issue in conf */ + int bAbortOnFailedQueueStartup; /* similar to bAbortOnUncleanConfig, but abort if a queue + startup fails. This is not exactly an unclan config. */ int uidDropPriv; /* user-id to which priveleges should be dropped to */ int gidDropPriv; /* group-id to which priveleges should be dropped to */ int gidDropPrivKeepSupplemental; /* keep supplemental groups when dropping? */ @@ -108,6 +110,7 @@ uchar *pszDfltNetstrmDrvrCertFile;/* default cert file for the netstrm driver (server) */ uchar *pszDfltNetstrmDrvrKeyFile; /* default key file for the netstrm driver (server) */ uchar *pszDfltNetstrmDrvr; /* module name of default netstream driver */ + uchar *pszNetstrmDrvrCAExtraFiles; /* CA extra file for the netstrm driver */ uchar *oversizeMsgErrorFile; /* File where oversize messages are written to */ int reportOversizeMsg; /* shall error messages be generated for oversize messages? */ int oversizeMsgInputMode; /* Mode which oversize messages will be forwarded */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/rsyslog.h new/rsyslog-8.2210.0/runtime/rsyslog.h --- old/rsyslog-8.2208.0/runtime/rsyslog.h 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/rsyslog.h 2022-10-16 17:46:21.000000000 +0200 @@ -110,8 +110,15 @@ _Pragma("GCC diagnostic ignored \"-Wformat-nonliteral\"") #define PRAGMA_IGNORE_Wdeprecated_declarations \ _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"") - #define PRAGMA_DIAGNOSTIC_PUSH _Pragma("GCC diagnostic push") - #define PRAGMA_DIAGNOSTIC_POP _Pragma("GCC diagnostic pop") + #if __GNUC__ >= 5 + #define PRAGMA_DIAGNOSTIC_PUSH \ + _Pragma("GCC diagnostic push") + #define PRAGMA_DIAGNOSTIC_POP \ + _Pragma("GCC diagnostic pop") + #else + #define PRAGMA_DIAGNOSTIC_PUSH + #define PRAGMA_DIAGNOSTIC_POP + #endif #else #define PRAGMA_INGORE_Wswitch_enum #define PRAGMA_IGNORE_Wsign_compare @@ -770,8 +777,8 @@ rsRetVal rsrtExit(void); int rsrtIsInit(void); void rsrtSetErrLogger(void (*errLogger)(const int, const int, const uchar*)); - void dfltErrLogger(const int, const int, const uchar *errMsg); +rsRetVal queryLocalHostname(void); /* this define below is (later) intended to be used to implement empty diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/tcpsrv.c new/rsyslog-8.2210.0/runtime/tcpsrv.c --- old/rsyslog-8.2208.0/runtime/tcpsrv.c 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/tcpsrv.c 2022-10-16 17:46:21.000000000 +0200 @@ -21,7 +21,7 @@ * File begun on 2007-12-21 by RGerhards (extracted from syslogd.c[which was * licensed under BSD at the time of the rsyslog fork]) * - * Copyright 2007-2021 Adiscon GmbH. + * Copyright 2007-2022 Adiscon GmbH. * * This file is part of rsyslog. * @@ -441,7 +441,7 @@ int iSess = -1; struct sockaddr_storage *addr; uchar *fromHostFQDN = NULL; - prop_t *fromHostIP; + prop_t *fromHostIP = NULL; ISOBJ_TYPE_assert(pThis, tcpsrv); assert(pLstnInfo != NULL); @@ -496,7 +496,7 @@ DBGPRINTF("%s is not an allowed sender\n", fromHostFQDN); if(glbl.GetOptionDisallowWarning(runConf)) { errno = 0; - LogError(0, RS_RET_HOST_NOT_PERMITTED, "TCP message from disallowed " + LogError(0, RS_RET_HOST_NOT_PERMITTED, "connection request from disallowed " "sender %s discarded", fromHostFQDN); } ABORT_FINALIZE(RS_RET_HOST_NOT_PERMITTED); @@ -523,8 +523,20 @@ pThis->pSessions[iSess] = pSess; pSess = NULL; /* this is now also handed over */ + if(pThis->bEmitMsgOnOpen) { + LogMsg(0, RS_RET_NO_ERRCODE, LOG_INFO, + "imtcp: connection established with host: %s", + propGetSzStr(fromHostIP)); + } + finalize_it: if(iRet != RS_RET_OK) { + if(iRet != RS_RET_HOST_NOT_PERMITTED && pThis->bEmitMsgOnOpen) { + LogError(0, NO_ERRCODE, "imtcp: connection could not be " + "established with host: %s", + fromHostIP == NULL ? "(IP unknown)" + : (const char*)propGetSzStr(fromHostIP)); + } if(pSess != NULL) tcps_sess.Destruct(&pSess); if(pNewStrm != NULL) @@ -604,7 +616,6 @@ case RS_RET_CLOSED: if(pThis->bEmitMsgOnClose) { errno = 0; - // prop.GetString((*ppSess)->fromHostIP, &pszPeer, &lenPeer); LogError(0, RS_RET_PEER_CLOSED_CONN, "Netstream session %p closed by remote " "peer %s.\n", (*ppSess)->pStrm, pszPeer); } @@ -620,13 +631,11 @@ /* in this case, something went awfully wrong. * We are instructed to terminate the session. */ - // prop.GetString((*ppSess)->fromHostIP, &pszPeer, &lenPeer); LogError(oserr, localRet, "Tearing down TCP Session from %s", pszPeer); CHKiRet(closeSess(pThis, ppSess, pPoll)); } break; default: - // prop.GetString((*ppSess)->fromHostIP, &pszPeer, &lenPeer); LogError(oserr, iRet, "netstream session %p from %s will be closed due to error", (*ppSess)->pStrm, pszPeer); CHKiRet(closeSess(pThis, ppSess, pPoll)); @@ -1357,9 +1366,16 @@ } +/* Set connection open notification */ +static rsRetVal +SetNotificationOnRemoteOpen(tcpsrv_t *pThis, const int bNewVal) +{ + pThis->bEmitMsgOnOpen = bNewVal; + return RS_RET_OK; +} /* Set connection close notification */ static rsRetVal -SetNotificationOnRemoteClose(tcpsrv_t *pThis, int bNewVal) +SetNotificationOnRemoteClose(tcpsrv_t *pThis, const int bNewVal) { DEFiRet; pThis->bEmitMsgOnClose = bNewVal; @@ -1611,6 +1627,7 @@ pIf->SetOnMsgReceive = SetOnMsgReceive; pIf->SetLinuxLikeRatelimiters = SetLinuxLikeRatelimiters; pIf->SetNotificationOnRemoteClose = SetNotificationOnRemoteClose; + pIf->SetNotificationOnRemoteOpen = SetNotificationOnRemoteOpen; pIf->SetPreserveCase = SetPreserveCase; pIf->SetDrvrCheckExtendedKeyUsage = SetDrvrCheckExtendedKeyUsage; pIf->SetDrvrPrioritizeSAN = SetDrvrPrioritizeSAN; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/runtime/tcpsrv.h new/rsyslog-8.2210.0/runtime/tcpsrv.h --- old/rsyslog-8.2208.0/runtime/tcpsrv.h 2022-04-04 09:26:40.000000000 +0200 +++ new/rsyslog-8.2210.0/runtime/tcpsrv.h 2022-10-16 17:46:21.000000000 +0200 @@ -1,6 +1,6 @@ /* Definitions for tcpsrv class. * - * Copyright 2008-2021 Adiscon GmbH. + * Copyright 2008-2022 Adiscon GmbH. * * This file is part of rsyslog. * @@ -87,6 +87,7 @@ ruleset_t *pRuleset; /**< ruleset to bind to */ permittedPeers_t *pPermPeers;/**< driver's permitted peers */ sbool bEmitMsgOnClose; /**< emit an informational message when the remote peer closes connection */ + sbool bEmitMsgOnOpen; sbool bUsingEPoll; /**< are we in epoll mode (means we do not need to keep track of sessions!) */ sbool bUseFlowControl; /**< use flow control (make light delayable) */ sbool bSPFramingFix; /**< support work-around for broken Cisco ASA framing? */ @@ -174,6 +175,7 @@ /* added v7 (accidently named v8!) */ rsRetVal (*SetLstnMax)(tcpsrv_t *pThis, int iMaxLstn); /* 2009-08-17 */ rsRetVal (*SetNotificationOnRemoteClose)(tcpsrv_t *pThis, int bNewVal); /* 2009-10-01 */ + rsRetVal (*SetNotificationOnRemoteOpen)(tcpsrv_t *pThis, int bNewVal); /* 2022-08-23 */ /* added v9 -- rgerhards, 2010-03-01 */ rsRetVal (*SetbDisableLFDelim)(tcpsrv_t*, int); /* added v10 -- rgerhards, 2011-04-01 */ @@ -209,7 +211,7 @@ rsRetVal (*SetDrvrKeyFile)(tcpsrv_t *pThis, uchar *pszMode); rsRetVal (*SetDrvrCertFile)(tcpsrv_t *pThis, uchar *pszMode); ENDinterface(tcpsrv) -#define tcpsrvCURR_IF_VERSION 25 /* increment whenever you change the interface structure! */ +#define tcpsrvCURR_IF_VERSION 26 /* increment whenever you change the interface structure! */ /* change for v4: * - SetAddtlFrameDelim() added -- rgerhards, 2008-12-10 * - SetInputName() added -- rgerhards, 2008-12-10 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/Makefile.am new/rsyslog-8.2210.0/tests/Makefile.am --- old/rsyslog-8.2208.0/tests/Makefile.am 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/Makefile.am 2022-10-16 17:46:21.000000000 +0200 @@ -175,7 +175,6 @@ timestamp-mysql.sh \ timestamp-pgsql.sh \ timestamp-subseconds.sh \ - hostname-getaddrinfo-fail.sh \ msleep_usage_output.sh \ mangle_qi_usage_output.sh \ minitcpsrv_usage_output.sh \ @@ -1438,7 +1437,9 @@ TESTS += \ imrelp-basic-vg.sh \ imrelp-sessionbreak-vg.sh \ - imrelp-manyconn-vg.sh + imrelp-manyconn-vg.sh \ + sndrcv_relp-vg-rcvr.sh \ + sndrcv_relp-vg-sender.sh endif # HAVE_VALGRIND endif @@ -1680,10 +1681,6 @@ endif endif # ENABLE_OMAMQP1 -# test samples... -#empty-hostname.log: hostname-getaddrinfo-fail.log -#hostname-getaddrinfo-fail.log: empty-hostname.log - endif # if ENABLE_TESTBENCH TESTS_ENVIRONMENT = RSYSLOG_MODDIR='$(abs_top_builddir)'/runtime/.libs/ @@ -1720,7 +1717,6 @@ config_enabled-off.sh \ empty-app-name.sh \ empty-hostname.sh \ - hostname-getaddrinfo-fail.sh \ hostname-with-slash-pmrfc5424.sh \ hostname-with-slash-pmrfc3164.sh \ pmrfc3164-msgFirstSpace.sh \ @@ -2371,6 +2367,8 @@ sndrcv_relp_tls_chainedcert.sh \ sndrcv_relp_tls.sh \ sndrcv_relp_tls_certvalid.sh \ + sndrcv_relp-vg-rcvr.sh \ + sndrcv_relp-vg-sender.sh \ relp_tls_certificate_not_found.sh \ omrelp_wrong_authmode.sh \ imrelp-tls.sh \ @@ -2833,6 +2831,7 @@ sndrcv_tls_ossl_serveranon_gtls_clientanon.sh \ sndrcv_tls_gtls_servercert_ossl_clientanon.sh \ sndrcv_tls_gtls_serveranon_ossl_clientanon.sh \ + sndrcv_ossl_cert_chain.sh \ omtcl.sh \ omtcl.tcl \ pmsnare-default.sh \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/allowed-sender-tcp-fail.sh new/rsyslog-8.2210.0/tests/allowed-sender-tcp-fail.sh --- old/rsyslog-8.2208.0/tests/allowed-sender-tcp-fail.sh 2022-07-11 13:06:09.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/allowed-sender-tcp-fail.sh 2022-10-16 17:46:21.000000000 +0200 @@ -21,6 +21,6 @@ tcpflood -m$NUMMESSAGES shutdown_when_empty wait_shutdown -content_check --regex "TCP message from disallowed sender .* discarded" +content_check --regex "connection request from disallowed sender .* discarded" check_file_not_exists "$RSYSLOG_DYNNAME.must-not-be-created" exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/allowed-sender-tcp-hostname-fail.sh new/rsyslog-8.2210.0/tests/allowed-sender-tcp-hostname-fail.sh --- old/rsyslog-8.2208.0/tests/allowed-sender-tcp-hostname-fail.sh 2022-07-11 13:06:09.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/allowed-sender-tcp-hostname-fail.sh 2022-10-16 17:46:21.000000000 +0200 @@ -26,6 +26,6 @@ tcpflood -m$NUMMESSAGES shutdown_when_empty wait_shutdown -content_check --regex "TCP message from disallowed sender .* discarded" +content_check --regex "connection request from disallowed sender .* discarded" check_file_not_exists "$RSYSLOG_DYNNAME.must-not-be-created" exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/diag.sh new/rsyslog-8.2210.0/tests/diag.sh --- old/rsyslog-8.2208.0/tests/diag.sh 2022-08-09 09:08:31.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/diag.sh 2022-10-16 17:46:21.000000000 +0200 @@ -596,7 +596,7 @@ # add --keep-debuginfo=yes for hard to find cases; this cannot be used generally, # because it is only supported by newer versions of valgrind (else CI will fail # on older platforms). - LD_PRELOAD=$RSYSLOG_PRELOAD valgrind $RS_TEST_VALGRIND_EXTRA_OPTS $RS_TESTBENCH_VALGRIND_EXTRA_OPTS --suppressions=$srcdir/known_issues.supp ${EXTRA_VALGRIND_SUPPRESSIONS:-} --gen-suppressions=all --log-fd=1 --error-exitcode=10 --malloc-fill=ff --free-fill=fe --leak-check=$RS_TESTBENCH_LEAK_CHECK ../tools/rsyslogd -C -n -i$RSYSLOG_PIDBASE$2.pid -M../runtime/.libs:../.libs -f$CONF_FILE & + LD_PRELOAD=$RSYSLOG_PRELOAD valgrind $RS_TEST_VALGRIND_EXTRA_OPTS $RS_TESTBENCH_VALGRIND_EXTRA_OPTS --suppressions=$srcdir/known_issues.supp ${EXTRA_VALGRIND_SUPPRESSIONS:-} --gen-suppressions=all --log-fd=1 --error-exitcode=10 --malloc-fill=ff --free-fill=fe --leak-check=$RS_TESTBENCH_LEAK_CHECK ../tools/rsyslogd -C -n -i$RSYSLOG_PIDBASE$instance.pid -M../runtime/.libs:../.libs -f$CONF_FILE & wait_rsyslog_startup_pid $1 } @@ -604,7 +604,7 @@ # returns only after successful startup, $2 is the instance (blank or 2!) startup_vg() { startup_vg_waitpid_only $1 $2 - wait_startup $2 + wait_startup $instance reassign_ports } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/hostname-getaddrinfo-fail.sh new/rsyslog-8.2210.0/tests/hostname-getaddrinfo-fail.sh --- old/rsyslog-8.2208.0/tests/hostname-getaddrinfo-fail.sh 2022-07-11 13:06:09.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/hostname-getaddrinfo-fail.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,34 +0,0 @@ -#!/bin/bash -# This test check what happens if we cannot doe getaddrinfo early -# in rsyslog startup (this has caused an error in the past). Even more -# importantly, it checks that error messages can be issued very early -# during startup. -# Note that we use the override of the hostname to ensure we do not -# accidentally get an acceptable FQDN-type hostname during testing. -# -# IMPORTANT: We cannot use the regular plumbing here, as our preload -# interferes with socket operations (we cannot bind the port for some -# reason). As we do not necessarily need the full plumbing for this -# simple test, we emulate what we need. It's a bit ugly, but actually -# the simplest way forward. -# -# This is part of the rsyslog testbench, licensed under ASL 2.0 -. ${srcdir:=.}/diag.sh init -skip_platform "AIX" "we cannot preload required dummy lib" - -echo 'action(type="omfile" file="'$RSYSLOG_DYNNAME'.out.log")' > ${RSYSLOG_DYNNAME}.conf -LD_PRELOAD=".libs/liboverride_gethostname_nonfqdn.so:.libs/liboverride_getaddrinfo.so" \ - ../tools/rsyslogd -C -n -i$RSYSLOG_DYNNAME.pid -M../runtime/.libs:../.libs -f${RSYSLOG_DYNNAME}.conf & -wait_process_startup $RSYSLOG_DYNNAME -sleep 1 # wait a bit so that rsyslog can do some processing... -kill $(cat $RSYSLOG_DYNNAME.pid ) - -grep " nonfqdn " < $RSYSLOG_DYNNAME.out.log -if [ ! $? -eq 0 ]; then - echo "expected hostname \"nonfqdn\" not found in logs, $RSYSLOG_DYNNAME.out.log is:" - cat $RSYSLOG_DYNNAME.out.log - error_exit 1 -fi; - -echo EVERYTHING OK - error messages are just as expected! -exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/imfile-statefile-delete.sh new/rsyslog-8.2210.0/tests/imfile-statefile-delete.sh --- old/rsyslog-8.2208.0/tests/imfile-statefile-delete.sh 2022-07-11 13:06:09.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/imfile-statefile-delete.sh 2022-10-16 17:46:21.000000000 +0200 @@ -5,6 +5,11 @@ export TESTMESSAGES=1000 export TESTMESSAGESFULL=999 export RETRIES=50 + +# Uncomment fdor debuglogs +#export RSYSLOG_DEBUG="debug nostdout noprintmutexaction" +#export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.debuglog" + generate_conf add_conf ' global(workDirectory="'${RSYSLOG_DYNNAME}'.spool") @@ -22,8 +27,11 @@ rm $RSYSLOG_DYNNAME.input sleep_time_ms=0 while ls $RSYSLOG_DYNNAME.spool/imfile-state:$inode:* 1> /dev/null 2>&1; do - ./msleep 10 - ((sleep_time_ms+=10)) + ./msleep 100 + ((sleep_time_ms+=100)) + if [ $sleep_time_ms -ge 6000 ]; then + touch $RSYSLOG_DYNNAME:.tmp + fi if [ $sleep_time_ms -ge 30000 ]; then printf 'FAIL: state file still exists when it should have been deleted\nspool dir is:\n' ls -l $RSYSLOG_DYNNAME.spool diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/imtcp-connection-msg-recieved.sh new/rsyslog-8.2210.0/tests/imtcp-connection-msg-recieved.sh --- old/rsyslog-8.2208.0/tests/imtcp-connection-msg-recieved.sh 2022-07-11 13:06:09.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/imtcp-connection-msg-recieved.sh 2022-10-16 17:46:21.000000000 +0200 @@ -5,7 +5,7 @@ add_conf ' module(load="../plugins/imtcp/.libs/imtcp") input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port" - notifyonconnectionclose="on") + notifyonconnectionopen="on" notifyonconnectionclose="on") :msg, contains, "msgnum:" { action(type="omfile" file=`echo $RSYSLOG2_OUT_LOG`) @@ -19,5 +19,6 @@ tcpflood -m1 -M"\"<129>Mar 10 01:00:00 172.20.245.8 tag: msgnum:1\"" shutdown_when_empty wait_shutdown +content_check "connection established with " content_check "closed by remote peer " exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/sndrcv_ossl_cert_chain.sh new/rsyslog-8.2210.0/tests/sndrcv_ossl_cert_chain.sh --- old/rsyslog-8.2208.0/tests/sndrcv_ossl_cert_chain.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2210.0/tests/sndrcv_ossl_cert_chain.sh 2022-10-16 17:46:21.000000000 +0200 @@ -0,0 +1,76 @@ +#!/bin/bash +# alorbach, 2019-01-16 +# This file is part of the rsyslog project, released under ASL 2.0 +. ${srcdir:=.}/diag.sh init +export NUMMESSAGES=1000 +# uncomment for debugging support: +#export RSYSLOG_DEBUG="debug nostdout noprintmutexaction" +export RSYSLOG_DEBUGLOG="log" +generate_conf +export PORT_RCVR="$(get_free_port)" +### This is important, as it must be exactly the same +### as the ones configured in used certificates +export HOSTNAME="fedora" +add_conf ' +global( + DefaultNetstreamDriver="ossl" + DefaultNetstreamDriverCAFile="'$srcdir/testsuites/certchain/ca-cert.pem'" + DefaultNetstreamDriverCertFile="'$srcdir/testsuites/certchain/server-cert.pem'" + DefaultNetstreamDriverKeyFile="'$srcdir/testsuites/certchain/server-key.pem'" + NetstreamDriverCAExtraFiles="'$srcdir/testsuites/certchain/ca-root-cert.pem'" +) + +module( load="../plugins/imtcp/.libs/imtcp" + StreamDriver.Name="ossl" + StreamDriver.Mode="1" + PermittedPeer="'$HOSTNAME'" + StreamDriver.AuthMode="x509/name" ) +# then SENDER sends to this port (not tcpflood!) +input( type="imtcp" port="'$PORT_RCVR'" ) + +$template outfmt,"%msg:F,58:2%\n" +$template dynfile,"'$RSYSLOG_OUT_LOG'" # trick to use relative path names! +:msg, contains, "msgnum:" ?dynfile;outfmt +' +startup +export RSYSLOG_DEBUGLOG="log2" +#valgrind="valgrind" +generate_conf 2 +export TCPFLOOD_PORT="$(get_free_port)" +add_conf ' +global( + defaultNetstreamDriverCAFile="'$srcdir/testsuites/certchain/ca-root-cert.pem'" + defaultNetstreamDriverCertFile="'$srcdir/testsuites/certchain/client-cert.pem'" + defaultNetstreamDriverKeyFile="'$srcdir/testsuites/certchain/client-key.pem'" +) + +# Note: no TLS for the listener, this is for tcpflood! +$ModLoad ../plugins/imtcp/.libs/imtcp +input( type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port" ) + +# set up the action +action( type="omfwd" + protocol="tcp" + target="127.0.0.1" + port="'$PORT_RCVR'" + StreamDriver="ossl" + StreamDriverMode="1" + StreamDriverAuthMode="x509/name" + StreamDriverPermittedPeers="'$HOSTNAME'" + ) +' 2 +startup 2 + +# now inject the messages into instance 2. It will connect to instance 1, +# and that instance will record the data. +tcpflood -m$NUMMESSAGES -i1 +wait_file_lines +# shut down sender when everything is sent, receiver continues to run concurrently +shutdown_when_empty 2 +wait_shutdown 2 +# now it is time to stop the receiver as well +shutdown_when_empty +wait_shutdown + +seq_check 1 $NUMMESSAGES +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/sndrcv_relp-vg-rcvr.sh new/rsyslog-8.2210.0/tests/sndrcv_relp-vg-rcvr.sh --- old/rsyslog-8.2208.0/tests/sndrcv_relp-vg-rcvr.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2210.0/tests/sndrcv_relp-vg-rcvr.sh 2022-10-16 17:46:21.000000000 +0200 @@ -0,0 +1,59 @@ +#!/bin/bash +# added 2022-06-21 by alorbach +# This file is part of the rsyslog project, released under ASL 2.0 +. ${srcdir:=.}/diag.sh init + +# CHECK VALGRIND MINIMUM VERSION | MIN 3.14.0 +VALGRINDVER=$(valgrind --version) +VALGRINDVERMAJOR=$(echo $VALGRINDVER | cut -d'-' -f2 | cut -d'.' -f1) +VALGRINDVERMINOR=$(echo $VALGRINDVER | cut -d'-' -f2 | cut -d'.' -f2) +if [ "$VALGRINDVERMAJOR" -lt 3 ] || { [ "$VALGRINDVERMAJOR" -eq 3 ] && [ "$VALGRINDVERMINOR" -lt 15 ]; }; then + printf 'This test does NOT work with versions below valgrind-3.15.0 (missing --keep-debuginfo) - Installed valgrind version is ' + printf $VALGRINDVER + printf '\n' + exit 77 +fi + +export NUMMESSAGES=5000 +export RS_TEST_VALGRIND_EXTRA_OPTS="--keep-debuginfo=yes --leak-check=full" +########## receiver ########## +export RSYSLOG_DEBUG="debug nostdout" +export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog" +generate_conf +export PORT_RCVR="$(get_free_port)" +add_conf ' +module(load="../plugins/imrelp/.libs/imrelp") +input(type="imrelp" port="'$PORT_RCVR'") + +$template outfmt,"%msg:F,58:2%\n" +:msg, contains, "msgnum:" action(type="omfile" file="'$RSYSLOG_OUT_LOG'" template="outfmt") +' +startup_vg +printf "#### RECEIVER STARTED\n\n" + +########## sender ########## +export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.sender.debuglog" +generate_conf 2 +add_conf ' +module(load="../plugins/omrelp/.libs/omrelp") + +action(type="omrelp" name="omrelp" target="127.0.0.1" port="'$PORT_RCVR'") +' 2 + +startup 2 +printf "#### SENDER STARTED\n\n" + +# now inject the messages into instance 2. It will connect to instance 1, +# and that instance will record the data. +injectmsg2 0 $NUMMESSAGES + +shutdown_when_empty 2 +wait_shutdown 2 + +# now it is time to stop the receiver as well +shutdown_when_empty +wait_shutdown_vg +seq_check +check_exit_vg + +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/sndrcv_relp-vg-sender.sh new/rsyslog-8.2210.0/tests/sndrcv_relp-vg-sender.sh --- old/rsyslog-8.2208.0/tests/sndrcv_relp-vg-sender.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2210.0/tests/sndrcv_relp-vg-sender.sh 2022-10-16 17:46:21.000000000 +0200 @@ -0,0 +1,60 @@ +#!/bin/bash +# added 2022-06-21 by alorbach +# This file is part of the rsyslog project, released under ASL 2.0 +. ${srcdir:=.}/diag.sh init + +# CHECK VALGRIND MINIMUM VERSION | MIN 3.14.0 +VALGRINDVER=$(valgrind --version) +VALGRINDVERMAJOR=$(echo $VALGRINDVER | cut -d'-' -f2 | cut -d'.' -f1) +VALGRINDVERMINOR=$(echo $VALGRINDVER | cut -d'-' -f2 | cut -d'.' -f2) +if [ "$VALGRINDVERMAJOR" -lt 3 ] || { [ "$VALGRINDVERMAJOR" -eq 3 ] && [ "$VALGRINDVERMINOR" -lt 15 ]; }; then + printf 'This test does NOT work with versions below valgrind-3.15.0 (missing --keep-debuginfo) - Installed valgrind version is ' + printf $VALGRINDVER + printf '\n' + exit 77 +fi + +export NUMMESSAGES=5000 +export RS_TEST_VALGRIND_EXTRA_OPTS="--keep-debuginfo=yes --leak-check=full" +########## receiver ########## +export RSYSLOG_DEBUG="debug nostdout" +export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog" +generate_conf +export PORT_RCVR="$(get_free_port)" +add_conf ' +module(load="../plugins/imrelp/.libs/imrelp") +input(type="imrelp" port="'$PORT_RCVR'") + +$template outfmt,"%msg:F,58:2%\n" +:msg, contains, "msgnum:" action(type="omfile" file="'$RSYSLOG_OUT_LOG'" template="outfmt") +' +startup +printf "#### RECEIVER STARTED\n\n" + +########## sender ########## +export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.sender.debuglog" +generate_conf 2 +add_conf ' +module(load="../plugins/omrelp/.libs/omrelp") + +action(type="omrelp" name="omrelp" target="127.0.0.1" port="'$PORT_RCVR'") +' 2 + +startup_vg 2 +printf "#### SENDER STARTED\n\n" + +# now inject the messages into instance 2. It will connect to instance 1, +# and that instance will record the data. +injectmsg2 0 $NUMMESSAGES + +printf "#### SENDER SHUTDOWN\n\n" +shutdown_when_empty 2 +wait_shutdown_vg 2 +check_exit_vg 2 + +printf "#### RECEIVER SHUTDOWN\n\n" +# now it is time to stop the receiver as well +shutdown_when_empty +wait_shutdown +seq_check +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tests/sndrcv_relp.sh new/rsyslog-8.2210.0/tests/sndrcv_relp.sh --- old/rsyslog-8.2208.0/tests/sndrcv_relp.sh 2022-07-11 13:06:09.000000000 +0200 +++ new/rsyslog-8.2210.0/tests/sndrcv_relp.sh 2022-10-16 17:46:21.000000000 +0200 @@ -5,7 +5,7 @@ export NUMMESSAGES=50000 ########## receiver ########## #export RSYSLOG_DEBUG="debug nostdout" -#export RSYSLOG_DEBUGLOG="log" +#export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog" generate_conf export PORT_RCVR="$(get_free_port)" add_conf ' @@ -19,7 +19,7 @@ printf "#### RECEIVER STARTED\n\n" ########## sender ########## -#export RSYSLOG_DEBUGLOG="log2" +#export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.sender.debuglog" generate_conf 2 add_conf ' module(load="../plugins/omrelp/.libs/omrelp") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tools/iminternal.c new/rsyslog-8.2210.0/tools/iminternal.c --- old/rsyslog-8.2208.0/tools/iminternal.c 2021-03-09 12:51:07.000000000 +0100 +++ new/rsyslog-8.2210.0/tools/iminternal.c 2022-10-16 17:46:21.000000000 +0200 @@ -6,7 +6,7 @@ * * File begun on 2007-08-03 by RGerhards * - * Copyright 2007-2017 Rainer Gerhards and Adiscon GmbH. + * Copyright 2007-2022 Rainer Gerhards and Adiscon GmbH. * * This file is part of rsyslog. * @@ -37,6 +37,7 @@ #include "syslogd.h" #include "linkedlist.h" #include "iminternal.h" +#include "unicode-helper.h" static linkedList_t llMsgs; static pthread_mutex_t mutList = PTHREAD_MUTEX_INITIALIZER; @@ -137,6 +138,10 @@ pthread_mutex_lock(&mutList); CHKiRet(llGetNextElt(&llMsgs, &llCookie, (void*)&pThis)); + if(!strcmp((char*)pThis->pMsg->pszHOSTNAME, "[localhost]")) { + /* early (pre-conf) startup message detected, need to set real hostname now */ + MsgSetHOSTNAME(pThis->pMsg, glblGetLocalHostName(), ustrlen(glblGetLocalHostName())); + } *ppMsg = pThis->pMsg; pThis->pMsg = NULL; /* we do no longer own it - important for destructor */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2208.0/tools/rsyslogd.c new/rsyslog-8.2210.0/tools/rsyslogd.c --- old/rsyslog-8.2208.0/tools/rsyslogd.c 2022-07-19 12:43:32.000000000 +0200 +++ new/rsyslog-8.2210.0/tools/rsyslogd.c 2022-10-16 17:46:21.000000000 +0200 @@ -3,7 +3,7 @@ * because it was either written from scratch by me (rgerhards) or * contributors who agreed to ASL 2.0. * - * Copyright 2004-2019 Rainer Gerhards and Adiscon + * Copyright 2004-2022 Rainer Gerhards and Adiscon * * This file is part of rsyslog. * @@ -187,7 +187,7 @@ * is either 0 or the number of the signal that requested the * termination. */ -const char *PidFile; +const char *PidFile = NULL; #define NO_PIDFILE "NONE" int iConfigVerify = 0; /* is this just a config verify run? */ rsconf_t *ourConf = NULL; /* our config object */ @@ -230,7 +230,7 @@ #endif -static rsRetVal +rsRetVal queryLocalHostname(void) { uchar *LocalHostName = NULL; @@ -297,6 +297,16 @@ RETiRet; } +static void +clearPidFile(void) +{ + if(PidFile != NULL) { + if(strcmp(PidFile, NO_PIDFILE)) { + unlink(PidFile); + } + } +} + /* duplicate startup protection: check, based on pid file, if our instance * is already running. This MUST be called before we write our own pid file. */ @@ -818,6 +828,13 @@ CHKiRet_Hdlr(qqueueStart(cnf, pQueue)) { /* no queue is fatal, we need to give up in that case... */ LogError(0, iRet, "could not start (ruleset) main message queue"); + if(runConf->globals.bAbortOnFailedQueueStartup) { + fprintf(stderr, "rsyslogd: could not start (ruleset) main message queue, " + "abortOnFailedQueueStartup is set, so we abort rsyslog now.\n"); + fflush(stderr); + clearPidFile(); + exit(1); /* "good" exit, this is intended here */ + } pQueue->qType = QUEUETYPE_DIRECT; CHKiRet_Hdlr(qqueueStart(cnf, pQueue)) { /* no queue is fatal, we need to give up in that case... */ @@ -1385,12 +1402,6 @@ exit(1); /* "good" exit, leaving at init for fatal error */ } - /* get our host and domain names - we need to do this early as we may emit - * error log messages, which need the correct hostname. -- rgerhards, 2008-04-04 - * But we need to have imInternal up first! - */ - queryLocalHostname(); - /* we now can emit error messages "the regular way" */ if(getenv("TZ") == NULL) { @@ -2100,9 +2111,7 @@ dbgClassExit(); /* NO CODE HERE - dbgClassExit() must be the last thing before exit()! */ - if(strcmp(PidFile, NO_PIDFILE)) { - unlink(PidFile); - } + clearPidFile(); } /* This is the main entry point into rsyslogd. This must be a function in its own ++++++ rsyslog-doc-8.2208.0.tar.gz -> rsyslog-doc-8.2210.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/rsyslog/rsyslog-doc-8.2208.0.tar.gz /work/SRC/openSUSE:Factory/.rsyslog.new.1597/rsyslog-doc-8.2210.0.tar.gz differ: char 14, line 1
