Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package librelp for openSUSE:Factory checked in at 2023-01-29 14:10:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/librelp (Old) and /work/SRC/openSUSE:Factory/.librelp.new.32243 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "librelp" Sun Jan 29 14:10:41 2023 rev:43 rq:1061809 version:1.11.0 Changes: -------- --- /work/SRC/openSUSE:Factory/librelp/librelp.changes 2021-03-02 15:19:40.389718475 +0100 +++ /work/SRC/openSUSE:Factory/.librelp.new.32243/librelp.changes 2023-01-29 14:31:32.761804602 +0100 @@ -1,0 +2,23 @@ +Fri Jan 20 16:42:52 UTC 2023 - Dirk Müller <dmuel...@suse.com> + +- update to 1.11.0: + * code cleanup + * testbench: Fix commands in some openssl tests + * openssl: fix openssl exit code avoid double free of ctx + When more than one librelp instance are used in the same process, + and the relpTcpExitTLS call was called a second time, the process + could freeze due a double free (See SSL_CTX_free call). + * librelp hardening: Fix multiple minor issues causing debugging trouble + - avoid invalid dbgprint calls + - avoid double free in relpTcpDestruct (if called twice). + - add debug output into relpTcpRcv + * OpenSSL: fix depreacted API issues for OpenSSL 3.x + - OpenSSL error strings are loaded automatically now + * bugfix: compatiblity problem with openssl 1.1 + * bugfix: Forward return code from relpEngineSetTLSLib to + relpEngineSetTLSLibName + * bugfix: make relpEngineSetTLSLib debug safe + * bugfix: warnings reported by coverity scan + * gnutls drvr bugfix: library called exit() under some circumstances + +------------------------------------------------------------------- Old: ---- librelp-1.10.0.tar.gz New: ---- librelp-1.11.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ librelp.spec ++++++ --- /var/tmp/diff_new_pack.sQGGcD/_old 2023-01-29 14:31:33.213807082 +0100 +++ /var/tmp/diff_new_pack.sQGGcD/_new 2023-01-29 14:31:33.217807104 +0100 @@ -1,7 +1,7 @@ # # spec file for package librelp # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define library_name librelp0 Name: librelp -Version: 1.10.0 +Version: 1.11.0 Release: 0 Summary: A reliable logging library License: GPL-3.0-or-later ++++++ librelp-1.10.0.tar.gz -> librelp-1.11.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/ChangeLog new/librelp-1.11.0/ChangeLog --- old/librelp-1.10.0/ChangeLog 2021-02-16 09:07:37.000000000 +0100 +++ new/librelp-1.11.0/ChangeLog 2023-01-02 12:17:38.000000000 +0100 @@ -1,4 +1,89 @@ ---------------------------------------------------------------------- +Version 1.11.0 - 2023-01-10 +- code cleanup + During the initial librelp implementation it was thought about an + auto-retry feature (whatever that means). Variable bAutoRetry was + created to control that behaviour. It's default was 0 (inactive). + Some code has been written to evaluate that variable and act + accordingly. However, no setter method for this variable was + created and it was also nowhere changed from the default value + of zero. As such, the code activated by it was never used. + This patch now removes both the variable and the few code lines + accessing it. This will have no effect, as the code was never + used. + closes: https://github.com/rsyslog/librelp/issues/223 +- testbench: Fix commands in some openssl tests + Those commands were not correctly handeled on AIX, now they are. +- AIX: Changed ERRNO handling after connect in tcp.c + see also: https://github.com/rsyslog/librelp/issues/250 +- AIX: Add handling for other ERRNO codes in tcp.c + For send(), recv() and connect() we need to handle different ERRNO + codes on AIX according to doc: + https://www.ibm.com/docs/en/aix/7.1?topic=r-recv-subroutine + https://www.ibm.com/docs/en/aix/7.1?topic=s-send-subroutine + https://www.ibm.com/docs/en/aix/7.1?topic=c-connect-subroutine +- bugfix/TCP: relpTcpGetRtryDirection onyl needs to check direction if SSL is active. + closes: https://github.com/rsyslog/librelp/issues/240 +- AIX: in relpTcpRcv we need to set RETRY_recv if errno is 0 + On AIX 10.x, when a recv call fails with len -1 and errno 0 + we can still go into relpTCP_RETRY_recv mode. Testbench on + rsyslog side appears to be finally working with this fix. + On AIX 10.x, same problem as above appear to happen with + connect() as well not setting errno to EINPROGRESS on failure. + rsyslog ptcp driver does not check errno value at all, which is + why we did not have this problem on AIX with rsyslog. + Reduce test message count in receiver-abort.sh to 50000, + because otherwise the test can timeout on very slow machines. + Moved receive buffer in relpSessRcvData back to stack memory + closes: https://github.com/rsyslog/librelp/pull/239 +- openssl: fix openssl exit code avoid double free of ctx + When more than one librelp instance are used in the same process, + and the relpTcpExitTLS call was called a second time, the process + could freeze due a double free (See SSL_CTX_free call). + Thanks to David GOUARIN <david.goua...@thalesgroup.com> for the + discovery and initial fix. + Also added an openssl instance counter to avoid freeing the SSL library + which could be still in use by another librelp instance + in the same process. + closes: https://github.com/rsyslog/librelp/issues/235 +- librelp hardening: Fix multiple minor issues causing debugging trouble + - avoid invalid dbgprint calls + - avoid double free in relpTcpDestruct (if called twice). + - add debug output into relpTcpRcv +- OpenSSL: fix depreacted API issues for OpenSSL 3.x + - OpenSSL error strings are loaded automatically now + - Adapted Debug Callback for 3.x + - See for more: + https://www.openssl.org/docs/manmaster/man7/migration_guide.html + closes: https://github.com/rsyslog/librelp/issues/246 +- bugfix: compatiblity problem with openssl 1.1 + There were undefined reference to CRYPTO_set_id_callback if system + use openssl 1.1, which lead to load and/or other erros. + Thanks to Alexander Eremin for the patch. +- bugfix: Forward return code from relpEngineSetTLSLib to relpEngineSetTLSLibName + Previous situation: In case librelp is compiled without openssl + support but openssl is requested from the user side, then librelp + silently switches to the default tls driver(gnutls). + Thanks to Attila Lakatos for the patch. +- bugfix: make relpEngineSetTLSLib debug safe + In case pThis == NULL condition is true at line + https://github.com/rsyslog/librelp/blob/master/src/relp.c#L345 + pThis->dbgprint(...) would cause unexpected behavior. + Thanks to Attila Lakatos for the patch. +- bugfix: warnings reported by coverity scan + Thanks to Attila Lakatos for the patch. +- testbench: Added compatiblity to run on AIX + - removed long options from receive send utilities (Not supported on AIX). + - added checks for existing commands in some tests. + - added msleep utility from rsyslog (sleep, timeout etc. not supported on AIX). + - github workflow: Disabled some unrelated tests from rsyslog testbench + closes: https://github.com/rsyslog/librelp/issues/228 +- gnutls drvr bugfix: library called exit() under some circumstances + When relpTcpRcv ran into an error, it could call exit() and thus + terminate the calling process. This was a regression from commit + 6555545c4ebe9afe9259b15c176fd81eeecc93f4. + closes: https://github.com/rsyslog/librelp/issues/230 +---------------------------------------------------------------------- Version 1.10.0 - 2021-02-16 - TLS handling bugfix When the client tried to conntect to the server, custom diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/Makefile.in new/librelp-1.11.0/Makefile.in --- old/librelp-1.10.0/Makefile.in 2021-02-16 09:07:49.000000000 +0100 +++ new/librelp-1.11.0/Makefile.in 2023-01-02 12:18:13.000000000 +0100 @@ -192,8 +192,8 @@ DIST_SUBDIRS = $(SUBDIRS) am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \ $(srcdir)/relp.pc.in AUTHORS COPYING ChangeLog INSTALL NEWS \ - README compile config.guess config.sub depcomp install-sh \ - ltmain.sh missing + README compile config.guess config.sub install-sh ltmain.sh \ + missing DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/configure new/librelp-1.11.0/configure --- old/librelp-1.10.0/configure 2021-02-16 09:07:49.000000000 +0100 +++ new/librelp-1.11.0/configure 2023-01-02 12:18:12.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for librelp 1.10.0. +# Generated by GNU Autoconf 2.69 for librelp 1.11.0. # # Report bugs to <rgerha...@adiscon.com>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='librelp' PACKAGE_TARNAME='librelp' -PACKAGE_VERSION='1.10.0' -PACKAGE_STRING='librelp 1.10.0' +PACKAGE_VERSION='1.11.0' +PACKAGE_STRING='librelp 1.11.0' PACKAGE_BUGREPORT='rgerha...@adiscon.com' PACKAGE_URL='' @@ -1378,7 +1378,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures librelp 1.10.0 to adapt to many kinds of systems. +\`configure' configures librelp 1.11.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1449,7 +1449,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of librelp 1.10.0:";; + short | recursive ) echo "Configuration of librelp 1.11.0:";; esac cat <<\_ACEOF @@ -1579,7 +1579,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -librelp configure 1.10.0 +librelp configure 1.11.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2105,7 +2105,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by librelp $as_me 1.10.0, which was +It was created by librelp $as_me 1.11.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2971,7 +2971,7 @@ # Define the identity of the package. PACKAGE='librelp' - VERSION='1.10.0' + VERSION='1.11.0' cat >>confdefs.h <<_ACEOF @@ -16097,7 +16097,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by librelp $as_me 1.10.0, which was +This file was extended by librelp $as_me 1.11.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -16163,7 +16163,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -librelp config.status 1.10.0 +librelp config.status 1.11.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/configure.ac new/librelp-1.11.0/configure.ac --- old/librelp-1.10.0/configure.ac 2021-02-16 09:07:37.000000000 +0100 +++ new/librelp-1.11.0/configure.ac 2023-01-02 12:17:48.000000000 +0100 @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([librelp], [1.10.0], [rgerha...@adiscon.com]) +AC_INIT([librelp], [1.11.0], [rgerha...@adiscon.com]) # change to the one below if Travis has a timeout #AM_INIT_AUTOMAKE([subdir-objects serial-tests]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/src/offers.c new/librelp-1.11.0/src/offers.c --- old/librelp-1.10.0/src/offers.c 2021-02-16 09:07:24.000000000 +0100 +++ new/librelp-1.11.0/src/offers.c 2023-01-02 12:15:27.000000000 +0100 @@ -216,6 +216,7 @@ /* check which value we need to use */ if(pszVal == NULL) { snprintf((char*)pThis->szVal, sizeof(pThis->szVal), "%d", intVal); + pThis->szVal[RELP_MAX_OFFER_FEATUREVALUE] = '\0'; pThis->intVal = intVal; } else { strncpy((char*)pThis->szVal, (char*)pszVal, sizeof(pThis->szVal) - 1); @@ -264,6 +265,7 @@ CHKRet(relpOfferConstruct(&pThis, pOffers->pEngine)); strncpy((char*)pThis->szName, (char*)pszName, sizeof(pThis->szName)); + pThis->szName[RELP_MAX_OFFER_FEATURENAME] = '\0'; pThis->pNext = pOffers->pRoot; pOffers->pRoot = pThis; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/src/relp.c new/librelp-1.11.0/src/relp.c --- old/librelp-1.10.0/src/relp.c 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/src/relp.c 2023-01-02 12:15:27.000000000 +0100 @@ -369,7 +369,8 @@ #endif finalize_it: - pThis->dbgprint((char*)"relpEngineSetTLSLib, lib now %d, ret %d\n", pThis->tls_lib, iRet); + if (pThis) + pThis->dbgprint((char*)"relpEngineSetTLSLib, lib now %d, ret %d\n", pThis->tls_lib, iRet); LEAVE_RELPFUNC; } @@ -385,9 +386,9 @@ } if(!strcasecmp(name, "gnutls")) { - relpEngineSetTLSLib(pThis, RELP_USE_GNUTLS); + CHKRet(relpEngineSetTLSLib(pThis, RELP_USE_GNUTLS)); }else if(!strcasecmp(name, "openssl")) { - relpEngineSetTLSLib(pThis, RELP_USE_OPENSSL); + CHKRet(relpEngineSetTLSLib(pThis, RELP_USE_OPENSSL)); } else { relpEngineCallOnGenericErr(pThis, "librelp", RELP_RET_PARAM_ERROR, "invalid tls lib '%s' requested; this version of " diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/src/relpframe.c new/librelp-1.11.0/src/relpframe.c --- old/librelp-1.10.0/src/relpframe.c 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/src/relpframe.c 2023-01-02 12:15:27.000000000 +0100 @@ -198,7 +198,7 @@ "librelp", RELP_RET_DATA_TOO_LONG, "frame too long, size %zu, configured max %zu -" "frame will still be accepted and session " - "continues. Note that this can be casued by an " + "continues. Note that this can be caused by an " "attack on your system.", pThis->lenData, pSess->maxDataSize); } else { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/src/relpsess.c new/librelp-1.11.0/src/relpsess.c --- old/librelp-1.10.0/src/relpsess.c 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/src/relpsess.c 2023-01-02 12:15:27.000000000 +0100 @@ -174,7 +174,10 @@ */ if(pThis->pTcp != NULL) { if(pThis->pSrv != NULL) { - relpSessSrvDoDisconnect(pThis); + /* we are at the server side of the connection */ + if( pThis->sessState != eRelpSessState_BROKEN) { + relpSessSrvDoDisconnect(pThis); + } } else { /* we are at the client side of the connection */ if( pThis->sessState != eRelpSessState_DISCONNECTED @@ -267,6 +270,7 @@ RELPOBJ_assert(pThis, Sess); lenBuf = RELP_RCV_BUF_SIZE; + rcvBuf[lenBuf] = '\0'; CHKRet(relpTcpRcv(pThis->pTcp, rcvBuf, &lenBuf)); if(lenBuf == 0) { @@ -285,6 +289,9 @@ errno, (void*)pThis); pThis->sessState = eRelpSessState_BROKEN; ABORT_FINALIZE(RELP_RET_SESSION_BROKEN); + } else { + pThis->pEngine->dbgprint((char*)"relp session %p read did not return any DATA, RETRY later\n", + (void*)pThis); } } else { /* Terminate buffer and output received data to debug*/ @@ -384,7 +391,6 @@ /* now send it */ pThis->pEngine->dbgprint((char*)"hint-frame to send: '%s'\n", pSendbuf->pData + (9 - pSendbuf->lenTxnr)); CHKRet(relpSendbufSend(pSendbuf, pThis->pTcp)); - finalize_it: if(pSendbuf != NULL) relpSendbufDestruct(&pSendbuf); @@ -676,11 +682,6 @@ CHKRet(relpSessWaitState(pThis, eRelpSessState_READY_TO_SEND, pThis->timeout)); - /* re-try once if automatic retry mode is set */ - if(pThis->bAutoRetry && pThis->sessState == eRelpSessState_BROKEN) { - CHKRet(relpSessTryReestablish(pThis)); - } - /* then send our data */ if(pThis->sessState == eRelpSessState_BROKEN) ABORT_FINALIZE(RELP_RET_SESSION_BROKEN); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/src/relpsess.h new/librelp-1.11.0/src/relpsess.h --- old/librelp-1.10.0/src/relpsess.h 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/src/relpsess.h 2023-01-02 12:15:27.000000000 +0100 @@ -105,7 +105,6 @@ struct relpSendq_s *pSendq; /**< our send queue */ /* properties needed for client operation */ - int bAutoRetry; /**< automatically try (once) to reestablish a broken session? */ int sizeWindow; /**< size of our app-level communications window */ unsigned timeout; /**< timeout after which session is to be considered broken */ int connTimeout; /**< connection timeout */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/src/tcp.c new/librelp-1.11.0/src/tcp.c --- old/librelp-1.10.0/src/tcp.c 2021-02-16 09:07:24.000000000 +0100 +++ new/librelp-1.11.0/src/tcp.c 2023-01-02 12:15:27.000000000 +0100 @@ -66,6 +66,9 @@ # include <openssl/ssl.h> # include <openssl/x509v3.h> # include <openssl/err.h> +# if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER) +# include <openssl/bioerr.h> +# endif # include <openssl/engine.h> /* OpenSSL API differences */ # if OPENSSL_VERSION_NUMBER >= 0x10100000L @@ -167,6 +170,8 @@ static int called_openssl_global_init = 0; /* Main OpenSSL CTX pointer */ static SSL_CTX *ctx = NULL; +static pthread_mutex_t mutSsl; + /*--------------------------------------MT OpenSSL helpers ------------------------------------------*/ static MUTEX_TYPE *mutex_buf = NULL; @@ -227,7 +232,9 @@ for (i = 0; i < CRYPTO_num_locks( ); i++) MUTEX_SETUP(mutex_buf[i]); +#if OPENSSL_VERSION_NUMBER < 0x10100000L CRYPTO_set_id_callback(id_function); +#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ CRYPTO_set_locking_callback(locking_function); /* The following three CRYPTO_... functions are the OpenSSL functions for registering the callbacks we implemented above */ @@ -247,7 +254,9 @@ if (!mutex_buf) return 0; +#if OPENSSL_VERSION_NUMBER < 0x10100000L CRYPTO_set_id_callback(NULL); +#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ CRYPTO_set_locking_callback(NULL); CRYPTO_set_dynlock_create_callback(NULL); CRYPTO_set_dynlock_lock_callback(NULL); @@ -267,9 +276,16 @@ * alorbach, 2018-06-11 */ +#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER) +long BIO_debug_callback_ex(BIO *bio, int cmd, const char LIBRELP_ATTR_UNUSED *argp, + size_t LIBRELP_ATTR_UNUSED len, int argi, long LIBRELP_ATTR_UNUSED argl, + int ret, size_t LIBRELP_ATTR_UNUSED *processed) +#else long BIO_debug_callback(BIO *bio, int cmd, const char LIBRELP_ATTR_UNUSED *argp, int argi, long LIBRELP_ATTR_UNUSED argl, long ret) +#endif { + long ret2 = ret; // Helper value to avoid printf compile errors long<>int long r = 1; relpTcp_t* pThis = (relpTcp_t*) (void *) BIO_get_callback_arg(bio); @@ -338,27 +354,27 @@ case BIO_CB_RETURN | BIO_CB_READ: pThis->pEngine->dbgprint((char*)"openssl debugmsg: BIO[%p]: read return %ld\n", (void *)bio, - ret); + ret2); break; case BIO_CB_RETURN | BIO_CB_WRITE: pThis->pEngine->dbgprint((char*)"openssl debugmsg: BIO[%p]: write return %ld\n", (void *)bio, - ret); + ret2); break; case BIO_CB_RETURN | BIO_CB_GETS: pThis->pEngine->dbgprint((char*)"openssl debugmsg: BIO[%p]: gets return %ld\n", (void *)bio, - ret); + ret2); break; case BIO_CB_RETURN | BIO_CB_PUTS: pThis->pEngine->dbgprint((char*)"openssl debugmsg: BIO[%p]: puts return %ld\n", (void *)bio, - ret); + ret2); break; case BIO_CB_RETURN | BIO_CB_CTRL: pThis->pEngine->dbgprint((char*)"openssl debugmsg: BIO[%p]: ctrl return %ld\n", (void *)bio, - ret); + ret2); break; default: pThis->pEngine->dbgprint((char*)"openssl debugmsg: BIO[%p]: bio callback - unknown type (%d)\n", @@ -779,35 +795,40 @@ ENTER_RELPFUNC; assert(ppThis != NULL); pThis = *ppThis; - RELPOBJ_assert(pThis, Tcp); + /* AVOID freeing pThis AGAIN! */ + if (pThis != NULL) { + RELPOBJ_assert(pThis, Tcp); + // Only DEBUG if pThis is available + pThis->pEngine->dbgprint((char*)"relpTcpDestruct for %p\n", (void *) pThis); - if(pThis->sock != -1) { - shutdown(pThis->sock, SHUT_RDWR); - close(pThis->sock); - pThis->sock = -1; - } - - if(pThis->socks != NULL) { - /* if we have some sockets at this stage, we need to close them */ - for(int i = 1 ; i <= pThis->socks[0] ; ++i) { - shutdown(pThis->socks[i], SHUT_RDWR); - close(pThis->socks[i]); + if(pThis->sock != -1) { + shutdown(pThis->sock, SHUT_RDWR); + close(pThis->sock); + pThis->sock = -1; } - free(pThis->socks); - } - relpTcpDestructTLS(pThis); - free(pThis->pRemHostIP); - free(pThis->pRemHostName); - free(pThis->pristring); - free(pThis->caCertFile); - free(pThis->ownCertFile); - free(pThis->privKeyFile); - free(pThis->tlsConfigCmd); - - /* done with de-init work, now free tcp object itself */ - free(pThis); - *ppThis = NULL; + if(pThis->socks != NULL) { + /* if we have some sockets at this stage, we need to close them */ + for(int i = 1 ; i <= pThis->socks[0] ; ++i) { + shutdown(pThis->socks[i], SHUT_RDWR); + close(pThis->socks[i]); + } + free(pThis->socks); + } + relpTcpDestructTLS(pThis); + + free(pThis->pRemHostIP); + free(pThis->pRemHostName); + free(pThis->pristring); + free(pThis->caCertFile); + free(pThis->ownCertFile); + free(pThis->privKeyFile); + free(pThis->tlsConfigCmd); + + /* done with de-init work, now free tcp object itself */ + free(pThis); + *ppThis = NULL; + } LEAVE_RELPFUNC; } @@ -1341,9 +1362,19 @@ /* Load readable error strings */ SSL_load_error_strings(); +#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER) + /* + * ERR_load_*(), ERR_func_error_string(), ERR_get_error_line(), ERR_get_error_line_data(), ERR_get_state() + * OpenSSL now loads error strings automatically so these functions are not needed. + * SEE FOR MORE: + * https://www.openssl.org/docs/manmaster/man7/migration_guide.html + * + */ +#else + /* Load error strings into mem*/ ERR_load_BIO_strings(); ERR_load_crypto_strings(); - +#endif /* Create main CTX Object */ ctx = SSL_CTX_new(SSLv23_method()); @@ -1405,8 +1436,6 @@ pThis->pEngine->dbgprint((char*)"relpTcpInitTLS: Successfully initialized default " "CA certificate storage\n"); } - - called_openssl_global_init = 1; finalize_it: LEAVE_RELPFUNC; } @@ -1570,7 +1599,7 @@ relpTcpLastSSLErrorMsg(res, pThis, "relpTcpRtryHandshake Server"); ABORT_FINALIZE(RELP_RET_ERR_TLS_SETUP); } else { - snprintf(errmsg, sizeof(errmsg), + snprintf(errmsg, sizeof(errmsg), "relpTcpRtryHandshake_ossl: Server handshake failed with %d - Aborting handshake.", resErr); callOnErr(pThis, errmsg, RELP_RET_ERR_TLS_SETUP); @@ -1599,7 +1628,7 @@ relpTcpLastSSLErrorMsg(res, pThis, "relpTcpRtryHandshake Client"); ABORT_FINALIZE(RELP_RET_ERR_TLS_SETUP /*RS_RET_RETRY*/); } else { - snprintf(errmsg, sizeof(errmsg), + snprintf(errmsg, sizeof(errmsg), "relpTcpRtryHandshake_ossl: Client handshake failed with %d - Aborting handshake.", resErr); callOnErr(pThis, errmsg, RELP_RET_ERR_TLS_SETUP); @@ -1737,7 +1766,7 @@ // Set SSL_MODE_AUTO_RETRY to SSL obj SSL_set_mode(pThis->ssl, SSL_MODE_AUTO_RETRY); - + // Copy Properties from Server TCP obj over pThis->authmode = pSrv->pTcp->authmode; pThis->pUsr = pSrv->pUsr; @@ -1774,7 +1803,11 @@ pThis->pEngine->dbgprint((char*)"relpTcpAcceptConnReqInitTLS_ossl: Init client BIO[%p] done\n", (void *)client); /* Set debug Callback for client BIO as well! */ +#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER) + BIO_set_callback_ex(client, BIO_debug_callback_ex); +#else BIO_set_callback(client, BIO_debug_callback); +#endif BIO_set_callback_arg(client, (char *)pThis); /* TODO: still needed? Set to NON blocking ! */ @@ -1828,9 +1861,18 @@ ABORT_FINALIZE(RELP_RET_IO_ERR); } - if(!called_openssl_global_init) { + if(called_openssl_global_init == 0) { + MUTEX_SETUP(mutSsl); + MUTEX_LOCK(mutSsl); /* Init OpenSSL lib */ CHKRet(relpTcpInitTLS(pThis)); + called_openssl_global_init = 1; + MUTEX_UNLOCK(mutSsl); + } else { + MUTEX_LOCK(mutSsl); + /*Increment OpenSSL Usage by 1*/ + called_openssl_global_init++; + MUTEX_UNLOCK(mutSsl); } /*if we reach this point we are in tls mode */ @@ -1867,7 +1909,11 @@ pThis->pEngine->dbgprint((char*)"relpTcpConnectTLSInit: Init conn BIO[%p] done\n", (void *)conn); /* Set debug Callback for client BIO as well! */ +#if OPENSSL_VERSION_NUMBER >= 0x30000000L && !defined(LIBRESSL_VERSION_NUMBER) + BIO_set_callback_ex(conn, BIO_debug_callback_ex); +#else BIO_set_callback(conn, BIO_debug_callback); +#endif BIO_set_callback_arg(conn, (char *)pThis); /* TODO: still needed? Set to NON blocking ! */ @@ -1911,8 +1957,18 @@ ENTER_RELPFUNC; RELPOBJ_assert(pThis, Tcp); - if(!called_openssl_global_init) { + if(called_openssl_global_init == 0) { + MUTEX_SETUP(mutSsl); + MUTEX_LOCK(mutSsl); + /* Init OpenSSL lib */ CHKRet(relpTcpInitTLS(pThis)); + called_openssl_global_init = 1; + MUTEX_UNLOCK(mutSsl); + } else { + MUTEX_LOCK(mutSsl); + /*Increment OpenSSL Usage by 1*/ + called_openssl_global_init++; + MUTEX_UNLOCK(mutSsl); } /* Set TLS Options if configured */ @@ -1928,12 +1984,25 @@ relpTcpExitTLS_ossl(void) { if(called_openssl_global_init == 1) { - if (ctx != NULL) + MUTEX_LOCK(mutSsl); + if (ctx != NULL) { SSL_CTX_free(ctx); + ctx = NULL; + } ENGINE_cleanup(); ERR_free_strings(); EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); + /* Reset global init state*/ + called_openssl_global_init = 0; + + MUTEX_UNLOCK(mutSsl); + pthread_mutex_destroy(&mutSsl); + } else if (called_openssl_global_init > 0) { + MUTEX_LOCK(mutSsl); + /* OpenSSL library still in use */ + called_openssl_global_init--; + MUTEX_UNLOCK(mutSsl); } } @@ -2406,6 +2475,7 @@ for(iSrc = 0; iSrc < sizeFingerprint ; ++iSrc, iDst += 3) { sprintf(fpBuf+iDst, ":%2.2X", (unsigned char) pFingerprint[iSrc]); } + fpBuf[sizeTotal] = '\0'; }else if(bufLen>=1){ if (pEngine!=NULL) pEngine->dbgprint((char*)"warn: buffer overflow for %s signature\n",digestType); @@ -3044,18 +3114,22 @@ RELPOBJ_assert(pThis, Tcp); lenRcvd = gnutls_record_recv(pThis->session, pRcvBuf, *pLenBuf); - if(lenRcvd == GNUTLS_E_INTERRUPTED || lenRcvd == GNUTLS_E_AGAIN) { - pThis->pEngine->dbgprint((char*)"librelp: gnutls_record_recv must be retried %d\n", lenRcvd); - pThis->rtryOp = relpTCP_RETRY_recv; + if(lenRcvd > 0) { + *pLenBuf = lenRcvd; + pThis->pEngine->dbgprint((char*)"relpTcpRcv_gtls: gnutls_record_recv SUCCESS len %d\n", lenRcvd); } else { - pThis->rtryOp = relpTCP_RETRY_none; - if(lenRcvd < 0) { + *pLenBuf = -1; + if(lenRcvd == GNUTLS_E_INTERRUPTED || lenRcvd == GNUTLS_E_AGAIN) { + pThis->pEngine->dbgprint((char*)"relpTcpRcv_gtls: gnutls_record_recv must be retried %d\n", lenRcvd); + pThis->rtryOp = relpTCP_RETRY_recv; + } else { + pThis->rtryOp = relpTCP_RETRY_none; chkGnutlsCode(pThis, "TLS record reception failed", RELP_RET_IO_ERR, lenRcvd); - exit(1); + ABORT_FINALIZE(RELP_RET_IO_ERR); } } - *pLenBuf = (lenRcvd < 0) ? -1 : lenRcvd; +finalize_it: LEAVE_RELPFUNC; } #else @@ -3076,7 +3150,7 @@ lenRcvd = SSL_read(pThis->ssl, pRcvBuf, *pLenBuf); if(lenRcvd > 0) { - pThis->pEngine->dbgprint((char*)"relpTcpRcv_ossl: SSL_read SUCCESS\n"); + pThis->pEngine->dbgprint((char*)"relpTcpRcv_ossl: SSL_read SUCCESS len %d\n", lenRcvd); *pLenBuf = lenRcvd; } else { *pLenBuf = -1; @@ -3145,15 +3219,22 @@ if(errno == EAGAIN) { // Set mode to Retry pThis->rtryOp = relpTCP_RETRY_recv; + } else if(errno == ECONNRESET) { + pThis->pEngine->dbgprint((char*)"relpTcpRcv: read failed with errno ECONNRESET!\n"); +#if defined(_AIX) + } else if( errno == 0 || + errno == EINTR) { + // Check alternative ERRNO codes for AIX 7.x + pThis->rtryOp = relpTCP_RETRY_recv; +#endif } else { - pThis->pEngine->dbgprint((char*)"relpTcpRcv: read failed errno=%d\n", errno); + pThis->pEngine->dbgprint((char*)"relpTcpRcv: read failed errno='%d'\n", errno); } } - } - pThis->pEngine->dbgprint((char*)"relpTcpRcv return. relptcp [%p], iRet %d, lenRcvd %d, pLenBuf %zd\n", - (void *) pThis, iRet, lenRcvd, *pLenBuf); + pThis->pEngine->dbgprint((char*)"relpTcpRcv return. relptcp [%p], iRet %d, max %d, lenRcvd %d, pLenBuf %zd\n", + (void *) pThis, iRet, RELP_RCV_BUF_SIZE, lenRcvd, *pLenBuf); LEAVE_RELPFUNC; } @@ -3299,7 +3380,7 @@ CHKRet(relpTcpSend_ossl(pThis, pBuf, pLenBuf)); } } else { - pThis->pEngine->dbgprint((char*)"relpTcpSend: send data: %.*s\n", (int) *pLenBuf, pBuf); + pThis->pEngine->dbgprint((char*)"relpTcpSend: send data: '%.*s'\n", (int) *pLenBuf, pBuf); written = send(pThis->sock, pBuf, *pLenBuf, 0); const int errno_save = errno; pThis->pEngine->dbgprint((char*)"relpTcpSend: sock %d, lenbuf %zd, send returned %d [errno %d]\n", @@ -3307,7 +3388,11 @@ if(written == -1) { switch(errno_save) { case EAGAIN: +#if defined(_AIX) + // AIX Workarround handling other ERRNO codes + case 0: case EINTR: +#endif /* this is fine, just retry... */ written = 0; break; @@ -3477,9 +3562,10 @@ relpTcpConnectTLSInit(NOTLS_UNUSED relpTcp_t *const pThis) { ENTER_RELPFUNC; -pThis->pEngine->dbgprint((char*)"relpTcpConnectTLSInit: lib: %d\n", pThis->pEngine->tls_lib); #if defined(WITH_TLS) if(pThis->bEnableTLS) { + // Only DEBUG this if TLS enabled! + pThis->pEngine->dbgprint((char*)"relpTcpConnectTLSInit: lib: %d\n", pThis->pEngine->tls_lib); if(pThis->pEngine->tls_lib == 0) { CHKRet(relpTcpConnectTLSInit_gtls(pThis)); } else { @@ -3616,7 +3702,14 @@ ABORT_FINALIZE(RELP_RET_IO_ERR); } if(connect(pThis->sock, res->ai_addr, res->ai_addrlen) == -1) { - if(errno != EINPROGRESS) { +#if defined(_AIX) + // AIX Workarround handling other ERRNO codes + if( errno != 0 && + errno != EINTR && + errno != EINPROGRESS) { +#else + if( errno != EINPROGRESS) { +#endif char errStr[1200]; _relpEngine_strerror_r(errno, errStr, sizeof(errStr)); snprintf(errmsg, sizeof(errmsg), "error connecting: '%s'", errStr); @@ -3754,11 +3847,13 @@ { int r = 0; #if defined(WITH_TLS) - if(pThis->pEngine->tls_lib == 0) { - r = relpTcpGetRtryDirection_gtls(pThis); - } else { - r = relpTcpGetRtryDirection_ossl(pThis); - } + if (pThis->bTLSActive == 1) { + if(pThis->pEngine->tls_lib == 0) { + r = relpTcpGetRtryDirection_gtls(pThis); + } else { + r = relpTcpGetRtryDirection_ossl(pThis); + } + } #endif /* #ifdef WITH_TLS*/ return r; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/Makefile.am new/librelp-1.11.0/tests/Makefile.am --- old/librelp-1.10.0/tests/Makefile.am 2021-02-16 09:07:24.000000000 +0100 +++ new/librelp-1.11.0/tests/Makefile.am 2023-01-02 12:15:27.000000000 +0100 @@ -1,5 +1,5 @@ TEST_EXTENSIONS=.sh -check_PROGRAMS=receive send chkseq have_tlslib +check_PROGRAMS=receive send chkseq have_tlslib msleep receive_SOURCES=receive.c receive_LDADD=../src/.libs/librelp.la @@ -9,6 +9,8 @@ send_LDADD=../src/.libs/librelp.la send_CFLAGS=$(AM_CFLAGS) -I${top_srcdir}/src $(WARN_CFLAGS) +msleep_SOURCES = msleep.c + chkseq_SOURCES=chkseq.c have_tlslib_SOURCES=have_tlslib.c diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/Makefile.in new/librelp-1.11.0/tests/Makefile.in --- old/librelp-1.10.0/tests/Makefile.in 2021-02-16 09:07:49.000000000 +0100 +++ new/librelp-1.11.0/tests/Makefile.in 2023-01-02 12:18:14.000000000 +0100 @@ -88,7 +88,7 @@ build_triplet = @build@ host_triplet = @host@ check_PROGRAMS = receive$(EXEEXT) send$(EXEEXT) chkseq$(EXEEXT) \ - have_tlslib$(EXEEXT) + have_tlslib$(EXEEXT) msleep$(EXEEXT) @ENABLE_TLS_GENERIC_TRUE@am__append_1 = $(TLS_TESTS) @ENABLE_TLS_OPENSSL_TRUE@am__append_2 = $(OSSL_TESTS) @HAVE_VALGRIND_TRUE@am__append_3 = $(VALGRIND_TESTS) @@ -116,6 +116,9 @@ am_have_tlslib_OBJECTS = have_tlslib.$(OBJEXT) have_tlslib_OBJECTS = $(am_have_tlslib_OBJECTS) have_tlslib_LDADD = $(LDADD) +am_msleep_OBJECTS = msleep.$(OBJEXT) +msleep_OBJECTS = $(am_msleep_OBJECTS) +msleep_LDADD = $(LDADD) am_receive_OBJECTS = receive-receive.$(OBJEXT) receive_OBJECTS = $(am_receive_OBJECTS) receive_DEPENDENCIES = ../src/.libs/librelp.la @@ -144,7 +147,8 @@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/chkseq.Po ./$(DEPDIR)/have_tlslib.Po \ - ./$(DEPDIR)/receive-receive.Po ./$(DEPDIR)/send-send.Po + ./$(DEPDIR)/msleep.Po ./$(DEPDIR)/receive-receive.Po \ + ./$(DEPDIR)/send-send.Po am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) @@ -164,10 +168,10 @@ am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = -SOURCES = $(chkseq_SOURCES) $(have_tlslib_SOURCES) $(receive_SOURCES) \ - $(send_SOURCES) -DIST_SOURCES = $(chkseq_SOURCES) $(have_tlslib_SOURCES) \ +SOURCES = $(chkseq_SOURCES) $(have_tlslib_SOURCES) $(msleep_SOURCES) \ $(receive_SOURCES) $(send_SOURCES) +DIST_SOURCES = $(chkseq_SOURCES) $(have_tlslib_SOURCES) \ + $(msleep_SOURCES) $(receive_SOURCES) $(send_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ @@ -540,6 +544,7 @@ send_SOURCES = send.c send_LDADD = ../src/.libs/librelp.la send_CFLAGS = $(AM_CFLAGS) -I${top_srcdir}/src $(WARN_CFLAGS) +msleep_SOURCES = msleep.c chkseq_SOURCES = chkseq.c have_tlslib_SOURCES = have_tlslib.c VALGRIND_TESTS = \ @@ -660,6 +665,10 @@ @rm -f have_tlslib$(EXEEXT) $(AM_V_CCLD)$(LINK) $(have_tlslib_OBJECTS) $(have_tlslib_LDADD) $(LIBS) +msleep$(EXEEXT): $(msleep_OBJECTS) $(msleep_DEPENDENCIES) $(EXTRA_msleep_DEPENDENCIES) + @rm -f msleep$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(msleep_OBJECTS) $(msleep_LDADD) $(LIBS) + receive$(EXEEXT): $(receive_OBJECTS) $(receive_DEPENDENCIES) $(EXTRA_receive_DEPENDENCIES) @rm -f receive$(EXEEXT) $(AM_V_CCLD)$(receive_LINK) $(receive_OBJECTS) $(receive_LDADD) $(LIBS) @@ -676,6 +685,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chkseq.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/have_tlslib.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/msleep.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/receive-receive.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/send-send.Po@am__quote@ # am--include-marker @@ -1031,6 +1041,7 @@ distclean: distclean-am -rm -f ./$(DEPDIR)/chkseq.Po -rm -f ./$(DEPDIR)/have_tlslib.Po + -rm -f ./$(DEPDIR)/msleep.Po -rm -f ./$(DEPDIR)/receive-receive.Po -rm -f ./$(DEPDIR)/send-send.Po -rm -f Makefile @@ -1080,6 +1091,7 @@ maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/chkseq.Po -rm -f ./$(DEPDIR)/have_tlslib.Po + -rm -f ./$(DEPDIR)/msleep.Po -rm -f ./$(DEPDIR)/receive-receive.Po -rm -f ./$(DEPDIR)/send-send.Po -rm -f Makefile diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/basic-sessionbreak-vg.sh new/librelp-1.11.0/tests/basic-sessionbreak-vg.sh --- old/librelp-1.10.0/tests/basic-sessionbreak-vg.sh 2020-08-24 09:08:00.000000000 +0200 +++ new/librelp-1.11.0/tests/basic-sessionbreak-vg.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,5 +1,7 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh +check_command_available valgrind + if [ "$VALGRIND" == "NO" ] ; then echo "valgrind tests are not permitted by environment config" exit 77 @@ -16,14 +18,14 @@ export NUMLOOPS=2 #export valgrind="valgrind --malloc-fill=ff --free-fill=fe --log-fd=1" -export valgrind="valgrind --malloc-fill=ff --free-fill=fe --leak-check=full --log-fd=1 --error-exitcode=10 --gen-suppressions=all" +export valgrind="valgrind --malloc-fill=ff --free-fill=fe --leak-check=full --log-fd=1 --error-exitcode=10 --gen-suppressions=all --suppressions=$srcdir/known_issues.supp" -startup_receiver_valgrind --no-exit-on-error -e error.out.log --outfile $OUTFILE +startup_receiver_valgrind -N -e error.out.log -O $OUTFILE echo 'Send Message(s)...' for i in $(seq 1 $NUMLOOPS); do # How many times tcpflood runs in each threads - libtool --mode=execute ./send --no-exit-on-error -t 127.0.0.1 -p $TESTPORT -m "testmessage" -n $NUMMESSAGES $OPT_VERBOSE & + libtool --mode=execute ./send -N -t 127.0.0.1 -p $TESTPORT -m "testmessage" -n $NUMMESSAGES $OPT_VERBOSE & send_pid=$! echo "started send instance $i (PID $send_pid)" @@ -46,4 +48,4 @@ # check_output "testmessage" -terminate \ No newline at end of file +terminate diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/duplicate-receiver-vg.sh new/librelp-1.11.0/tests/duplicate-receiver-vg.sh --- old/librelp-1.10.0/tests/duplicate-receiver-vg.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/duplicate-receiver-vg.sh 2023-01-02 12:15:27.000000000 +0100 @@ -9,6 +9,8 @@ EOF exit 77 . ${srcdir:=$(pwd)}/test-framework.sh +check_command_available valgrind + if [ "$VALGRIND" == "NO" ] ; then echo "valgrind tests are not permitted by environment config" exit 77 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/msleep.c new/librelp-1.11.0/tests/msleep.c --- old/librelp-1.10.0/tests/msleep.c 1970-01-01 01:00:00.000000000 +0100 +++ new/librelp-1.11.0/tests/msleep.c 2023-01-02 12:15:27.000000000 +0100 @@ -0,0 +1,58 @@ +/* sleeps for the specified number of MILLIseconds. + * Primarily meant as a portable tool available everywhere for the + * testbench (sleep 0.1 does not work on all platforms). + * + * Part of the testbench for rsyslog. + * + * Copyright 2010 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of rsyslog. + * + * Rsyslog is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Rsyslog is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with Rsyslog. If not, see <http://www.gnu.org/licenses/>. + * + * A copy of the GPL can be found in the file "COPYING" in this distribution. + */ +#include "config.h" +#include <stdio.h> +#include <stdlib.h> +#if defined(__FreeBSD__) +#include <sys/time.h> +#else +#include <time.h> +#endif +#if defined(HAVE_SYS_SELECT_H) +#include <sys/select.h> +#endif + +int main(int argc, char *argv[]) +{ + struct timeval tvSelectTimeout; + long sleepTime; + + if(argc != 2) { + fprintf(stderr, "usage: msleep <milliseconds>\n"); + exit(1); + } + + sleepTime = atoi(argv[1]); + tvSelectTimeout.tv_sec = sleepTime / 1000; + tvSelectTimeout.tv_usec = (sleepTime % 1000) * 1000; /* micro seconds */ + if(select(0, NULL, NULL, NULL, &tvSelectTimeout) == -1) { + perror("select"); + exit(1); + } + + return 0; +} + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/receive-emptyconnect.sh new/librelp-1.11.0/tests/receive-emptyconnect.sh --- old/librelp-1.10.0/tests/receive-emptyconnect.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/receive-emptyconnect.sh 2023-01-02 12:15:27.000000000 +0100 @@ -5,8 +5,9 @@ # written 2018-11-20 by Rainer Gerhards, released under ASL 2.0 . ${srcdir:=$(pwd)}/test-framework.sh export errorlog="error.$LIBRELP_DYN.log" +check_command_available timeout -startup_receiver --errorfile $TESTDIR/$errorlog +startup_receiver -e $TESTDIR/$errorlog timeout 10s $PYTHON ${srcdir}/dummyclient.py sleep 1 stop_receiver diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/receive.c new/librelp-1.11.0/tests/receive.c --- old/librelp-1.10.0/tests/receive.c 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/receive.c 2023-01-02 12:15:27.000000000 +0100 @@ -24,7 +24,11 @@ #include <stdlib.h> #include <stdarg.h> #include <unistd.h> -#include <getopt.h> +#if defined(_AIX) +# include <unistd.h> +#else +# include <getopt.h> +#endif #include <string.h> #include <limits.h> #include <errno.h> @@ -239,6 +243,9 @@ const char *tlslib = NULL; const char* outfile_name = NULL; +#if defined(_AIX) + while((c = getopt(argc, argv, "a:c:Ae:F:l:m:No:O:P:p:TvW:x:y:z:")) != EOF) { +#else static struct option long_options[] = { {"ca", required_argument, 0, 'x'}, @@ -257,9 +264,8 @@ {0, 0, 0, 0} }; - - while((c = getopt_long(argc, argv, "a:c:Ae:F:l:m:o:O:P:p:TvW:x:y:z:", - long_options, &option_index)) != -1) { + while((c = getopt_long(argc, argv, "a:c:Ae:F:l:m:No:O:P:p:TvW:x:y:z:", long_options, &option_index)) != -1) { +#endif switch(c) { case 'a': authMode = optarg; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/receiver-abort.sh new/librelp-1.11.0/tests/receiver-abort.sh --- old/librelp-1.10.0/tests/receiver-abort.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/receiver-abort.sh 2023-01-02 12:15:27.000000000 +0100 @@ -5,11 +5,11 @@ . ${srcdir:=$(pwd)}/test-framework.sh # export OPT_VERBOSE=-v # uncomment for debugging export errorlog="error.$LIBRELP_DYN.log" -export NUMMESSAGES=100000 +export NUMMESSAGES=10000 check_command_available timeout startup_receiver -e ${TESTDIR}/${errorlog} -./send -t 127.0.0.1 -p $TESTPORT -n$NUMMESSAGES --no-exit-on-error --kill-on-msg 20000 --kill-pid $RECEIVE_PID $OPT_VERBOSE & +./send -t 127.0.0.1 -p $TESTPORT -n$NUMMESSAGES -N -K 2000 -I $RECEIVE_PID $OPT_VERBOSE & SENDER_PID=$! for i in {1..3}; do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/selftest_receive_watchdog.sh new/librelp-1.11.0/tests/selftest_receive_watchdog.sh --- old/librelp-1.10.0/tests/selftest_receive_watchdog.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/selftest_receive_watchdog.sh 2023-01-02 12:15:27.000000000 +0100 @@ -2,7 +2,7 @@ # written 2018-11-28 by Rainer Gerhards, released under ASL 2.0 . ${srcdir:=$(pwd)}/test-framework.sh printf 'starting receive, waiting for watchdog timeout to occur\n' -./receive --watchdog-timeout 2 -p $TESTPORT &> $OUTFILE +./receive -W 2 -p $TESTPORT &> $OUTFILE cat $OUTFILE check_output "watchdog timer expired" terminate diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/send.c new/librelp-1.11.0/tests/send.c --- old/librelp-1.10.0/tests/send.c 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/send.c 2023-01-02 12:15:27.000000000 +0100 @@ -24,7 +24,11 @@ #include <stddef.h> #include <stdarg.h> #include <unistd.h> -#include <getopt.h> +#if defined(_AIX) +# include <unistd.h> +#else +# include <getopt.h> +#endif #include <string.h> #include <sys/types.h> #include <signal.h> @@ -255,11 +259,14 @@ under_ci = getenv("UNDER_CI"); dbgFile = stdout; - #define KILL_ON_MSG 256 - #define KILL_SIGNAL 257 - #define KILL_PID 258 - #define DBGFILE 259 - #define CONNECT_RETRIES 260 + #define KILL_ON_MSG 'K' + #define KILL_SIGNAL 'S' + #define KILL_PID 'I' + #define DBGFILE 'D' + #define CONNECT_RETRIES 'R' +#if defined(_AIX) + while((c = getopt(argc, argv, "a:c:e:d:D:I:K:l:m:n:NP:p:R:S:Tt:vx:y:z:")) != EOF) { +#else static struct option long_options[] = { {"ca", required_argument, 0, 'x'}, @@ -280,7 +287,8 @@ {0, 0, 0, 0} }; - while((c = getopt_long(argc, argv, "a:c:e:d:l:m:n:P:p:Tt:vx:y:z:", long_options, &option_index)) != -1) { + while((c = getopt_long(argc, argv, "a:c:e:d:D:I:K:l:m:n:NP:p:R:S:Tt:vx:y:z:", long_options, &option_index)) != -1) { +#endif switch(c) { case 'a': authMode = optarg; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/test-framework.sh new/librelp-1.11.0/tests/test-framework.sh --- old/librelp-1.10.0/tests/test-framework.sh 2020-11-19 12:54:12.000000000 +0100 +++ new/librelp-1.11.0/tests/test-framework.sh 2023-01-02 12:15:27.000000000 +0100 @@ -8,8 +8,8 @@ export LIBRELP_DYN="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head --bytes 4)" export valgrind="valgrind --malloc-fill=ff --free-fill=fe --log-fd=1" # **** use the line below for very hard to find leaks! ***** -#export valgrind="valgrind --malloc-fill=ff --free-fill=fe --log-fd=1 --leak-check=full --show-leak-kinds=all" -#export OPT_VERBOSE=-v # uncomment for debugging +# export valgrind="valgrind --malloc-fill=ff --free-fill=fe --log-fd=1 --leak-check=full --show-leak-kinds=all" +# export OPT_VERBOSE=-v # uncomment for debugging source set-envvars ###################################################################### @@ -49,7 +49,7 @@ wait_process_startup_via_pidfile() { i=0 while test ! -f $1 ; do - sleep .100 + ./msleep 100 (( i++ )) if test $i -gt $TB_TIMEOUT_STARTUP then @@ -68,7 +68,7 @@ exit 77 fi printf 'Starting Receiver...\n' - libtool --mode=execute $valgrind ./receive $TLSLIB -p $TESTPORT --outfile $OUTFILE.2 -F $RECEIVE_PIDFILE $OPT_VERBOSE $* & + libtool --mode=execute $valgrind ./receive $TLSLIB -p $TESTPORT -O $OUTFILE.2 -F $RECEIVE_PIDFILE $OPT_VERBOSE $* & export RECEIVE_PID=$! printf "got $RECEIVE_PID $RECEIVE_PIDFILE\n" wait_process_startup_via_pidfile $RECEIVE_PIDFILE @@ -78,7 +78,7 @@ # start receiver, add receiver command line parameters after function name startup_receiver() { printf 'Starting Receiver...\n' - ./receive $TLSLIB -p $TESTPORT -F $RECEIVE_PIDFILE --outfile $OUTFILE $OPT_VERBOSE $* & + ./receive $TLSLIB -p $TESTPORT -F $RECEIVE_PIDFILE -O $OUTFILE $OPT_VERBOSE $* & export RECEIVE_PID=$! printf "got $RECEIVE_PID $RECEIVE_PIDFILE\n" wait_process_startup_via_pidfile $RECEIVE_PIDFILE @@ -153,7 +153,7 @@ if ! netstat -tp | grep -q $TESTPORT; then break fi - sleep 1 + ./msleep 1000 done } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-anon.sh new/librelp-1.11.0/tests/tls-basic-anon.sh --- old/librelp-1.10.0/tests/tls-basic-anon.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-anon.sh 2023-01-02 12:15:27.000000000 +0100 @@ -2,10 +2,10 @@ . ${srcdir:=$(pwd)}/test-framework.sh function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -e error.out.log + startup_receiver -l $TEST_TLS_LIB -T -e error.out.log echo 'Send Message...' - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T $OPT_VERBOSE 1>>${OUTFILE} 2>&1 + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T $OPT_VERBOSE 1>>${OUTFILE} 2>&1 # "relpTcpLastSSLErrorMsg: Errorstack: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher" stop_receiver diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-certchain.sh new/librelp-1.11.0/tests/tls-basic-certchain.sh --- old/librelp-1.10.0/tests/tls-basic-certchain.sh 2020-08-24 09:08:00.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-basic-certchain.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,10 +1,10 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "certvalid" -y ${srcdir}/tls-certs/ossl-server-certchain.pem -z ${srcdir}/tls-certs/ossl-server-key.pem -e error.out.log + startup_receiver -l $TEST_TLS_LIB -T -a "certvalid" -y ${srcdir}/tls-certs/ossl-server-certchain.pem -z ${srcdir}/tls-certs/ossl-server-key.pem -e error.out.log echo 'Send Message...' - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "certvalid" -y ${srcdir}/tls-certs/ossl-client-certchain.pem -z ${srcdir}/tls-certs/ossl-client-key.pem $OPT_VERBOSE 1>>${OUTFILE} 2>&1 + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "certvalid" -y ${srcdir}/tls-certs/ossl-client-certchain.pem -z ${srcdir}/tls-certs/ossl-client-key.pem $OPT_VERBOSE 1>>${OUTFILE} 2>&1 stop_receiver check_output "testmessage" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-certvalid-mixed.sh new/librelp-1.11.0/tests/tls-basic-certvalid-mixed.sh --- old/librelp-1.10.0/tests/tls-basic-certvalid-mixed.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-basic-certvalid-mixed.sh 2023-01-02 12:15:27.000000000 +0100 @@ -12,11 +12,11 @@ exit; fi -startup_receiver --tls-lib openssl -T -a "certvalid" -e "${TESTDIR}/${errorlog}" \ +startup_receiver -l openssl -T -a "certvalid" -e "${TESTDIR}/${errorlog}" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem echo 'Send Message...' -./send --tls-lib gnutls -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "certvalid" -e "${TESTDIR}/${errorlog}" \ +./send -l gnutls -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "certvalid" -e "${TESTDIR}/${errorlog}" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem $OPT_VERBOSE 1>>${OUTFILE} 2>&1 stop_receiver diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-certvalid.sh new/librelp-1.11.0/tests/tls-basic-certvalid.sh --- old/librelp-1.10.0/tests/tls-basic-certvalid.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-basic-certvalid.sh 2023-01-02 12:15:27.000000000 +0100 @@ -3,10 +3,10 @@ export errorlog="error.$LIBRELP_DYN.log" function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "certvalid" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem --errorfile "${TESTDIR}/${errorlog}" + startup_receiver -l $TEST_TLS_LIB -T -a "certvalid" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -e "${TESTDIR}/${errorlog}" echo 'Send Message...' - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "certvalid" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem $OPT_VERBOSE 1>>${OUTFILE} 2>&1 + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "certvalid" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem $OPT_VERBOSE 1>>${OUTFILE} 2>&1 stop_receiver check_output "testmessage" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-fingerprint.sh new/librelp-1.11.0/tests/tls-basic-fingerprint.sh --- old/librelp-1.10.0/tests/tls-basic-fingerprint.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-fingerprint.sh 2023-01-02 12:15:27.000000000 +0100 @@ -2,10 +2,10 @@ . ${srcdir:=$(pwd)}/test-framework.sh function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "fingerprint" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P 'SHA1:5C:C6:62:D5:9D:25:9F:BC:F3:CB:61:FA:D2:B3:8B:61:88:D7:06:C3' -e error.out.log + startup_receiver -l $TEST_TLS_LIB -T -a "fingerprint" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P 'SHA1:5C:C6:62:D5:9D:25:9F:BC:F3:CB:61:FA:D2:B3:8B:61:88:D7:06:C3' -e error.out.log echo 'Send Message...' - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "fingerprint" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P 'SHA1:5C:C6:62:D5:9D:25:9F:BC:F3:CB:61:FA:D2:B3:8B:61:88:D7:06:C3' $OPT_VERBOSE 1>>${OUTFILE} 2>&1 + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "fingerprint" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P 'SHA1:5C:C6:62:D5:9D:25:9F:BC:F3:CB:61:FA:D2:B3:8B:61:88:D7:06:C3' $OPT_VERBOSE 1>>${OUTFILE} 2>&1 stop_receiver check_output "testmessage" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-realistic.sh new/librelp-1.11.0/tests/tls-basic-realistic.sh --- old/librelp-1.10.0/tests/tls-basic-realistic.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-realistic.sh 2023-01-02 12:15:27.000000000 +0100 @@ -3,15 +3,16 @@ # a more relastic test which actually sends a bit larger number # of messages . ${srcdir:=$(pwd)}/test-framework.sh -NUMMESSAGES=50000 +NUMMESSAGES=10000 function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ + startup_receiver -l $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem \ -P 'testbench.rsyslog.com' -e error.out.log - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -n$NUMMESSAGES -T -a "name" \ + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -n$NUMMESSAGES -T -a "name" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ -z ${srcdir}/tls-certs/key.pem -P 'testbench.rsyslog.com' $OPT_VERBOSE + ./msleep 1000 stop_receiver check_msg_count printf 'END SUBTEST lib %s SUCCESS\n' $TEST_TLS_LIB diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-tlscommand-ciphers.sh new/librelp-1.11.0/tests/tls-basic-tlscommand-ciphers.sh --- old/librelp-1.10.0/tests/tls-basic-tlscommand-ciphers.sh 2021-02-16 09:07:24.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-tlscommand-ciphers.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,23 +1,24 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh export errorlog="error.$LIBRELP_DYN.log" +export TLSLIB="-l openssl" # export OPT_VERBOSE=-v # uncomment for debugging function actual_test() { # Test only supported for OpenSSL if [ "$TEST_TLS_LIB" == "openssl" ]; then - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ + startup_receiver -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem \ -P 'testbench.rsyslog.com' \ - --errorfile $TESTDIR/$errorlog \ + -e $TESTDIR/$errorlog \ -c "Protocol=ALL,-SSLv2,-SSLv3,-TLSv1,-TLSv1.1;CipherString=ECDHE-RSA-AES256-GCM-SHA384;MinProtocol=TLSv1.2;MaxProtocol=TLSv1.2;Ciphersuites=TLS_AES_256_GCM_SHA384" echo 'Send Message...' - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ + ./send $TLSLIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ -z ${srcdir}/tls-certs/key.pem -P 'testbench.rsyslog.com' \ -c "CipherString=ECDHE-RSA-AES128-GCM-SHA256;Ciphersuites=TLS_AES_128_GCM_SHA256" \ - --errorfile $TESTDIR/$errorlog \ + -e $TESTDIR/$errorlog \ $OPT_VERBOSE stop_receiver diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-tlscommand.sh new/librelp-1.11.0/tests/tls-basic-tlscommand.sh --- old/librelp-1.10.0/tests/tls-basic-tlscommand.sh 2021-02-16 09:07:24.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-tlscommand.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,23 +1,24 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh export errorlog="error.$LIBRELP_DYN.log" +export TLSLIB="-l openssl" # export OPT_VERBOSE=-v # uncomment for debugging function actual_test() { # Test only supported for OpenSSL if [ "$TEST_TLS_LIB" == "openssl" ]; then - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ + startup_receiver -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem \ -P 'testbench.rsyslog.com' \ - --errorfile $TESTDIR/$errorlog \ + -e $TESTDIR/$errorlog \ -c "Protocol=ALL,-SSLv2,-SSLv3,-TLSv1,-TLSv1.2;CipherString=ECDHE-RSA-AES256-GCM-SHA384;Protocol=ALL,-SSLv2,-SSLv3,-TLSv1,-TLSv1.2,-TLSv1.3;MinProtocol=TLSv1.2;MaxProtocol=TLSv1.2" echo 'Send Message...' - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ + ./send $TLSLIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ -z ${srcdir}/tls-certs/key.pem -P 'testbench.rsyslog.com' \ -c "Protocol=ALL,-SSLv2,-SSLv3,-TLSv1.1,-TLSv1.2;CipherString=DHE-RSA-AES256-SHA;Protocol=ALL,-SSLv2,-SSLv3,-TLSv1.1,-TLSv1.2,-TLSv1.3;MinProtocol=TLSv1.1;MaxProtocol=TLSv1.1" \ - --errorfile $TESTDIR/$errorlog \ + -e $TESTDIR/$errorlog \ $OPT_VERBOSE stop_receiver diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-vg.sh new/librelp-1.11.0/tests/tls-basic-vg.sh --- old/librelp-1.10.0/tests/tls-basic-vg.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-vg.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,5 +1,6 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh +check_command_available valgrind if [ "$VALGRIND" == "NO" ] ; then echo "valgrind tests are not permitted by environment config" exit 77 @@ -14,13 +15,13 @@ fi function actual_test() { - startup_receiver_valgrind --tls-lib $TEST_TLS_LIB -T -a "name" -e error.out.log --outfile $OUTFILE \ + startup_receiver_valgrind -l $TEST_TLS_LIB -T -a "name" -e error.out.log -O $OUTFILE \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ -z ${srcdir}/tls-certs/key.pem -P "rsyslog-client" echo 'Send Message...' libtool --mode=execute $valgrind \ - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T \ + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T \ -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ -z ${srcdir}/tls-certs/key.pem -P "rsyslog-client" $OPT_VERBOSE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic-wildcard.sh new/librelp-1.11.0/tests/tls-basic-wildcard.sh --- old/librelp-1.10.0/tests/tls-basic-wildcard.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic-wildcard.sh 2023-01-02 12:15:27.000000000 +0100 @@ -2,10 +2,10 @@ . ${srcdir:=$(pwd)}/test-framework.sh function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P '*.rsyslog.com' -e error.out.log + startup_receiver -l $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P '*.rsyslog.com' -e error.out.log echo 'Send Message...' - ./send -t 127.0.0.1 --tls-lib $TEST_TLS_LIB -p $TESTPORT -m "testmessage" -T -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P '*.rsyslog.com' $OPT_VERBOSE + ./send -t 127.0.0.1 -l $TEST_TLS_LIB -p $TESTPORT -m "testmessage" -T -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P '*.rsyslog.com' $OPT_VERBOSE stop_receiver check_output "testmessage" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-basic.sh new/librelp-1.11.0/tests/tls-basic.sh --- old/librelp-1.10.0/tests/tls-basic.sh 2019-03-04 10:03:06.000000000 +0100 +++ new/librelp-1.11.0/tests/tls-basic.sh 2023-01-02 12:15:27.000000000 +0100 @@ -2,11 +2,11 @@ . ${srcdir:=$(pwd)}/test-framework.sh function actual_test() { - startup_receiver --tls-lib $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ + startup_receiver -l $TEST_TLS_LIB -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem \ -P 'testbench.rsyslog.com' -e error.out.log - ./send --tls-lib $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ + ./send -l $TEST_TLS_LIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ -z ${srcdir}/tls-certs/key.pem -P 'testbench.rsyslog.com' $OPT_VERBOSE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-missing-param-receiver.sh new/librelp-1.11.0/tests/tls-missing-param-receiver.sh --- old/librelp-1.10.0/tests/tls-missing-param-receiver.sh 2020-08-24 09:08:00.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-missing-param-receiver.sh 2023-01-02 12:15:27.000000000 +0100 @@ -5,7 +5,7 @@ function actual_test() { # NOT USING startup_receiver! - ./receive --tls-lib $TEST_TLS_LIB -p $TESTPORT -T -a "name" \ + ./receive -l $TEST_TLS_LIB -p $TESTPORT -T -a "name" \ -y ${srcdir}/tls-certs/cert.pem -P "rsyslog" \ 2> $OUTFILE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-receiver-abort.sh new/librelp-1.11.0/tests/tls-receiver-abort.sh --- old/librelp-1.10.0/tests/tls-receiver-abort.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-receiver-abort.sh 2023-01-02 12:15:27.000000000 +0100 @@ -4,12 +4,12 @@ # of messages . ${srcdir:=$(pwd)}/test-framework.sh check_command_available timeout -export NUMMESSAGES=100000 +export NUMMESSAGES=10000 actual_test() { startup_receiver - ./send -t 127.0.0.1 -p $TESTPORT -n$NUMMESSAGES --no-exit-on-error \ - --kill-on-msg 20000 --kill-pid $RECEIVE_PID $OPT_VERBOSE & + ./send -t 127.0.0.1 -p $TESTPORT -n$NUMMESSAGES -N \ + -K 2000 -I$RECEIVE_PID $OPT_VERBOSE & SENDER_PID=$! for i in {1..3}; do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-wrong-permittedPeer.sh new/librelp-1.11.0/tests/tls-wrong-permittedPeer.sh --- old/librelp-1.10.0/tests/tls-wrong-permittedPeer.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-wrong-permittedPeer.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,7 +1,7 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh export errorlog="error.$LIBRELP_DYN.log" -export TLSLIB="--tls-lib openssl" +export TLSLIB="-l openssl" startup_receiver -T -a "name" -x ${srcdir}/tls-certs/ca.pem \ -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem \ -P "wrong name" -e $TESTDIR/$errorlog @@ -9,7 +9,7 @@ echo 'Send Message...' ./send $TLSLIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" \ -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem \ - -z ${srcdir}/tls-certs/key.pem -P "wrong name" --errorfile $TESTDIR/$errorlog $OPT_VERBOSE + -z ${srcdir}/tls-certs/key.pem -P "wrong name" -e $TESTDIR/$errorlog $OPT_VERBOSE stop_receiver check_output "authentication error.*no permited name found.*testbench.rsyslog.com" $TESTDIR/$errorlog diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/librelp-1.10.0/tests/tls-wrong-signedcert.sh new/librelp-1.11.0/tests/tls-wrong-signedcert.sh --- old/librelp-1.10.0/tests/tls-wrong-signedcert.sh 2020-09-29 09:01:33.000000000 +0200 +++ new/librelp-1.11.0/tests/tls-wrong-signedcert.sh 2023-01-02 12:15:27.000000000 +0100 @@ -1,11 +1,11 @@ #!/bin/bash . ${srcdir:=$(pwd)}/test-framework.sh export errorlog="error.$LIBRELP_DYN.log" -export TLSLIB="--tls-lib openssl" +export TLSLIB="-l openssl" startup_receiver -T -a "name" -x ${srcdir}/tls-certs/ossl-ca.pem -y ${srcdir}/tls-certs/ossl-server-cert.pem -z ${srcdir}/tls-certs/ossl-server-key.pem -P 'client.testbench.rsyslog.com' -e $TESTDIR/$errorlog echo 'Send Message...' -./send $TLSLIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P 'server.testbench.rsyslog.com' --errorfile $TESTDIR/$errorlog $OPT_VERBOSE +./send $TLSLIB -t 127.0.0.1 -p $TESTPORT -m "testmessage" -T -a "name" -x ${srcdir}/tls-certs/ca.pem -y ${srcdir}/tls-certs/cert.pem -z ${srcdir}/tls-certs/key.pem -P 'server.testbench.rsyslog.com' -e $TESTDIR/$errorlog $OPT_VERBOSE stop_receiver # Perform multiline GREP with -z