Hi This updates librelp to version 1.9.0. The changelog can be found here: https://github.com/rsyslog/librelp/blob/master/ChangeLog
Many changes are related to TLS and openssl. I had to add a patch to make it compile with libressl. Running the tests shows that librelp does not work with libressl. Most TLS tests run twice: once with gnutls and once with openssl. The runs with openssl fail. Most of the failures look like this: send: authentication error 'Certificate error in verify_callback at depth: 1 issuer = /CN=rsyslog ca/OU=Adiscon/O=Adiscon GmbH/L=Grossrinderfeld/ST=BW/C=DE/DC=rsyslog subject = /CN=rsyslog ca/OU=Adiscon/O=Adiscon GmbH/L=Grossrinderfeld/ST=BW/C=DE/DC=rsyslog err 53:unsupported or invalid name syntax ', object 'unsupported or invalid name syntax' The certificate used by the test with the above error is this one: https://github.com/rsyslog/librelp/tree/master/tests/tls-certs/cert.pm rsyslogd is the user of librelp and our package is linked against gnutls and therefor not directly affected by these failures with libressl. I verified that rsyslogd in ports can still send messages with omrelp and tls=on. The rsyslogd package needs to be rebuilt (library version). Comments, hints, OKs? Remi Index: Makefile =================================================================== RCS file: /cvs/ports/sysutils/librelp/Makefile,v retrieving revision 1.17 diff -u -p -r1.17 Makefile --- Makefile 25 Aug 2020 05:48:54 -0000 1.17 +++ Makefile 7 Feb 2021 10:42:03 -0000 @@ -2,9 +2,9 @@ COMMENT = reliable event logging protocol library -DISTNAME = librelp-1.6.0 +DISTNAME = librelp-1.9.0 -SHARED_LIBS += relp 4.0 # 5.0 +SHARED_LIBS += relp 5.0 # 5.0 CATEGORIES = sysutils @@ -15,7 +15,7 @@ MAINTAINER = Remi Locherer <remi@openbsd # GPLv3+ PERMIT_PACKAGE = Yes -WANTLIB = ffi gmp gnutls hogweed iconv idn2 intl nettle p11-kit pthread +WANTLIB = gmp gnutls hogweed iconv idn2 intl nettle p11-kit pthread WANTLIB += tasn1 unistring crypto ssl MASTER_SITES = http://download.rsyslog.com/librelp/ Index: distinfo =================================================================== RCS file: /cvs/ports/sysutils/librelp/distinfo,v retrieving revision 1.9 diff -u -p -r1.9 distinfo --- distinfo 25 Aug 2020 05:48:54 -0000 1.9 +++ distinfo 7 Feb 2021 10:42:24 -0000 @@ -1,2 +1,2 @@ -SHA256 (librelp-1.6.0.tar.gz) = z2zJSKWz0eVrMlFYXBG+6hxbKF/L+OKa1olVx+t1+Mo= -SIZE (librelp-1.6.0.tar.gz) = 522827 +SHA256 (librelp-1.9.0.tar.gz) = JO6ehDlg0UAKRP+u2wseyRRj34+KzKhpzAJ+0l7mvzM= +SIZE (librelp-1.9.0.tar.gz) = 540477 Index: patches/patch-src_tcp_c =================================================================== RCS file: patches/patch-src_tcp_c diff -N patches/patch-src_tcp_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-src_tcp_c 10 Jan 2021 23:44:08 -0000 @@ -0,0 +1,14 @@ +$OpenBSD$ + +Index: src/tcp.c +--- src/tcp.c.orig ++++ src/tcp.c +@@ -1494,7 +1494,7 @@ relpTcpSslInitCerts(relpTcp_t *const pThis, char *ownC + ENTER_RELPFUNC; + + if( ownCertFile!= NULL ) { +- #if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + if (SSL_use_certificate_chain_file(pThis->ssl, ownCertFile) != 1) { + #else + if (SSL_use_certificate_file(pThis->ssl, ownCertFile, SSL_FILETYPE_PEM) != 1) {