On Sun, Feb 07, 2021 at 05:35:41PM +0100, Remi Locherer wrote: > Hi > > This updates librelp to version 1.9.0. The changelog can be found here: > https://github.com/rsyslog/librelp/blob/master/ChangeLog > > Many changes are related to TLS and openssl. I had to add a patch to make > it compile with libressl. > > Running the tests shows that librelp does not work with libressl. Most TLS > tests run twice: once with gnutls and once with openssl. The runs with > openssl fail.
I haven't investigated it fully, but I believe this is mostly due to their ca.pem (and perhaps others) containing X509v3 Subject Alternative Name: DNS:rsyslog ca which is quite obviously bogus (it should be a valid DNS name). If I hack up the verifier to accept this, all but 3 tests pass. I will look at these other failures soon.