Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: rsyslog-module-ossl | Distribution: openSUSE Tumbleweed |
Version: 8.2406.0 | Vendor: openSUSE |
Release: 1.2 | Build date: Wed Jul 24 08:48:46 2024 |
Group: System/Daemons | Build host: reproducible |
Size: 70408 | Source RPM: rsyslog-8.2406.0-1.2.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: http://www.rsyslog.com/ | |
Summary: TLS encryption support module for rsyslog |
Rsyslog is an enhanced multi-threaded syslog daemon. See rsyslog package. This module provides the ability for TLS encrypted TCP logging using the OpenSSL library.
Apache-2.0 AND GPL-3.0-or-later
* Wed Jul 24 2024 Thomas Blume <Thomas.Blume@suse.com> - Upgrade to rsyslog 8.2406.0 -patches replaced by upgrade (see details in upgrade logs below) 0001-use-logind-instead-of-utmp-for-wall-messages-with-sy.patch * 2023-11-29: Revert "Update omlibdbi.c" * 2023-11-21: imkmsg: add params "readMode" and "expectedBootCompleteSeconds" * 2023-11-10: testbench: fix "typo" in test case * 2023-11-08: omazureeventhubs: Corrected handling of transport closed failures * 2023-10-31: imkmsg: add module param parseKernelTimestamp * 2023-11-03: imfile: remove state file on file delete fix * 2023-10-30: imklog bugfix: keepKernelTimestamp=off config param did not work * 2023-10-30: Netstreamdriver: deallocate certificate related resources * 2023-10-20: TLS subsystem: add remote hostname to error reporting * 2023-10-21: Fix forking issue do to close_range call * 2023-10-23: replace debian sample systemd service file by readme * 2023-10-20: testbench: bump zookeeper version to match current offering * 2023-10-20: Update rsyslog.service sample unit to the latest version used in Debian Trixie * 2023-10-20: Only keep a single rsyslog.service for Debian * 2023-10-20: Remove no longer used --with-systemdsystemunitdir configure switch * 2023-10-18: use logind instead of utmp for wall messages with systemd - replaces 0001-use-logind-instead-of-utmp-for-wall-messages-with-sy.patch * 2023-10-11: Typo fixes * 2023-10-11: Drop CAP_IPC_LOCK capability * 2023-10-04: Add CAP_NET_RAW capability due to the omudpspoof module * 2023-10-03: Add new global config option "libcapng.enable" * 2023-10-02: tcp net subsystem: handle data race gracefully * 2023-08-31: Avoid crash on restart in imrelp SIGTTIN handler * 2023-09-26: fix startup issue on modern systemd systems * 2023-09-14: Fix misspeling in message. * 2023-09-13: tcpflood bugfix: plain tcp send error not properly reported * 2023-09-12: omprog bugfix: Add CAP_DAC_OVERRIDE to the bounding set * 2023-08-02: testbench: cleanup and improve some more imfile tests * 2023-08-02: lookup tables: fix static analyzer issue * 2023-08-02: lookup tables bugfix: reload on HUP did not work when backgrounded * 2023-07-28: CI: fix and cleaup github workflow * 2023-03-07: imjournal: Support input module * 2023-07-28: testbench: make test more reliable * 2023-07-28: tcpflood: add -A option to NOT abort when sending fails * 2023-07-28: tcpflood: fix today's programming error * 2023-07-28: openssl: Replaced depreceated method SSLv23_method with TLS_method * 2023-07-27: testbench improvement: define state file directories for imfile tests * 2023-07-28: testbench: cleanup a test and some nitfixes to it * 2023-07-27: tcpflood bugfix: TCP sending was not implemented properly * 2023-07-26: testbench: make waiting for HUP processing more reliable * 2023-07-25: build system: make rsyslogd execute when --disable-inet is configured * 2023-07-25: CI: update zookeper download to newer version * 2023-07-10: ossl driver: Using newer INIT API for OpenSSL 1.1+ Versions * 2023-07-11: ossl: Fix CRL File Expire from 1 day to 100 years. * 2023-07-06: PR5175: Add TLS CRL Support for GnuTLS driver and OpenSSL 1.0.2+ * 2022-05-13: omazureeventhubs: Initial implementation of new output module * 2023-07-03: TLS CRL Support Issue 5081 * 2023-06-29: action.resumeintervalmax: the parameter was not respected * 2023-06-28: IMHIREDIS::FIXED:: Restore compatiblity with hiredis < v1.0.0 * 2023-05-15: Add the 'batchsize' parameter to imhiredis * 2023-06-28: Clear undefined behavior in libgcry.c (GH #5167) * 2023-06-22: Do not try to drop capabilities when we don't have any * 2023-06-22: testbench: use newer zookeeper version in tests * 2023-06-22: build system: more precise error message on too-old lib * 2023-05-17: Fix quoting for omprog, improg, mmexternal * Thu Mar 14 2024 Dominique Leuenberger <dimstar@opensuse.org> - Fix rpmlint warnings and errors: + rsyslog.spec:590: W: %autopatch-not-in-prep: - applying patches should be done in prep section and in this case, there is no reason not to do it. Use the opportunity to switch to %autosetup. - Do not BuildRequire libtool, autoconf, automake and don't run autoreconf: the comment indicates this would be needed for patch1, but likely for an 'older patch1': what we have now does not touch the build system. + E: superfluous-%clean-section: Drop long deprecated %clean section. + E: suse-zypp-otherproviders otherproviders(syslog): simply provide syslog. + W: non-etc-or-var-file-marked-as-conffile: do not mark files in /usr/share as config; admins are not supposed to change them. + rsyslog-doc.x86_64: E: no-binary: build rsyslog-doc as noarch. + E: explicit-lib-dependency librdkafka1: the dependency for one should be in module-kafka, but then is also auto-detected by RPM. * Thu Jan 18 2024 Thomas Blume <thomas.blume@suse.com> - suppress installation errors when systemd is not running (bsc#1218799) * Wed Oct 25 2023 Thomas Blume <thomas.blume@suse.com> - use logind instead of utmp for wall messages with systemd Future SUSE versions will get rid of utmp due to a 32bit time_t counter overflow in 2038. See details at: https://github.com/thkukuk/utmpx/blob/main/Y2038.md On systemd based systems logind is an alternative to utmp. * add: 0001-use-logind-instead-of-utmp-for-wall-messages-with-sy.patch * Tue Sep 05 2023 Thomas Blume <thomas.blume@suse.com> - trigger daemon restart after modules packages have been updated (bsc#1214996) * Tue Jul 04 2023 Thomas Blume <thomas.blume@suse.com> - Upgrade to rsyslog 8.2306.0 * 2023-06-09: mmnormalize bugfix: if msg cannot be parsed, parser chain is stopped * 2023-06-08: Add new global config option "libcapng.default" * 2023-06-08: imjournal: Add FileCreateMode module parameter * 2023-04-17: core bugfix: potential segfault on busy systems * 2023-05-11: GNUTls Driver: Fix memory leaks in gtlsInitCred * 2023-05-24: CI: update base ubuntu image for github actions * 2023-05-16: OMHIREDIS::ADDED:: New support for 'stream' mode * 2023-05-17: OMHIREDIS::ADDED:: new tests for existing functionalities * 2023-04-25: OMHIREDIS::FIXED:: Correctly suspend module in case of failure * 2023-05-17: OMHIREDIS::FIXED:: Synchronously try to authenticate * 2023-04-25: IMHIREDIS::ADDED:: New support for 'stream' mode * 2023-04-25: REDIS::ADDED:: Implement tests for imhiredis module * 2023-04-12: IMHIREDIS::CLEAN:: various improvements and fixes [#]## CHANGED - [IMHIREDIS] factorize code for different modes - [IMHIREDIS] Clean and improve logging lines - [IMHIREDIS] Poll extinction state less frequently for main thread (less aggresive) - [IMHIREDIS] Set 'key' action parameter to REQUIRED - [IMHIREDIS] Use known message length instead of calculating it when enqueuing message [#]## ADDED - [IMHIREDIS] Missing redis replies' types in enumeration [#]## FIXED - [IMHIREDIS] Correctly initialize instance object, especially for redisNodesList - [IMHIREDIS] Correctly print input mode's value in logs when set incorrectly * 2023-05-17: tests: mmexternal-SegFault-empty-jroot-vg.sh: fix typo * 2023-03-21: modify testbench test to detect wrong imptcp truncation * 2023-03-21: imptcp bugfix: spam log on oversize message * 2023-03-23: core/bugfix: using $uuid msg prop can deadlock rsyslog on shutdown * 2023-03-13: Remove halted LGTM badges on README * 2023-02-16: Do not preserve capabilities when changing credentials * 2023-01-23: CI/QA: do compile test both with NDEBUG set/unset * 2023-01-23: Fixed wrong type conversion in cstrLen() for debug mode as well * 2023-01-18: core/template: implement negative position.to * 2023-01-18: CI: fix github CodeQL settings * 2023-01-17: Remove CAP_DAC_OVERRIDE if privileges dropped * 2023-01-17: Adjust the capability set * 2023-01-13: substring function: enhancement and hardening * 2023-01-11: omfile: add action parameters "rotation.*" * 2023-01-11: CI: use newer version of zookeeper * 2023-01-09: ffaup fix : memory corruption with concurrent workers * 2023-01-02: openssl: fix undefined reference to CRYPTO_set_id_callback * 2022-12-30: testbench: add test for invalid json template generation * 2022-12-30: core bugfix: template system may generate invalid json * 2022-12-28: Fixed wrong type conversion in cstrLen() * 2022-12-08: Add CodeQL workflow for GitHub code scanning * Tue Dec 27 2022 Ludwig Nussel <lnussel@suse.com> - Replace transitional %usrmerged macro with regular version check (boo#1206798) * Tue Dec 06 2022 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2212.0 * 2022-12-05: testbench: make python http server based tests more reliable * 2022-12-05: omprog bugfix: invalid status handling at called program startup * 2022-11-29: testbench bugfix: wrong message injection object of instance 1 * 2022-11-21: rsyslog.conf man page bugfix: description of selectors * 2022-11-18: imtcp bugfix: legacy config directives did no longer work * 2022-11-16: ksi bugfix: sending of too many signing requests fixed. * 2022-11-14: bugfix: prevent potential segfault when switchung to queue emergency mode * 2022-11-02: imjournal: add second fallback to _COMM * 2022-10-25: core bugfix: local hostname invalid if no global() config object given * 2022-10-25: testbench bugfix: fixed timing issue that sometimes lead to test failure * Tue Oct 18 2022 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2210.0 * 2022-10-13: fix NetBSD build issue * 2022-10-12: omrabbitmq: Add TLS support * 2022-09-14: config: add "abortOnFailedQueueStartup" global config parameter * 2022-09-07: cor bugfix: leak in helper function SetString * 2022-09-07: core bugfix: correct local host name after config processing * 2022-08-31: imtcp: add option notifyonconnectionopen * 2022-08-26: openssl TLS driver: add mechanism to include extra CA files parameter * 2022-08-19: fix compile issue with older gcc compilers * Tue Aug 09 2022 Michael Ströder <michael@stroeder.com> - added libzstd-devel as build dependency - Upgrade to rsyslog 8.2208.0 * 2022-08-09: ksi bugfix: request cache size and send timeout issue fixed. * 2022-08-09: imjournal bugfix: segmentation fault in close journal * 2022-08-09: net subsystem: support sha256 for StreamDriverAuthMode="x509/fingerprint" * 2022-08-05: imfile bugfix: message loss/duplication when monitored file is rotated * 2022-08-05: ksi bugfix: optimize processing of signer queue to fix delays. * 2022-08-04: ksi bugfix: possible crash fixed when several log files are opened. * 2022-08-04: openssl: add support to split tls commands by semicolon * 2022-08-04: openssl subsystem bugfix: build issue on Solaris * 2022-08-04: openssl: add more details to error messages * 2022-08-04: omclickhouse: capture additional exceptions * 2022-08-04: mmanon bugfix: Simplified and fixed IPv4 digit detection. * 2022-07-21: imptcp: slight tuning * 2022-07-20: template procesing/json: performance optimization * 2022-07-19: core bugfix: memory leak when free action worker data table * 2022-07-13: omfile: support for zstd compression * 2022-07-07: stream cleanup: move error message to debug log, only * 2022-07-04: mmdblookup bugfix: Don't crash Rsyslog on mmdb file errors * 2022-06-28: build error fix: libbson requires out-of-date language constructs * 2022-06-27: OpenSSL: fix depreacted API issues for OpenSSL 3.x * Tue Jun 14 2022 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2206.0 * 2022-05-25: omelastisearch: allow omitting _type field * 2022-05-18: tcpsrv/imtcp: slight performance improvements * 2022-05-12: imptcp bugfix: worker thread starvation on extreme traffic * 2022-05-11: omelasticsearch: several support option for ElasticSearch 8 - config params searchIndex and documentType can be empty - support for Data Stream API - new config param esVersion.major * 2022-05-09: tcp receiver bugfix: delay/potential hang on some error conditions * 2022-05-05: net bugfix: potential buffer overrun fixes CVE-2022-24903 Advisory: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8#advisory-comment-72243 * 2022-05-05: imptcp: set OS worker thread name * 2022-04-26: mmanon bugfix: shortened IPv6 form not always anonymized * 2022-04-22: mmdblookup fix: wrong copy of buffer * 2022-04-22: mmdblookup: several enhancements - support arrays in MMDB entry - support escaped quotes '"' in MMDB entry - support '<' characters in MMDB entry, when in a field - support '}' characters in MMDB entry, when in a field * Sun May 08 2022 Andreas Stieger <andreas.stieger@gmx.de> - rsyslog 8.2204.1: * CVE-2022-24903: potential buffer overrun in imptcp, imtcp, imgssapi and others (boo#1199061) * Tue Apr 19 2022 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2204.0 * 2022-04-18: gnutls bugfix: possibility of infinite loop * 2022-04-17: core/bugfix: errorfile could grow over max configures size * 2022-04-17: omkafka bugfix: potential misadressing * 2022-04-06: added new "FullJSONFmt" standard template (with addtl fields) * 2022-04-04: imfile: potential processing delay * 2022-04-04: bugfix: cosmetic data races * 2022-04-01: add property options to support ISO week/year number * 2022-04-01: core bugfix: "action suspended" message was emitted even when turned off * 2022-03-31: testbench: add more tests for rscript comparison operations * 2022-03-31: core bugfix: make internal logs emitted during HUP procesing appear quicker * 2022-03-20: refactor: Move the parser directive to the main config * 2022-03-16: refactor: ake the main message queue part of the config * regression bugfix: rsyslog may segfault during startup * regression fix: script string comparison did not work correctly * Mon Mar 14 2022 Thomas Blume <thomas.blume@suse.com> - remove invalid dependencies from systemd service unit (bsc#1196795, bsc#1196359) * Tue Feb 15 2022 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2202.0 * 2022-02-14: imfile bugfix: remove cause for "internal error message" (not causing harm) * 2022-02-04: rscript bugfix: literal numbers were not compared correctly * 2022-02-04: omelasticsearch bugfix: indexSuccess impstats counter in bulkmode wrong * 2022-01-17: imkmsg bugfix: effectively disabled input on error reading kmsg * 2022-01-17: imtcp bugfix: worker threads were not properly terminated * 2022-01-07: omlibdbi bugfix: use-after-free bug * 2022-01-06: omhttp bugfix: memory leak in lokirest batchmode * Wed Jan 19 2022 Thomas Blume <thomas.blume@suse.com> - add service dependencies for remote logging (bsc#1194669) - update config example in remote.conf to match upstream documentation * Thu Dec 16 2021 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2112.0 * 2021-12-14: refactor:Deallocate outchannel resources in rsconf destructor * 2021-12-14: refactor: use runConf instead of loadConf in ratelimiting during runtime * 2021-11-22: new contribtion: URL parser module function using libfa * 2021-11-18: mmanon: relax IPv6 detection - improve anonymization * 2021-11-10: ruleset bugfix: ruleset queue was incorrectly named * 2021-11-10: omsnmp: update module to current IP best practices * 2021-10-27: ommysql: fix threading bug * 2021-10-25: testbench: false positive when impstats was not built * 2021-10-25: imtcp: add support for permittedPeers setting at input() level * Thu Oct 21 2021 Thomas Blume <thomas.blume@suse.com> - remove $klogConsoleLogLevel setting from rsyslog.conf (bsc#1191833) * this legacy setting from pre-systemd times is obsolete * Wed Oct 20 2021 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2110.0: * 2021-10-13: config bugfix: global(security.abortonidresolutionfail=) did not work when used with rscript based configuration, it was not checked. * 2021-10-13: config bugfix: global param $privDropToUser did not work correctly The parameter was not implemented for rscript based configuration and did not properly apply to legacy configuration. In essence, it almost always did not work as expected. see also: https://github.com/rsyslog/rsyslog/issues/4642 see also: https://github.com/rsyslog/rsyslog/commit/cbcaf2c7e5b67e5465e47bc7cc67af2eae47bd31 * 2021-10-12: rscript bugfix: ruleset called async when ruleset had queue.type="direct" The call rscript statement is able to call a rule set either synchronously or asynchronously. We did this, because practice showed that both modes are needed. For various reasons we decided to make async calls if the ruleset has a queue assigned and sync if not. To know if a "queue is assigned" we just checked if queue parameters were given. It was overlookeded the case of someone explicitly specifying a "direct queue", aka "no queue". As such, queue="direct" triggered async calls. That in turn meant that when a write operation to a variable was made inside that rule set, other rulesets could or could not see the write. While if was often not seen, this was a data race where the change could also be seen by the outside. This is now fixed. No matter if queue.type="direct" is specified or left out, the call will always by synchronous. Any values written to variables will also be seen by the "outside world" in later processing stages. Note that this has some potential to BREAK EXISTING CONFIGURATIONS. We deem this acceptable because: 1. this was racy at all, so unexpected behaviour could alwas occur 2. it is actually unlikely that someone used the triggering conditions in practice. But we can not outrule this, especially when the configuration was auto-generated. Potential compatibility issues can be solved by defining a small array-memory queue on the ruleset in question instead of specifying direct type. Again, we expect that almost all users will never experience any problems. If you do, however, please let us know: we may add an option to re-enable the bug. * 2021-10-12: ksi bugfix: locking bug fixed in rsksiCtxOpenFile Thanks to Taavi Valjaots for the patch. * 2021-10-11: core bugfix: fix typo in error message Thanks to github user jkschulz for the patch. * 2021-10-11: tcpsrv bugfix: compilation without exceptions tcpsrv.c:992:1: error: label at end of compound statement finalize_it: ^~~~~~~~~~~ Quoting from pthread.h: pthread_cleanup_push and pthread_cleanup_pop are macros and must always be used in matching pairs at the same nesting level of braces. Amends commit bcdd220142ec9eb106550195ba331fd114adb0bd. Thanks to Orgad Shaneh for the patch. * 2021-10-11: mkubernetes bugfix: no connection retry to kubernetes APP When connection to the kubernates API was not possible, mmkubernetes did not retry. This does now happen via regular rsyslog retry mechanism. Thanks to github user jayme-github for the analysis and patch. closes https://github.com/rsyslog/rsyslog/issues/4669 * 2021-10-11: openssl bugfix: Correct gnutlsPriorityString (custom ciphers) behaviour * Only apply default anon ciphers if gnutlsPriorityString is NULL and Authentication Mode is set to anon. Otherwise we do not set them as they overwrite custom Ciphers. * Added two tests for custom cipher configuration (anon/certvalid mode). * Add call for applyGnutlsPriorityString if gnutlsPriorityString changes. * Merged openssl init code from Connect into osslInitSession closes: https://github.com/rsyslog/rsyslog/issues/4686 * 2021-10-11: build issue: handle undefined MAXPATHLEN, PATH_MAX While we handled missing PATH_MAX, we did not handle missing MAXPATHLEN. This happens under GNU/Hurd, because there is no official limit. However, extremely long pathes are extremely uncommon, so we do not want to use slow dynamic alloc each time we need to build pathes. So we impose a limit of 4KiB, which should be fairly enough. Note that this obviously increases stack requirements in GNU/Hurd. As suggested by Michael Biebl, we have now implemented a generic approach to handle this via autoconf. * 2021-09-12: openssl: extended output information on connection failure Now includes the remote client/server IP address in the log output. * 2021-09-12: imhttp enhancements - query parameter ingestion & basic auth support * Basic Authentication support & tests * configured via imhttp option "basicAuthFile". This option should be configured to point to your htpasswd file generated via a standard htpasswd tool. tests: * imhttp-post-payload-basic-auth.sh * imhttp-post-payload-basic-auth-vg.sh * Query parameter ingestion capability & tests use t `addmetadata` option to inject query parameters into metadata for imhttp input. DISTRO PACKAGERS BEWARE: NEW DEPENDENCY FOR IMHTTP: libaprutil (libaprutil1-dev on debian'ish, apr-util-devel on Red Hat) Thanks to Nelson Yen for the patch. * 2021-09-07: testbench bugfix: privdrop tests under root user did not work When running under root, the privdrop tests did not properly work. This patch fixes the issue and skips test where necessary. This also includes some modernization of the related tests. closes https://github.com/rsyslog/rsyslog/issues/4619 * 2021-09-07: core/ratelimiting: fix rate limiting for already parsed messages Rate limiting may not have worked if the considered message had already been parsed (not having NEEDS_PARSING in msgFlags). This affects also imuxsock in its default configuration (useSpecialParser="true" and ratelimit.severity="1") * 2021-09-07: core bugfix: use of property $wday terminates string When $wday is used inside a template, all template parts after it are ignored. For exmaple: template(name="json_filename" type="string" string="/var/log/%$wday%.log") would generate something like "/var/log/0" - the ".log" part would be missing. For the same reason, $wday can not reliably checked in script filters. Thanks to Alain Thivillon for reporting the bug and providing an excellent analysis, which essentiellay was exactly this fix here. closes https://github.com/rsyslog/rsyslog/issues/4670 * 2021-09-07: core/queue bugfix: potential misadressing when queue discarded messages When a discard mark was set, the queue was very busy and discarded messages, a NULL pointer access could happen. Depending on circumstances, several problems could occur, including a SEGFAULT. This is now fixed. closes: https://github.com/rsyslog/rsyslog/issues/4437 * 2021-09-07: imdiga bugfix: iOverallQueueSize calculation could be incorrect This issue only affects testbench and rsyslog development debugging. The active messages counter, used for synchronizing test steps, went wrong when the queue discarded messages on it's consumer thread. Now fixed. * 2021-09-06: gnutls driver: SAN priority did not work correctly on server side PrioritizeSAN was not propagated when accepting a new connection, this is now fixed. Thanks to Attila Lakatos for the patch. * 2021-08-24: config: implement script-equavalent for $PrivDrop* statements closes https://github.com/rsyslog/rsyslog/issues/891 * Wed Aug 18 2021 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2108.0: * 2021-08-16: openssl tls: Improved error message output on tls failures. closes: https://github.com/rsyslog/rsyslog/issues/4645 * 2021-08-16: impstats: add percentile metrics tracking functionality Brief overview: TO configure tracking percentile metrics in rainerscript: User would need to define: - which percentile to track, such as [p50, p99, etc.] - window size - note, this correlates directly with memory usage to track the percentiles. To track a value, user would call built-in function `percentile_observe()` in their configurations to record an integer value, and percentile metrics would be emitted every impstats interval. Thanks to Nelson Yen for the patch. * 2021-08-12: imfile: add parameter "ignoreolderthanoption" instructs imfile not to ingest a file that has not been modified in the specified number of seconds. Thanks to github user yanjunli76 for the patch (submitted from Nelson Yen) * 2021-08-10: imklog bugfix: invalid memory adressing, could cause abort This is a regeression from commit 94c4a87. It introduced a free() call using an object that was no longer valid (the main pointer to the to-be-freed object) was already freed at time of use. This could cause various issues, including a segfault. Note: this bug was triggerred only during late phase of rsyslog shutdown, so it did not affect regular operation. Special thanks to github user wxiaoguang for analyzing the issue and providing a draft fix proposal, on which this patch builds. see also https://github.com/rsyslog/rsyslog/pull/4629 closes https://github.com/rsyslog/rsyslog/issues/4625 * 2021-08-09: imfile bugfix: deleteStateOnFileDelete missed some state files When the log file is deleted, imfile would attempt to delete the statefile but it was missing the file_id part of the statefile name. This means the statefiles were only removed in the log file was less than 512 characters, because for very small files the file ID hash is not created. This lead to some state files not being deleted. Thanks to pearseimperva for the patch. * 2021-08-09: imfile bugfix: hash char invalidly added in readmode != 0 If imfile is ingesting log files with readMode set to 2 or 1, the resulting messages all have a '#' character at the end. This patch corrects the behaviour. Note: if some external script "supported" the bug of extra hash character at the end of line, it may be necessary to update them. closes https://github.com/rsyslog/rsyslog/issues/4491 * 2021-08-09: omelasticsearch bugfix: errorFile mutex was not consistently locked Lock the file during SIGHUPs to avoid issues with concurrent accesses by writeDataError(). Thanks to François Poirotte for the patch. * 2021-08-09: imudp: add socket type (IPv4 vs. 6) to input name Most importantly, the input name is used for stats counter names as well. Previously, the same name was used for IPv4 and IPv6, so we had two counters with an equal name. That left users puzzled. Unfortunately, this change can potentially require changes to existing analysis scripts, as the name is now slightly different. closes https://github.com/rsyslog/rsyslog/issues/4364 * 2021-08-06: omfwd: add capability for action-specific TLS certificate settings This permits to override the global definitions for TLS certificates at the action() level. * 2021-08-06: imfile bugfix: file handle leak if "freshStartTail" was turned on * 2021-08-05: imtcp: permit to use different certificate files per input/action This completes the ability to override global/default TLS settings at the imtcp input() level. Support for using multiple CAs/Certs per Connection is now provided. * 2021-08-04: imptcp bugfix: keep alive interval was incorrectly set The interval was accidentally set to keep alive interval. This has been corrected. closes https://github.com/rsyslog/rsyslog/issues/4609 * 2021-07-08: openssl network driver bugfix: small memory leak Fixes a static, non-growing memory leak which existed when parameter "GnutTLSPriorityString" was used. This was primarily a cosmetic issue, but caused some grief during development in regard to memory leak detectors. Note: yes, this is for openssl -- the parameter name is historical. * 2021-07-07: psrv bugfix: abort if no listener could be started Modules (like imtcp and imdiag) which use tcpsrv could abort or otherwise malfunction if no listener for a specific input could be started. Found during implementing a new feature, no report from practice. But could very well happen. * 2021-07-07: mmkubernetes bugfix: apiserver error handling - Added graceful handling of apiserver errors with unexpected responses, i.e., anything other than 200, 404, or 429. Idea is that apiserver transient error state will recover. We don't want mmkubernetes to miss metadata resolution for containers that don't have cached metadata. During these transient error states, mmkubernetes will provide basic container file path based resolution of namespace and pod metadata for new pods whose metadata is not yet cached. After this error state recovers, mmkubernetes is expected to resume its metadata resolution as expected. - Added a unit test case for apiserver return 500 with changes to mock server - Fixed existing unit test that was failing due to missing expected results file - Added mmkubernetes unit tests to testbench Thanks to Abdul Waheed for the patch (submitted from Nelson Yen). * 2021-07-07: ommongodb bugfixes - Fix Segmentation fault when server is down - Add server connexion check while resuming Thanks to Kevin Guillemot for the patch. * 2021-06-28: omkafka improvements - drain librdkafka queues and retry later during rsyslog restart or hup. This re-injects messages into rsyslog's native queues. - add statsname on per kafka instance for better visibility - omkafka - count errors related ssl as "errors_ssl" Thanks to Nelson Yen for the patch. * 2021-06-23: some CI/QA improvements, Travis-CI disabled For the time being, Travis CI is disabled because it was outdated and Travis also changed their system. We will re-evaluate if we re-enable it. Since quite a while the Travits tests were redundant with the rest of CI, so this does not reduce coverage. * 2021-06-23: omhttp bugfix: dynrestpath param in batch mode invalid When batchmode was used, the templates could not be used to expand dynrestpath. We are now storing the restpath param within the batch data if we are in batch mode. When we are in batch mode, and the restpath value changes, the batch is submitted and reinitialized closes: https://github.com/rsyslog/rsyslog/issues/4567 * 2021-06-17: add predefined template RSYSLOG_SyslogRFC5424Format This is essentially the same as RSYSLOG_SyslogProtocol23Format with a better name and a fix to remove the unnecessary LF at the end of the message. The different name also enables us to fix the LF issue without any concern about backwards compatibility. closes https://github.com/rsyslog/rsyslog/issues/4384 * 2021-06-17: impstats/bugfix: _sender_stats reports integer counter as string Note that this introduces a small backwards incompatibility: in previous output the field was of string type, now it is integer (as intended). We discussed this on the mailing list and the overwhelming thought was that this is not a problem because almost all analysis backends are able to cover that format change. This made the bugfix essentially costmetic. HOWEVER, if you still experience issues, please let us know. We can add an option to provide the previous format, and just spared to do so because there was no evidence it was needed. * Tue Jun 15 2021 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2106.0: * NOTE: the prime new feature is support for TLS and non-TLS connections via imtcp in parallel. Furthermore, most TLS parameters can now be overriden at the input() level. The notable exceptions are certificate files, something that is due to be implemented as next step. * 2021-06-14: new global option "parser.supportCompressionExtension" This permits to turn off rsyslog's single-message compression extension when it interferes with non-syslog message processing (the parser subsystem expects syslog messages, not generic text) closes https://github.com/rsyslog/rsyslog/issues/4598 * 2021-05-12: imtcp: add more override config params to input() It is now possible to override all module parameters at the input() level. Module parameters serve as defaults. Existing configs need no modification. * 2021-05-06: imtcp: add stream driver parameter to input() configuration This permits to have different inputs use different stream drivers and stream driver parameters. closes https://github.com/rsyslog/rsyslog/issues/3727 * 2021-04-29: imtcp: permit to run multiple inputs in parallel Previously, a single server was used to run all imtcp inputs. This had a couple of drawsbacks. First and foremost, we could not use different stream drivers in the varios inputs. This patch now provides a baseline to do that, but does still not implement the capability (in this sense it is a staging patch). Secondly, we now ensure that each input has at least one exclusive thread for processing, untangling the performance of multiple inputs from each other. see also: https://github.com/rsyslog/rsyslog/issues/3727 * 2021-04-27: tcpsrv bugfix: potential sluggishnes and hang on shutdown tcpsrv is used by multiple other modules (imtcp, imdiag, imgssapi, and, in theory, also others - even ones we do not know about). However, the internal synchornization did not properly take multiple tcpsrv users in consideration. As such, a single user could hang under some circumstances. This was caused by improperly awaking all users from a pthread condition wait. That in turn could lead to some sluggish behaviour and, in rare cases, a hang at shutdown. Note: it was highly unlikely to experience real problems with the officially provided modules. * 2021-04-22: refactoring of syslog/tcp driver parameter passing This has now been generalized to a parameter block, which makes it much cleaner and also easier to add new parameters in the future. * 2021-04-22: config script: add re_match_i() and re_extract_i() functions This provides case-insensitive regex functionality. closes https://github.com/rsyslog/rsyslog/issues/4429 * Tue Apr 20 2021 Michael Ströder <michael@stroeder.com> - Upgrade to rsyslog 8.2104.0: * rainerscript: call getgrnam_r repeatedly to get all group members (bsc#1178490) * new contributed module imhiredis * new built-in function get_property() to access property vars * mmdblookup: add support for mmdb DB reload on HUP * script bugfix: empty array in foreach() improperly handled * imjournal bugfixes (handle leak, empty file) * new contributed function module fmunflatten * test bugfix: some tests did not work with newer TLS library versions * some improvements to project CI * Fri Feb 26 2021 Thomas Blume <thomas.blume@suse.com> - update remote.conf example file to new 'Address' and 'Port' notation (bsc#1182653) * Tue Feb 16 2021 Michael Ströder <michael@stroeder.com> - HTTPS URLs used for source - Upgrade to rsyslog 8.2102.0: * omfwd: add stats counter for sent bytes * omfwd: add error reporting configuration option * action stats counter bugfix: failure count was not properly incremented * action stats counter bugfix: resume count was not incremented * omfwd bugfix: segfault or error if port not given * lookup table bugfix: data race on lookup table reload * testbench modernization * testbench: fix invalid sequence of kafka tests runs * testbench: fix kafkacat issues * testbench: fix year-dependendt clickhouse test
/usr/lib64/rsyslog/lmnsd_ossl.so
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Nov 16 01:36:29 2024