Hello community, here is the log from the commit of package rsyslog for openSUSE:Factory checked in at 2020-12-12 20:27:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rsyslog (Old) and /work/SRC/openSUSE:Factory/.rsyslog.new.2328 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rsyslog" Sat Dec 12 20:27:20 2020 rev:155 rq:854522 version:8.2012.0 Changes: -------- --- /work/SRC/openSUSE:Factory/rsyslog/rsyslog.changes 2020-12-03 18:37:38.897632434 +0100 +++ /work/SRC/openSUSE:Factory/.rsyslog.new.2328/rsyslog.changes 2020-12-12 20:27:27.425545490 +0100 @@ -1,0 +2,11 @@ +Tue Dec 8 19:44:05 UTC 2020 - Michael Ströder <[email protected]> + +- Upgrade to rsyslog 8.2012.0: + * testbench bugfix: some tests did not work in make distcheck + * immark: rewrite with many improvements + * usability: re-phrase error message to help users better understand cause + * add new system property $now-unixtimestamp + * omfwd: add new rate limit option + * omfwd bug: param "StreamDriver.PermitExpiredCerts" is not "off" by default + +------------------------------------------------------------------- Old: ---- rsyslog-8.2010.0.tar.gz rsyslog-doc-8.2010.0.tar.gz New: ---- rsyslog-8.2012.0.tar.gz rsyslog-doc-8.2012.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rsyslog.spec ++++++ --- /var/tmp/diff_new_pack.1qXuxb/_old 2020-12-12 20:27:28.569546677 +0100 +++ /var/tmp/diff_new_pack.1qXuxb/_new 2020-12-12 20:27:28.573546682 +0100 @@ -25,7 +25,7 @@ Summary: The enhanced syslogd for Linux and Unix License: (GPL-3.0-or-later AND Apache-2.0) Group: System/Daemons -Version: 8.2010.0 +Version: 8.2012.0 Release: 0 %bcond_with udpspoof %bcond_with dbi ++++++ rsyslog-8.2010.0.tar.gz -> rsyslog-8.2012.0.tar.gz ++++++ ++++ 14424 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/.tarball-version new/rsyslog-8.2012.0/.tarball-version --- old/rsyslog-8.2010.0/.tarball-version 2020-10-20 08:38:52.000000000 +0200 +++ new/rsyslog-8.2012.0/.tarball-version 2020-12-07 18:36:00.000000000 +0100 @@ -1 +1 @@ -8.2010.0 +8.2012.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/ChangeLog new/rsyslog-8.2012.0/ChangeLog --- old/rsyslog-8.2010.0/ChangeLog 2020-10-20 08:37:07.000000000 +0200 +++ new/rsyslog-8.2012.0/ChangeLog 2020-12-07 18:34:27.000000000 +0100 @@ -1,4 +1,42 @@ ---------------------------------------------------------------------------------------- +Scheduled Release 8.2012.0 (aka 2020.12) 2020-12-08 +- 2020-12-07: testbench bugfix: some tests did not work in make distcheck + - certificate file missing in dist tarball + - some test cases did not properly specify path to cert file + Thanks to Michael Biebl for alerting us and providing part of + the fix. + closes https://github.com/rsyslog/rsyslog/issues/4446 +- 2020-12-07: immark: rewrite with many improvements + - mark message text can now be specified + - support for rulesets + - support for using syslog API vs. regular internal interface + - support for output template system + - ability to specify is mark message flag can be set + - minor changes and improvements +- 2020-11-30: usability: re-phrase error message to help users better understand cause + see also https://github.com/rsyslog/rsyslog/issues/3910 +- 2020-11-10: add new system property $now-unixtimestamp + Among others, this may be used as a monotonic counter + for doing load-balancing and other things. + Thanks to Nicholas Brown for suggesting this feature. +- 2020-11-04: omfwd: add new rate limit option + Adding new rate limit option to omfwd for rate limiting + syslog messages sent to the remote server + ratelimit.interval: + Specifies the rate-limiting interval in seconds. + Default value is 0, which turns off rate limiting. + ratelimit.burst + Specifies the rate-limiting burst in number of messages. + closes https://github.com/rsyslog/rsyslog/issues/4423 + Thanks to Dinesh-Ramakrishnan for the patch. +- 2020-11-03: omfwd bug: param "StreamDriver.PermitExpiredCerts" is not "off" by default + The default behaviour of expired certificates of stream driver in TLS mode, should + have been that the see tcp transmission is closed due to expired certificates, and + error messages emited in rsyslog status. This was not the case. That in turn could + lead to permitting sessions which should not be permitted. + Thanks to Vincent Zhu for alerting us and providing a great problem analysis + closes: https://github.com/rsyslog/rsyslog/issues/4425 +---------------------------------------------------------------------------------------- Scheduled Release 8.2010.0 (aka 2020.10) 2020-10-20 - 2020-10-13: gnutls TLS subsystem bugfix: handshake error handling If the tls handshake does not immediatelly finish, gnutls_handShake is called in diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/compile new/rsyslog-8.2012.0/compile --- old/rsyslog-8.2010.0/compile 2020-10-20 08:37:53.000000000 +0200 +++ new/rsyslog-8.2012.0/compile 2020-12-07 18:34:56.000000000 +0100 @@ -1,9 +1,9 @@ #! /bin/sh # Wrapper for compilers which do not understand '-c -o'. -scriptversion=2012-10-14.11; # UTC +scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2014 Free Software Foundation, Inc. +# Copyright (C) 1999-2018 Free Software Foundation, Inc. # Written by Tom Tromey <[email protected]>. # # This program is free software; you can redistribute it and/or modify @@ -17,7 +17,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -255,7 +255,8 @@ echo "compile $scriptversion" exit $? ;; - cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \ + icl | *[/\\]icl | icl.exe | *[/\\]icl.exe ) func_cl_wrapper "$@" # Doesn't return... ;; esac @@ -339,9 +340,9 @@ # Local Variables: # mode: shell-script # sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" +# time-stamp-time-zone: "UTC0" # time-stamp-end: "; # UTC" # End: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/configure.ac new/rsyslog-8.2012.0/configure.ac --- old/rsyslog-8.2010.0/configure.ac 2020-10-20 08:37:18.000000000 +0200 +++ new/rsyslog-8.2012.0/configure.ac 2020-12-07 18:34:33.000000000 +0100 @@ -2,9 +2,9 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([rsyslog],[8.2010.0],[[email protected]]) # UPDATE on release +AC_INIT([rsyslog],[8.2012.0],[[email protected]]) # UPDATE on release AC_DEFINE(VERSION_YEAR, 20, [year part of real rsyslog version]) # UPDATE on release -AC_DEFINE(VERSION_MONTH,10, [month part of real rsyslog version]) # UPDATE on release +AC_DEFINE(VERSION_MONTH,12, [month part of real rsyslog version]) # UPDATE on release AM_INIT_AUTOMAKE([subdir-objects]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/m4/libtool.m4 new/rsyslog-8.2012.0/m4/libtool.m4 --- old/rsyslog-8.2010.0/m4/libtool.m4 2020-10-20 08:37:45.000000000 +0200 +++ new/rsyslog-8.2012.0/m4/libtool.m4 2020-12-07 18:34:47.000000000 +0100 @@ -1041,8 +1041,8 @@ _LT_EOF echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD - echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD - $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD + echo "$AR cr libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD + $AR cr libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD cat > conftest.c << _LT_EOF @@ -1492,7 +1492,7 @@ m4_defun([_LT_PROG_AR], [AC_CHECK_TOOLS(AR, [ar], false) : ${AR=ar} -: ${AR_FLAGS=cru} +: ${AR_FLAGS=cr} _LT_DECL([], [AR], [1], [The archiver]) _LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) @@ -4063,7 +4063,8 @@ if AC_TRY_EVAL(ac_compile); then # Now try to grab the symbols. nlist=conftest.nm - if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then + $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&AS_MESSAGE_LOG_FD + if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&AS_MESSAGE_LOG_FD && test -s "$nlist"; then # Try sorting and uniquifying the output. if sort "$nlist" | uniq > "$nlist"T; then mv -f "$nlist"T "$nlist" @@ -4703,6 +4704,12 @@ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' ;; + # flang / f18. f95 an alias for gfortran or flang on Debian + flang* | f18* | f95*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; # icc used to be incompatible with GCC. # ICC 10 doesn't accept -KPIC any more. icc* | ifort*) @@ -6438,7 +6445,7 @@ # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else GXX=no @@ -6813,7 +6820,7 @@ # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then @@ -6878,7 +6885,7 @@ # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then @@ -7217,7 +7224,7 @@ # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else # FIXME: insert proper C++ library support @@ -7301,7 +7308,7 @@ # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else # g++ 2.7 appears to require '-G' NOT '-shared' on this # platform. @@ -7312,7 +7319,7 @@ # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $wl$libdir' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/missing new/rsyslog-8.2012.0/missing --- old/rsyslog-8.2010.0/missing 2020-10-20 08:37:53.000000000 +0200 +++ new/rsyslog-8.2012.0/missing 2020-12-07 18:34:56.000000000 +0100 @@ -1,9 +1,9 @@ #! /bin/sh # Common wrapper for a few potentially missing GNU programs. -scriptversion=2013-10-28.13; # UTC +scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1996-2014 Free Software Foundation, Inc. +# Copyright (C) 1996-2018 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard <[email protected]>, 1996. # This program is free software; you can redistribute it and/or modify @@ -17,7 +17,7 @@ # GNU General Public License for more details. # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -101,9 +101,9 @@ exit $st fi -perl_URL=http://www.perl.org/ -flex_URL=http://flex.sourceforge.net/ -gnu_software_URL=http://www.gnu.org/software +perl_URL=https://www.perl.org/ +flex_URL=https://github.com/westes/flex +gnu_software_URL=https://www.gnu.org/software program_details () { @@ -207,9 +207,9 @@ exit $st # Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" +# time-stamp-time-zone: "UTC0" # time-stamp-end: "; # UTC" # End: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/plugins/immark/immark.c new/rsyslog-8.2012.0/plugins/immark/immark.c --- old/rsyslog-8.2010.0/plugins/immark/immark.c 2020-10-03 19:06:47.000000000 +0200 +++ new/rsyslog-8.2012.0/plugins/immark/immark.c 2020-12-07 18:33:52.000000000 +0100 @@ -10,7 +10,7 @@ * of the "old" message code without any modifications. However, it * helps to have things at the right place one we go to the meat of it. * - * Copyright 2007-2012 Adiscon GmbH. + * Copyright 2007-2020 Adiscon GmbH. * * This file is part of rsyslog. * @@ -43,6 +43,9 @@ #include "msg.h" #include "srUtils.h" #include "glbl.h" +#include "unicode-helper.h" +#include "ruleset.h" +#include "prop.h" MODULE_TYPE_INPUT MODULE_TYPE_NOKEEP @@ -54,16 +57,29 @@ /* Module static data */ DEF_IMOD_STATIC_DATA DEFobjCurrIf(glbl) +DEFobjCurrIf(prop) +DEFobjCurrIf(ruleset) static int iMarkMessagePeriod = DEFAULT_MARK_PERIOD; struct modConfData_s { rsconf_t *pConf; /* our overall config object */ + const char *pszMarkMsgText; + size_t lenMarkMsgText; + uchar *pszBindRuleset; + ruleset_t *pBindRuleset; + int flags; + int bUseMarkFlag; + int bUseSyslogAPI; int iMarkMessagePeriod; sbool configSetViaV2Method; }; /* module-global parameters */ static struct cnfparamdescr modpdescr[] = { + { "ruleset", eCmdHdlrString, 0 }, + { "markmessagetext", eCmdHdlrString, 0 }, + { "use.syslogcall", eCmdHdlrBinary, 0 }, + { "use.markflag", eCmdHdlrBinary, 0 }, { "interval", eCmdHdlrInt, 0 } }; static struct cnfparamblk modpblk = @@ -75,6 +91,7 @@ static modConfData_t *loadModConf = NULL;/* modConf ptr to use for the current load process */ static int bLegacyCnfModGlobalsPermitted;/* are legacy module-global config parameters permitted? */ +static prop_t *pInternalInputName = NULL; BEGINisCompatibleWithFeature @@ -94,11 +111,37 @@ loadModConf = pModConf; pModConf->pConf = pConf; /* init our settings */ + pModConf->pszMarkMsgText = NULL; pModConf->iMarkMessagePeriod = DEFAULT_MARK_PERIOD; + pModConf->bUseSyslogAPI = 1; + pModConf->bUseMarkFlag = 1; + pModConf->pszBindRuleset = NULL; + pModConf->pBindRuleset = NULL; loadModConf->configSetViaV2Method = 0; bLegacyCnfModGlobalsPermitted = 1; ENDbeginCnfLoad +static rsRetVal +checkRuleset(modConfData_t *modConf) +{ + ruleset_t *pRuleset; + rsRetVal localRet; + DEFiRet; + + if(modConf->pszBindRuleset == NULL) + FINALIZE; + + localRet = ruleset.GetRuleset(modConf->pConf, &pRuleset, modConf->pszBindRuleset); + if(localRet == RS_RET_NOT_FOUND) { + LogError(0, NO_ERRCODE, "immark: ruleset '%s' not found - " + "using default ruleset instead", modConf->pszBindRuleset); + } + CHKiRet(localRet); + modConf->pBindRuleset = pRuleset; + +finalize_it: + RETiRet; +} BEGINsetModCnf struct cnfparamvals *pvals = NULL; @@ -121,6 +164,14 @@ continue; if(!strcmp(modpblk.descr[i].name, "interval")) { loadModConf->iMarkMessagePeriod = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "use.syslogcall")) { + loadModConf->bUseSyslogAPI = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "use.markflag")) { + loadModConf->bUseMarkFlag = (int) pvals[i].val.d.n; + } else if(!strcmp(modpblk.descr[i].name, "ruleset")) { + loadModConf->pszBindRuleset = (uchar*)es_str2cstr(pvals[i].val.d.estr, NULL); + } else if(!strcmp(modpblk.descr[i].name, "markmessagetext")) { + loadModConf->pszMarkMsgText = es_str2cstr(pvals[i].val.d.estr, NULL); } else { dbgprintf("immark: program error, non-handled " "param '%s' in beginCnfLoad\n", modpblk.descr[i].name); @@ -147,6 +198,19 @@ BEGINcheckCnf CODESTARTcheckCnf + pModConf->flags = (pModConf->bUseMarkFlag) ? MARK : 0; + if(pModConf->pszMarkMsgText == NULL) { + pModConf->pszMarkMsgText = strdup("-- MARK --"); + } + pModConf->lenMarkMsgText = strlen(pModConf->pszMarkMsgText); + if(pModConf->pszBindRuleset != NULL) { + checkRuleset(pModConf); + if(pModConf->bUseSyslogAPI) { + LogError(0, NO_ERRCODE, "immark: ruleset specified, but configured to log " + "via syslog call - switching to rsyslog-internal logging"); + pModConf->bUseSyslogAPI = 0; + } + } if(pModConf->iMarkMessagePeriod == 0) { LogError(0, NO_ERRCODE, "immark: mark message period must not be 0, can not run"); ABORT_FINALIZE(RS_RET_NO_RUN); /* we can not run with this error */ @@ -167,6 +231,28 @@ ENDfreeCnf +static rsRetVal +injectMarkMessage(const int pri) +{ + smsg_t *pMsg; + DEFiRet; + + CHKiRet(msgConstruct(&pMsg)); + pMsg->msgFlags = loadModConf->flags; + MsgSetInputName(pMsg, pInternalInputName); + MsgSetRawMsg(pMsg, loadModConf->pszMarkMsgText,loadModConf->lenMarkMsgText); + MsgSetHOSTNAME(pMsg, glbl.GetLocalHostName(), ustrlen(glbl.GetLocalHostName())); + MsgSetRcvFrom(pMsg, glbl.GetLocalHostNameProp()); + MsgSetRcvFromIP(pMsg, glbl.GetLocalHostIP()); + MsgSetMSGoffs(pMsg, 0); + MsgSetTAG(pMsg, (const uchar*)"rsyslogd:", sizeof("rsyslogd:")-1); + msgSetPRI(pMsg, pri); + MsgSetRuleset(pMsg, loadModConf->pBindRuleset); + submitMsg2(pMsg); +finalize_it: + RETiRet; +} + /* This function is called to gather input. It must terminate only * a) on failure (iRet set accordingly) * b) on termination of the input module (as part of the unload process) @@ -192,7 +278,12 @@ break; /* terminate input! */ dbgprintf("immark: injecting mark message\n"); - logmsgInternal(NO_ERRCODE, LOG_SYSLOG|LOG_INFO, (uchar*)"-- MARK --", MARK); + if(loadModConf->bUseSyslogAPI) { + logmsgInternal(NO_ERRCODE, LOG_SYSLOG|LOG_INFO, + (uchar*)loadModConf->pszMarkMsgText, loadModConf->flags); + } else { + injectMarkMessage(LOG_SYSLOG|LOG_INFO); + } } ENDrunInput @@ -204,6 +295,10 @@ BEGINmodExit CODESTARTmodExit + if(pInternalInputName != NULL) + prop.Destruct(&pInternalInputName); + objRelease(ruleset, CORE_COMPONENT); + objRelease(prop, CORE_COMPONENT); ENDmodExit @@ -226,6 +321,13 @@ *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ CODEmodInit_QueryRegCFSLineHdlr CHKiRet(objUse(glbl, CORE_COMPONENT)); + CHKiRet(objUse(prop, CORE_COMPONENT)); + CHKiRet(objUse(ruleset, CORE_COMPONENT)); + + /* we need to create the inputName property (only once during our lifetime) */ + CHKiRet(prop.Construct(&pInternalInputName)); + CHKiRet(prop.SetString(pInternalInputName, UCHAR_CONSTANT("immark"), sizeof("immark") - 1)); + CHKiRet(prop.ConstructFinalize(pInternalInputName)); /* legacy config handlers */ CHKiRet(regCfSysLineHdlr2((uchar *)"markmessageperiod", 0, eCmdHdlrInt, NULL, @@ -233,5 +335,3 @@ CHKiRet(omsdRegCFSLineHdlr((uchar *)"resetconfigvariables", 1, eCmdHdlrCustomHandler, resetConfigVariables, NULL, STD_LOADABLE_MODULE_ID)); ENDmodInit -/* vi:set ai: - */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/plugins/imtcp/imtcp.c new/rsyslog-8.2012.0/plugins/imtcp/imtcp.c --- old/rsyslog-8.2010.0/plugins/imtcp/imtcp.c 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/plugins/imtcp/imtcp.c 2020-12-07 18:33:52.000000000 +0100 @@ -397,9 +397,9 @@ if(modConf->pszStrmDrvrAuthMode != NULL) { CHKiRet(tcpsrv.SetDrvrAuthMode(pOurTcpsrv, modConf->pszStrmDrvrAuthMode)); } - if(modConf->pszStrmDrvrPermitExpiredCerts != NULL) { - CHKiRet(tcpsrv.SetDrvrPermitExpiredCerts(pOurTcpsrv, modConf->pszStrmDrvrPermitExpiredCerts)); - } + /* Call SetDrvrPermitExpiredCerts required + * when param is NULL default handling for ExpiredCerts is set! */ + CHKiRet(tcpsrv.SetDrvrPermitExpiredCerts(pOurTcpsrv, modConf->pszStrmDrvrPermitExpiredCerts)); if(pPermPeersRoot != NULL) { CHKiRet(tcpsrv.SetDrvrPermPeers(pOurTcpsrv, pPermPeersRoot)); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/msg.c new/rsyslog-8.2012.0/runtime/msg.c --- old/rsyslog-8.2010.0/runtime/msg.c 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/msg.c 2020-12-07 18:33:52.000000000 +0100 @@ -7,7 +7,7 @@ * of the "old" message code without any modifications. However, it * helps to have things at the right place one we go to the meat of it. * - * Copyright 2007-2019 Rainer Gerhards and Adiscon GmbH. + * Copyright 2007-2020 Rainer Gerhards and Adiscon GmbH. * * This file is part of the rsyslog runtime library. * @@ -666,6 +666,8 @@ *pPropID = PROP_SYS_MINUTE_UTC; } else if(!strcasecmp((char*) pName, "$wday-utc")) { *pPropID = PROP_SYS_WDAY_UTC; + } else if(!strcasecmp((char*) pName, "$now-unixtimestamp")) { + *pPropID = PROP_SYS_NOW_UXTIMESTAMP; } else if(!strcasecmp((char*) pName, "$MYHOSTNAME")) { *pPropID = PROP_SYS_MYHOSTNAME; } else if(!strcasecmp((char*) pName, "$!all-json")) { @@ -786,6 +788,8 @@ return UCHAR_CONSTANT("$WDAY"); case PROP_SYS_WDAY_UTC: return UCHAR_CONSTANT("$WDAY-UTC"); + case PROP_SYS_NOW_UXTIMESTAMP: + return UCHAR_CONSTANT("$NOW-UNIXTIMESTAMP"); case PROP_SYS_MYHOSTNAME: return UCHAR_CONSTANT("$MYHOSTNAME"); case PROP_CEE_ALL_JSON: @@ -3797,6 +3801,16 @@ bufLen = 2; } break; + case PROP_SYS_NOW_UXTIMESTAMP: + if((pRes = malloc(16)) == NULL) { + RET_OUT_OF_MEMORY; + } else { + snprintf((char*) pRes, 16-1, "%lld", (long long) getTime(NULL)); + pRes[16-1] = '\0'; + *pbMustBeFreed = 1; + bufLen = -1; + } + break; case PROP_SYS_MYHOSTNAME: pRes = glbl.GetLocalHostName(); break; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/msg.h new/rsyslog-8.2012.0/runtime/msg.h --- old/rsyslog-8.2010.0/runtime/msg.h 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/msg.h 2020-12-07 18:33:52.000000000 +0100 @@ -79,13 +79,13 @@ uchar *pszRawMsg; /* message as it was received on the wire. This is important in case we * need to preserve cryptographic verifiers. */ uchar *pszHOSTNAME; /* HOSTNAME from syslog message */ - char *pszRcvdAt3164; /* time as RFC3164 formatted string (always 15 charcters) */ - char *pszRcvdAt3339; /* time as RFC3164 formatted string (32 charcters at most) */ - char *pszRcvdAt_MySQL; /* rcvdAt as MySQL formatted string (always 14 charcters) */ + char *pszRcvdAt3164; /* time as RFC3164 formatted string (always 15 characters) */ + char *pszRcvdAt3339; /* time as RFC3164 formatted string (32 characters at most) */ + char *pszRcvdAt_MySQL; /* rcvdAt as MySQL formatted string (always 14 characters) */ char *pszRcvdAt_PgSQL; /* rcvdAt as PgSQL formatted string (always 21 characters) */ - char *pszTIMESTAMP3164; /* TIMESTAMP as RFC3164 formatted string (always 15 charcters) */ - char *pszTIMESTAMP3339; /* TIMESTAMP as RFC3339 formatted string (32 charcters at most) */ - char *pszTIMESTAMP_MySQL;/* TIMESTAMP as MySQL formatted string (always 14 charcters) */ + char *pszTIMESTAMP3164; /* TIMESTAMP as RFC3164 formatted string (always 15 characters) */ + char *pszTIMESTAMP3339; /* TIMESTAMP as RFC3339 formatted string (32 characters at most) */ + char *pszTIMESTAMP_MySQL;/* TIMESTAMP as MySQL formatted string (always 14 characters) */ char *pszTIMESTAMP_PgSQL;/* TIMESTAMP as PgSQL formatted string (always 21 characters) */ uchar *pszStrucData; /* STRUCTURED-DATA */ uint16_t lenStrucData; /* (cached) length of STRUCTURED-DATA */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/netstrms.c new/rsyslog-8.2012.0/runtime/netstrms.c --- old/rsyslog-8.2010.0/runtime/netstrms.c 2020-10-06 12:00:37.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/netstrms.c 2020-12-07 18:33:52.000000000 +0100 @@ -224,7 +224,9 @@ { DEFiRet; ISOBJ_TYPE_assert(pThis, netstrms); - CHKmalloc(pThis->pszDrvrPermitExpiredCerts = (uchar*)strdup((char*)mode)); + if (mode != NULL) { + CHKmalloc(pThis->pszDrvrPermitExpiredCerts = (uchar*) strdup((char*)mode)); + } finalize_it: RETiRet; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/nsd_gtls.c new/rsyslog-8.2012.0/runtime/nsd_gtls.c --- old/rsyslog-8.2010.0/runtime/nsd_gtls.c 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/nsd_gtls.c 2020-12-07 18:33:52.000000000 +0100 @@ -1442,7 +1442,7 @@ ABORT_FINALIZE(RS_RET_VALUE_NOT_SUPPORTED); } - dbgprintf("SetAuthMode to %s\n", mode); + dbgprintf("SetAuthMode to %s\n", (mode != NULL ? (char*)mode : "NULL")); /* TODO: clear stored IDs! */ finalize_it: @@ -1476,7 +1476,8 @@ ABORT_FINALIZE(RS_RET_VALUE_NOT_SUPPORTED); } - dbgprintf("SetPermitExpiredCerts: Set Mode %s/%d\n", mode, pThis->permitExpiredCerts); + dbgprintf("SetPermitExpiredCerts: Set Mode %s/%d\n", + (mode != NULL ? (char*)mode : "NULL"), pThis->permitExpiredCerts); /* TODO: clear stored IDs! */ @@ -1521,7 +1522,8 @@ ISOBJ_TYPE_assert((pThis), nsd_gtls); pThis->gnutlsPriorityString = gnutlsPriorityString; - dbgprintf("gnutlsPriorityString: set to '%s'\n", gnutlsPriorityString); + dbgprintf("gnutlsPriorityString: set to '%s'\n", + (gnutlsPriorityString != NULL ? (char*)gnutlsPriorityString : "NULL")); RETiRet; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/ratelimit.c new/rsyslog-8.2012.0/runtime/ratelimit.c --- old/rsyslog-8.2010.0/runtime/ratelimit.c 2020-10-03 19:06:47.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/ratelimit.c 2020-12-07 18:33:52.000000000 +0100 @@ -190,6 +190,31 @@ return ret; } +/* ratelimit a message based on message count + * - handles only rate-limiting + * This function returns RS_RET_OK, if the caller shall process + * the message regularly and RS_RET_DISCARD if the caller must + * discard the message. The caller should also discard the message + * if another return status occurs. + */ +rsRetVal +ratelimitMsgCount(ratelimit_t *__restrict__ const ratelimit, + time_t tt, + const char* const appname) +{ + DEFiRet; + if(ratelimit->interval) { + if(withinRatelimit(ratelimit, tt, appname) == 0) { + ABORT_FINALIZE(RS_RET_DISCARDMSG); + } + } +finalize_it: + if(Debug) { + if(iRet == RS_RET_DISCARDMSG) + DBGPRINTF("message discarded by ratelimiting\n"); + } + RETiRet; +} /* ratelimit a message, that means: * - handle "last message repeated n times" logic diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/ratelimit.h new/rsyslog-8.2012.0/runtime/ratelimit.h --- old/rsyslog-8.2010.0/runtime/ratelimit.h 2020-10-03 19:06:47.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/ratelimit.h 2020-12-07 18:33:52.000000000 +0100 @@ -45,6 +45,7 @@ void ratelimitSetLinuxLike(ratelimit_t *ratelimit, unsigned int interval, unsigned int burst); void ratelimitSetNoTimeCache(ratelimit_t *ratelimit); void ratelimitSetSeverity(ratelimit_t *ratelimit, intTiny severity); +rsRetVal ratelimitMsgCount(ratelimit_t *ratelimit, time_t tt, const char* const appname); rsRetVal ratelimitMsg(ratelimit_t *ratelimit, smsg_t *pMsg, smsg_t **ppRep); rsRetVal ratelimitAddMsg(ratelimit_t *ratelimit, multi_submit_t *pMultiSub, smsg_t *pMsg); void ratelimitDestruct(ratelimit_t *pThis); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/tcpsrv.c new/rsyslog-8.2012.0/runtime/tcpsrv.c --- old/rsyslog-8.2010.0/runtime/tcpsrv.c 2020-10-13 09:03:29.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/tcpsrv.c 2020-12-07 18:33:52.000000000 +0100 @@ -1051,8 +1051,9 @@ CHKiRet(netstrms.SetDrvrTlsVerifyDepth(pThis->pNS, pThis->DrvrTlsVerifyDepth)); if(pThis->pszDrvrAuthMode != NULL) CHKiRet(netstrms.SetDrvrAuthMode(pThis->pNS, pThis->pszDrvrAuthMode)); - if(pThis->pszDrvrPermitExpiredCerts != NULL) - CHKiRet(netstrms.SetDrvrPermitExpiredCerts(pThis->pNS, pThis->pszDrvrPermitExpiredCerts)); + /* Call SetDrvrPermitExpiredCerts required + * when param is NULL default handling for ExpiredCerts is set! */ + CHKiRet(netstrms.SetDrvrPermitExpiredCerts(pThis->pNS, pThis->pszDrvrPermitExpiredCerts)); if(pThis->pPermPeers != NULL) CHKiRet(netstrms.SetDrvrPermPeers(pThis->pNS, pThis->pPermPeers)); if(pThis->gnutlsPriorityString != NULL) @@ -1425,7 +1426,9 @@ { DEFiRet; ISOBJ_TYPE_assert(pThis, tcpsrv); - CHKmalloc(pThis->pszDrvrPermitExpiredCerts = ustrdup(mode)); + if (mode != NULL) { + CHKmalloc(pThis->pszDrvrPermitExpiredCerts = ustrdup(mode)); + } finalize_it: RETiRet; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/runtime/typedefs.h new/rsyslog-8.2012.0/runtime/typedefs.h --- old/rsyslog-8.2010.0/runtime/typedefs.h 2020-10-13 09:03:29.000000000 +0200 +++ new/rsyslog-8.2012.0/runtime/typedefs.h 2020-12-07 18:33:52.000000000 +0100 @@ -3,7 +3,7 @@ * * Begun 2010-11-25 RGerhards * - * Copyright (C) 2005-2014 by Rainer Gerhards and Adiscon GmbH + * Copyright (C) 2005-2020 by Rainer Gerhards and Adiscon GmbH * * This file is part of the rsyslog runtime library. * @@ -235,8 +235,9 @@ #define PROP_SYS_HHOUR_UTC 167 #define PROP_SYS_QHOUR_UTC 168 #define PROP_SYS_MINUTE_UTC 169 -#define PROP_SYS_WDAY 170 -#define PROP_SYS_WDAY_UTC 171 +#define PROP_SYS_WDAY 170 +#define PROP_SYS_WDAY_UTC 171 +#define PROP_SYS_NOW_UXTIMESTAMP 173 #define PROP_CEE 200 #define PROP_CEE_ALL_JSON 201 #define PROP_LOCAL_VAR 202 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/template.c new/rsyslog-8.2012.0/template.c --- old/rsyslog-8.2010.0/template.c 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/template.c 2020-12-07 18:33:52.000000000 +0100 @@ -2021,7 +2021,7 @@ if(o->subobjs == NULL) { if(tplType == T_LIST) { LogError(0, RS_RET_ERR, "template '%s' of type list has " - "has no parameters specified", name); + "no parameters specified", name); ABORT_FINALIZE(RS_RET_ERR); } } else { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/test-driver new/rsyslog-8.2012.0/test-driver --- old/rsyslog-8.2010.0/test-driver 2020-10-20 08:37:58.000000000 +0200 +++ new/rsyslog-8.2012.0/test-driver 2020-12-07 18:35:02.000000000 +0100 @@ -1,9 +1,9 @@ #! /bin/sh # test-driver - basic testsuite driver script. -scriptversion=2013-07-13.22; # UTC +scriptversion=2018-03-07.03; # UTC -# Copyright (C) 2011-2014 Free Software Foundation, Inc. +# Copyright (C) 2011-2018 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -16,7 +16,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -140,9 +140,9 @@ # Local Variables: # mode: shell-script # sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-time-zone: "UTC" +# time-stamp-time-zone: "UTC0" # time-stamp-end: "; # UTC" # End: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/Makefile.am new/rsyslog-8.2012.0/tests/Makefile.am --- old/rsyslog-8.2010.0/tests/Makefile.am 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/tests/Makefile.am 2020-12-07 18:33:52.000000000 +0100 @@ -156,6 +156,9 @@ if ENABLE_DEFAULT_TESTS TESTS += \ immark.sh \ + immark-inputname.sh \ + immark-ruleset.sh \ + immark-ruleset-custom-msg.sh \ operatingstate-basic.sh \ operatingstate-empty.sh \ operatingstate-unclean.sh \ @@ -629,6 +632,7 @@ now-utc.sh \ now-utc-ymd.sh \ now-utc-casecmp.sh \ + now-unixtimestamp.sh \ timegenerated-ymd.sh \ timegenerated-uxtimestamp.sh \ timegenerated-uxtimestamp-invld.sh \ @@ -1192,6 +1196,7 @@ sndrcv_tls_priorityString.sh \ sndrcv_tls_certvalid.sh \ sndrcv_tls_certvalid_expired.sh \ + sndrcv_tls_certvalid_expired_defaultmode.sh \ imtcp-tls-gtls-x509fingerprint-invld.sh \ imtcp-tls-gtls-x509fingerprint.sh \ imtcp-tls-gtls-x509name-invld.sh \ @@ -1541,6 +1546,9 @@ smtradfile.sh \ smtradfile-vg.sh \ immark.sh \ + immark-inputname.sh \ + immark-ruleset.sh \ + immark-ruleset-custom-msg.sh \ operatingstate-basic.sh \ operatingstate-empty.sh \ operatingstate-unclean.sh \ @@ -1607,6 +1615,7 @@ tls-certs/ca-key.pem \ tls-certs/ca.pem \ tls-certs/cert.pem \ + tls-certs/certchained.pem \ tls-certs/key.pem \ tls-certs/ca-fail.pem \ tls-certs/cert-fail.pem \ @@ -1854,6 +1863,7 @@ now-utc-ymd.sh \ now-utc-casecmp.sh \ now-utc.sh \ + now-unixtimestamp.sh \ faketime_common.sh \ imjournal-basic.sh \ imjournal-statefile.sh \ @@ -2546,6 +2556,7 @@ sndrcv_tls_priorityString.sh \ sndrcv_tls_certvalid.sh \ sndrcv_tls_certvalid_expired.sh \ + sndrcv_tls_certvalid_expired_defaultmode.sh \ sndrcv_tls_certless_clientonly.sh \ sndrcv_tls_gtls_servercert_gtls_clientanon.sh \ sndrcv_tls_gtls_servercert_gtls_clientanon_legacy.sh \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/immark-inputname.sh new/rsyslog-8.2012.0/tests/immark-inputname.sh --- old/rsyslog-8.2010.0/tests/immark-inputname.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2012.0/tests/immark-inputname.sh 2020-12-07 18:33:52.000000000 +0100 @@ -0,0 +1,18 @@ +#!/bin/bash +# add 2020-12-02 by Rainer Gerhards, released under ASL 2.0 +. ${srcdir:=.}/diag.sh init +generate_conf +add_conf ' +module(load="../plugins/immark/.libs/immark" interval="1" use.syslogcall="off") +if $inputname == "immark" then + action(type="omfile" file="'$RSYSLOG_OUT_LOG'") +' + +startup +printf 'sleeping a bit so we get mark messages...\n' +sleep 3 # this should be good even on slow machines - we need just one +shutdown_when_empty +wait_shutdown +content_check "rsyslogd: -- MARK --" + +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/immark-ruleset-custom-msg.sh new/rsyslog-8.2012.0/tests/immark-ruleset-custom-msg.sh --- old/rsyslog-8.2010.0/tests/immark-ruleset-custom-msg.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2012.0/tests/immark-ruleset-custom-msg.sh 2020-12-07 18:33:52.000000000 +0100 @@ -0,0 +1,22 @@ +#!/bin/bash +# very basic check for immark module - nevertheless, there is not +# much more to test for... +# add 2020-12-01 by Rainer Gerhards, released under ASL 2.0 +. ${srcdir:=.}/diag.sh init +generate_conf +add_conf ' +module(load="../plugins/immark/.libs/immark" interval="1" + use.syslogcall="off" ruleset="rs" markmessagetext="My MARK Message") +ruleset(name="rs") { + action(type="omfile" file="'$RSYSLOG_OUT_LOG'") +} +' + +startup +printf 'sleeping a bit so we get mark messages...\n' +sleep 3 # this should be good even on slow machines - we need just one +shutdown_when_empty +wait_shutdown +content_check "rsyslogd: My MARK Message" + +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/immark-ruleset.sh new/rsyslog-8.2012.0/tests/immark-ruleset.sh --- old/rsyslog-8.2010.0/tests/immark-ruleset.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2012.0/tests/immark-ruleset.sh 2020-12-07 18:33:52.000000000 +0100 @@ -0,0 +1,22 @@ +#!/bin/bash +# very basic check for immark module - nevertheless, there is not +# much more to test for... +# add 2020-12-01 by Rainer Gerhards, released under ASL 2.0 +. ${srcdir:=.}/diag.sh init +generate_conf +add_conf ' +module(load="../plugins/immark/.libs/immark" interval="1" + use.syslogcall="off" ruleset="rs") +ruleset(name="rs") { + action(type="omfile" file="'$RSYSLOG_OUT_LOG'") +} +' + +startup +printf 'sleeping a bit so we get mark messages...\n' +sleep 3 # this should be good even on slow machines - we need just one +shutdown_when_empty +wait_shutdown +content_check "rsyslogd: -- MARK --" + +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/now-unixtimestamp.sh new/rsyslog-8.2012.0/tests/now-unixtimestamp.sh --- old/rsyslog-8.2010.0/tests/now-unixtimestamp.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2012.0/tests/now-unixtimestamp.sh 2020-12-07 18:33:52.000000000 +0100 @@ -0,0 +1,32 @@ +#!/bin/bash +# test many concurrent tcp connections +# addd 2016-02-23 by RGerhards, released under ASL 2.0 +# requires faketime +echo \[now-utc\]: test \$NOW-UTC +. ${srcdir:=.}/diag.sh init +generate_conf +add_conf ' +module(load="../plugins/imtcp/.libs/imtcp") +input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port") + +set $.tnow = $$now-unixtimestamp + 1; + +template(name="outfmt" type="string" + string="%$now-unixtimestamp%,%$.tnow%\n") +:msg, contains, "msgnum:" action(type="omfile" template="outfmt" + file="'$RSYSLOG_OUT_LOG'") +' + +. $srcdir/faketime_common.sh + +export TZ=TEST-02:00 + +FAKETIME='2016-01-01 01:00:00' startup +# what we send actually is irrelevant, as we just use system properties. +# but we need to send one message in order to gain output! +tcpflood -m1 +shutdown_when_empty +wait_shutdown +export EXPECTED="1451602800,1451602801" +cmp_exact +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/sndrcv_relp_tls_certvalid.sh new/rsyslog-8.2012.0/tests/sndrcv_relp_tls_certvalid.sh --- old/rsyslog-8.2010.0/tests/sndrcv_relp_tls_certvalid.sh 2020-10-03 19:06:47.000000000 +0200 +++ new/rsyslog-8.2012.0/tests/sndrcv_relp_tls_certvalid.sh 2020-12-07 18:33:52.000000000 +0100 @@ -12,9 +12,9 @@ module(load="../plugins/imrelp/.libs/imrelp") # then SENDER sends to this port (not tcpflood!) input(type="imrelp" port="'$PORT_RCVR'" tls="on" - tls.cacert="tls-certs/ca.pem" - tls.mycert="tls-certs/cert.pem" - tls.myprivkey="tls-certs/key.pem" + tls.cacert="'$srcdir'/tls-certs/ca.pem" + tls.mycert="'$srcdir'/tls-certs/cert.pem" + tls.myprivkey="'$srcdir'/tls-certs/key.pem" tls.authmode="certvalid" tls.permittedpeer="rsyslog") @@ -31,9 +31,9 @@ :msg, contains, "msgnum:" action(type="omrelp" target="127.0.0.1" port="'$PORT_RCVR'" tls="on" - tls.cacert="tls-certs/ca.pem" - tls.mycert="tls-certs/cert.pem" - tls.myprivkey="tls-certs/key.pem" + tls.cacert="'$srcdir'/tls-certs/ca.pem" + tls.mycert="'$srcdir'/tls-certs/cert.pem" + tls.myprivkey="'$srcdir'/tls-certs/key.pem" tls.authmode="certvalid" tls.permittedpeer="rsyslog") action(type="omfile" file="'$RSYSLOG_DYNNAME.errmsgs'") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/sndrcv_relp_tls_chainedcert.sh new/rsyslog-8.2012.0/tests/sndrcv_relp_tls_chainedcert.sh --- old/rsyslog-8.2010.0/tests/sndrcv_relp_tls_chainedcert.sh 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/tests/sndrcv_relp_tls_chainedcert.sh 2020-12-07 18:33:52.000000000 +0100 @@ -18,8 +18,8 @@ # then SENDER sends to this port (not tcpflood!) input(type="imrelp" port="'$PORT_RCVR'" tls="on" - tls.mycert="tls-certs/certchained.pem" - tls.myprivkey="tls-certs/key.pem" + tls.mycert="'$srcdir'/tls-certs/certchained.pem" + tls.myprivkey="'$srcdir'/tls-certs/key.pem" tls.authmode="certvalid" tls.permittedpeer="rsyslog") @@ -38,8 +38,8 @@ :msg, contains, "msgnum:" action(type="omrelp" target="127.0.0.1" port="'$PORT_RCVR'" tls="on" - tls.mycert="tls-certs/certchained.pem" - tls.myprivkey="tls-certs/key.pem" + tls.mycert="'$srcdir'/tls-certs/certchained.pem" + tls.myprivkey="'$srcdir'/tls-certs/key.pem" tls.authmode="certvalid" tls.permittedpeer="rsyslog") action(type="omfile" file="'$RSYSLOG_DYNNAME.errmsgs'") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/sndrcv_tls_certvalid_expired_defaultmode.sh new/rsyslog-8.2012.0/tests/sndrcv_tls_certvalid_expired_defaultmode.sh --- old/rsyslog-8.2010.0/tests/sndrcv_tls_certvalid_expired_defaultmode.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2012.0/tests/sndrcv_tls_certvalid_expired_defaultmode.sh 2020-12-07 18:33:52.000000000 +0100 @@ -0,0 +1,67 @@ +#!/bin/bash +# This file is part of the rsyslog project, released under ASL 2.0 + +# uncomment for debugging support: +. ${srcdir:=.}/diag.sh init +# start up the instances +#export RSYSLOG_DEBUG="debug nostdout noprintmutexaction" +export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog" +generate_conf +add_conf ' +global( + defaultNetstreamDriverCAFile="'$srcdir/testsuites/x.509/ca.pem'" + defaultNetstreamDriverCertFile="'$srcdir/testsuites/x.509/client-expired-cert.pem'" + defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-expired-key.pem'" + defaultNetstreamDriver="gtls" +# debug.whitelist="on" +# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +) + +module( load="../plugins/imtcp/.libs/imtcp" + StreamDriver.Name="gtls" + StreamDriver.Mode="1" + StreamDriver.AuthMode="anon" + ) +input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port") + +action(type="omfile" file="'$RSYSLOG_OUT_LOG'") +' +startup +export PORT_RCVR=$TCPFLOOD_PORT +export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.sender.debuglog" +#valgrind="valgrind" +generate_conf 2 +add_conf ' +$DebugFile '$RSYSLOG_DEBUGLOG' +$DebugLevel 2 + +global( + defaultNetstreamDriverCAFile="'$srcdir/testsuites/x.509/ca.pem'" + defaultNetstreamDriverCertFile="'$srcdir/testsuites/x.509/client-cert.pem'" + defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" + defaultNetstreamDriver="gtls" +) + +# set up the action +$ActionSendStreamDriverMode 1 # require TLS for the connection +$ActionSendStreamDriverAuthMode x509/certvalid +*.* @@127.0.0.1:'$PORT_RCVR' +' 2 +startup 2 + +# now inject the messages into instance 2. It will connect to instance 1, +# and that instance will record the data. +injectmsg + +# shut down sender when everything is sent, receiver continues to run concurrently +shutdown_when_empty 2 +wait_shutdown 2 +# now it is time to stop the receiver as well +shutdown_when_empty +wait_shutdown + +echo "DEBUG ${RSYSLOG_DEBUGLOG}" +cat ${RSYSLOG_DEBUGLOG} +content_check "not permitted to talk to peer, certificate invalid: certificate expired" ${RSYSLOG_DEBUGLOG} + +exit_test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tests/tls-certs/certchained.pem new/rsyslog-8.2012.0/tests/tls-certs/certchained.pem --- old/rsyslog-8.2010.0/tests/tls-certs/certchained.pem 1970-01-01 01:00:00.000000000 +0100 +++ new/rsyslog-8.2012.0/tests/tls-certs/certchained.pem 2020-10-20 08:34:26.000000000 +0200 @@ -0,0 +1,60 @@ +-----BEGIN CERTIFICATE----- +MIIFVzCCA7+gAwIBAgIIWxfNMhQmuncwDQYJKoZIhvcNAQELBQAwgYsxEzARBgNV +BAMTCnJzeXNsb2cgY2ExEDAOBgNVBAsTB0FkaXNjb24xFTATBgNVBAoTDEFkaXNj +b24gR21iSDEYMBYGA1UEBxMPR3Jvc3NyaW5kZXJmZWxkMQswCQYDVQQIEwJCVzEL +MAkGA1UEBhMCREUxFzAVBgoJkiaJk/IsZAEZFgdyc3lzbG9nMCAXDTE4MDYwNjEy +MDE1NVoYDzIxMTgwNTEzMTIwMjAxWjCBmDEXMBUGA1UEAxMOcnN5c2xvZy1jbGll +bnQxFTATBgNVBAsTDEFkaXNjb24gR21iSDEVMBMGA1UEChMMQWRpc2NvbiBHbWJI +MRgwFgYDVQQHEw9Hcm9zc3JpbmRlcmZlbGQxCzAJBgNVBAgTAkJXMQswCQYDVQQG +EwJERTEbMBkGCgmSJomT8ixkARkWC3JzeXNsb2cuY29tMIIBojANBgkqhkiG9w0B +AQEFAAOCAY8AMIIBigKCAYEA8nNWVoZwi7fYKSYxm+lidTbMQEHh9pLXV8P1N2FD +wqhNc6Z71VqQw6gIDyzxBjZf3ldyPb6xAcxikvk2XCxVGqDaP7E1rfnCDSqxcgLG +r1/TlRH3fFMFPqzMgs0GbDoKi7WuhcNMH1yIRk4uPVSUY3IclcE9sNvMpNVY77c9 +tYeLyoLgG8A2ljlSjbHXDmR8E1C+WcOvjFKQunpv29zIOvfp3Wuw0g3C6E26RyvY +OnNNq6bmDHXdyIkxYNPwxyfBDGq/WhnrFqQTyEqulVLVVIpK+3fIdtmH/4OpOwxz +KM0q2k9CzL+AI1JqlFoePeIKYQYAOssUBwB0VBDbhyo8f7txBs6OB1phPcmbkAo2 +bJfL01UT315omqlGWjvvDRjDEeRAfXnWu/UVLIs1MNn09l2+fKwgZyOZIQEk5gGg +b+xO7pZp5W1IuLxB1DMatQjYK1L1MG8KUebovTyumAj8kOaCJaqa+EWcPvsH2wJb +zp7JZV7xAMnNQGLHHccY9Iv9AgMBAAGjga0wgaowDAYDVR0TAQH/BAIwADAnBgNV +HSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsGAQUFBwMRMCAGA1UdEQQZMBeC +FXRlc3RiZW5jaC5yc3lzbG9nLmNvbTAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQW +BBTFQ9rF9eWMeqNtrDMOGb1fZ54EYTAfBgNVHSMEGDAWgBQMETadsJwFRGSslyZA +wChTI52OmjANBgkqhkiG9w0BAQsFAAOCAYEAG9hahjpm74U85pP7/zngEJ5P5nnM +3aC8u4lDM7kodtnxJWoisbv/EBr6SihpDtfWA6+bAJGGu+4UBUaMyUg8w/FjylHc +INtljbalRuu7YguL2uLdlDNCxQa1XkWugYMObR6r6OvTPUwK0QakTsZuibRbWBDz +lWKOoM7ZSxZi9DaeChe3yNSGxJSC9xHZbYYBOP5RjChXTZTKtYZemF2wx6EtWRtc +vXK3TbnJtDy7SPm60EoFnLXUyywmo5mCUSlx85HinS1DzYo7I1yksWQgdW4XgWId +9RgwPtP0iZSjrZ1TwKqcvo5jvn96LNCoob+JyhpL+9mFvPc6C3vLOxyG7JZOb7Dn +IpJf52KeBnLRUoIpp+x1XYptoy1ti7r8YqPYn5EHmPxCDVoujskRSX7ncP3SV1qY +eEgr94Tw/l8GyiaGyixVl2pAMbzYJtgrzQ9UvZurhSPjApGlm87X5KHHXN/CJTY5 +8t59+qvjESRJk74JNpm1L6X/N7HpAsqcsYjP +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIE9jCCA16gAwIBAgIIWxfM+RyuD1EwDQYJKoZIhvcNAQELBQAwgYsxEzARBgNV +BAMTCnJzeXNsb2cgY2ExEDAOBgNVBAsTB0FkaXNjb24xFTATBgNVBAoTDEFkaXNj +b24gR21iSDEYMBYGA1UEBxMPR3Jvc3NyaW5kZXJmZWxkMQswCQYDVQQIEwJCVzEL +MAkGA1UEBhMCREUxFzAVBgoJkiaJk/IsZAEZFgdyc3lzbG9nMCAXDTE4MDYwNjEy +MDA1OFoYDzIxMTgwNTEzMTIwMTA1WjCBizETMBEGA1UEAxMKcnN5c2xvZyBjYTEQ +MA4GA1UECxMHQWRpc2NvbjEVMBMGA1UEChMMQWRpc2NvbiBHbWJIMRgwFgYDVQQH +Ew9Hcm9zc3JpbmRlcmZlbGQxCzAJBgNVBAgTAkJXMQswCQYDVQQGEwJERTEXMBUG +CgmSJomT8ixkARkWB3JzeXNsb2cwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK +AoIBgQDHA1CeNI30en7OKGJ/pWyNSH9rnw8z6egDxdTjtOIichA2/LVPaGZYecI0 +GH/UtkRgM69kFuo6dRaWvr0yp+XPfGlAcFcPg6cYKEoYyb18HsTReyuAcdBcYQYg +2ZdmAqtqeHAqcb7wSEB8XuXLdD2Flsco3GaT3zFNv7t7QFDW1b2tT/92w+QGtI1T +r5LCMVbISRGSQzhCv29l3UtWt4SKA9W8yhg5zMJkMExaUJVtViRFlAFzKrUVKFqZ +8sszy2yXIcTLskJJc5if8o5cpWCrbcXSb5TsHA+4FHOB6ou0z7/s3LwYjof056Zy +ixj0LM4sTYIEttDuLERRvYTIhtLhlA2BWfAfuW9bGuog0C9xGpt99vniHJlKmMms +qz5hEDLYziUEfj5qzSxKMcA2VCeO1DgajSedh13VN/sWUyk5aKA71i40Cnp4oK/u +zeYW7vWl/ttCEFc6x8pzeMdoBjv1Jd9hC0Z2UgttC/KnMTKX3y6NR1PVFjDQ3MIA +7Bhxj50CAwEAAaNaMFgwDwYDVR0TAQH/BAUwAwEB/zAVBgNVHREEDjAMggpyc3lz +bG9nIGNhMA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFAwRNp2wnAVEZKyXJkDA +KFMjnY6aMA0GCSqGSIb3DQEBCwUAA4IBgQCOv2kyg8vZ3jncZuZ4i2k0QbXztZoO +jMDNqFX2935lK6WrVZ6u1InZzsaqrXXOJions3EvmmAqrdTBW6dyw6V2/lic1gGz +MhlafAPe0DyQCaXp9iFCH91Hzo94YhuPbne1qdga9jrVTiQIHdIKqVtbiUv7i7mN +43GssOm4a1guf+Qs5rkuHG4YwiJZhjzhmixfXCerHXykJkpSvBUb6EeKA+p5/w+I +Wjm9sAkJgqcvrNvOwwBZInU1I56zmM0ZwWucSydf0hgOImpgO5F6KGVQRoZsO9IA +Iju2RQ1y9qVTNp8evVjIMuqXh5ZtU9ti/buZrjr5Zb601jFLZCMrpDVUcVyHUfOB +rb3nkUFDcFcrKlfovwp/fvlISKM0bp6pFas5X0FXg3sVVI+iIokmHsmqRUHhjdLX +t27+/TYpyEkjF1cH3acd7MOcw33KxE/4+qUHT2QU9COPkGu7oPS24qDYnmGPLkev +ZSmpz4jLTmbCBSRcoOB0Q4K36WnegzVtvd8= +-----END CERTIFICATE----- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/tools/omfwd.c new/rsyslog-8.2012.0/tools/omfwd.c --- old/rsyslog-8.2010.0/tools/omfwd.c 2020-10-20 08:34:26.000000000 +0200 +++ new/rsyslog-8.2012.0/tools/omfwd.c 2020-12-07 18:33:52.000000000 +0100 @@ -57,6 +57,7 @@ #include "errmsg.h" #include "unicode-helper.h" #include "parserif.h" +#include "ratelimit.h" MODULE_TYPE_OUTPUT MODULE_TYPE_NOKEEP @@ -119,6 +120,9 @@ uint8_t compressionMode; int errsToReport; /* max number of errors to report (per instance) */ sbool strmCompFlushOnTxEnd; /* flush stream compression on transaction end? */ + unsigned int ratelimitInterval; + unsigned int ratelimitBurst; + ratelimit_t *ratelimiter; } instanceData; typedef struct wrkrInstanceData { @@ -200,7 +204,9 @@ { "udp.sendtoall", eCmdHdlrBinary, 0 }, { "udp.senddelay", eCmdHdlrInt, 0 }, { "udp.sendbuf", eCmdHdlrSize, 0 }, - { "template", eCmdHdlrGetWord, 0 } + { "template", eCmdHdlrGetWord, 0 }, + { "ratelimit.interval", eCmdHdlrInt, 0 }, + { "ratelimit.burst", eCmdHdlrInt, 0 } }; static struct cnfparamblk actpblk = { CNFPARAMBLK_VERSION, @@ -411,6 +417,11 @@ free(pData->address); free(pData->device); net.DestructPermittedPeers(&pData->pPermPeers); + if (pData->ratelimiter != NULL){ + ratelimitDestruct(pData->ratelimiter); + pData->ratelimiter = NULL; + } + ENDfreeInstance @@ -427,7 +438,10 @@ BEGINdbgPrintInstInfo CODESTARTdbgPrintInstInfo - dbgprintf("%s", pData->target); + dbgprintf("omfwd\n"); + dbgprintf("\ttarget='%s'\n", pData->target); + dbgprintf("\tratelimit.interval='%u'\n", pData->ratelimitInterval); + dbgprintf("\tratelimit.burst='%u'\n", pData->ratelimitBurst); ENDdbgPrintInstInfo @@ -571,9 +585,18 @@ finalize_it: if(iRet != RS_RET_OK) { - /* error! */ - LogError(0, iRet, "omfwd: TCPSendBuf error %d, destruct TCP Connection to %s:%s", - iRet, pWrkrData->pData->target, pWrkrData->pData->port); + if(iRet == RS_RET_IO_ERROR) { + LogError(0, iRet, + "omfwd: remote server at %s:%s seems to have closed connection. This often happens when " + "the remote peer (or an interim system like a load balancer or firewall) " + "shuts down or aborts a connection. Rsyslog will re-open the connection if configured " + "to do so (we saw a generic IO Error, which" + "usually goes along with that behaviour)", + pWrkrData->pData->target, pWrkrData->pData->port); + } else { + LogError(0, iRet, "omfwd: TCPSendBuf error %d, destruct TCP Connection to %s:%s", + iRet, pWrkrData->pData->target, pWrkrData->pData->port); + } DestructTCPInstanceData(pWrkrData); iRet = RS_RET_SUSPENDED; } @@ -762,10 +785,10 @@ if(pData->pszStrmDrvrAuthMode != NULL) { CHKiRet(netstrm.SetDrvrAuthMode(pWrkrData->pNetstrm, pData->pszStrmDrvrAuthMode)); } - if(pData->pszStrmDrvrPermitExpiredCerts != NULL) { - CHKiRet(netstrm.SetDrvrPermitExpiredCerts(pWrkrData->pNetstrm, - pData->pszStrmDrvrPermitExpiredCerts)); - } + /* Call SetDrvrPermitExpiredCerts required + * when param is NULL default handling for ExpiredCerts is set! */ + CHKiRet(netstrm.SetDrvrPermitExpiredCerts(pWrkrData->pNetstrm, + pData->pszStrmDrvrPermitExpiredCerts)); if(pData->pPermPeers != NULL) { CHKiRet(netstrm.SetDrvrPermPeers(pWrkrData->pNetstrm, pData->pPermPeers)); @@ -1052,13 +1075,31 @@ BEGINcommitTransaction unsigned i; + char namebuf[264]; /* 256 for FGDN, 5 for port and 3 for transport => 264 */ CODESTARTcommitTransaction CHKiRet(doTryResume(pWrkrData)); DBGPRINTF(" %s:%s/%s\n", pWrkrData->pData->target, pWrkrData->pData->port, pWrkrData->pData->protocol == FORW_UDP ? "udp" : "tcp"); + if(pWrkrData->pData->ratelimiter) { + snprintf(namebuf, sizeof namebuf, "%s:[%s]:%s", + pWrkrData->pData->protocol == FORW_UDP ? "udp" : "tcp", + pWrkrData->pData->target, + pWrkrData->pData->port); + } + for(i = 0 ; i < nParams ; ++i) { + /* If rate limiting is enabled, check whether this message has to be discarded */ + if(pWrkrData->pData->ratelimiter) { + iRet = ratelimitMsgCount(pWrkrData->pData->ratelimiter, 0, namebuf); + if (iRet == RS_RET_DISCARDMSG) { + iRet = RS_RET_OK; + continue; + } else if (iRet != RS_RET_OK) { + LogError(0, RS_RET_ERR, "omfwd: error during rate limit : %d.\n",iRet); + } + } iRet = processMsg(pWrkrData, &actParam(pParams, 1, i, 0)); if(iRet != RS_RET_OK && iRet != RS_RET_DEFER_COMMIT && iRet != RS_RET_PREVIOUS_COMMITTED) FINALIZE; @@ -1147,6 +1188,9 @@ pData->strmCompFlushOnTxEnd = 1; pData->compressionMode = COMPRESS_NEVER; pData->ipfreebind = IPFREEBIND_ENABLED_WITH_LOG; + pData->ratelimiter = NULL; + pData->ratelimitInterval = 0; + pData->ratelimitBurst = 200; } BEGINnewActInst @@ -1329,6 +1373,10 @@ free(cstr); } else if(!strcmp(actpblk.descr[i].name, "ipfreebind")) { pData->ipfreebind = (int) pvals[i].val.d.n; + } else if(!strcmp(actpblk.descr[i].name, "ratelimit.burst")) { + pData->ratelimitBurst = (unsigned int) pvals[i].val.d.n; + } else if(!strcmp(actpblk.descr[i].name, "ratelimit.interval")) { + pData->ratelimitInterval = (unsigned int) pvals[i].val.d.n; } else { LogError(0, RS_RET_INTERNAL_ERROR, "omfwd: program error, non-handled parameter '%s'", @@ -1364,6 +1412,13 @@ LogError(0, RS_RET_PARAM_ERROR, "omfwd: parameter \"address\" not supported for tcp -- ignored"); } + + if( pData->ratelimitInterval > 0) { + CHKiRet(ratelimitNew(&pData->ratelimiter, "omfwd", NULL)); + ratelimitSetLinuxLike(pData->ratelimiter, pData->ratelimitInterval, pData->ratelimitBurst); + ratelimitSetNoTimeCache(pData->ratelimiter); + } + CODE_STD_FINALIZERnewActInst cnfparamvalsDestruct(pvals, &actpblk); ENDnewActInst diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/rsyslog-8.2010.0/ylwrap new/rsyslog-8.2012.0/ylwrap --- old/rsyslog-8.2010.0/ylwrap 2020-10-20 08:37:55.000000000 +0200 +++ new/rsyslog-8.2012.0/ylwrap 2020-12-07 18:34:58.000000000 +0100 @@ -1,9 +1,9 @@ #! /bin/sh # ylwrap - wrapper for lex/yacc invocations. -scriptversion=2016-01-11.22; # UTC +scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1996-2017 Free Software Foundation, Inc. +# Copyright (C) 1996-2018 Free Software Foundation, Inc. # # Written by Tom Tromey <[email protected]>. # @@ -18,7 +18,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -239,7 +239,7 @@ # Local Variables: # mode: shell-script # sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC0" ++++++ rsyslog-doc-8.2010.0.tar.gz -> rsyslog-doc-8.2012.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/rsyslog/rsyslog-doc-8.2010.0.tar.gz /work/SRC/openSUSE:Factory/.rsyslog.new.2328/rsyslog-doc-8.2012.0.tar.gz differ: char 5, line 1 _______________________________________________ openSUSE Commits mailing list -- [email protected] To unsubscribe, email [email protected] List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/[email protected]
