Mehmet Avcioglu via rsyslog <[email protected]>, 25 Haz 2025 Çar, 15:38 tarihinde şunu yazdı: > > How does rsyslog decide whether to use gnutls or openssl? I > specifically installed the rsyslog-openssl package and removed > rsyslog-gnutls package from Rocky8 servers, but possibly gnutls is > still used instead of openssl, as the logs reference gnutls and I > still see rsyslog linking to gnutls library. Any insight would be > appreciated. >
Hello, first use rsyslogd -v and check TLS support. second check your config: module(load="gtls") - gnutls module(load="omrelp") - relp tls also remember dont forget that openssl is experimental. if you use source code please use: ./configure --enable-openssl Ozgur > I am using 8.2502 and relp. The reason why I want to try openssl > instead of gnutls is that sometimes (which I cannot reproduce myself) > right after gnutls error messages, like the ones given below, client > rsyslog exits. > > omrelp[11514]: error 'TLS record write failed [gnutls error -53: Error > in the push function.]' > imrelp[11514]: error 'TLS record write failed [gnutls error -408: > Cannot perform this action while handshake is in progress.]', object > 'lstn 11514: conn to clt 10.6.9.4' - input may not work as intended > "imrelp[11514]: error 'TLS handshake failed [gnutls error -54: Error > in the pull function.]', object 'lstn 11514: conn to clt 10.6.9.4' - > input may not work as intended" > > # ldd /lib64/rsyslog/omrelp.so | grep -E 'ssl|gnutls' > libgnutls.so.30 => /lib64/libgnutls.so.30 (0x00007894a4400000) > libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007894a4000000) > > # lsof -p $(pidof rsyslogd) | grep -E 'ssl|gnutls' > rsyslogd 2077751 root mem REG 253,0 619872 > 402886459 /usr/lib64/libssl.so.1.1.1k > rsyslogd 2077751 root mem REG 253,0 2051648 > 402886940 /usr/lib64/libgnutls.so.30.28.2 > > # cat /proc/$(pidof rsyslogd)/maps | grep -E 'ssl|gnutls' > 7ffad7d8d000-7ffad7e14000 r-xp 00000000 fd:00 402886459 > /usr/lib64/libssl.so.1.1.1k > 7ffad7e14000-7ffad8014000 ---p 00087000 fd:00 402886459 > /usr/lib64/libssl.so.1.1.1k > 7ffad8014000-7ffad801d000 r--p 00087000 fd:00 402886459 > /usr/lib64/libssl.so.1.1.1k > 7ffad801d000-7ffad8021000 rw-p 00090000 fd:00 402886459 > /usr/lib64/libssl.so.1.1.1k > 7ffad8022000-7ffad81ff000 r-xp 00000000 fd:00 402886940 > /usr/lib64/libgnutls.so.30.28.2 > 7ffad81ff000-7ffad83fe000 ---p 001dd000 fd:00 402886940 > /usr/lib64/libgnutls.so.30.28.2 > 7ffad83fe000-7ffad840f000 r--p 001dc000 fd:00 402886940 > /usr/lib64/libgnutls.so.30.28.2 > 7ffad840f000-7ffad8411000 rw-p 001ed000 fd:00 402886940 > /usr/lib64/libgnutls.so.30.28.2 > > Thank you > > -- > Mehmet > _______________________________________________ > rsyslog mailing list > https://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. > _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
