Merge branch 'beta'

Conflicts:

	ChangeLog
	configure.ac
	doc/ommail.html
	queue.c

6 files changed, 206 insertions, 11 deletions

diff --git a/doc/Makefile.am b/doc/Makefile.am
index aa4e8a7d..c1d41cf8 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -22,7 +22,6 @@ html_files = \
 	rsyslog_php_syslog_ng.html \
 	rsyslog_recording_pri.html \
 	rsyslog_stunnel.html \
-	status.html \
 	syslog-protocol.html \
 	version_naming.html \
 	contributors.html \
diff --git a/doc/gssapi.html b/doc/gssapi.html
new file mode 100644
index 00000000..400be4a3
--- /dev/null
+++ b/doc/gssapi.html
@@ -0,0 +1,118 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html><head><title>GSSAPI module support in rsyslog v3</title>
+
+</head>
+<body>
+<h1>GSSAPI module support in rsyslog v3</h1>
+<p style="font-weight: bold;">What is it good for.</p>
+<ul style="margin-left: 1.25cm;">
+<li>
+client-serverauthentication </li>
+<li>
+Log
+messages encryption </li>
+</ul>
+<p class="P5"> </p>
+<p class="P3"><span style="font-weight: bold;">Requirements.</span>
+</p>
+<ul>
+<li>Kerberos infrastructure</li>
+<li>rsyslog, rsyslog-gssapi</li>
+</ul>
+<p> </p>
+<p><span style="font-weight: bold;">Configuration.</span>
+</p>
+<p>Let's assume there are 3 machines in kerberos Realm: </p>
+<ul>
+<li>the
+first is running KDC (Kerberos Authentication Service and Key
+Distribution Center),</li>
+<li>the second is a client sending its logs to the server,</li>
+<li>the third is receiver, gathering all logs.</li>
+</ul>
+<p class="P7"> </p>
+<p class="P10"><span style="font-style: italic;">1.
+KDC:</span> </p>
+<ul>
+<li>Kerberos
+database must be properly set-up on KDC machine first. Use
+kadmin/kadmin.local to do that. Two principals need to be add in our
+case:</li>
+</ul>
+<ol style="margin-left: 1.25cm; list-style-type: decimal;">
+<li>
+<p>sender@REALM.ORG
+</p>
+</li>
+</ol>
+<ul>
+<li>client must have ticket for pricipal sender</li>
+<li>REALM.ORG is kerberos Realm</li>
+</ul>
+<ol style="margin-left: 1.25cm; list-style-type: decimal;">
+<li>host/receiver.mydomain.com@REALM.ORG - service principal</li>
+</ol>
+<ul>
+<li>Use ktadd to export service principal and transfer it to
+/etc/krb5.keytab
+on receiver </li>
+</ul>
+<p><span style="font-style: italic;">2. CLIENT:</span>
+</p>
+<ul>
+<li>set-up rsyslog, in /etc/rsyslog.conf</li>
+<li>$ModLoad omgssapi.so - load output gss module </li>
+<li>$GSSForwardServiceName
+otherThanHost - set the name of service principal, "host" is the
+default one</li>
+<li>*.* :omgssapi:receiver.mydomain.com - action line, forward
+logs to receiver</li>
+<li>kinit root - get the TGT ticket</li>
+<li>service rsyslog start
+<p class="P14" style="margin-left: 0.25cm;"> </p>
+</li>
+</ul>
+<p><span style="font-style: italic;">3. SERVER:</span>
+</p>
+<ul>
+<li class="P14" style="margin-left: 0cm;">
+<p class="P14" style="margin-left: 0.25cm;">set-up
+rsyslog, in /etc/rsyslog.conf </p>
+</li>
+<li class="P16">
+<p class="P16" style="margin-left: 0.25cm;">$ModLoad
+<a href="imgssapi.html">imgssapi.so</a> - load input gss module </p>
+</li>
+<li class="P16">
+<p class="P16" style="margin-left: 0.25cm;">$InputGSSServerServiceName
+otherThanHost - set the name of service principal, "host" is the
+default one </p>
+</li>
+<li class="P16">
+<p class="P16" style="margin-left: 0.25cm;">$InputGSSServerPermitPlainTCP
+on - accept GSS and TCP connections (not authenticated senders), off by
+default </p>
+</li>
+<li class="P16">
+<p class="P16" style="margin-left: 0.25cm;">$InputGSSServerRun
+514 - run server on port </p>
+</li>
+<li class="P14" style="margin-left: 0cm;">
+<p class="P14" style="margin-left: 0.25cm;">service
+rsyslog start </p>
+</li>
+</ul>
+<span style="font-weight: bold;">The picture demonstrate
+how things work.</span>
+<p class="P18"> </p>
+<img src="gssapi.png" alt="rsyslog gssapi support">
+<p>[<a href="rsyslog_conf.html">rsyslog.conf overview</a>]
+[<a href="manual.html">manual index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>]</p>
+<p><font size="2">This documentation is part of the
+<a href="http://www.rsyslog.com/">rsyslog</a>
+project.<br>
+Copyright © 2008 by <a href="http://www.gerhards.net/rainer">Rainer
+Gerhards</a> and
+<a href="http://www.adiscon.com/">Adiscon</a>.
+Released under the GNU GPL version 3 or higher.</font></p>
+</body></html>
\ No newline at end of file
diff --git a/doc/gssapi.png b/doc/gssapi.png
new file mode 100644
index 00000000..c82baa52
--- /dev/null
+++ b/doc/gssapi.png
diff --git a/doc/licensing.html b/doc/licensing.html
new file mode 100644
index 00000000..93a50930
--- /dev/null
+++ b/doc/licensing.html
@@ -0,0 +1,72 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html><head>
+<title>rsyslog licensing</title>
+
+</head>
+<body>
+<h1>rsyslog licensing</h1>
+<p><b>Most important things first: if you intend to use rsyslog inside a GPLv3 compatible project, you are free to do so.</b> You don't even need to continue reading. 
+If you intend to use rsyslog inside a non-GPLv3 
+compatible project, rsyslog offers you some liberties to do that, too. However, you then need
+to study the licensing details in depth.
+<p>The project hopes this is a good compromise, which also gives a boost to fellow free 
+software developers who release under GPLv3.
+<p>And now on to the dirty and boring license details, still on a executive summary level. For the
+real details, check source files and the files COPYING and COPYING.LESSER inside the distribution.
+<p>The rsyslog package contains several components:
+<ul>
+<li>the rsyslog core programs (like rsyslogd)
+<li>plugins (like imklog, omrelp, ...)
+<li>the rsyslog runtime library
+</ul>
+<p>Each of these components can be thought of as individual projects. In fact, some of the
+plugins have different main authors than the rest of the rsyslog package. All of these
+components are currently put together into a single "rsyslog" package (tarball) for
+convinience: this makes it easier to distribute a consistent version where everything
+is included (and in the right versions) to build a full system. Platform package 
+maintainers in general take the overall package and split off the individual components, so that
+users can install only what they need. In source installations, this can be done via the
+proper ./configure switches.
+<p>However, while it is convenient to package all parts in a single tarball, it does not
+imply all of them are necessarily covered by the same license. Traditionally, GPL licenses
+are used for rsyslog, because the project would like to provide free software. GPLv3 has been
+used since around 2008 to help fight for our freedom. All rsyslog core programs are
+released under GPLv3. But, from the beginning on, plugins were separate projects and we did not
+impose and license restrictions on them. So even though all plugins that currently ship with
+the rsyslog package are also placed under GPLv3, this can not taken for granted. You need
+to check each plugins license terms if in question - this is especially important for
+plugins that do NOT ship as part of the rsyslog tarball.
+<p>In order to make rsyslog technology available to a broader range of applications, 
+the rsyslog runtime is, at least partly, licensed under LGPL. If in doubt, check the source file
+licensing comments. As of now, the following files are licensed under LGPL:
+<ul>
+<li>queue.c/.h
+<li>wti.c/.h
+<li>wtp.c/.h
+<li>vm.c/.h
+<li>vmop.c/.h
+<li>vmprg.c/.h
+<li>vmstk.c/.h
+<li>expr.c/.h
+<li>sysvar.c/.h
+<li>ctok.c/.h
+<li>ctok_token.c/.h
+<li>regexp.c/.h
+<li>sync.c/.h
+<li>stream.c/.h
+<li>var.c/.h
+</ul>
+This list will change as time of the runtime modularization. At some point in the future, there will
+be a well-designed set of files inside a runtime library branch and all of these will be LGPL. Some
+select extras will probably still be covered by GPL. We are following a similar licensing
+model in GnuTLS, which makes effort to reserve some functionality exclusively to open source
+projects.
+<p>[<a href="manual.html">manual index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>]</p>
+<p><font size="2">This documentation is part of the
+<a href="http://www.rsyslog.com/">rsyslog</a>
+project.<br>
+Copyright &copy; 2008 by <a href="http://www.gerhards.net/rainer">Rainer
+Gerhards</a> and
+<a href="http://www.adiscon.com/">Adiscon</a>. Last Update: 2008-04-15.
+Released under the GNU GPL version 3 or higher.</font></p>
+</body></html>
diff --git a/doc/manual.html b/doc/manual.html
index 9d4dbefd..9c906497 100644
--- a/doc/manual.html
+++ b/doc/manual.html
@@ -1,6 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html><head><title>rsyslog documentation</title>
-</head>
+<html><head><title>rsyslog documentation</title></head>
 <body>
 <h1>RSyslog - Documentation</h1>
 <p><b><a href="http://www.rsyslog.com/">Rsyslog</a>
@@ -17,10 +16,10 @@ relay chains while at the same time being very easy to setup for the
 novice user. And as we know what enterprise users really need, there is
 also <a href="professional_support.html">professional
 rsyslog support</a> available directly from the source!</p>
-<p><b>This documentation is for version 3.14.2 of rsyslog.</b>
+<p><b>This documentation is for version 3.15.1 (beta branch) of rsyslog.</b>
 Visit the <i> <a href="http://www.rsyslog.com/doc-status.html">rsyslog status page</a></i></b> to obtain current
 version information and project status.
-<p><b>If you like rsyslog, you might
+</p><p><b>If you like rsyslog, you might
 want to lend us a helping hand. </b>It doesn't require a lot of
 time - even a single mouse click helps. Learn <a href="how2help.html">how to help the rsyslog project</a>.
 Due to popular demand, there is now a <a href="rsyslog_ng_comparison.html">side-by-side comparison
@@ -64,10 +63,9 @@ php-syslog-ng with rsyslog</a></li>
 <li><a href="rsyslog_recording_pri.html">recording
 the syslog priority (severity and facility) to the log file</a></li>
 <li><a href="http://www.rsyslog.com/Article19.phtml">preserving
-syslog sender over NAT</a> (online only)</li>
+syslog sender over NAT</a> (online only)</li><li><a href="gssapi.html">an overview and howto of rsyslog gssapi support</a></li>
 <li><a href="debug.html">debug support in rsyslog</a></li>
-<li><a href="dev_queue.html">the rsyslog message
-queue object</a></li>
+<li><a href="dev_queue.html">the rsyslog message queue object</a></li>
 </ul>
 <p>Our <a href="history.html">rsyslog history</a>
 page is for you if you would like to learn a little more
@@ -99,5 +97,9 @@ mailing list</a>. If you are interested in the "backstage", you
 may find
 <a href="http://www.gerhards.net/rainer">Rainer</a>'s
 <a href="http://rgerhards.blogspot.com/">blog</a> an
-interesting read (filter on syslog and rsyslog tags).</p>
+interesting read (filter on syslog and rsyslog tags).
+If you would like to use rsyslog source code inside your open source project, you can do that without
+any restriction as long as your license is GPLv3 compatible. If your license is incompatible to GPLv3,
+you may even be still permitted to use rsyslog source code. However, then you need to look at the way
+<a href="licensing.html">rsyslog is licensed</a>.</p>
 </body></html>
diff --git a/doc/ommail.html b/doc/ommail.html
index ec5c5258..ba06a366 100644
--- a/doc/ommail.html
+++ b/doc/ommail.html
@@ -111,13 +111,17 @@ $ActionExecOnlyOnceEveryInterval 21600
 # the if ... then ... mailBody mus be on one line!
 if $msg contains 'hard disk fatal failure' then :ommail:;mailBody
 </textarea>
+<p>A more advanced example plus a discussion on using the email feature
+inside a reliable system can be found in Rainer's blogpost
+"<a style="font-style: italic;" href="http://rgerhards.blogspot.com/2008/04/why-is-native-email-capability.html">Why
+is native email capability an advantage for a syslogd?</a>"
 <p>[<a href="rsyslog_conf.html">rsyslog.conf overview</a>]
 [<a href="manual.html">manual index</a>] [<a href="http://www.rsyslog.com/">rsyslog site</a>]</p>
 <p><font size="2">This documentation is part of the
 <a href="http://www.rsyslog.com/">rsyslog</a>
 project.<br>
-Copyright © 2008 by <a href="http://www.gerhards.net/rainer">Rainer
+Copyright &copy; 2008 by <a href="http://www.gerhards.net/rainer">Rainer
 Gerhards</a> and
 <a href="http://www.adiscon.com/">Adiscon</a>.
 Released under the GNU GPL version 3 or higher.</font></p>
-</body></html>
\ No newline at end of file
+</body></html>