diff options
-rw-r--r-- | ChangeLog | 14 | ||||
-rw-r--r-- | configure.ac | 4 | ||||
-rw-r--r-- | doc/Makefile.am | 3 | ||||
-rw-r--r-- | doc/manual.html | 2 | ||||
-rw-r--r-- | doc/ommysql.html | 13 | ||||
-rw-r--r-- | doc/omrelp.html | 4 | ||||
-rw-r--r-- | doc/rsyslog_stunnel.html | 2 | ||||
-rw-r--r-- | doc/rsyslog_tls.html | 2 | ||||
-rw-r--r-- | doc/tls_cert_server.html | 4 | ||||
-rw-r--r-- | plugins/imgssapi/imgssapi.c | 8 |
10 files changed, 43 insertions, 13 deletions
@@ -248,11 +248,23 @@ Version 3.21.0 [DEVEL] (rgerhards), 2008-07-18 - imported all changes from 3.18.1 until today (some quite important, see below) --------------------------------------------------------------------------- -Version 3.20.4 [v3-stable] (rgerhards), 2009-02-?? +Version 3.20.5 [v3-stable] (rgerhards), 2009-0?-?? +- fixed a bug in configure.ac which resulted in problems with + environment detection - thanks to Michael Biebl for the patch +- fixed a potential segfault problem in gssapi code + thanks to varmojfekoj for the patch +- doc enhance: provide standard template for MySQL module and instructions + on how to modify schema +--------------------------------------------------------------------------- +Version 3.20.4 [v3-stable] (rgerhards), 2009-02-09 - bugfix: inconsistent use of mutex/atomic operations could cause segfault details are too many, for full analysis see blog post at: http://blog.gerhards.net/2009/01/rsyslog-data-race-analysis.html +- bugfix: invalid ./configure settings for RFC3195 + thanks to Michael Biebl for the patch - bugfix: invalid mutex access in msg.c +- doc bugfix: dist tarball missed 2 files, had one extra file that no + longer belongs into it. Thanks to Michael Biebl for pointing this out. --------------------------------------------------------------------------- Version 3.20.3 [v3-stable] (rgerhards), 2009-01-19 - doc bugfix: v3-compatiblity document had typo in config directive diff --git a/configure.ac b/configure.ac index 9ba24085..00b65410 100644 --- a/configure.ac +++ b/configure.ac @@ -617,8 +617,8 @@ if test "x$enable_rfc3195" = "xyes"; then PKG_CHECK_MODULES(LIBLOGGING, liblogging >= 0.7.1) fi AM_CONDITIONAL(ENABLE_RFC3195, test x$enable_rfc3195 = xyes) -AC_SUBST(RFC3195_CFLAGS) -AC_SUBST(RFC3195_LIBS) +AC_SUBST(LIBLOGGING_CFLAGS) +AC_SUBST(LIBLOGGING_LIBS) # settings for the template input module; copy and modify this code diff --git a/doc/Makefile.am b/doc/Makefile.am index b58f813b..3015d6b5 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -32,6 +32,7 @@ html_files = \ contributors.html \ dev_queue.html \ omsnmp.html \ + ommysql.html \ omlibdbi.html \ imfile.html \ imtcp.html \ @@ -97,7 +98,7 @@ html_files = \ licensing.html \ ommail.html \ omrelp.html \ - status.html \ + syslog_parsing.html \ troubleshoot.html \ rsyslog_conf_actions.html \ rsyslog_conf_examples.html \ diff --git a/doc/manual.html b/doc/manual.html index 064e89af..99a90594 100644 --- a/doc/manual.html +++ b/doc/manual.html @@ -51,7 +51,7 @@ generic syslog application design</a><!-- not good as it currently is ;) <li><a <li><a href="install.html">installing rsyslog</a></li> <li><a href="build_from_repo.html">obtaining rsyslog from the source repository</a></li> <li><a href="ipv6.html">rsyslog and IPv6</a> (which is fully supported)</li> -<li><a href="rsyslog_tls.html">native TLS encryption for syslog</a></li> +<li><a href="rsyslog_secure_tls.html">native TLS encryption for syslog</a></li> <li><a href="rsyslog_stunnel.html">ssl-encrypting syslog with stunnel</a></li> <li><a href="rsyslog_mysql.html">writing syslog messages to MySQL (and other databases as well)</a></li> <li><a href="rsyslog_high_database_rate.html">writing massive amounts of syslog messages to a database</a></li> diff --git a/doc/ommysql.html b/doc/ommysql.html index 7a3f5930..9b35b402 100644 --- a/doc/ommysql.html +++ b/doc/ommysql.html @@ -28,6 +28,17 @@ you know the server is running on a non-standard listen port. <br><b>:ommysql:database-server,database-name,database-userid,database-password</b> <br>All parameters should be filled in for a successful connect. </ul> +<p>Note rsyslog contains a canned default template to write to the MySQL +database. It works on the MonitorWare schema. This template is: +<p> +<textarea rows="5" cols="80">$template tpl,"insert into SystemEvents (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",SQL +</textarea> +<p>As you can see, the template is an actual SQL statement. Note the ",SQL" option: it tells the +template processor that the template is used for SQL processing, thus quote characters are quoted +to prevent security issues. You can not assign a template without ",SQL" to a MySQL output action. +<p>If you would like to change fields contents or add or delete your own fields, you +can simply do so by modifying the schema (if required) and creating your own custom +template. <p><b>Sample:</b></p> <p>The following sample writes all syslog messages to the database "syslog_db" on mysqlsever.example.com. The server is @@ -42,7 +53,7 @@ $ActionOmmysqlServerPort 1234 # use non-standard port <p><font size="2">This documentation is part of the <a href="http://www.rsyslog.com/">rsyslog</a> project.<br> -Copyright © 2008 by <a href="http://www.gerhards.net/rainer">Rainer Gerhards</a> and +Copyright © 2008, 2009 by <a href="http://www.gerhards.net/rainer">Rainer Gerhards</a> and <a href="http://www.adiscon.com/">Adiscon</a>. Released under the GNU GPL version 3 or higher.</font></p> </body></html> diff --git a/doc/omrelp.html b/doc/omrelp.html index 82a62afc..b3132d78 100644 --- a/doc/omrelp.html +++ b/doc/omrelp.html @@ -4,9 +4,9 @@ </head> <body> -<a href="rsyslog_conf_modules.html">back</a> +<a href="rsyslog_conf_modules.html">back to rsyslog module documentation</a> -<h1>RELP Output Module (omlibdbi)</h1> +<h1>RELP Output Module (omrelp)</h1> <p><b>Module Name: omrelp</b></p> <p><b>Author: </b>Rainer Gerhards <rgerhards@adiscon.com></p> diff --git a/doc/rsyslog_stunnel.html b/doc/rsyslog_stunnel.html index f4f82cd0..f0c0b3af 100644 --- a/doc/rsyslog_stunnel.html +++ b/doc/rsyslog_stunnel.html @@ -23,7 +23,7 @@ a peek at your data.</b> In some environments, this is no problem at all. In others, it is a huge setback, probably even preventing deployment of syslog solutions. Thankfully, there is an easy way to encrypt syslog communication. I will describe one approach in this paper.</p> -<p>The most straigthforward solution would be that the syslogd itself encrypts +<p>The most straightforward solution would be that the syslogd itself encrypts messages. Unfortuantely, encryption is only standardized in <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">RFC 3195</a>. But there is currently no syslogd that implements RFC 3195's encryption features, diff --git a/doc/rsyslog_tls.html b/doc/rsyslog_tls.html index ebb08ebe..e37d26a7 100644 --- a/doc/rsyslog_tls.html +++ b/doc/rsyslog_tls.html @@ -117,7 +117,7 @@ $DefaultNetstreamDriverCAFile /path/to/contrib/gnutls/ca.pem $DefaultNetstreamDriverCertFile /path/to/contrib/gnutls/cert.pem $DefaultNetstreamDriverKeyFile /path/to/contrib/gnutls/key.pem -$ModLoad /home/rger/proj/rsyslog/plugins/imtcp/.libs/imtcp # load listener +$ModLoad imtcp # load TCP listener $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode $InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated diff --git a/doc/tls_cert_server.html b/doc/tls_cert_server.html index 51ad7bed..9c68db5d 100644 --- a/doc/tls_cert_server.html +++ b/doc/tls_cert_server.html @@ -87,8 +87,8 @@ what we assume in this tutorial. Evaluate your options based on your security ne <p>Keep in mind that this rsyslog.conf accepts messages via TCP, only. The only other source accepted is messages from the server itself. <code><pre> -$ModLoad /home/rger/proj/rsyslog/plugins/imuxsock/.libs/imuxsock # local messages -$ModLoad /home/rger/proj/rsyslog/plugins/imtcp/.libs/imtcp +$ModLoad imuxsock # local messages +$ModLoad imtcp # TCP listener # make gtls driver the default $DefaultNetstreamDriver gtls diff --git a/plugins/imgssapi/imgssapi.c b/plugins/imgssapi/imgssapi.c index fcc930ea..debe935e 100644 --- a/plugins/imgssapi/imgssapi.c +++ b/plugins/imgssapi/imgssapi.c @@ -268,7 +268,8 @@ doOpenLstnSocks(tcpsrv_t *pSrv) if(pGSrv->allowedMethods) { /* fallback to plain TCP */ CHKiRet(tcpsrv.create_tcp_socket(pSrv)); - dbgprintf("Opened %d syslog TCP port(s).\n", *pRet); + } else { + ABORT_FINALIZE(RS_RET_GSS_ERR); } } @@ -335,6 +336,11 @@ addGSSListener(void __attribute__((unused)) *pVal, uchar *pNewVal) } finalize_it: + if(iRet != RS_RET_OK) { + errmsg.LogError(0, NO_ERRCODE, "error %d trying to add listener", iRet); + if(pOurTcpsrv != NULL) + tcpsrv.Destruct(&pOurTcpsrv); + } RETiRet; } |