From 91661455ebf63275a849dc5c7f49c21d7837b442 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 16 Apr 2008 12:48:20 +0200 Subject: provided ability to initialize the runtime --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 29c12e9c..d88a124c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +- split of a "runtime library" for rsyslog - this is not yet a clean + model, because some modularization is still outstanding. In theory, + this shall enable other utilities but rsyslogd to use the same + runtime --------------------------------------------------------------------------- Version 3.17.1 (rgerhards), 2008-04-15 - removed dependency on MAXHOSTNAMELEN as much as it made sense. -- cgit From d9b0c77d3e719d4c08361e62f3b067228c30f6a9 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 16 Apr 2008 15:27:53 +0200 Subject: some more cleanup reduced dependencies, moved non-runtime files to its own directory except for some whom's status is unclear --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index d88a124c..9e9cdc07 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ model, because some modularization is still outstanding. In theory, this shall enable other utilities but rsyslogd to use the same runtime +- changed directory structure, files are now better organized --------------------------------------------------------------------------- Version 3.17.1 (rgerhards), 2008-04-15 - removed dependency on MAXHOSTNAMELEN as much as it made sense. -- cgit From 53a0ed8b3a03aa5d7bf40cb69b02391e5e5ca9d1 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 16 Apr 2008 16:41:00 +0200 Subject: completed im3195 including some documentation --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 29c12e9c..903ec85c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,4 @@ +- implemented im3195, the RFC3195 input as a plugin --------------------------------------------------------------------------- Version 3.17.1 (rgerhards), 2008-04-15 - removed dependency on MAXHOSTNAMELEN as much as it made sense. -- cgit From 5987107df46157eb847bc8271157ab8a7c73f6f4 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 16 Apr 2008 17:31:55 +0200 Subject: some cleanup after dual-merge im3195 did not yet know about the new directory structure version bumped in support of new devel branch version --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 6ac35529..3e5a744d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,3 @@ -- implemented im3195, the RFC3195 input as a plugin --------------------------------------------------------------------------- Version 3.19.0 (rgerhards), 2008-04-?? - begins new devel branch version @@ -7,6 +6,7 @@ Version 3.19.0 (rgerhards), 2008-04-?? this shall enable other utilities but rsyslogd to use the same runtime - changed directory structure, files are now better organized +- implemented im3195, the RFC3195 input as a plugin --------------------------------------------------------------------------- Version 3.17.2 (rgerhards), 2008-04-?? - this version is the new beta -- cgit From 3dc5bda6eb35f27033af2e2b25a37d74771f0a00 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 17 Apr 2008 13:44:29 +0200 Subject: changelog added plus typo fix --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 3e5a744d..f0fd4748 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,12 +1,13 @@ --------------------------------------------------------------------------- Version 3.19.0 (rgerhards), 2008-04-?? - begins new devel branch version +- implemented im3195, the RFC3195 input as a plugin - split of a "runtime library" for rsyslog - this is not yet a clean model, because some modularization is still outstanding. In theory, this shall enable other utilities but rsyslogd to use the same runtime - changed directory structure, files are now better organized -- implemented im3195, the RFC3195 input as a plugin +- a lot of cleanup in regard to modularization --------------------------------------------------------------------------- Version 3.17.2 (rgerhards), 2008-04-?? - this version is the new beta -- cgit From ea4a3a3cd95faf9328def84e3e253d6c1a4375f7 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 17 Apr 2008 19:03:51 +0200 Subject: improvements in omfwd and cleanup of omgssapi - some (small) cleanup of omgssapi - optimized omfwed, now loads TCP code only if this is actually necessary --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index f0fd4748..71766d1d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ --------------------------------------------------------------------------- Version 3.19.0 (rgerhards), 2008-04-?? - begins new devel branch version +- partly rewritten and improved omfwd among others, now loads TCP + code only if this is actually necessary - implemented im3195, the RFC3195 input as a plugin - split of a "runtime library" for rsyslog - this is not yet a clean model, because some modularization is still outstanding. In theory, -- cgit From 2fd8137b76dad1bf24d6467f2db6ff8a139f86be Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 24 Apr 2008 17:04:16 +0200 Subject: updated ChangeLog --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index d7ddfb95..52c637c7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ Version 3.19.0 (rgerhards), 2008-04-?? runtime - changed directory structure, files are now better organized - a lot of cleanup in regard to modularization +- -c option no longer must be the first option - thanks to varmjofekoj + for the patch --------------------------------------------------------------------------- Version 3.17.2 (rgerhards), 2008-04-?? - this version is the new beta -- cgit From 02795031a3021698baf857ae0c3af0ce38cd7cd4 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 6 May 2008 10:58:06 +0200 Subject: final touches for 3.19.0 --- ChangeLog | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 6f73db81..ec5494f7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,13 +1,15 @@ --------------------------------------------------------------------------- -Version 3.19.0 (rgerhards), 2008-04-?? +Version 3.19.0 (rgerhards), 2008-05-06 - begins new devel branch version +- implemented TLS for plain tcp syslog (this is also the world's first + implementation of IETF's upcoming syslog-transport-tls draft) - partly rewritten and improved omfwd among others, now loads TCP code only if this is actually necessary -- implemented im3195, the RFC3195 input as a plugin - split of a "runtime library" for rsyslog - this is not yet a clean model, because some modularization is still outstanding. In theory, this shall enable other utilities but rsyslogd to use the same runtime +- implemented im3195, the RFC3195 input as a plugin - changed directory structure, files are now better organized - a lot of cleanup in regard to modularization - -c option no longer must be the first option - thanks to varmjofekoj -- cgit From a100b9ebb82c5a414930fdce1da233adfa6571d8 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 6 May 2008 18:12:44 +0200 Subject: bumping version number --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index ec5494f7..8e419ce3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,7 @@ --------------------------------------------------------------------------- +Version 3.19.1 (rgerhards), 2008-05-07 +- file dirty.h was missing - thanks to darix for pointing this out +--------------------------------------------------------------------------- Version 3.19.0 (rgerhards), 2008-05-06 - begins new devel branch version - implemented TLS for plain tcp syslog (this is also the world's first -- cgit From 66fd122ed5a19b0d815ee2ee297da146ca6ea2c0 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 6 May 2008 18:35:54 +0200 Subject: configure help for --enable-gnutls wrong said default is "yes" but default actually is "no" thanks to darix for pointing this out --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 8e419ce3..8649b39c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ --------------------------------------------------------------------------- Version 3.19.1 (rgerhards), 2008-05-07 +- configure help for --enable-gnutls wrong - said default is "yes" but + default actually is "no" - thanks to darix for pointing this out - file dirty.h was missing - thanks to darix for pointing this out --------------------------------------------------------------------------- Version 3.19.0 (rgerhards), 2008-05-06 -- cgit From 442dad3521cfb2e4b1f352583db13caf8bd1f128 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 7 May 2008 12:33:18 +0200 Subject: limited number of unavoidable compiler warnings when compiling with GnuTLS --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 8649b39c..e00c5657 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,9 @@ Version 3.19.1 (rgerhards), 2008-05-07 - configure help for --enable-gnutls wrong - said default is "yes" but default actually is "no" - thanks to darix for pointing this out - file dirty.h was missing - thanks to darix for pointing this out +- bugfix: man files were not properly distributed - thanks to + darix for reporting and to Michael Biebl for help with the fix +- some minor cleanup --------------------------------------------------------------------------- Version 3.19.0 (rgerhards), 2008-05-06 - begins new devel branch version -- cgit From d2b63414ef92cde8a3107b8d17b74b1518775df6 Mon Sep 17 00:00:00 2001 From: varmojfekoj Date: Wed, 14 May 2008 08:32:40 +0200 Subject: fixed potential segfault due to invalid call to cfsysline thanks to varmojfekoj for the patch Signed-off-by: Rainer Gerhards --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index e00c5657..637f7b61 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,8 @@ --------------------------------------------------------------------------- +Version 3.19.2 (rgerhards), 2008-05-14 +- fixed potential segfault due to invalid call to cfsysline + thanks to varmojfekoj for the patch +--------------------------------------------------------------------------- Version 3.19.1 (rgerhards), 2008-05-07 - configure help for --enable-gnutls wrong - said default is "yes" but default actually is "no" - thanks to darix for pointing this out -- cgit From ce0569ec3ecb2116fb41006ca57498eccf1de43c Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 14 May 2008 18:52:53 +0200 Subject: ugfix: lmtcpclt, lmtcpsrv and lmgssutil did all link to the static runtime library, resulting in a large size increase (and potential "interesting" effects). Thanks to Michael Biebel for reporting the size issue. --- ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 637f7b61..905c2594 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,10 @@ --------------------------------------------------------------------------- +Version 3.19.3 (rgerhards), 2008-05-?? +- bugfix: lmtcpclt, lmtcpsrv and lmgssutil did all link to the static + runtime library, resulting in a large size increase (and potential + "interesting" effects). Thanks to Michael Biebel for reporting the size + issue. +--------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-14 - fixed potential segfault due to invalid call to cfsysline thanks to varmojfekoj for the patch -- cgit From d8b191a1f37ca3f5331afa25480d49612335b674 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 15 May 2008 07:58:01 +0200 Subject: bugfix: TLS server went into an endless loop in some situations. Thanks to Michael Biebl for reporting the problem. --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 905c2594..f84f3146 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,8 @@ Version 3.19.3 (rgerhards), 2008-05-?? runtime library, resulting in a large size increase (and potential "interesting" effects). Thanks to Michael Biebel for reporting the size issue. +- bugfix: TLS server went into an endless loop in some situations. + Thanks to Michael Biebl for reporting the problem. --------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-14 - fixed potential segfault due to invalid call to cfsysline -- cgit From a58ad72051a73b8a26e792507544ad4b41283ca7 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 15 May 2008 15:42:52 +0200 Subject: bumped version number --- ChangeLog | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index f84f3146..cfbc81a7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,13 +1,11 @@ --------------------------------------------------------------------------- -Version 3.19.3 (rgerhards), 2008-05-?? +Version 3.19.2 (rgerhards), 2008-05-?? - bugfix: lmtcpclt, lmtcpsrv and lmgssutil did all link to the static runtime library, resulting in a large size increase (and potential "interesting" effects). Thanks to Michael Biebel for reporting the size issue. - bugfix: TLS server went into an endless loop in some situations. Thanks to Michael Biebl for reporting the problem. ---------------------------------------------------------------------------- -Version 3.19.2 (rgerhards), 2008-05-14 - fixed potential segfault due to invalid call to cfsysline thanks to varmojfekoj for the patch --------------------------------------------------------------------------- -- cgit From 09afe64f29bae5af8ea1749373e8c8b6586b70d1 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 16 May 2008 13:36:41 +0200 Subject: added fromhost-ip properties and some bugfixes - bugfix: TCP input modules did incorrectly set fromhost property (always blank) - bugfix: imklog did not set fromhost property - added "fromhost-ip" property - added "RSYSLOG_DebugFormat" canned template - bugfix: hostname and fromhost were swapped when a persisted message (in queued mode) was read in --- ChangeLog | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index cfbc81a7..991efb88 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,17 @@ --------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-?? +- bugfix: TCP input modules did incorrectly set fromhost property + (always blank) +- bugfix: imklog did not set fromhost property +- added "fromhost-ip" property + Note that adding this property changes the on-disk format for messages. + However, that should not have any bad effect on existing spool files. + But you will run into trouble if you create a spool file with this + version and then try to process it with an older one (after a downgrade). + Don't do that ;) +- added "RSYSLOG_DebugFormat" canned template +- bugfix: hostname and fromhost were swapped when a persisted message + (in queued mode) was read in - bugfix: lmtcpclt, lmtcpsrv and lmgssutil did all link to the static runtime library, resulting in a large size increase (and potential "interesting" effects). Thanks to Michael Biebel for reporting the size -- cgit From dfb1f20ce71e69bf164c9b1d59e0b4cd9f81c252 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 16 May 2008 15:11:14 +0200 Subject: bumped version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 71faebc1..ffe66f8f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.3 (rgerhards), 2008-05-?? +--------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-16 - bugfix: TCP input modules did incorrectly set fromhost property (always blank) -- cgit From 6ea98ec5fff21c362e28a0121b78b8e6bb3b2528 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 16 May 2008 18:26:25 +0200 Subject: added first rough ability to authenticate the server against its certificate This is very experimental and needs some more work. It probably even segfaults - but the base code is there and running. The rest is refinement. While working on this, I did these two bugfixes: - bugfix: small mem leak in omfwd on exit (strmdriver name was not freed) - bugfix: $ActionSendStreamDriver had no effect --- ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index ffe66f8f..cc599b52 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ --------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-?? +- added ability to authenticate the server against its certificate + fingerprint +- bugfix: small mem leak in omfwd on exit (strmdriver name was not freed) +- bugfix: $ActionSendStreamDriver had no effect +- added ability for client to provide its fingerprint +- added ability for server to obtain client cert's fingerprint --------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-16 - bugfix: TCP input modules did incorrectly set fromhost property -- cgit From 6e97513eea1a6e282365eb01d972e0657cb36baa Mon Sep 17 00:00:00 2001 From: varmojfekoj Date: Wed, 21 May 2008 12:08:23 +0200 Subject: bugfix: default syslog port was no longer used if none was configured. Signed-off-by: Rainer Gerhards --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index ffe66f8f..c1201a6a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ --------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-?? +- bugfix: default syslog port was no longer used if none was + configured. Thanks to varmojfekoj for the patch --------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-16 - bugfix: TCP input modules did incorrectly set fromhost property -- cgit From 275595cdf8d5e18e665bfd4189f8061441595cce Mon Sep 17 00:00:00 2001 From: Tiziano Mueller Date: Wed, 21 May 2008 12:19:38 +0200 Subject: bugfix: missing linker options caused build to fail on some systems. Signed-off-by: Rainer Gerhards --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index c1201a6a..22f1a447 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,8 @@ Version 3.19.3 (rgerhards), 2008-05-?? - bugfix: default syslog port was no longer used if none was configured. Thanks to varmojfekoj for the patch +- bugfix: missing linker options caused build to fail on some + systems. Thanks to Tiziano Mueller for the patch. --------------------------------------------------------------------------- Version 3.19.2 (rgerhards), 2008-05-16 - bugfix: TCP input modules did incorrectly set fromhost property -- cgit From d7ae85c4edcc6af8427661ae7eeaf99ad80f5923 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 21 May 2008 12:44:43 +0200 Subject: finalizing v3.19.3 --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 1a7ac4b6..45b207e2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ --------------------------------------------------------------------------- -Version 3.19.3 (rgerhards), 2008-05-?? +Version 3.19.3 (rgerhards), 2008-05-21 - added ability to authenticate the server against its certificate fingerprint - added ability for client to provide its fingerprint -- cgit From 297384275f264ff4073838fe2006dc5180fd5a5b Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 21 May 2008 12:46:07 +0200 Subject: bumping version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 45b207e2..40ba68e1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.4 (rgerhards), 2008-05-?? +--------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-21 - added ability to authenticate the server against its certificate fingerprint -- cgit From 76877065f6897ef5cd68d524a321f9d9ebb82ef3 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 21 May 2008 17:37:58 +0200 Subject: bugfix: sender information (fromhost et al) was missing in imudp thanks to sandiso for reporting this bug --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b4ba1715..8ecf4f53 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ --------------------------------------------------------------------------- Version 3.19.4 (rgerhards), 2008-05-?? +- bugfix: sender information (fromhost et al) was missing in imudp + thanks to sandiso for reporting this bug --------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-21 - added ability to authenticate the server against its certificate -- cgit From 492fb2ffe2541b0de30997ee188d0bc8c868f18d Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 22 May 2008 18:58:04 +0200 Subject: changed config directive name to reflect different use $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for fingerprint and name authentication (similar to the input side) --- ChangeLog | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index cc599b52..032d7b29 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +- implemented x509/certvalid gtls auth mode +- implemented x509/name gtls auth mode +- changed config directive name to reflect different use + $ActionSendStreamDriverCertFingerprint is now + $ActionSendStreamDriverPermittedPeer and can be used both for + fingerprint and name authentication (similar to the input side) --------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-?? - added ability to authenticate the server against its certificate -- cgit From b674dd69bd35ee4da511ae73e70946ce4040b439 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 26 May 2008 12:53:49 +0200 Subject: added gtls name authentication based on common name (inside DN) also changed fingerprint gtls auth mode to new format fingerprint --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 032d7b29..4a65e0c5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ - implemented x509/certvalid gtls auth mode - implemented x509/name gtls auth mode +- changed fingerprint gtls auth mode to new format fingerprint - changed config directive name to reflect different use $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for -- cgit From 331a6442021405ecc0704fc11adb42178c917e67 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 26 May 2008 15:49:32 +0200 Subject: protected gtls error string function by a mutex. Without it, we could have a race condition in extreme cases. This was very remote, but now can no longer happen. --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 4a65e0c5..6691ac70 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ - implemented x509/certvalid gtls auth mode - implemented x509/name gtls auth mode - changed fingerprint gtls auth mode to new format fingerprint +- protected gtls error string function by a mutex. Without it, we + could have a race condition in extreme cases. This was very remote, + but now can no longer happen. - changed config directive name to reflect different use $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for -- cgit From 0e03445b1f1788e632d5ae91b55bd4e73dbea48c Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 27 May 2008 15:22:29 +0200 Subject: finalized 3.19.4 --- ChangeLog | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 5dab851f..c1efeffd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ +--------------------------------------------------------------------------- +Version 3.19.4 (rgerhards), 2008-05-27 - implemented x509/certvalid gtls auth mode -- implemented x509/name gtls auth mode +- implemented x509/name gtls auth mode (including wildcards) - changed fingerprint gtls auth mode to new format fingerprint - protected gtls error string function by a mutex. Without it, we could have a race condition in extreme cases. This was very remote, @@ -8,10 +10,15 @@ $ActionSendStreamDriverCertFingerprint is now $ActionSendStreamDriverPermittedPeer and can be used both for fingerprint and name authentication (similar to the input side) ---------------------------------------------------------------------------- -Version 3.19.4 (rgerhards), 2008-05-?? - bugfix: sender information (fromhost et al) was missing in imudp thanks to sandiso for reporting this bug +- this release fully inplements IETF's syslog-transport-tls-12 plus + the latest text changes Joe Salowey provided via email. Not included + is ipAddress subjectAltName authentication, which I think will be + dropped from the draft. I don't think there is any real need for it. +This release also includes all bug fix up to today from the beta +and stable branches. Most importantly, this means the bugfix for +100% CPU utilization by imklog. --------------------------------------------------------------------------- Version 3.19.3 (rgerhards), 2008-05-21 - added ability to authenticate the server against its certificate -- cgit From eabc99953046b65cc8cd3e52a5ae3650dbf4af4c Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 27 May 2008 15:26:41 +0200 Subject: bumped version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index c1efeffd..3aec9670 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.5 (rgerhards), 2008-05-?? +--------------------------------------------------------------------------- Version 3.19.4 (rgerhards), 2008-05-27 - implemented x509/certvalid gtls auth mode - implemented x509/name gtls auth mode (including wildcards) -- cgit From 99f18190a1f911224d45ca61706ae3fbc9ad7a80 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 29 May 2008 12:48:15 +0200 Subject: enhanced property replacer's regex to support submatches - enabled Posix ERE expressions inside the property replacer (previously BRE was permitted only) - provided ability to specify that a regular expression submatch shall be used inside the property replacer --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 3aec9670..cbb150ad 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ --------------------------------------------------------------------------- Version 3.19.5 (rgerhards), 2008-05-?? +- enabled Posix ERE expressions inside the property replacer + (previously BRE was permitted only) +- provided ability to specify that a regular expression submatch shall + be used inside the property replacer --------------------------------------------------------------------------- Version 3.19.4 (rgerhards), 2008-05-27 - implemented x509/certvalid gtls auth mode -- cgit From 6a815063f37e7126f63fa00038f2d050574a6d52 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 30 May 2008 15:18:03 +0200 Subject: capability for replacement text in no match regex case added implemented in property replacer: if a regular expression does not match, it can now either return "**NO MATCH** (default, as before), a blank property or the full original property text --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index cbb150ad..f4de7554 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,9 @@ Version 3.19.5 (rgerhards), 2008-05-?? (previously BRE was permitted only) - provided ability to specify that a regular expression submatch shall be used inside the property replacer +- implemented in property replacer: if a regular expression does not match, + it can now either return "**NO MATCH** (default, as before), a blank + property or the full original property text --------------------------------------------------------------------------- Version 3.19.4 (rgerhards), 2008-05-27 - implemented x509/certvalid gtls auth mode -- cgit From 2b5c049ccc469ce8ba0bf8fbea69fab8b896b36e Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 30 May 2008 17:14:03 +0200 Subject: finalized 3.19.5 --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index f4de7554..a83ea21e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ --------------------------------------------------------------------------- -Version 3.19.5 (rgerhards), 2008-05-?? +Version 3.19.5 (rgerhards), 2008-05-30 - enabled Posix ERE expressions inside the property replacer (previously BRE was permitted only) - provided ability to specify that a regular expression submatch shall -- cgit From ca6e9efdfd2ec32fd864492d02ee0c0434518f25 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 30 May 2008 17:16:02 +0200 Subject: bumped version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index a83ea21e..b8f24cf1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.6 (rgerhards), 2008-06-?? +--------------------------------------------------------------------------- Version 3.19.5 (rgerhards), 2008-05-30 - enabled Posix ERE expressions inside the property replacer (previously BRE was permitted only) -- cgit From 57daa3388cbb688a4c596456e9d4473ee1cacc53 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 3 Jun 2008 18:40:55 +0200 Subject: bugfix: part of permittedPeer structure was not correctly initialized thanks to varmojfekoj for spotting this --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b8f24cf1..ef7daee0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ --------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-?? +- bugfix: part of permittedPeer structure was not correctly initialized + thanks to varmojfekoj for spotting this --------------------------------------------------------------------------- Version 3.19.5 (rgerhards), 2008-05-30 - enabled Posix ERE expressions inside the property replacer -- cgit From 67d4f3c8f39f22a61ab9097163081d1a31e8d5a9 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 4 Jun 2008 08:21:08 +0200 Subject: bugfix: off-by-one bug during certificate check --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index ef7daee0..c2d6312a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ Version 3.19.6 (rgerhards), 2008-06-?? - bugfix: part of permittedPeer structure was not correctly initialized thanks to varmojfekoj for spotting this +- bugfix: off-by-one bug during certificate check --------------------------------------------------------------------------- Version 3.19.5 (rgerhards), 2008-05-30 - enabled Posix ERE expressions inside the property replacer -- cgit From 99e97dadf1d03c9db33d49e91b26ceb28a39ed1a Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 4 Jun 2008 09:37:10 +0200 Subject: bugfix: removed some memory leaks in TLS code --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index c2d6312a..0c7a4109 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,7 @@ Version 3.19.6 (rgerhards), 2008-06-?? - bugfix: part of permittedPeer structure was not correctly initialized thanks to varmojfekoj for spotting this - bugfix: off-by-one bug during certificate check +- bugfix: removed some memory leaks in TLS code --------------------------------------------------------------------------- Version 3.19.5 (rgerhards), 2008-05-30 - enabled Posix ERE expressions inside the property replacer -- cgit From eddaca33a81206aab7c6627e5c91d22232445adf Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 4 Jun 2008 11:11:52 +0200 Subject: enhanced property replacer to support multiple regex matches --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 0c7a4109..df941331 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,7 @@ Version 3.19.5 (rgerhards), 2008-05-30 - implemented in property replacer: if a regular expression does not match, it can now either return "**NO MATCH** (default, as before), a blank property or the full original property text +- enhanced property replacer to support multiple regex matches --------------------------------------------------------------------------- Version 3.19.4 (rgerhards), 2008-05-27 - implemented x509/certvalid gtls auth mode -- cgit From 9c7207bb7b889a47065b5bc15b32d1af214fdb59 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 6 Jun 2008 11:25:06 +0200 Subject: preparing 3.19.6 --- ChangeLog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index df941331..affd6df7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ --------------------------------------------------------------------------- -Version 3.19.6 (rgerhards), 2008-06-?? +Version 3.19.6 (rgerhards), 2008-06-06 +- enhanced property replacer to support multiple regex matches - bugfix: part of permittedPeer structure was not correctly initialized thanks to varmojfekoj for spotting this - bugfix: off-by-one bug during certificate check -- cgit From 43c2f2b1ad5c3e4264f719dcff61893c38bc06f3 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 6 Jun 2008 11:37:55 +0200 Subject: bumping version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index affd6df7..3e68d990 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.7 (rgerhards), 2008-06-?? +--------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-06 - enhanced property replacer to support multiple regex matches - bugfix: part of permittedPeer structure was not correctly initialized -- cgit From 2687d0010ca0ec691235a69c9da021719b61e8cd Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 6 Jun 2008 17:33:58 +0200 Subject: added new property replacer option "time-subseconds" enables to query just the subsecond part of a high-precision timestamp --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 3e68d990..e193e83b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ --------------------------------------------------------------------------- Version 3.19.7 (rgerhards), 2008-06-?? +- added new property replacer option "time-subseconds" that enables + to query just the subsecond part of a high-precision timestamp --------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-06 - enhanced property replacer to support multiple regex matches -- cgit From cf51333f7617e586ca1d4cf5202e3d42f14c96ea Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Sat, 7 Jun 2008 11:01:13 +0200 Subject: fixed a bug with the new property replacer option there was a copy&paste error in the timereported property - thanks to Elizabeth for reporting it --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index e193e83b..190c659d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,6 @@ --------------------------------------------------------------------------- Version 3.19.7 (rgerhards), 2008-06-?? -- added new property replacer option "time-subseconds" that enables +- added new property replacer option "date-subseconds" that enables to query just the subsecond part of a high-precision timestamp --------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-06 -- cgit From 55e01da2ec3de1b5c6b15e4154235f0eedbb68da Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 9 Jun 2008 12:40:54 +0200 Subject: somewhat improved plain tcp syslog reliability ...by doing a connection check before sending. Credits to Martin Schuette for providing the idea. Details are available at http://blog.gerhards.net/2008/06/reliable-plain-tcp-syslog-once-again.html --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 190c659d..2cc995bd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,10 @@ Version 3.19.7 (rgerhards), 2008-06-?? - added new property replacer option "date-subseconds" that enables to query just the subsecond part of a high-precision timestamp +- somewhat improved plain tcp syslog reliability by doing a connection + check before sending. Credits to Martin Schuette for providing the + idea. Details are available at + http://blog.gerhards.net/2008/06/reliable-plain-tcp-syslog-once-again.html --------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-06 - enhanced property replacer to support multiple regex matches -- cgit From 2658319224574a54a1c76ee02b6a7f3af5dab068 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 9 Jun 2008 16:38:53 +0200 Subject: made rsyslog tickless in the (usual and default) case that repeated message reduction is turned off. More info: http://blog.gerhards.net/2008/06/coding-to-save-environment.html --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 2cc995bd..0304f3ef 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,9 @@ Version 3.19.7 (rgerhards), 2008-06-?? check before sending. Credits to Martin Schuette for providing the idea. Details are available at http://blog.gerhards.net/2008/06/reliable-plain-tcp-syslog-once-again.html +- made rsyslog tickless in the (usual and default) case that repeated + message reduction is turned off. More info: + http://blog.gerhards.net/2008/06/coding-to-save-environment.html --------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-06 - enhanced property replacer to support multiple regex matches -- cgit From 25d29f85774f736a5619d3ef0abfa4e0c5b2af06 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 11 Jun 2008 17:04:15 +0200 Subject: preparing for 3.19.7 release --- ChangeLog | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 0304f3ef..c9fe5a1f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ --------------------------------------------------------------------------- -Version 3.19.7 (rgerhards), 2008-06-?? +Version 3.19.7 (rgerhards), 2008-06-11 - added new property replacer option "date-subseconds" that enables to query just the subsecond part of a high-precision timestamp - somewhat improved plain tcp syslog reliability by doing a connection @@ -9,6 +9,9 @@ Version 3.19.7 (rgerhards), 2008-06-?? - made rsyslog tickless in the (usual and default) case that repeated message reduction is turned off. More info: http://blog.gerhards.net/2008/06/coding-to-save-environment.html +- some build system cleanup, thanks to Michael Biebl +- bugfix: compile under (Free)BSD failed due to some invalid library + definitions - this is fixed now. Thanks to Michael Biebl for the patch. --------------------------------------------------------------------------- Version 3.19.6 (rgerhards), 2008-06-06 - enhanced property replacer to support multiple regex matches -- cgit From 7b93d930f2f194969ec24528c2c42d4eebba29f3 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 11 Jun 2008 17:30:34 +0200 Subject: bumped version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index c9fe5a1f..1019821a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.8 (rgerhards), 2008-06-?? +--------------------------------------------------------------------------- Version 3.19.7 (rgerhards), 2008-06-11 - added new property replacer option "date-subseconds" that enables to query just the subsecond part of a high-precision timestamp -- cgit From b711a34a075cf3979f48937f8af8b05030644e82 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 23 Jun 2008 11:29:47 +0200 Subject: disabled compile warnings caused by third-party libraries --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 6d5c66cd..626036b8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ --------------------------------------------------------------------------- Version 3.19.8 (rgerhards), 2008-06-?? +- disabled compile warnings caused by third-party libraries --------------------------------------------------------------------------- Version 3.19.7 (rgerhards), 2008-06-11 - added new property replacer option "date-subseconds" that enables -- cgit From 3f6c73a8b7ff2c6d9c931876d823f2b4ef6bbea2 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 27 Jun 2008 12:52:45 +0200 Subject: added (internal) error codes to error messages Also added redirector to web description of error codes closes bug http://bugzilla.adiscon.com/show_bug.cgi?id=20 --- ChangeLog | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 626036b8..115f8282 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,13 @@ --------------------------------------------------------------------------- Version 3.19.8 (rgerhards), 2008-06-?? - disabled compile warnings caused by third-party libraries +- reduced number of compile warnings in gcc's -pedantic mode +- bugfix: gtls module did not correctly handle EGAIN (and similar) recv() + states. This has been fixed by introducing a new abstraction layer inside + gtls. +- added (internal) error codes to error messages; added redirector to + web description of error codes + closes bug http://bugzilla.adiscon.com/show_bug.cgi?id=20 --------------------------------------------------------------------------- Version 3.19.7 (rgerhards), 2008-06-11 - added new property replacer option "date-subseconds" that enables -- cgit From 3d464287bd6db2ddbef67a3f7bd59e0358a5e015 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 1 Jul 2008 15:39:01 +0200 Subject: finalized 3.19.8 --- ChangeLog | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 11fe3b7a..19ced2c7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,13 +1,15 @@ --------------------------------------------------------------------------- -Version 3.19.8 (rgerhards), 2008-06-?? -- disabled compile warnings caused by third-party libraries -- reduced number of compile warnings in gcc's -pedantic mode +Version 3.19.8 (rgerhards), 2008-07-01 - bugfix: gtls module did not correctly handle EGAIN (and similar) recv() states. This has been fixed by introducing a new abstraction layer inside gtls. - added (internal) error codes to error messages; added redirector to web description of error codes closes bug http://bugzilla.adiscon.com/show_bug.cgi?id=20 +- disabled compile warnings caused by third-party libraries +- reduced number of compile warnings in gcc's -pedantic mode +- some minor documentation improvements +- included all fixes from beta 3.17.5 --------------------------------------------------------------------------- Version 3.19.7 (rgerhards), 2008-06-11 - added new property replacer option "date-subseconds" that enables -- cgit From ba35cbbfe3002e200e4561d93c234805d9a8d760 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 1 Jul 2008 15:40:03 +0200 Subject: bumped version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 19ced2c7..44bdc572 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.9 (rgerhards), 2008-07-?? +--------------------------------------------------------------------------- Version 3.19.8 (rgerhards), 2008-07-01 - bugfix: gtls module did not correctly handle EGAIN (and similar) recv() states. This has been fixed by introducing a new abstraction layer inside -- cgit From aeef9bbe727d80c5882cc0a883b8dfd5df461f10 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 2 Jul 2008 11:56:54 +0200 Subject: bugfix: machine certificate was required for client even in TLS anon mode Reference: http://bugzilla.adiscon.com/show_bug.cgi?id=85 The fix also slightly improves performance by not storing certificates in client sessions when there is no need to do so. --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 44bdc572..65175696 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ --------------------------------------------------------------------------- Version 3.19.9 (rgerhards), 2008-07-?? +- bugfix: machine certificate was required for client even in TLS anon mode + Reference: http://bugzilla.adiscon.com/show_bug.cgi?id=85 + The fix also slightly improves performance by not storing certificates in + client sessions when there is no need to do so. --------------------------------------------------------------------------- Version 3.19.8 (rgerhards), 2008-07-01 - bugfix: gtls module did not correctly handle EGAIN (and similar) recv() -- cgit From 2ff7e5e73768556cef51cb1f8ef079c7d640a315 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Thu, 3 Jul 2008 16:50:42 +0200 Subject: finalized tutorial for creating a TLS-secured syslog infrastructure --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 65175696..faf9f942 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ --------------------------------------------------------------------------- Version 3.19.9 (rgerhards), 2008-07-?? +- added tutorial for creating a TLS-secured syslog infrastructure - bugfix: machine certificate was required for client even in TLS anon mode Reference: http://bugzilla.adiscon.com/show_bug.cgi?id=85 The fix also slightly improves performance by not storing certificates in -- cgit From 06001e951f5b5d0a7919c61057bc7a87b9eb8cba Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 4 Jul 2008 10:17:31 +0200 Subject: rewriten omusrmsg to no longer fork() a new process for sending messages this caused some problems with the threading model, e.g. zombies. Also, it was far less optimal than it is now. --- ChangeLog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index faf9f942..387bc035 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,9 @@ --------------------------------------------------------------------------- Version 3.19.9 (rgerhards), 2008-07-?? - added tutorial for creating a TLS-secured syslog infrastructure +- rewriten omusrmsg to no longer fork() a new process for sending messages + this caused some problems with the threading model, e.g. zombies. Also, + it was far less optimal than it is now. - bugfix: machine certificate was required for client even in TLS anon mode Reference: http://bugzilla.adiscon.com/show_bug.cgi?id=85 The fix also slightly improves performance by not storing certificates in -- cgit From f5d4aaf126d150a02db3d48add51ae01549e1148 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 7 Jul 2008 15:36:42 +0200 Subject: preparing for 3.19.9 --- ChangeLog | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 387bc035..0479d93a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,13 +1,14 @@ --------------------------------------------------------------------------- -Version 3.19.9 (rgerhards), 2008-07-?? +Version 3.19.9 (rgerhards), 2008-07-07 - added tutorial for creating a TLS-secured syslog infrastructure -- rewriten omusrmsg to no longer fork() a new process for sending messages +- rewritten omusrmsg to no longer fork() a new process for sending messages this caused some problems with the threading model, e.g. zombies. Also, it was far less optimal than it is now. - bugfix: machine certificate was required for client even in TLS anon mode Reference: http://bugzilla.adiscon.com/show_bug.cgi?id=85 The fix also slightly improves performance by not storing certificates in client sessions when there is no need to do so. +- bugfix: RainerScript syntax error was not always detected --------------------------------------------------------------------------- Version 3.19.8 (rgerhards), 2008-07-01 - bugfix: gtls module did not correctly handle EGAIN (and similar) recv() -- cgit From 05491329919b41bfeccdbd4758210215a98ff451 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 7 Jul 2008 15:50:32 +0200 Subject: bumped version number --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 0479d93a..b581024a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ --------------------------------------------------------------------------- +Version 3.19.10 (rgerhards), 2008-07-?? +--------------------------------------------------------------------------- Version 3.19.9 (rgerhards), 2008-07-07 - added tutorial for creating a TLS-secured syslog infrastructure - rewritten omusrmsg to no longer fork() a new process for sending messages -- cgit From 3a8a1e1fac090097853462ac2016bb1442fa8734 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Wed, 9 Jul 2008 12:25:27 +0200 Subject: bugfix: bad memory leak in disk-based queue modes --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b581024a..2551b5a7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ --------------------------------------------------------------------------- Version 3.19.10 (rgerhards), 2008-07-?? +- bugfix: bad memory leak in disk-based queue modes --------------------------------------------------------------------------- Version 3.19.9 (rgerhards), 2008-07-07 - added tutorial for creating a TLS-secured syslog infrastructure -- cgit From a6de2e589254dbfffd2746d8efbefc04f8ed3725 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 14 Jul 2008 11:39:58 +0200 Subject: cleanup of debugging messages (removed no longer needed ones) --- ChangeLog | 1 + 1 file changed, 1 insertion(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 1c41bc7a..2e3e3cb5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ Version 3.19.10 (rgerhards), 2008-07-?? - bugfix: bad memory leak in disk-based queue modes - important queue bugfix from 3.18.1 imported (see below) +- cleanup of some debug messages --------------------------------------------------------------------------- Version 3.19.9 (rgerhards), 2008-07-07 - added tutorial for creating a TLS-secured syslog infrastructure -- cgit From 40a4ddac7a0fc2ff2dcfd584976ea7ce8bdcfc7b Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 14 Jul 2008 14:46:47 +0200 Subject: bugfix: UDP syslog forwarding did not work on all platforms the ai_socktype was incorrectly set to 1. On some platforms, this lead to failing name resolution (e.g. FreeBSD 7). Thanks to HKS for reporting the bug. --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 2e3e3cb5..66cc1e5d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,10 @@ --------------------------------------------------------------------------- Version 3.19.10 (rgerhards), 2008-07-?? - bugfix: bad memory leak in disk-based queue modes +- bugfix: UDP syslog forwarding did not work on all platforms + the ai_socktype was incorrectly set to 1. On some platforms, this + lead to failing name resolution (e.g. FreeBSD 7). Thanks to HKS for + reporting the bug. - important queue bugfix from 3.18.1 imported (see below) - cleanup of some debug messages --------------------------------------------------------------------------- -- cgit From 27d70409f7175b29452deb3b66c6e34140e20a61 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 14 Jul 2008 15:59:55 +0200 Subject: bugfix: priority was incorrectly calculated on FreeBSD 7 because the LOG_MAKEPRI() C macro has a different meaning there (it is just a simple addition of faciltity and severity). I have changed this to use own, consistent, code for PRI calculation. --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 66cc1e5d..b6904c52 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,10 @@ Version 3.19.10 (rgerhards), 2008-07-?? the ai_socktype was incorrectly set to 1. On some platforms, this lead to failing name resolution (e.g. FreeBSD 7). Thanks to HKS for reporting the bug. +- bugfix: priority was incorrectly calculated on FreeBSD 7, + because the LOG_MAKEPRI() C macro has a different meaning there (it + is just a simple addition of faciltity and severity). I have changed + this to use own, consistent, code for PRI calculation. - important queue bugfix from 3.18.1 imported (see below) - cleanup of some debug messages --------------------------------------------------------------------------- -- cgit From 3f6dc12596367d7e754ffc37efe8ba2d9833969b Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 14 Jul 2008 16:07:36 +0200 Subject: some fixes in ChangeLog --- ChangeLog | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 5dba0dbf..4b3ff203 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,7 +8,8 @@ Version 3.19.10 (rgerhards), 2008-07-?? - bugfix: priority was incorrectly calculated on FreeBSD 7, because the LOG_MAKEPRI() C macro has a different meaning there (it is just a simple addition of faciltity and severity). I have changed - this to use own, consistent, code for PRI calculation. + this to use own, consistent, code for PRI calculation. Thank to HKS + for reporting this bug. - important queue bugfix from 3.18.1 imported (see below) - cleanup of some debug messages --------------------------------------------------------------------------- @@ -144,8 +145,6 @@ Version 3.19.0 (rgerhards), 2008-05-06 - a lot of cleanup in regard to modularization - -c option no longer must be the first option - thanks to varmjofekoj for the patch -Version 3.18.0 (rgerhards), 2008-07-?? -======= Version 3.18.1 (rgerhards), 2008-07-?? - bugfix: potential segfault in creating message mutex in non-direct queue mode. rsyslogd segfaults on freeeBSD 7.0 (an potentially other platforms) -- cgit From 38cdfcfbe1c1ed6aa4a22623afc43d199bc5f7a8 Mon Sep 17 00:00:00 2001 From: varmojfekoj Date: Tue, 15 Jul 2008 09:02:37 +0200 Subject: bugfix (cosmetical): authorization was not checked when gtls handshake completed immediately. While this sounds scary, the situation can not happen in practice. We use non-blocking IO only for server-based gtls session setup. As TLS requires the exchange of multiple frames before the handshake completes, it simply is impossible to do this in one step. However, it is useful to have the code path correct even for this case - otherwise, we may run into problems if the code is changed some time later (e.g. to use blocking sockets). Signed-off-by: Rainer Gerhards --- ChangeLog | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index 4b3ff203..32594af7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,15 @@ Version 3.19.10 (rgerhards), 2008-07-?? is just a simple addition of faciltity and severity). I have changed this to use own, consistent, code for PRI calculation. Thank to HKS for reporting this bug. +- bugfix (cosmetical): authorization was not checked when gtls handshake + completed immediately. While this sounds scary, the situation can not + happen in practice. We use non-blocking IO only for server-based gtls + session setup. As TLS requires the exchange of multiple frames before + the handshake completes, it simply is impossible to do this in one + step. However, it is useful to have the code path correct even for + this case - otherwise, we may run into problems if the code is changed + some time later (e.g. to use blocking sockets). Thanks to varmojfekoj + for providing the patch. - important queue bugfix from 3.18.1 imported (see below) - cleanup of some debug messages --------------------------------------------------------------------------- -- cgit