diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 16:28:20 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 16:28:20 +0000 |
commit | dcc721a95bef6f0d8e6d8775b8efe33e5aecd562 (patch) | |
tree | 66a2774cd0ee294d019efd71d2544c70f42b2842 | |
parent | Initial commit. (diff) | |
download | rsyslog-dcc721a95bef6f0d8e6d8775b8efe33e5aecd562.tar.xz rsyslog-dcc721a95bef6f0d8e6d8775b8efe33e5aecd562.zip |
Adding upstream version 8.2402.0.upstream/8.2402.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
1837 files changed, 396462 insertions, 0 deletions
diff --git a/.tarball-version b/.tarball-version new file mode 100644 index 0000000..6d5cf31 --- /dev/null +++ b/.tarball-version @@ -0,0 +1 @@ +8.2402.0 @@ -0,0 +1,14 @@ +Thankfully, we have had so many contributions that maintaining the +AUTHORS file would be a big task in itself. On the other hand, we +now use git and I make sure that each author receives proper credit +for patches I receive. + +So rather than trying to reproduce the git author log here (and +often making mistakes in that), I invite you to check the git logs. +You can also do this online at + +http://git.adiscon.com/?p=rsyslog.git;a=summary + +Rainer Gerhards +<rgerhards@adiscon.com> +lead rsyslog developer diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..13239f6 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,164 @@ +# How to Contribute + +Rsyslog is a real open source project and open to contributions. +By contributing, you help improve the state of logging as well as improve +your own professional profile. Contributing is easy, and there are options +for everyone - you do not need to be a developer. + +These are many ways to contribute to the project: + * become a rsyslog ambassador and let other people know about rsyslog and how to utilize it for best results. Help rsyslog getting backlinks, be present on Internet news sites or at meetings you attend. + * help others by offering support on + * the rsyslog's github home at https://github.com/rsyslog/rsyslog + * the rsyslog mailing list at http://lists.adiscon.net/mailman/listinfo/rsyslog + * help with the documentation; you can either contribute + * to the [rsyslog doc directory](https://github.com/rsyslog/rsyslog-doc), which is shown on http://rsyslog.com/doc + * to the rsyslog project web site -- just ask us for account creation + * become a bug-hunter and help with testing rsyslog development releases + * help driving the rsyslog infrastructure with its web sites and the like + * help creating packages + * or, obviously, help with rsyslog code development + +This list is not conclusive. There for sure are many more ways to contribute and if you find one, just let us know. We are very open to new suggestions and like to try out new things. + +## When to submit Pull Requests? + +It is OK to submit PRs that are not yet fully ready for merging. You want to +do this in order to get early CI system coverage for your patch. However, +all patches should be reasonably complete and "work" in a sense. + +If you submit such PRs, please flag them as "work in progress" by adding +"WiP:" in front of the title. We will NOT merge these PRs before you tell us +they are now ready for merging. + +If you just want/need to do a temporary experiment, you may open a PR, flag it +as "EXPERIMENT - DO NOT MERGE", let the CI tests run, check results and close +the PR thereafter. This prevents unnecessary cluttering of the open PR list. +We will take the liberty to close such PRs if they are left open for an +extended period of time. + +Please note, though, that the rsyslog repo is fully set up to use Travis CI. +Travis covers about 95% of all essential testing. So we highly recommend +that you use Travis to do initial checks on your work and create the PR +only after this looks good. That saves both you and us some time. + +## Requirements for patches + +In order to ensure good code quality, after applying the path the code must + +- no legacy configuration statements ($someSetting) must be added, + all configuration must be in v6+ style (RainerScript) +- compile cleanly without WARNING messages under both gcc and clang +- pass clang static analyzer without any report +- pass all CI tests +- new functionality must have associated + * testbench tests + * doc additions in the rsyslog-doc sister project +- be [sufficiently squashed](https://rainer.gerhards.net/2019/03/squash-your-pull-requests.html) + +### Testbench Coverage + +If you fix a bug that is not detected by the current testbench, it is +appreciated if you also add testbench test to make sure the problem does +not re-occur in the future. + +In contrast to new feature PRs, this is not a hard requirement, but it +helps to speed up merging. If there is no testbench test added, the +core rsyslog developers will try to add one based on the patch. That +means merging needs to wait until we have time to do this. + +### Compiler Diagnostics + +Note that both warning messages and static analyzer warnings may be false +positives. We have decided to accept that fate and work around it (e.g. by +re-arranging the code, etc). Otherwise, we cannot use these useful features. + +As a last resort, compiler warnings can be turned off via + #pragma diagnostic +directives. This should really only be done if there is no other known +way around it. If so, it should be applied to a single function, only and +not to full source file. Be sure to re-enable the warning after the function +in question. We have done this in some few cases ourselves, and if someone +can fix the root cause, we would appreciate help. But, again, this is a +last resort which should normally not be used. + +Please read [on the importance of static analysis and why we request you to work around false positives](https://rainer.gerhards.net/2018/06/why-static-code-analysis.html). + +### Continuous Integration Testing + +All patches are run though our continuous integration system, which ensures +no regressions are inside the code as well as rsyslog project policies are +followed (as far as we can check in an automated way). + +For pull requests submitted via github, these two conditions are +verified automatically. See the PR for potential failures. For patches +submitted otherwise, they will be verified semi-manually. + +Also, patches are requested to not break the testbench. Unfortunately, the +current testbench has some racy tests, which are still useful enough so that +we do not want to disable them until the root cause has been found. If your +PR runs into something that you think is not related to your code, just sit +back and relax. The rsyslog core developer team reviews PRs regularly and +restarts tests which we know to look racy. If the problem persists, we will +contact you. + +All PRs will be tested on a variety of systems, with the help of both Travis +CI and buildbot. The core goal of this multi-platform testing is to find +issues that surface only on some systems (e.g. 32bit related issues, etc). +We continuously strive to update the CI system coverage. If you can provide +a buildbot slave for a not-yet-supported test platform, please let us know. +We will gladly add it. + +Note that test coverage differs between platforms. For example, not all +databases etc. are tested on each platform. Also note that due to resource +constraints some very lengthy tests are only execute on some (maybe only +a single) platform. + +Note that we always try to merge with the most recent master branch and +try a build from that version (if automatic merging is possible). If this +test fails but no other, chances are good that there is an inter-PR issue. +If this happens, it is suggested to rebase to git master branch and update +the PR. + +## Note to developers + +Please address pull requests against the master branch. + + +## Testbench coding Tips + +- look for similar tests and use them as copy template. Be sure to update + comments as well. +- see ./tests/diag.sh -- this is the base testing framework and it contains + many functions you can use inside your tests +- keep test cases simple and focussed on one topic. Otherwise it is hard to + address test failures when they happen in the future. + +------------------------------------------------------------------------------------- +LEGAL GDPR NOTICE: +According to the European data protection laws (GDPR), we would like to make you +aware that contributing to rsyslog via git will permanently store the +name and email address you provide as well as the actual commit and the +time and date you made it inside git's version history. This is inevitable, +because it is a main feature git. If you are concerned about your +privacy, we strongly recommend to use + +--author "anonymous <gdpr@example.com>" + +together with your commit. Also please do NOT sign your commit in this case, +as that potentially could lead back to you. Please note that if you use your +real identity, the GDPR grants you the right to have this information removed +later. However, we have valid reasons why we cannot remove that information +later on. The reasons are: + +* this would break git history and make future merges unworkable +* the rsyslog projects has legitimate interest to keep a permanent record of the + contributor identity, once given, for + - copyright verification + - being able to provide proof should a malicious commit be made + +Please also note that your commit is public and as such will potentially be +processed by many third-parties. Git's distributed nature makes it impossible +to track where exactly your commit, and thus your personal data, will be stored +and be processed. If you would not like to accept this risk, please do either +commit anonymously or refrain from contributing to the rsyslog project. +------------------------------------------------------------------------------------- @@ -0,0 +1,675 @@ + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + <program> Copyright (C) <year> <name of author> + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +<http://www.gnu.org/licenses/>. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +<http://www.gnu.org/philosophy/why-not-lgpl.html>. + diff --git a/COPYING.ASL20 b/COPYING.ASL20 new file mode 100644 index 0000000..9d78c8b --- /dev/null +++ b/COPYING.ASL20 @@ -0,0 +1,50 @@ +Apache License + +Version 2.0, January 2004 + +http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + +"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. + +"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. + +"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. + +"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. + +"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. + +"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. + +"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). + +"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. + +"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." + +"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: + + 1. You must give any other recipients of the Work or Derivative Works a copy of this License; and + 2. You must cause any modified files to carry prominent notices stating that You changed the files; and + 3. You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and + 4. If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. diff --git a/COPYING.LESSER b/COPYING.LESSER new file mode 100644 index 0000000..34b8ea7 --- /dev/null +++ b/COPYING.LESSER @@ -0,0 +1,166 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + This version of the GNU Lesser General Public License incorporates +the terms and conditions of version 3 of the GNU General Public +License, supplemented by the additional permissions listed below. + + 0. Additional Definitions. + + As used herein, "this License" refers to version 3 of the GNU Lesser +General Public License, and the "GNU GPL" refers to version 3 of the GNU +General Public License. + + "The Library" refers to a covered work governed by this License, +other than an Application or a Combined Work as defined below. + + An "Application" is any work that makes use of an interface provided +by the Library, but which is not otherwise based on the Library. +Defining a subclass of a class defined by the Library is deemed a mode +of using an interface provided by the Library. + + A "Combined Work" is a work produced by combining or linking an +Application with the Library. The particular version of the Library +with which the Combined Work was made is also called the "Linked +Version". + + The "Minimal Corresponding Source" for a Combined Work means the +Corresponding Source for the Combined Work, excluding any source code +for portions of the Combined Work that, considered in isolation, are +based on the Application, and not on the Linked Version. + + The "Corresponding Application Code" for a Combined Work means the +object code and/or source code for the Application, including any data +and utility programs needed for reproducing the Combined Work from the +Application, but excluding the System Libraries of the Combined Work. + + 1. Exception to Section 3 of the GNU GPL. + + You may convey a covered work under sections 3 and 4 of this License +without being bound by section 3 of the GNU GPL. + + 2. Conveying Modified Versions. + + If you modify a copy of the Library, and, in your modifications, a +facility refers to a function or data to be supplied by an Application +that uses the facility (other than as an argument passed when the +facility is invoked), then you may convey a copy of the modified +version: + + a) under this License, provided that you make a good faith effort to + ensure that, in the event an Application does not supply the + function or data, the facility still operates, and performs + whatever part of its purpose remains meaningful, or + + b) under the GNU GPL, with none of the additional permissions of + this License applicable to that copy. + + 3. Object Code Incorporating Material from Library Header Files. + + The object code form of an Application may incorporate material from +a header file that is part of the Library. You may convey such object +code under terms of your choice, provided that, if the incorporated +material is not limited to numerical parameters, data structure +layouts and accessors, or small macros, inline functions and templates +(ten or fewer lines in length), you do both of the following: + + a) Give prominent notice with each copy of the object code that the + Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the object code with a copy of the GNU GPL and this license + document. + + 4. Combined Works. + + You may convey a Combined Work under terms of your choice that, +taken together, effectively do not restrict modification of the +portions of the Library contained in the Combined Work and reverse +engineering for debugging such modifications, if you also do each of +the following: + + a) Give prominent notice with each copy of the Combined Work that + the Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the Combined Work with a copy of the GNU GPL and this license + document. + + c) For a Combined Work that displays copyright notices during + execution, include the copyright notice for the Library among + these notices, as well as a reference directing the user to the + copies of the GNU GPL and this license document. + + d) Do one of the following: + + 0) Convey the Minimal Corresponding Source under the terms of this + License, and the Corresponding Application Code in a form + suitable for, and under terms that permit, the user to + recombine or relink the Application with a modified version of + the Linked Version to produce a modified Combined Work, in the + manner specified by section 6 of the GNU GPL for conveying + Corresponding Source. + + 1) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (a) uses at run time + a copy of the Library already present on the user's computer + system, and (b) will operate properly with a modified version + of the Library that is interface-compatible with the Linked + Version. + + e) Provide Installation Information, but only if you would otherwise + be required to provide such information under section 6 of the + GNU GPL, and only to the extent that such information is + necessary to install and execute a modified version of the + Combined Work produced by recombining or relinking the + Application with a modified version of the Linked Version. (If + you use option 4d0, the Installation Information must accompany + the Minimal Corresponding Source and Corresponding Application + Code. If you use option 4d1, you must provide the Installation + Information in the manner specified by section 6 of the GNU GPL + for conveying Corresponding Source.) + + 5. Combined Libraries. + + You may place library facilities that are a work based on the +Library side by side in a single library together with other library +facilities that are not Applications and are not covered by this +License, and convey such a combined library under terms of your +choice, if you do both of the following: + + a) Accompany the combined library with a copy of the same work based + on the Library, uncombined with any other library facilities, + conveyed under the terms of this License. + + b) Give prominent notice with the combined library that part of it + is a work based on the Library, and explaining where to find the + accompanying uncombined form of the same work. + + 6. Revised Versions of the GNU Lesser General Public License. + + The Free Software Foundation may publish revised and/or new versions +of the GNU Lesser General Public License from time to time. Such new +versions will be similar in spirit to the present version, but may +differ in detail to address new problems or concerns. + + Each version is given a distinguishing version number. If the +Library as you received it specifies that a certain numbered version +of the GNU Lesser General Public License "or any later version" +applies to it, you have the option of following the terms and +conditions either of that published version or of any later version +published by the Free Software Foundation. If the Library as you +received it does not specify a version number of the GNU Lesser +General Public License, you may choose any version of the GNU Lesser +General Public License ever published by the Free Software Foundation. + + If the Library as you received it specifies that a proxy can decide +whether future versions of the GNU Lesser General Public License shall +apply, that proxy's public statement of acceptance of any version is +permanent authorization for you to choose that version for the +Library. + diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 0000000..f4d9a77 --- /dev/null +++ b/ChangeLog @@ -0,0 +1,16389 @@ +---------------------------------------------------------------------------------------- +Scheduled Release 8.2402.0 (aka 2024.02) 2024-02-27 +- 2024-02-26: add DTLS support + This version comes with the initial implementation of imdtls and omdtls. + These modules permit secure message exchange over UDP. +- 2024-02-26: testbench: make omusrmsg-noabort test more reliable + The previous test did not always detect an abort of rsyslog/omusrmsg. + The detection method has now been improved, so it is far more + probable that an abort is detected. + While doing this, we noticed that the omusrmsg-noabort-legacy test was + now a 100% duplicate. There is no need any longer to check pure legacy + syntax, and so that test has been removed. + We also added a valgrind-based test ofr omusrmsg-noabort, which furthers + strengthens bug detection. Most importantly, it helps us to detect + potentially new memory leaks on all CI platforms (in case the lib + behaves differently depending on os/distro). + see also https://github.com/rsyslog/rsyslog/issues/5294 +- 2024-02-26: omusrmsg bugfix: potential double free, which can cause segfault + omusrmsg frees a string which points to OS/system library memory. When + the os/libs clean up, it frees the memory as well. This results in a + double free. This bug interestingly seems to go unnoticed in many cases. + But it can cause a segfault or hard-to-trace memory corruptions which + could lead to other problems later on. The outcome of this bug most + probably depdns on os/library versions. + closes https://github.com/rsyslog/rsyslog/issues/5294 +- 2024-02-26: ommysql bugfix: potential segfault on database error + Due to an invalid code path, ommysql may cause a segfault if database + transactions fail into a specific way. The main trigger is a totally + irrecoverrable database error which can lead to premature connection + close, which is not checked for in all recover code. + This was detected in a setting where a stored procedure is called that + rolls back a transaction in itself. + This patch fixes the issue. + closes https://github.com/rsyslog/rsyslog/issues/5288 +- 2024-02-26: omfile: do not carry out actual action when writing to /dev/null + In some use cases omfile is configured to write to /dev/null. This seems + primarily be done because of statistics gathering but maybe some other + scenarios. We now add conditional logic to not do any actual omfile + action when the target file is /dev/null. + Note: this check only works on static file names. When /dev/null is + evaluated as part of dynafile, it will be handled just in the regular + case like before this patch. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2312.0 (aka 2023.12) 2023-12-12 +- 2023-12-11: imjournal: Add new input module parameter 'defaulttag' + The DefaultTag option specifies the default value for the tag field. + In imjournal, this can happen when one of the following is missing: + * identifier string provided by the application (SYSLOG_IDENTIFIER) + * name of the process the journal entry originates from (_COMM) + Thanks to Attila Lakatos for the patch. +- 2023-12-08: core bugfix: rsyslog messages may not always have FQDN + Even if hostname FQDN is configured, rsyslog internal messages generated + after rsyslog startup and before the first HUP will not necessarily have + FQDN but instead only the shortname of the local host. This commit + fixes the situation. + Special thanks to github user eciii for doing a great bug analysis + and helping us considerably to fix the issue. + closes https://github.com/rsyslog/rsyslog/issues/5218 +- 2023-12-08: omlibdbi regression fix: database path was not properly used + Commit 4a072d6c93015a63716c49a6c7756df22750086a caused a regression that made + the database path unreliable to use. Depending on platform/libc version the + basename was improperly extracted, which made access to the database of sqllite + impossible. + Thanks to Flávio Tapajós for the patch. + closes: https://github.com/rsyslog/rsyslog/issues/5282 +- 2023-12-06: mazureeventhubs: Corrected handling of transport closed failures + - Added test for connection interrupts (requires root) + - Corrected handling of PN_TRANSPORT_CLOSED. + - Make sure Connection is being reestablished trough tryResume + - Enhanced Debug log output + closes: https://github.com/rsyslog/rsyslog/issues/5269 +- 2023-11-24: imkmsg: add params "readMode" and "expectedBootCompleteSeconds" + These parameters permit to control when imkmsg reads the full + kernel log upon startup. + Parameter "readMode" provides the following options: + * full-boot - (default) read full klog, but only "immediately" after + boot. "Immediately" is hereby meant in seconds of system + uptime given in "expectedBootCompleteSeconds" + * full-always - read full klog on every rsyslog startup. Most + probably causes messag duplication + * new-only - never emit existing kernel log message, read only + new ones. + Note that some message loss can happen if rsyslog is stopped + in "full-boot" and "new-only" read mode. The longer rsyslog is + inactive, the higher the message loss probability and potential + number of messages lost. For typical restart scenarios, this + should be minimal. On HUP, no message loss occurs as rsyslog + is not actually stopped. + The default value for "expectedBootCompleteSeconds" is 90. + see also https://github.com/rsyslog/rsyslog/issues/5161 +- 2023-11-10: imkmsg: add module param parseKernelTimestamp + The parameter permits to select whether or not and when kernel + timestamps shall parsed, that is be used as the actual time a + log message occurs. + This permits to work around problems with the way kernel + timestamps are represented. The reasoning is given in a sysklogd + commit by Joachim Wiberg, which we reproduce below ("QUOTE") to + have a stable reference. + The commit itself can be found for example at: + https://github.com/troglobit/sysklogd/commit/9f6fbb3301e571d8af95f8d771469291384e9e95 + The new parameter parseKernelTimestamp has three possible modes: + "startup" - uses the kernel time stamp during the initial read + loop of /dev/kmsg, but replaced it later ignores it for later reads. + This is the DEFAULT setting. + "on" - kernel timestamps are always used and no correction is tried + "off" - kernel timestamps are never used, system time is used instead + Note that there this is a slightly breaking change. Previously, imkmsg + reported similar to "off" mode, now it reports by default in "startup" + mode. We consider this acceptable, as "off" mode timestamps are not + correct for startup. After startup, the behaviour is correct. All in + all, the new default is kind of a bugfix. + ============== QUOTE =============== + The spec[1] says the /dev/kmsg timestamp is a monotonic clock and in + microseconds. After a while you realize it's also relative to the boot + of the system, that fact was probably too obvious to be put in the spec. + However, what's *not* in the spec, and what takes a while to realize, is + that this monotonic time is *not* adjusted for suspend/resume cycles ... + On a frequently used laptop this can manifest itself as follows. The + kernel is stuck on Nov 15, and for the life of me I cannot find any to + adjust for this offset: + $ dmesg -T |tail -1; date + [Mon Nov 15 01:42:08 2021] wlan0: Limiting TX power to 23 (23 - 0) dBm as advertised by 18:e8:29:55:b0:62 + Tue 23 Nov 2021 05:20:53 PM CET + Hence this patch. After initial "emptying" of /dev/kmsg when syslogd + starts up, we raise a flag (denoting done with backlog), and after this + point we ignore the kernel's idea of time and replace it with the actual + time we have now, the same that userspace messages are logged with. + Sure, there will be occasions where there's a LOT of kernel messages to + read and we won't be able to keep track. Yet, this patch is better than + the current state (where we log Nov 15). + [1]: https://www.kernel.org/doc/Documentation/ABI/testing/dev-kmsg + ===========END QUOTE =============== + closes https://github.com/rsyslog/rsyslog/issues/4561 + closes https://github.com/rsyslog/rsyslog/issues/5161 +- 2023-11-07: imfile bugfix: remove state file on file delete + The state file would remain in the working directory + after shutdown, even though deleteStateOnfileDelete is + set to "on" and the monitored file was removed. + closes https://github.com/rsyslog/rsyslog/issues/5258 + Thanks to Attila Lakatos for the patch. +- 2023-10-31: TLS subsystem: fix small memory leak on startup + This was a one-time leak of the file name that hapened if a certificate file + was not accessible. It had no operational issues, but could confuse automatted + testing. As not only a side-effect, certificate load failures are now somewhat + more verbosely reported, which we consider helpful to the user. + Thanks to Attila Lakatos for the patch. +- 2023-10-31: imklog bugfix: keepKernelTimestamp=off config param did not work + ... at least not as expected. It was only honored for kernel-level + messages and only when parseKernelTimestamp was "on". Otherwise, the + kernel timestamp was always kept inside the message. + closes https://github.com/rsyslog/rsyslog/issues/5160 +- 2023-10-26: TLS subsystem: add remote hostname to error reporting + This provides richer and easier to process logs for error and warning + cases. One goal is to enable automatic operations without the need + to consolidate multiple message to a single information. + This improves one situation in gtls driver and provides a more + generic approach in ossl driver for OpenSSL error reporting. + There is probably still room for improvement, however this patch + is at least a good starting point for further work. Please + provide feedback if you need more! + closes https://github.com/rsyslog/rsyslog/issues/5244 +- 2023-10-24: imjournal: add the ability to run multiple journal inputs + This may be useful to de-couple journal processing. + Thanks to Willy Tu for the patch. +- 2023-10-24: regression fix: forking rsyslogd on BSD did not work + Actually, this was an issue for all platforms that do not provide open file handle + detection via the /proc file system. + Tech details: After fork if the child process uses close_range to close open file + descriptors it has no way to exempt the parentPipeFD causing a failure to signal + successful startup to the parent process. This causes failures on all systems that + aren't Linux that implement close_range. + Thanks to Nathan Huff for the patch. +- 2023-10-24: omusrmsg: use logind instead of utmp for wall messages with systemd + Future SUSE versions will get rid of utmp due to a 32bit time_t counter + overflow in 2038. + See details at: + https://github.com/thkukuk/utmpx/blob/main/Y2038.md + On systemd based systems logind is an alternative to utmp. + Thanks to github user tblume for the patch. +- 2023-10-24: cleanup: rm no longer used --with-systemdsystemunitdir configure switch + This is a clean up following the removal of the service unit in + cfd07503ba055100a84d75d1a78a5c6cceb9fdab +- 2023-10-23: testbench: bump zookeeper version to match current offering + Older version can no longer be downloaded. It also makes sense to + test with mainstream version. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2310.0 (aka 2023.10) 2023-10-10 +- 2023-10-04: Add CAP_NET_RAW capability due to the omudpspoof module + The CAP_NET_RAW ensures the use of RAW and PACKET sockets, + which is utilized by the omudpspoof module, more precisely + the libnet_init function. + Thanks to Attila Lakatos for the patch. +- 2023-10-04: Add new global config option "libcapng.enable" + Defines whether rsyslog should drop capabilities at startup or not. + By default, it is set to "on". Until this point, if the project was + compiled with --enable-libcap-ng option, capabilities were + automatically dropped. This is configurable now. + Thanks to Attila Lakatos for the patch. +- 2023-10-04: tcp net subsystem: handle data race gracefully + It may happen that a socket file descriptor has been closed either + while setting up poll() et al or while being inside the system call. + This was previously treated as error and caused abort in debug + builds. However, it was essentially ignored in production builds. + This has now been fixed and now is always gracefully ignored. This + most importantly fixes some flakes in CI runs (which were caused + by this situation). +- 2023-09-29: imrelp bufgifx: avoid crash on restart in imrelp SIGTTIN handler + While existing, if at specific time rsyslog receives a SIGTTIN, it + crashes due to 2 issues. + 1. debug.unloadModules="off" a double free of pRelpEngine + 2. debug.unloadModules="on" it crashes because the signal handler has + been unmapped from memory. + This patch covers both issues. + Thanks to Ali Abdallah for the patch. +- 2023-09-28: fix startup issue on modern systemd systems + When we startup AND are told to auto-background ourselfs, we must + close all unneeded file descriptors. Not doing this has some + security implications. Traditionally, we do this by iterating + over all possible file descriptor values. This is fairly compatible, + because we need no OS-specific method. However, modern systemd configs + tend to not limit the number of fds, so there are potentially 2^30(*) + fds to close. While this is OKish, it takes some time and makes + systemd think that rsyslog did not properly start up. + We have now solved this by using the /proc filesystem to obtain our + currently open fds. This works for Linux, as well as Cygwin, NetBSD, + FreeBDS and MacOS. Where not available,and close_range() is available + on the (build) platform, we try to use it. If that fails as well, we + fall back to the traditional method. In our opionion, this fallback + is unproblematic, as on these platforms there is no systemd and in + almost all cases a decent number of fds to close. + Very special thanks go out to Brennan Kinney, who clearly described + the issue to us on github and also provided ample ways to solve it. + What we did is just implement what we think is the best fit from + rsyslog's PoV. + (*) Some details below on the number of potentially to close fds. + This is directly from a github posting from Brennan Kinney. + Just to clarify, by default since systemd v240 (2018Q4), that + should be `1024:524288` limit. As in the soft limit is the expected + `1024`. + The problem is other software shipping misconfiguration in systemd + services that overrides this to something silly like + `LimitNOFILE=infinity`. + - Which will map to the sysctl `fs.nr_open` (_a value systemd + v240 also raises from `2^20` to 2^30`, some distro like Debian are + known to opt-out via patch for the `fs.nr_open` change_). + - With the biggest issue there being that the soft limit was also + set to `infinity` instead of their software requesting to raise + the soft limit to a higher value that the hard limit permits. + `infinity` isn't at all sane though. + - The known source of this misconfiguration is container software such + as Docker and `containerd` (_which would often sync with the + systemd `.service` config from the Docker daemon `dockerd.service`_). + closes https://github.com/rsyslog/rsyslog/issues/5158 +- 2023-09-13: Add the 'batchsize' parameter to imhiredis + Parameter set to allow configuring the amount of entries imhiredis debatches at once. + Default value of '10' has been kept to avoid any side effect on existing + configurations. + Thanks to Jérémie Jourdin for the patch. +- 2023-09-13: omprog bugfix: Add CAP_DAC_OVERRIDE to the bounding set + The omprog module uses the execve() function to execute + a third party program. Some required capabilities were not + preserved in the bounding set [1]. This caused problems, e.g. + the program could not write to files even if rsyslog was + executed as root and privileges were not dropped. As of now, + only the CAP_DAC_OVERRIDE capability is added to the bounding + set. Others could be added later, if there is justification + behind that. + [1] The capability bounding set is a security mechanism that + can be used to limit the capabilities that can be gained + during an execve(2). During an execve, the capability + bounding set is ANDed with the file permitted capability + set, and the result of this operation is assigned to the + thread's permitted capability set. The capability + bounding set thus places a limit on the permitted + capabilities that may be granted by an executable file. + Thanks to Attila Lakatos for the patch. +- 2023-09-13: tcpflood bugfix: plain tcp send error not properly reported + The error code when plain tcp sending failed was improperly returned, + resulting in no meaningful error message. + Note: tcpflood is a testbench tool, not part of production rsyslog. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2308.0 (aka 2023.08) 2023-08-15 +- 2023-08-07: crypto subsystem bugfix: potential undefined behaviour + The is some potential undefined behaviour when initializting the IV for locally + encrypting log files. The issue cancels itself out, but at least causes + some confusion when using undefined behaviour sanitizer (UBSAN). However, + UBSAN seems not to detect the issue on all platforms and/or in all versions + (we were not able to reproduce this issue in our CI). + Please also note that the functionality where this can happen is extremely + rarely being used. + Thanks to Jeffrey Walton for providing the patch. +- 2023-08-02: lookup tables: fix static analyzer issue + If something goes really wrong, a lookup table's name would not + be set. That could lead to a NULL pointer access. HOWEVER, this + would require serious bugs in config parameter parsing, as the + lookup table name is a required parameter and the parser will + error out if not set. + So the bug is mostly cosmetic - but it does not hurt to handle + this case, of course. +- 2023-08-02: lookup tables bugfix: reload on HUP did not work when backgrounded + Lookup tables were only reloaded on HUP if the -n option was given + and rsyslog no backgrounded. This patch fixes the issue. + closes: https://github.com/rsyslog/rsyslog/issues/4813 +- 2023-07-30: testbench: make test more reliable + There was a race between tcpflood and rsyslog in imptpc_maxsessions.sh. + We now use the new -A tcpflood option to make the timing more + predictable, hopefully fixing test flakiness. + Note: if that does not help, we need to introduce a wait on the number + of error messages and maybe a delay before tcpflood termination. The + theory behind the latter is that rsyslog possibly does not fully + iniaitlize session which are quickly aborted before rsyslog receives + the related OS notification! We just record this info in case we + need it and are positive that this change will fix the situation. +- 2023-07-28: openssl: make connection setup more reliable by use of newer lib feature + Replaced depreceated method SSLv23_method with TLS_method. + In OpenSSL 1.1.0 and higher, SSLv23_method causes some errors + in TLS handshake from time to time. As this method is depreceated + since 1.1.0, I have replaced it with the follow up method + TLS_method which is the most generic one. + It fixes the random test failures in tests like + - sndrcv_tls_ossl_anon_rebind.sh + Also added some debug output in OpenSSL error handling, which is + useful when analysing debug files. + closes: https://github.com/rsyslog/rsyslog/issues/5201 +- 2023-07-28: testbench improvement: define state file directories for imfile tests + Not all imfile tests have state file directories or a global working + directory defined. This results in usage of the default location. + While state file names should be sufficiently different, there is still + some riks of using the same name in different tests. That becomes + problematic if tests are run in parallel (and they are run in + parallel inside the regular CI). + NOTE: NOT YET COMPLETED FOR ALL TESTS! We are considering if it makes + sense to deliberately keep some as-is. +- 2023-07-28: tcpflood bugfix: TCP sending was not implemented properly + Note: tcpflood is a testbench tool. This bug could lead to testbench + false positives. No way it can affect production deployments. + The tcpflood tool did improperly assume that a TCP sendto() call + would send messages of any size in a single shot. This is not the + case. It has now been corrected to proper behavior. + As a side-activity, some int variables which acutally needed to be + size_t have been fixed as well. +- 2023-07-28: testbench: make waiting for HUP processing more reliable + The previous approach was more or less delay based. We have now + changed the code to enable imdiag to detect if HUP is underway + and wait until it is completed. The new method still employs some + kind of timeout, but is now quite reliable. Most importantly, + it works great with long-running HUP processing, which can happen + e.g. when querying the system name takes long or some actions need + longer time to persist their HUP processing. + The new approach will most likely reduce CI flakes and also speed + up testbench runs. The speedup happens from not having to wait a + full delay in cases where we detect HUP is completed (plus reduced + timeout when we cannot clearly detect this - see code comments why + the new method is still considered more reliable than the old one). + Code note: we needed to slightly re-structure the way actual HUP + processing and the "HUP mutex" is handled. After best analysis, + this does not affect the reliability or speed in production + settings. + closes https://github.com/rsyslog/rsyslog/issues/5192 +- 2023-07-27: build system: make rsyslogd execute when --disable-inet is configured + This option is mostly useless, as network functionality depends on the + modules loaded by the config. The only real, and important, effect it + has is to control auto-load of omfwd - a feature almost all installations + depend in (backward compatibility). + This has been clarified in ./configure -help + Also, when --disable-inet is given, rsyslog now executes successfully. + The reason for the abort was that previously building of the lmnet + component was prevented, but that component is also needed by rsyslog + startup itself to query its own (correct) hostname. + Note that --disable-inet still does not compile some networking + libraries. So do not use it if you intend to load standard networking + modules like omfwd, imtcp or imudp. + closes https://github.com/rsyslog/rsyslog/issues/5188 +- 2023-07-26: testbench/CI: update zookeper download to newer version + Old version is no longer available. +- 2023-07-24: openssl: add support for new-version init function +- 2023-07-07: add CRL support for network (TLS) drivers + Thanks to Darren J Moffat for implementing the OpenSSL part. +- 2023-07-07: omazureeventhubs: Initial implementation of new output module + The output module uses Apache "Qpid Proton C API" which is a solid + AMQP protocol library implementation that can be integrated + very well into the rsyslog dev environment. + - Implemented Delivery with submitted and accepted state checking + - saving of failed messages in a failed list with support of saving + and restoring. + - Add testcases (requires ENV variables) to testbench + - Using application/octect-stream (binary) to send messages based on + Microsoft Code Sample: + https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-c-getstarted-send + * Note original Microsoft Samplecode is not working anymore, we are using + * QPID Proton Proactor based on + https://github.com/apache/qpid-proton/blob/main/c/examples/send.c + - requires QPID-PROTON Version 0.13 or higher because of the proactor API + - Add EventProperties configuration parameters + - Slow down when sender credit reaches zero (10ns). + - Add support for static library linking of qpid-proton + This is needed to build the module from source and remove + library package dependencies. + - adjusted valgrind suppressions +- 2023-07-04: core bugfix: action.resumeintervalmax parameter was not respected + Unfortunately, defining action.resumeintervalmax in the configration + did not have any effect at all. Instead, the default value was used, + which is 1800. This was caused by not having all the letters in + lower-case. + Fixes https://github.com/rsyslog/rsyslog/issues/5132 + Thanks to Attila Lakatos for the patch. +- 2023-06-29: core bugfix: do not try to drop capabilities when we don't have any + In case the process does not have any capabilities, e.g. running as regular user then + we do not have to force capability dropping. The capng_have_capabilities() returns + none if that's the case. + Fixes https://github.com/rsyslog/rsyslog/issues/5091 + Thanks to Attila Lakatos for the patch. +- 2023-06-29: imhiredis bugfix: Restore compatiblity with hiredis < v1.0.0 + RESP3 protocol wasn't implemented yet, some types weren't + available (REDIS_REPLY_DOUBLE) + Thanks to Théo Bertin (frikilax) for the patch. +- 2023-06-23: testbench: use newer zookeeper version in tests +- 2023-06-23: build system: more precise error message on too-old lib + When libcap-ng was enabled, the lib was present but did not meet the minimum version + dependency during configure, it was reported as "missing". We now emit a message + telling that it is present, but the version too old. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2306.0 (aka 2023.06) 2023-06-20 +- 2023-06-19: mmnormalize bugfix: if msg cannot be parsed, parser chain is stopped + When an parser is not able to parse a message, it should indicate this + to rsyslog core, which then activates the next parser(s) inside the + configured parser chain. + Unfortunatley, mmnormalize always tells core "success", and so no + other parsers are activated. + closes https://github.com/rsyslog/rsyslog/issues/5148 +- 2023-06-19: [i/o]mhiredis: various fixes and enhancements + please see the change log for details. Among others, suspending of the modules + has been fixed. Also a new "stream" mode has been added. + Thanks to Théo Bertin (frikilax) for the patch. +- 2023-06-19: testbench/bug: mmexternal-SegFault-empty-jroot-vg.sh fails due to typo + Fix the typo that makes the test fail. + Thanks to Paul Fertser for the patch. +- 2023-06-16: imjournal: Add FileCreateMode module parameter + FileCreateMode allows to set the default file mode bits + when creating new files. As of now, it has only impact on the state file. + Add test suite as well. + Minor indentation fix in run_journal.yml + Thanks to Attila Lakatos for the patch. +- 2023-06-16: core bugfix: potential segfault on busy systems + This was discovered by Konstantin J. Chernov in a practicaly deployment. + Here, msg object tag processing caused sporadic segfaults. We did not + hear from similiar cases, but there clearly is potential for problems + because a mutex lock had insufficient range, thus leading to a potential + race. + The patch is directly from Konstantin J. Chernov, thanks for that. + Please note that the mutex lock could be minimized as it is not strictly + needed for the pM == NULL case, but this cause is extremely exotic + and the resulting code would be harder to understand. Thus we opt + to do the locking on funtion level (as usual). + Descriptiond edited by Rainer Gerhards + closes: https://github.com/rsyslog/rsyslog/issues/5110 +- 2023-06-16: Add new global config option "libcapng.default" + Defines how rsyslog should behave in case something went wrong + when capabilities were to be dropped. Default value is "on", + in which case rsyslog exits on a libcapng related error. + Thanks to Attila Lakatos for the patch. + Closes https://github.com/rsyslog/rsyslog/issues/5096 +- 2023-06-05: imfile bugfix: file handle leak, primarily in kubernetes context + At this point there is a code imfile.c#L919 that adds an inotify observer to the + parent of the symbolic link target. But there is no such code that removes this + observer in the case when inotify events do not occur in the directory tree above. + This may be if the directory tree of the symbolic link target and the directory tree + of the symbolic link itself are divided into different subtrees somewhere at the levels + above. + For example, in the rsyslog configuration, an imfile with the + template /var/log/containers/*.log is configured and there is the following directory + tree: + /var/log/pods/pod-1/a/0.log + /var/log/containers/pod-1-a-0.log -> /var/log/pods/pod-1/a/0.log + In this example, kubernetes cron jobs will permanently delete directories at the + /var/log/pods/pod-* level. And thus, inotify observer on the parent object of the + symbolic link target (/var/log/pods/pod-1/a/0.log) looking at the directory + /var/log/pods/pod-1/a will constantly leak. + This is due to the fact that the list of active objects in the edge with path + /var/log/containers, where the parent object of the target symbolic link is added, + is not checked. Verification and deletion will occur only in the case of an inotify + event in the upper nodes of the directory tree, in /var/log and above. + Thanks to Sergey Kacheev for the patch! +- 2023-06-05: GNUTls Driver: Fix memory leaks in gtlsInitCred + Missing CA Certificate or multiple Connections caused + a memory leak in pThis->xcred as it was allocated each time in + gtlsInitCred by gnutls_certificate_allocate_credentials + closes: https://github.com/rsyslog/rsyslog/issues/5135 +- 2023-05-24: CI: update base ubuntu image for github actions +---------------------------------------------------------------------------------------- +Scheduled Release 8.2304.0 (aka 2023.04) 2023-04-18 +- 2023-04-17: imptcp bugfix: spam log on oversize message + If an oversize message was received by imptcp, imptcp reported + one error message for EACH oversize character. This could + result in a potentially very large number of similar (and + useless) messages. + This is a regression from commit f052717178. + closes https://github.com/rsyslog/rsyslog/issues/5078 +- 2023-04-17: core/bugfix: using $uuid msg prop can deadlock rsyslog on shutdown + This problem can occur if a large number of threads is used and rsyslog + cannot shut down all queues etc within the regular time interval. In this + case, it cancels some threads. That can leave the mutex guarding libuuid + calls locked and thus prevents other, not yet cancelled threads from + progressing. Assuming pthread_mutex_lock() is not a cancellation point, + this will case these other threads to hang forever and thus create a + deadlock situation. + closes https://github.com/rsyslog/rsyslog/issues/5104 +- 2023-04-17: Do not preserve capabilities when changing credentials + In configurations where $PrivDropToGroup or $PrivDropToUser are used, + rsyslogd changes uid/gid to a non-privileged user. As part of that + change, all capabilities should be lost. However, if rsyslog is + compiled with --enable-libcap-ng option, some capabilities are + preserved due to using capng_change_id() instead of setgid()and + setuid(). https://linux.die.net/man/3/capng_change_id: + This function preserves capabilities while changing uid/gid, causing + rsyslogd to run as non-root user, but with some root capabilities. + Unfortunately, rsyslogd will run with higher privileges than before. + The patch also removes CAP_SETPCAP, because the capability set does + not need to be altered at a later phase. + Thanks to Attila Lakatos for the patch. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2302.0 (aka 2023.02) 2023-02-21 +- 2023-01-27: core/template: implement negative position.to + This will easily permit to drop the last n characters from a property + without the need to know the exact length of the string. This is + especially useful as the exact length is most often not known + beforehand. +- 2023-01-18: Introduce --enable-libcap-ng configure option + The option allows to drop the capabilities to only + the necessary set, to minimize security exposure in + case there was ever a mistake in a networking + plugin or some other input resource. Moreover, it adds + ability to change uid and gid while retaining the + previously specified capabilities. + Add ability to change uid and gid while retaining the + capabilities previously specified. + closes https://github.com/rsyslog/rsyslog/issues/4986 + Thanks to Attila Lakatos for the patch. +- 2023-01-16: + - omfile: add action parameters "rotation.*" + Add new action parameters + - rotation.sizeLimit + - rotation.sizeLimitCommand + provide automatic output file rotation functionality feature-wise + equivalent to legacy $outchannel. This finally permits to use + this feature set in rscript. + - core substring function: enhancement and hardening + Now, length can have a negative value -n to denote that the + substring should be build between startpos and the character + -n chars from the end. This is a shortcut for stripping charactes + on "both ends" of the string. See doc for details on the enhanced + semantics. + Also, some hardening against invalid startpos and length has + been added. + - core bugfix: wrong type conversion in internal string class could lead to segfault + This could only happen with very unusually large strings + Thanks to Flos Lonicerae for the patch. + - QA: changed to CodeQL scanning on github as LGTM replacement + - bugfix: wrong version number on daily stable builds + - CI: use newer version of zookeeper (needed modernization) + - ffaup bugfix : memory corruption with concurrent workers + The ffaup function fails to work properly when it is used with multiple workers. + The faup_handler_t struct is not supposed to be shared between threads. + This may have caused memory corruptions and race conditions when used + inside of actions. + Thanks to Thibaud Cartegnie for the fix. + - openssl bugfix: undefined reference error on OpenSSL 1.1 or higher. + This could have prevented ossl components from being loaded/used. +- 2023-01-02: core bugfix: template system may generate invalid json + When + - a list template + - is created with option.jsonf="on" + - and the last list element is a property with onEmpty="skip" + - and that property is actually empty + invalid JSON is generated. + The JSON string in this case ends with ", " instead of "}\n". This + patch fixes the issue. + closes https://github.com/rsyslog/rsyslog/issues/5050 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2212.0 (aka 2022.12) 2022-12-06 +- 2022-12-05: testbench: make python http server based tests more reliable + Harden them against races during server port assignment. Prevents + testbench flakes. +- 2022-12-05: omprog bugfix: invalid status handling at called program startup + There is a bug when external program *startup* does not return "OK". This + can also lead to a misadressing with potentially a segfault (very unlikely). + Note that no problem exists once the initializiation phase of the external + program is finished and regular message transfer runs. + The problem basically is that for a startup failure, the control data for + that external program instance is freed on error. Unfortunately, that state + data is needed later on to detect a suspended instance. We now keep the control + data even on init failure (as we then need to do normal control options). + closes https://github.com/rsyslog/rsyslog/issues/4967 +- 2022-11-29: testbench bugfix: wrong message injection object of instance 1 + In some client-server test cases, messages are supposed to be injected into + the instance 2(client), but they are actually injected into instance 1(server), + which may lead to false negative results. This patch fixed it by replacing + 'injectmsg' with 'injectmsg2', and dealt with some minor issues. + Thanks to Guodong Zhu for the patch. +- 2022-11-21: rsyslog.conf man page bugfix: description of selectors + Document historic difference to BSD syslog selectors. +- 2022-11-18: imtcp bugfix: legacy config directives did no longer work + Many "$InputTCPServer..." config directives did no longer work + and were completely ignored (e.g. "$InputTCPServerStreamDriverMode"). + This was a regression from a08591be5d9 (May, 5th 2021). + closes https://github.com/rsyslog/rsyslog/issues/5021 +- 2022-11-16: ksi bugfix: sending of too many signing requests fixed. + As there is a bug in libksi where too many signing requests may have bene sent + out the amount of signing requests will be limited by KSI module until the fix + is implemented. + Thanks to Taavi Valjaots for the patch. +- 2022-11-14: bugfix: prevent potential segfault when switchung to queue emergency mode + When switching to Disk queue emergency mode, we destructed the in-memory + queue object. Practice has shown that this MAY cause races during + destruction which themselfs can lead to segfault. For that reason, we + now keep the disk queueu object. This will keep some ressources, + including disk space, allocated. But we prefer that over a segfault. + After all, it only happens after a serious queue error when we are + already at the edge of hard problems. + see also: https://github.com/rsyslog/rsyslog/issues/4963 +- 2022-11-08: ksi bugfix: Segmentation fault in async mode fixed + Thanks to Taavi Valjaots for the patch. +- 2022-11-02: imjournal: add second fallback to _COMM + If SYSLOG_IDENTIFIER is not present in the journal message, + then lookup the _COMM field, which stands for the name + of the process the journal entry originates from. This is + needed in order to be in compliance with the journalctl + output. + Thanks to Attila Lakatos for the patch. +- 2022-10-25: core bugfix: local hostname invalid if no global() config object given + The local hostname is invalidly set to "[localhost]" on rsyslog startup + if no global() config object is present in rsyslog.conf. Sending a HUP + corrects the hostname. + This is a regression from ba00a9f25293f + closes https://github.com/rsyslog/rsyslog/issues/4975 + closes https://github.com/rsyslog/rsyslog/issues/4825 +- 2022-10-25: testbench bugfix: fixed timing issue that sometimes lead to test failure + Timing caused a race in test tool sync and could lead to premature termination of + tools, which in turn caused test failure +---------------------------------------------------------------------------------------- +Scheduled Release 8.2210.0 (aka 2022.10) 2022-10-18 +- 2022-10-13: fix NetBSD build issue + On NetBSD, time_t has for a long time now been __int64_t. + On 32-bit CPUs, the compiler is not obliged to define + __sync_bool_compare_and_swap_8, so instead this ends up + as an undefined symbol when linking rsyslog. This makes + the code fall back to the pthread / locking method on these + systems, but at least lets the program build. + Thanks to Havard Eidnes for the patch. +- 2022-10-12: omrabbitmq: Add TLS support + Thanks to github user 21stcavenan for the patch. +- 2022-09-14: config: add "abortOnFailedQueueStartup" global config parameter + similiar to "abortONUncleanConfig", this parameter aborts rsyslog + when a queue has problems during startup. Some users perfer rsyslog + to terminate in this case. By default, nothing changes. + closes https://github.com/rsyslog/rsyslog/issues/4902 +- 2022-09-07: cor bugfix: leak in helper function SetString + A part of rsyslog runtime, SetString(), had a small memory leak when a value was + assigned multiple times. While this could potentially consume larger amounts of + memory, this did not happen in practice. The reason is that multiple assignments + to the same object occur very seldom. + Thanks to github user seuzw930 for the patch. + closes: https://github.com/rsyslog/rsyslog/issues/4961 +- 2022-09-07: core bugfix: correct local host name after config processing + rsyslog.conf may affect the host's local name. These changes were + so far only activated after the first HUP. This patch now ensures + that the configured local host name is applied correctly throughout + all processing, including early startup. + This patch causes a slight change of behaviour. However, the behaviour + was inconsitent before. Now it is consistent and according to the config. + Please note: this patch also exposes a global entry point via "regular" + dynamic loading as this makes things much easier to do. This is in-line + with ongoing simplification effort. + Finally, we also remove a CI test that we do no longer need because + the problem covered is now addressed differently and the original issue + can no longer occur. + closes https://github.com/rsyslog/rsyslog/issues/4975 +- 2022-08-31: imtcp: add option notifyonconnectionopen + Add this both as module an input parameter. Complements already-existing + config param notifyonconnectionclose and mirrors the similar feature from + imptcp. + The module parameter acts as default, similarly to notifyonconnectionclose. + Note that in contrast to imptcp, we emit IP addresses and not host + names. This sticks with the traditional semantics of imtcp. + Note that we also fixed a mislading error message in the case when a + disallowed sender tried to connect. + Thanks to John Chivian for suggesting the addition. +- 2022-08-26: openssl TLS driver: add mechanism to include extra CA files parameter + This change allows to include extra CA files so that no "unable to get issuer + certificates" issue is obtained when using chained cert files. New parameter name is + "NetstreamDriverCAExtraFiles". + Thanks to Sergio Arroutbi for the patch. + closes: https://github.com/rsyslog/rsyslog/issues/4851 +- 2022-08-19: fix compile issue with older gcc compilers + Thanks to Julien Thomas for the contribution. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2208.0 (aka 2022.08) 2022-08-09 +- 2022-08-09: ksi bugfix: request cache size and send timeout issue fixed. + Async service send timeout is not configurable and request cache size is too + small to handle large amount of signing requests with small amount of permitted + requests per aggregation round. For example user with max_requests = 4 results + cache size 5 * max_requests or at least 256. When signing 300 log files cache + will be too small resulting several unsigned blocks. When signing 200 log file + cache will be adequate, but with rate of 4 signatures per second, it is only + possible to sign 4 * 10 blocks before all requests that are not sent out will + timeout. + Fix for the issue is to make send timeout configurable and make the size of the + cache depend on the value of send timeout. New configuration value + sig.block.signtimeout="time, s" introduced that defines the time window wherein + the block has to be signed. The size of the request cache is increased to + 3 * max_requests * sign_timeout or at least 256. + Thanks to Taavi Valjaots for the patch. +- 2022-08-09: imjournal bugfix: segmentation fault in close journal + Thanks to github user t-feng for the patch. +- 2022-08-09: net subsystem: support sha256 for StreamDriverAuthMode="x509/fingerprint" + Thanks to github user codemaker219 for the patch. +- 2022-08-05: imfile bugfix: message loss/duplication when monitored file is rotated + When a to-be-monitored file is being rotated, some messages may be lost or + duplicated. In case of duplication, many file lines may be duplicated + depending on actual timing. The whole bug was primarily timing depenedent + in general. It most often was visible in practice when the monitored + file was very frequently rotated (we had some report with every few + seconds). + Note that while we try hard to not lose any messages, input file + rotation always has some loss potential. This is inevitable if + the monitored file is being truncated. + Also note that this bugfix affects imfile, only. It has nothing to do + and no relation to rsyslog output files being rotated on HUP. + closes: https://github.com/rsyslog/rsyslog/issues/4797 +- 2022-08-05: ksi bugfix: optimize processing of signer queue to fix delays. + There is a worker queue where rsyslog KSI module collects events and signing + requests. When queue is processed thread is periodically put to sleep. Previous + implementation handles signature requests well but sleeps every time after + handling new file open / close event. When several log files are opened or + closed simultaneously process is significantly slowed down. Another issue is + that thread always sleeps 1000ms that may be 2x longer than aggregation round. + This slows down overall signing process. + Fix for the issue is to simply not sleep after file open / close event if there + are next items to be processed. To speed up the signing process, rsyslog uses + KSI aggregator conf. to obtain the aggregation period that is used for the sleep + time configuration. + Thanks to Taavi Valjaots for the patch. +- 2022-08-04: ksi bugfix: possible crash fixed when several log files are opened. + KSI module in async mode used to request aggregator conf. every time a log + file was opened. When several log files were opened simultaneously + corresponding amount of pointless concurrent conf. requests were posted. + Concurrent conf. requests lead to a bug in libksi, where internal count of + pending requests was not decremented correctly causing system to crash. + Fix for the issue is to optimize the frequency of conf. requests so that only + one conf. requests is handled at once. Instead of checking conf. every time + log file is opened, conf is requested periodically after conf timeout. This will + affect both sync and async mode. + New option for KSI module introduced - sig.confinterval="time, s". + Thanks to Taavi Valjaots for the patch. +- 2022-08-04: openssl: add support to split tls commands by semicolon + - Add support to split tls commands by semicolon. + - Changed one test with multiple tls commands to use semicolon as + separator instead of newline. + closes: https://github.com/rsyslog/rsyslog/issues/4852 +- 2022-08-04: openssl subsystem bugfix: build issue on Solaris + Needed header file was added. Platforms other than Solaris did not actually need it, + so this bug was discovered late. + Thanks to Jakub Kulík for the patch. + Import <strings.h> when index() is used. +- 2022-08-04: openssl: add more details to error messages + - Avoid LogMsg outputs osslEndSess on successfull terminated + connection. Only LogMsg if the connection was terminated + unsuccessfully. + - Handle SSL_ERROR_SYSCALL in both Send / osslRecordRecv, + do not log as error if underlaying socket was terminated + (ECONNRESET). Log as information instead. + closes: https://github.com/rsyslog/rsyslog/issues/4946 +- 2022-08-04: omclickhouse: capture additional exceptions + - DB::NetException + - DB::ParsingExceptions + Thanks to Victor Kustov for the patch. +- 2022-08-04: mmanon bugfix: Simplified and fixed IPv4 digit detection. + - Fixed an issue with numbers above int64 in syntax_ipv4. + Numbers that were up to 256 above the max of an int64 + could incorrectly be detected as valid ipv4 digit. + - Simplified the IPv4 digit detection function and renamed + to isPosByte. + - added testcasse for malformed IPvc4 addresses + closes: https://github.com/rsyslog/rsyslog/issues/4940 +- 2022-07-21: imptcp: slight tuning + - reduce indirect addressing to obtain more speed + - also a fix for an annoying typo + - minor other optimizations + - modernization of one test +- 2022-07-20: template procesing/json: performance optimization +- 2022-07-19: core bugfix: memory leak when free action worker data table + During free action worker data table when action destruct, worker instance in worker + data table were not null. It resulted in memory leak. + Thanks to github user seuzw930 for the patch. +- 2022-07-13: omfile: support for zstd compression + The zstd library provides better and faster compression than zlib. + This patch integrates zstd as a dynamically-loadable functionality. + As such, no further dependencies need to be added to the rsyslog + base package. + Due to the increased performance, usage of zstd is highly recommended + for high-volume use cases. + This patch also refactor zlib compression in order to unify handling + in both compression cases. +- 2022-07-07: stream cleanup: move error message to debug log, only + This error message is most probably rooted in a kernel problem. At + least knowbody knows how it can happen. It's definitely not a + rsyslog issue. We also can recover from it for a long time now + so there is no reason to irritate users by emitteing this + "error" message. +- 2022-07-04: mmdblookup bugfix: Don't crash Rsyslog on mmdb file errors + Thanks to Théo Bertin (frikilax) for the patch. +- 2022-06-28: build error fix: libbson requires out-of-date language constructs +- 2022-06-27: OpenSSL: fix depreacted API issues for OpenSSL 3.x + - OpenSSL error strings are loaded automatically now + - Debug Callback has changed + - See for more: + https://www.openssl.org/docs/manmaster/man7/migration_guide.html + closes: https://github.com/rsyslog/rsyslog/issues/4912 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2206.0 (aka 2022.06) 2022-06-14 +- 2022-05-25: omelastisearch: allow omitting _type field + Allow omitting the _type field by setting it to an empty string. + Setting this field has been deprecated since 6.0, and support will + be removed in 8.0 + Also add testbench test for empty searchType with ES 7.0 + This checks for messages in the deprecation log and also provides + avoids deprecation messages from usage of transport.tcp.port in the + test configuration + Thanks to Jarkko Oranen for the patch. +- 2022-05-18: tcpsrv/imtcp: slight performance improvements + This change slightly improves performance for tcpsrv-based servers. + This affects imtcp and imgssapi as well as some helpers. + No other functional change is included in this change. +- 2022-05-12: imptcp bugfix: worker thread starvation on extreme traffic + When connectes were totally busy, without any pause, the assigened worker + did never terminate its reading loop. As such, it could not service any + other conenctions. If this happened multiple time and to all configured + workers, all other connections could not be processed at all. This extreme + scenario is very unlikely, as the whole issue is relatively unlikely. + In practice, the issue could lead to somewhat degraded performance and + resolved itself after some time (in practice no connection is 100% busy + for an extended period of time). + Note that this patch sets a fixed limit of 16 iterations for very busy + connections. This sounds like a good compromise between non-starvation + and performance. The exact number may be made configurable if there + is really need to. +- 2022-05-11: omelasticsearch: several support option for ElasticSearch 8 + - config params searchIndex and documentType can be empty + - support for Data Stream API + Thanks to github user EHerzog76 for these changes. + - new config param esVersion.major +- 2022-05-09: tcp receiver bugfix: delay/potential hang on some error conditions + Error were not correctly handled in some cases for imtcp and imgssapi. This could + lead to a temporary stall of some connections. For ultry-low traffic systems, this + stall could stay for a long period of time. In most cases, it was resolved very quickly. + Note that imptcp was not affected. + Thanks to Iwan Timmer for the fix. +- 2022-05-05: net bugfix: potential buffer overrun + there is heap buffer overflow vulnerability in rsyslog tcp reception components. + This can only happen in octet-counted mode, which is enabled by default. + Affected components: imtcp, imptcp, imhttp, imgssapi, imdiag when octet-counted + framing was enabled. + If the receiver ports are exposed to the public Internet AND are used + without authentication, this can lead to remote DoS and potentially to + remote code execution. It is unclear if remote code execution is + actually possible. If so, it needs a very sophisticated attack. + When syslog best practices with proper firewalling and authentication + is used, thean attack can only be carried out from within the Intranet + and authorized systems. This limits the severity of the vulnerability + considerably (it would obviously require an attacker already to be + present inside the internal network). + Credits to Peter Agten for initially reporting the issue and working + with us on the resolution. + fixes CVE-2022-24903 + Advisory: + https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8#advisory-comment-72243 +- 2022-05-05: imptcp: set OS worker thread name + We now set the worker thread names to "imptcp/<thrd nbr>" where + <thrd nbr> is the numerical index (0, 1, ...) of the worker thread. + This enables to distinguish individual worker threads in OS tools like + htop. That is useful for performance testing and system monitoring. + The choosen name format is consistant with other similar thread + names inside rsyslog. For imptcp, worker threads were not yet + given individual names. + Note: "in:imptcp" is imptcp's "main" thread, which also is used + as a worker in some scenarios. This name was not modified. +- 2022-04-26: mmanon bugfix: shortened IPv6 form not always anonymized + If the IPv6 is in non-recommended form followed by a 5 digit port number, it + is not anonymized. + A reproducer for this is: 1a00:c820:1180:c84c::ad3f:d991:ec2e:49255 + closes https://github.com/rsyslog/rsyslog/issues/4856 +- 2022-04-22: mmdblookup fix: wrong copy of buffer + ...following parse of libmaxminddb's return after a successful search sometimes + failed to return specific field from data. + Thanks to Théo Bertin for the patch. +- 2022-04-22: mmdblookup: several enhancements + - support arrays in MMDB entry + - support escaped quotes '"' in MMDB entry + - support '<' characters in MMDB entry, when in a field + - support '}' characters in MMDB entry, when in a field + Thanks to Théo Bertin for the patch. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2204.1 (aka 2022.04) 2021-05-05 +- security bugfix: potential buffer overrun in imptcp, imtcp, imgssapi and others + This addresses CVE-2022-24903 + see also https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2204.0 (aka 2022.04) 2021-04-19 +- 2022-04-18: gnutls bugfix: possibility of infinite loop + There was a rare possibility that the E_AGAIN/E_INTERRUPT handling + could cause an infinite loop (100% CPU Usage), for example when a TLS + handshake is interrupted at a certain stage. + * After gnutls_record_recv is called, and E_AGAIN/E_INTERRUPT error + occurs, we need to do additional read/write direction handling + with gnutls_record_get_direction. + * After the second call of gnutls_record_recv (Expand buffer) + we needed to also check the eror codes for E_AGAIN/E_INTERRUPT + to do propper errorhandling. + * Add extra debug output based on ossl driver. + * Potential fix for 100% CPU Loop Receiveloop after gtlsRecordRecv + in doRetry call. + closes https://github.com/rsyslog/rsyslog/issues/4834 + closes https://github.com/rsyslog/rsyslog/issues/4818 + closes https://github.com/rsyslog/rsyslog/issues/4638 +- 2022-04-17: core/bugfix: errorfile could grow over max configures size + When action.errorfile.maxsize configuration option is enabled and error file + already has a certain size smaller than max size configured, it is increasing + higher than configured max size as the error file is considered to be zero in code. + This fix reads current error file size and limits the size to the maximum + size configured. + Thanks to Sergio Arroutbi for the patch. + fixes https://github.com/rsyslog/rsyslog/issues/4821 +- 2022-04-17: omkafka bugfix: potential misadressing + The `failedmsg_entry` expects a null-terminated string in `key`, but + here we allocate with malloc and copy a string-with-length-n into only + the first n bytes. If the final byte is null, this is by coincidence + only. + This was observed by means of seeing random binary data appended to + keys submitted to kafka apparently at random. This could also result + in more severe problems, inclusing a segfault. + Thanks to David Buckley for the patch. +- 2022-04-06: added new "FullJSONFmt" standard template (with addtl fields) + This comes handy for a number of use cases, especially with ElasticSearch. + Thanks to Art O Cathain for the patch. +- 2022-04-04: imfile: potential processing delay + This was mentioned by Mikko Kortelainen without exact details on what exactly + this could cause in practice. But we were confident enough that it is worth + merging (though it does not look like something that brought real problems in + practice, as we do not know any related reports). + see also: https://github.com/rsyslog/rsyslog/pull/4445 + Thanks to Mikko Kortelainen for the patch. +- 2022-04-04: bugfix: cosmetic data races + there was a more or less cosmetic data race which could happen when children + processes died in quick sequence. Even then, no real harm happened, as all + children were reaped eventually. + A similar data race exists for HUP processing. + However, these races polluted TSAN test runs, and so we fixed them +- 2022-04-01: add property options to support ISO week/year number + Thanks to Mattia Barbon for the patch. +- 2022-04-01: core bugfix: "action suspended" message was emitted even when turned off + Most messages were diasabled, but there was one part of the code that ignored the + user configuration. + Thanks to Deyneko Aleksey for the patch. +- 2022-03-31: testbench: add more tests for rscript comparison operations +- 2022-03-31: core bugfix: make internal logs emitted during HUP procesing appear quicker + After call doHUP(), probably there is a internal log in the list. However, it + will not be wrote out immediately, because the mainloop will be blocked at + pselect in wait_timeout() until a long timeout or next message occur. + More deadly, the log may be lost if the deamon exits unexpectedly. + We might as well put processImInternal() after doHUP(), so that the message + will be flushed out immediately. + Fixes: 723f6fdfa6(rsyslogd: Fix race between signals and main loop timeout) + Thanks to Yun Zhou for the patch. +- 2022-03-20: refactor: Move the parser directive to the main config + Thanks to Attila Lakatos for the patch. +- 2022-03-16: refactor: ake the main message queue part of the config + The intent of this patch is to make the main message queue part of the main config. + It will help us to proceed towards dynamic configuration reload. +- regression bugfix: rsyslog may segfault during startup + glblGetMaxLine() might be called even before the main configuration file exists + resulting unexpected behavior, most probably segmentation fault. This is addressed + by re-introducing the old default of 8KiB. The problem was introduced earlier in + 2022. +- regression fix: script string comparison did not work correctly + In rscript, comparison operations on strings did not work correctly + and returned false results. This is cause by a regression in commit + 5cec5dd634e0. While it fixed number comparisons, it introduced new + problems in string comparisons, which were not present before. Note + that most items in rsyslog are strings, so this can actually cause + some problems. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2202.0 (aka 2022.02) 2022-02-15 +- 2022-02-14: imfile bugfix: remove cause for "internal error message" (not causing harm) + When any message is output into a renamed input file, rsyslogd output the following: + message. + imfile: internal error? inotify provided watch descriptor 7 which we could not find + in our tables - ignored + When rsyslogd detects the inode change, it deletes the entry from wdmap[]. But, + the watch descriptor is not removed. Some application like sssd outputs some messages + (like "HUP signal was received!!") after HUP signal is received and before switching + into the new log file. And, the above messages can be output every log rotation. + This situation is now resolved. + Thanks to Masahiro Matsuya for the patch. +- 2022-02-04: rscript bugfix: literal numbers were not compared correctly + This problem occurred when numbers were used in rsyslog.conf in + the set statement, e.g. + set $nbr = 1234; + In this case, during comparisons, the number was actually interpreted + as a string with digits. Thus numerical comparisons lead to unexpected + results. Even more so, as in other places of the code they were + treated as native numbers. + This is now fixed. We cannot outrule that this causes, in border cases, + change of behavior to existing configs. But it is unlikely and the + previous behaviour was a clear bug and very unintuitive. This in our + opinion it is justified to risk a breaking change for an expected + very minor subset of installations, if any such exists at all. + closes https://github.com/rsyslog/rsyslog/issues/4770 +- 2022-02-04: omelasticsearch bugfix: indexSuccess impstats counter in bulkmode wrong + When bulkmode is enabled, and a batch was processed without any + failures (errors is false), the code that increments the indexSuccess + impstats counter was never reached. + closes: https://github.com/rsyslog/rsyslog/issues/4794 +- 2022-01-17: imkmsg bugfix: effectively disabled input on error reading kmsg + Due to a program bug, imkmsg could not recover from an kmsg read error. + Note that recovering is possible and was intended. + Thanks to Kailash Sethuraman for the patch. +- 2022-01-17: imtcp bugfix: worker threads were not properly terminated + Graceful shutdown of Rsyslog could lead to segmentation faults when + multiple imtcp inputs were being used. That is because the rest of the + tcpsrv threads are left behind running, while their underlying objects + are being disposed by the main thread as part of the module + de-initialization. + closes: https://github.com/rsyslog/rsyslog/issues/4776 + Thanks to Gabor Orosz <goro@goro.io> for the analysis and patch. +- 2022-01-07: omlibdbi bugfix: use-after-free bug + This occurred in when sqllite driver was used. Depending on circumstances, this had + no visible issues (often) up to rsyslog segfault. The busier rsyslog is, the more + likely a bad outcome. +- 2022-01-06: omhttp bugfix: memory leak in lokirest batchmode + A JSON object was created (valueObj) but not used and also not released causing a + memory leak. Over time, this could lead to memory overcomittent. + closes: https://github.com/rsyslog/rsyslog/issues/4766 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2112.0 (aka 2021.12) 2021-12-16 +- 2021-12-14: refactor:Deallocate outchannel resources in rsconf destructor + Thanks to Attila Lakatos for the patch. +- 2021-12-14: refactor: use runConf instead of loadConf in ratelimiting during runtime + Thanks to Attila Lakatos for the patch. +- 2021-11-22: new contribtion: URL parser module function using libfa + Thanks to Théo Bertin for the patch. +- 2021-11-18: mmanon: relax IPv6 detection - improve anonymization + We so far tried to ensure a value is really an IPv6 address, in order + to avoid to mangle with just similar-looking information elements. + However, this lead to misdetection for unusual formats, e.g. when a + port is appended to a numerical IPv6 adress given without braces []. + This has been changed now. In a sense, we now prefer to err on the + side of privacy. + BEHAVIOR CHANGE: + Previously, a suspect value was not anonymized, and thus some other + elements (like some MAC addresses) preserved. Now the opposite is + true, and we anonymize anything that looks close enough to be an + IPv6 address. This improves anonymization. + closes https://github.com/rsyslog/rsyslog/issues/4725 +- 2021-11-10: ruleset bugfix: ruleset queue was incorrectly named + The ruleset was incorrectly and unusably named. This was a regeression + from 4a63f8e9629c3c9481a8b6f9d7787e3b3304320b. + Many thanks to github user digirati82 for alerting us. + closes https://github.com/rsyslog/rsyslog/issues/4730 +- 2021-11-10: omsnmp: update module to current IP best practices + The omsnmp module uses the inet_addr() function to convert the Internet host address + from IPv4 numbers-and-dots notation into binary data in network byte order. If the input + is invalid, INADDR_NONE (usually -1) is returned. Use of this function is problematic + because -1 is a valid address (255.255.255.255). We should avoid its use in favor of + inet_aton(), inet_pton(3), or getaddrinfo(3), which provide a cleaner way to indicate + error return [1]. + This is just a request to satisfy covscan, so no error is reported at all. + Thanks to Attila Lakatos for the patch. +- 2021-10-27: ommysql: fix threading bug + When the MariaDB connection was (re)established, old or NULL handle + could be used. This is fixed now. + We need to synchronize access to the mysql handle, because multiple threads + use it and we may need to (re)init it during processing. This could lead to + races with potentially wrong addresses or NULL accesses. If this really + matters mostly depends on the MariaDB/MySQL client library. It looks like + they guard against fatal failuers. Anyhow, logging errors inside rsyslog + could happen in any case. +- 2021-10-25: testbench: false positive when impstats was not built + Test omfwd_fast_imuxsock failed when impstats was not built. This + has been corrected, test is now only executed when impstats is + present. +- 2021-10-25: imtcp: add support for permittedPeers setting at input() level + The permittedPeers settig was actually forgotten during the refactoring + of TLS input() level settings. This functionality is now added. + closes: https://github.com/rsyslog/rsyslog/issues/4706 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2110.0 (aka 2021.10) 2021-10-19 +- 2021-10-13: config bugfix: global(security.abortonidresolutionfail=) did not work + when used with rscript based configuration, it was not checked. +- 2021-10-13: config bugfix: global param $privDropToUser did not work correctly + The parameter was not implemented for rscript based configuration and + did not properly apply to legacy configuration. In essence, it almost always + did not work as expected. + see also: https://github.com/rsyslog/rsyslog/issues/4642 + see also: https://github.com/rsyslog/rsyslog/commit/cbcaf2c7e5b67e5465e47bc7cc67af2eae47bd31 +- 2021-10-12: rscript bugfix: ruleset called async when ruleset had queue.type="direct" + The call rscript statement is able to call a rule set either synchronously or + asynchronously. We did this, because practice showed that both modes + are needed. For various reasons we decided to make async + calls if the ruleset has a queue assigned and sync if not. + To know if a "queue is assigned" we just checked if queue parameters were + given. It was overlookeded the case of someone explicitly specifying a + "direct queue", aka "no queue". As such, queue="direct" triggered async + calls. That in turn meant that when a write operation to a variable was + made inside that rule set, other rulesets could or could not see the + write. While if was often not seen, this was a data race where the + change could also be seen by the outside. + This is now fixed. No matter if queue.type="direct" is specified or + left out, the call will always by synchronous. Any values written to + variables will also be seen by the "outside world" in later processing + stages. + Note that this has some potential to BREAK EXISTING CONFIGURATIONS. + We deem this acceptable because: + 1. this was racy at all, so unexpected behaviour could alwas occur + 2. it is actually unlikely that someone used the triggering conditions + in practice. But we can not outrule this, especially when the + configuration was auto-generated. + Potential compatibility issues can be solved by defining a small + array-memory queue on the ruleset in question instead of specifying + direct type. + Again, we expect that almost all users will never experience any + problems. If you do, however, please let us know: we may add an + option to re-enable the bug. +- 2021-10-12: ksi bugfix: locking bug fixed in rsksiCtxOpenFile + Thanks to Taavi Valjaots for the patch. +- 2021-10-11: core bugfix: fix typo in error message + Thanks to github user jkschulz for the patch. +- 2021-10-11: tcpsrv bugfix: compilation without exceptions + tcpsrv.c:992:1: error: label at end of compound statement + finalize_it: + ^~~~~~~~~~~ + Quoting from pthread.h: + pthread_cleanup_push and pthread_cleanup_pop are macros and must always + be used in matching pairs at the same nesting level of braces. + Amends commit bcdd220142ec9eb106550195ba331fd114adb0bd. + Thanks to Orgad Shaneh for the patch. +- 2021-10-11: mkubernetes bugfix: no connection retry to kubernetes APP + When connection to the kubernates API was not possible, mmkubernetes + did not retry. This does now happen via regular rsyslog retry + mechanism. + Thanks to github user jayme-github for the analysis and patch. + closes https://github.com/rsyslog/rsyslog/issues/4669 +- 2021-10-11: openssl bugfix: Correct gnutlsPriorityString (custom ciphers) behaviour + - Only apply default anon ciphers if gnutlsPriorityString is NULL and + Authentication Mode is set to anon. Otherwise we do not set them + as they overwrite custom Ciphers. + - Added two tests for custom cipher configuration (anon/certvalid mode). + - Add call for applyGnutlsPriorityString if gnutlsPriorityString changes. + - Merged openssl init code from Connect into osslInitSession + closes: https://github.com/rsyslog/rsyslog/issues/4686 +- 2021-10-11: build issue: handle undefined MAXPATHLEN, PATH_MAX + While we handled missing PATH_MAX, we did not handle missing MAXPATHLEN. + This happens under GNU/Hurd, because there is no official limit. However, + extremely long pathes are extremely uncommon, so we do not want to + use slow dynamic alloc each time we need to build pathes. So we + impose a limit of 4KiB, which should be fairly enough. Note that + this obviously increases stack requirements in GNU/Hurd. + As suggested by Michael Biebl, we have now implemented a generic + approach to handle this via autoconf. +- 2021-09-12: openssl: extended output information on connection failure + Now includes the remote client/server IP address in the log output. +- 2021-09-12: imhttp enhancements - query parameter ingestion & basic auth support + - Basic Authentication support & tests + * configured via imhttp option "basicAuthFile". This option should be configured + to point to your htpasswd file generated via a standard htpasswd tool. + tests: + * imhttp-post-payload-basic-auth.sh + * imhttp-post-payload-basic-auth-vg.sh + - Query parameter ingestion capability & tests + use t `addmetadata` option to inject query parameters into + metadata for imhttp input. + DISTRO PACKAGERS BEWARE: NEW DEPENDENCY FOR IMHTTP: + libaprutil (libaprutil1-dev on debian'ish, apr-util-devel on Red Hat) + Thanks to Nelson Yen for the patch. +- 2021-09-07: testbench bugfix: privdrop tests under root user did not work + When running under root, the privdrop tests did not properly work. This + patch fixes the issue and skips test where necessary. + This also includes some modernization of the related tests. + closes https://github.com/rsyslog/rsyslog/issues/4619 +- 2021-09-07: core/ratelimiting: fix rate limiting for already parsed messages + Rate limiting may not have worked if the considered message had already + been parsed (not having NEEDS_PARSING in msgFlags). + This affects also imuxsock in its default configuration + (useSpecialParser="true" and ratelimit.severity="1") +- 2021-09-07: core bugfix: use of property $wday terminates string + When $wday is used inside a template, all template parts after it + are ignored. For exmaple: + template(name="json_filename" type="string" string="/var/log/%$wday%.log") + would generate something like "/var/log/0" - the ".log" part would be + missing. For the same reason, $wday can not reliably checked in script + filters. + Thanks to Alain Thivillon for reporting the bug and providing an + excellent analysis, which essentiellay was exactly this fix here. + closes https://github.com/rsyslog/rsyslog/issues/4670 +- 2021-09-07: core/queue bugfix: potential misadressing when queue discarded messages + When a discard mark was set, the queue was very busy and discarded messages, a + NULL pointer access could happen. Depending on circumstances, several problems + could occur, including a SEGFAULT. This is now fixed. + closes: https://github.com/rsyslog/rsyslog/issues/4437 +- 2021-09-07: imdiga bugfix: iOverallQueueSize calculation could be incorrect + This issue only affects testbench and rsyslog development debugging. The active + messages counter, used for synchronizing test steps, went wrong when the queue + discarded messages on it's consumer thread. Now fixed. +- 2021-09-06: gnutls driver: SAN priority did not work correctly on server side + PrioritizeSAN was not propagated when accepting a new connection, this is now fixed. + Thanks to Attila Lakatos for the patch. +- 2021-08-24: config: implement script-equavalent for $PrivDrop* statements + closes https://github.com/rsyslog/rsyslog/issues/891 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2108.0 (aka 2021.08) 2021-08-17 +- 2021-08-16: openssl tls: Improved error message output on tls failures. + closes: https://github.com/rsyslog/rsyslog/issues/4645 +- 2021-08-16: impstats: add percentile metrics tracking functionality + Brief overview: + TO configure tracking percentile metrics in rainerscript: + User would need to define: + - which percentile to track, such as [p50, p99, etc.] + - window size - note, this correlates directly with memory usage to + track the percentiles. + To track a value, user would call built-in function `percentile_observe()` in their configurations to + record an integer value, and percentile metrics would be emitted every + impstats interval. + Thanks to Nelson Yen for the patch. +- 2021-08-12: imfile: add parameter "ignoreolderthanoption" + instructs imfile not to ingest a file that has not been modified in the + specified number of seconds. + Thanks to github user yanjunli76 for the patch (submitted from Nelson Yen) +- 2021-08-10: imklog bugfix: invalid memory adressing, could cause abort + This is a regeression from commit 94c4a87. It introduced a free() call + using an object that was no longer valid (the main pointer to the + to-be-freed object) was already freed at time of use. This could + cause various issues, including a segfault. + Note: this bug was triggerred only during late phase of rsyslog + shutdown, so it did not affect regular operation. + Special thanks to github user wxiaoguang for analyzing the issue + and providing a draft fix proposal, on which this patch builds. + see also https://github.com/rsyslog/rsyslog/pull/4629 + closes https://github.com/rsyslog/rsyslog/issues/4625 +- 2021-08-09: imfile bugfix: deleteStateOnFileDelete missed some state files + When the log file is deleted, imfile would attempt to delete the statefile but it + was missing the file_id part of the statefile name. This means the statefiles were + only removed in the log file was less than 512 characters, because for very small + files the file ID hash is not created. This lead to some state files not being + deleted. + Thanks to pearseimperva for the patch. +- 2021-08-09: imfile bugfix: hash char invalidly added in readmode != 0 + If imfile is ingesting log files with readMode set to 2 or 1, the resulting + messages all have a '#' character at the end. This patch corrects the behaviour. + Note: if some external script "supported" the bug of extra hash character at + the end of line, it may be necessary to update them. + closes https://github.com/rsyslog/rsyslog/issues/4491 +- 2021-08-09: omelasticsearch bugfix: errorFile mutex was not consistently locked + Lock the file during SIGHUPs to avoid issues with concurrent accesses by + writeDataError(). + Thanks to François Poirotte for the patch. +- 2021-08-09: imudp: add socket type (IPv4 vs. 6) to input name + Most importantly, the input name is used for stats counter names as + well. Previously, the same name was used for IPv4 and IPv6, so we had + two counters with an equal name. That left users puzzled. + Unfortunately, this change can potentially require changes to existing + analysis scripts, as the name is now slightly different. + closes https://github.com/rsyslog/rsyslog/issues/4364 +- 2021-08-06: omfwd: add capability for action-specific TLS certificate settings + This permits to override the global definitions for TLS certificates + at the action() level. +- 2021-08-06: imfile bugfix: file handle leak if "freshStartTail" was turned on +- 2021-08-05: imtcp: permit to use different certificate files per input/action + This completes the ability to override global/default TLS settings at the imtcp + input() level. Support for using multiple CAs/Certs per Connection is now provided. +- 2021-08-04: imptcp bugfix: keep alive interval was incorrectly set + The interval was accidentally set to keep alive interval. This has been + corrected. + closes https://github.com/rsyslog/rsyslog/issues/4609 +- 2021-07-08: openssl network driver bugfix: small memory leak + Fixes a static, non-growing memory leak which existed when parameter + "GnutTLSPriorityString" was used. This was primarily a cosmetic issue, + but caused some grief during development in regard to memory leak + detectors. + Note: yes, this is for openssl -- the parameter name is historical. +- 2021-07-07: psrv bugfix: abort if no listener could be started + Modules (like imtcp and imdiag) which use tcpsrv could abort or + otherwise malfunction if no listener for a specific input could + be started. + Found during implementing a new feature, no report from practice. + But could very well happen. +- 2021-07-07: mmkubernetes bugfix: apiserver error handling + - Added graceful handling of apiserver errors with unexpected responses, + i.e., anything other than 200, 404, or 429. Idea is that apiserver + transient error state will recover. We don't want mmkubernetes to miss + metadata resolution for containers that don't have cached metadata. + During these transient error states, mmkubernetes will provide basic + container file path based resolution of namespace and pod metadata for + new pods whose metadata is not yet cached. After this error state + recovers, mmkubernetes is expected to resume its metadata resolution as + expected. + - Added a unit test case for apiserver return 500 with changes to mock server + - Fixed existing unit test that was failing due to missing expected results file + - Added mmkubernetes unit tests to testbench + Thanks to Abdul Waheed for the patch (submitted from Nelson Yen). +- 2021-07-07: ommongodb bugfixes + - Fix Segmentation fault when server is down + - Add server connexion check while resuming + Thanks to Kevin Guillemot for the patch. +- 2021-06-28: omkafka improvements + - drain librdkafka queues and retry later during rsyslog restart or hup. This + re-injects messages into rsyslog's native queues. + - add statsname on per kafka instance for better visibility + - omkafka - count errors related ssl as "errors_ssl" + Thanks to Nelson Yen for the patch. +- 2021-06-23: some CI/QA improvements, Travis-CI disabled + For the time being, Travis CI is disabled because it was outdated and Travis also + changed their system. We will re-evaluate if we re-enable it. Since quite a while + the Travits tests were redundant with the rest of CI, so this does not reduce + coverage. +- 2021-06-23: omhttp bugfix: dynrestpath param in batch mode invalid + When batchmode was used, the templates could not be used to + expand dynrestpath. We are now storing the restpath param + within the batch data if we are in batch mode. + When we are in batch mode, and the restpath value changes, the + batch is submitted and reinitialized + closes: https://github.com/rsyslog/rsyslog/issues/4567 +- 2021-06-17: add predefined template RSYSLOG_SyslogRFC5424Format + This is essentially the same as RSYSLOG_SyslogProtocol23Format with + a better name and a fix to remove the unnecessary LF at the end of + the message. + The different name also enables us to fix the LF issue without + any concern about backwards compatibility. + closes https://github.com/rsyslog/rsyslog/issues/4384 +- 2021-06-17: impstats/bugfix: _sender_stats reports integer counter as string + Note that this introduces a small backwards incompatibility: in previous output + the field was of string type, now it is integer (as intended). We discussed this + on the mailing list and the overwhelming thought was that this is not a problem + because almost all analysis backends are able to cover that format change. This made + the bugfix essentially costmetic. + HOWEVER, if you still experience issues, please let us know. We can add an option + to provide the previous format, and just spared to do so because there was no + evidence it was needed. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2106.0 (aka 2021.06) 2021-06-15 +NOTE: the prime new feature is support for TLS and non-TLS connections +via imtcp in parallel. Furthermore, most TLS parameters can now be overriden +at the input() level. The notable exceptions are certificate files, something +that is due to be implemented as next step. +- 2021-06-14: new global option "parser.supportCompressionExtension" + This permits to turn off rsyslog's single-message compression extension + when it interferes with non-syslog message processing (the parser + subsystem expects syslog messages, not generic text) + closes https://github.com/rsyslog/rsyslog/issues/4598 +- 2021-05-12: imtcp: add more override config params to input() + It is now possible to override all module parameters at the input() level. Module + parameters serve as defaults. Existing configs need no modification. +- 2021-05-06: imtcp: add stream driver parameter to input() configuration + This permits to have different inputs use different stream drivers + and stream driver parameters. + closes https://github.com/rsyslog/rsyslog/issues/3727 +- 2021-04-29: imtcp: permit to run multiple inputs in parallel + Previously, a single server was used to run all imtcp inputs. This + had a couple of drawsbacks. First and foremost, we could not use + different stream drivers in the varios inputs. This patch now + provides a baseline to do that, but does still not implement the + capability (in this sense it is a staging patch). + Secondly, we now ensure that each input has at least one exclusive + thread for processing, untangling the performance of multiple + inputs from each other. + see also: https://github.com/rsyslog/rsyslog/issues/3727 +- 2021-04-27: tcpsrv bugfix: potential sluggishnes and hang on shutdown + tcpsrv is used by multiple other modules (imtcp, imdiag, imgssapi, and, + in theory, also others - even ones we do not know about). However, the + internal synchornization did not properly take multiple tcpsrv users + in consideration. + As such, a single user could hang under some circumstances. This was + caused by improperly awaking all users from a pthread condition wait. + That in turn could lead to some sluggish behaviour and, in rare cases, + a hang at shutdown. + Note: it was highly unlikely to experience real problems with the + officially provided modules. +- 2021-04-22: refactoring of syslog/tcp driver parameter passing + This has now been generalized to a parameter block, which makes it much cleaner and + also easier to add new parameters in the future. +- 2021-04-22: config script: add re_match_i() and re_extract_i() functions + This provides case-insensitive regex functionality. + closes https://github.com/rsyslog/rsyslog/issues/4429 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2104.0 (aka 2021.04) 2021-04-20 +- 2021-04-19: new contributed module imhiredis + Thanks to Théo Bertin (frikilax) for the patch. +- 2021-04-19: new built-in function get_property() to access property vars + Provides ability to evaluate a rsyslog variable using dynamically + evaluated parameters. + 1st param is the rsyslog param, 2nd param is a key, can be an array + index or key string. + Useful for accessing json sub-objects, where a key + needs to be evaluated at runtime. Can be used to access arrays as well. + Thanks to Nelson Yen for contributing this module. +- 2021-04-19: mmdblookup: add support for mmdb DB reload on HUP + Thanks to Théo Bertin (frikilax) for the patch. +- 2021-04-19: script bugfix: empty array in foreach() improperly handled + When running a foreach() loop inside a ruleset, if the json array/object iterated + over is empty but valid, the foreach will make the message processing in the + ruleset abort operation, no following operation (such as actions) will be + executed after this. + Thanks to Théo Bertin (frikilax) for the patch. +- 2021-04-19: imjournal bugfixes (handle leak, empty file) + Flush the FILE* buffer before rename & fsync in order + to not end up syncing an empty file. + Also, close WorkDir on fsync in order to prevent + file descriptor leakage. + Thanks to github user gerd-rausch for the fix. +- 2021-04-06: new contributed function module fmunflatten + This commit adds a new rainerscript function to unflatten keys in a JSON tree. It + provides a way to expand dot separated fields. + <result> = unflatten(<source-tree>, <key-separator-character>); + It allows for instance to produce this: { "source": { "ip": "1.2.3.4", "port": 443 } } + from this source data: { "source.ip": "1.2.3.4", "source.port": 443 } + Thanks to Julien Thomas for the contribution. +- 2021-02-22: test bugfix: some tests did not work with newer TLS library versions + Newer versions provide TLS versions that cannot be disabled in older versions as they + are unknown there. This is solved by setting restrictions in multiple steps. For + older library versions, the final step will error out, but the other one be applied. + This permits to achieve proper test results. + closes: https://github.com/rsyslog/rsyslog/issues/4534 +- some improvements to project CI +---------------------------------------------------------------------------------------- +Scheduled Release 8.2102.0 (aka 2021.02) 2021-02-16 +- 2021-02-15: omfwd: add stats counter for sent bytes + Thanks to John Chivian for suggesting this feature. +- 2021-02-15: omfwd: add error reporting configuration option + RSyslog on a plain TCP cannot guarantee the message delivery + without using RELP protocol. Besides that the logs may be + flooded with connection errors making the rest of messages + difficult to find. To alleviate the problem (see issue 3910), + this patch adds a configuration option that enables to reduce + the number of network errors logged and reported. + For example, if each 10th network error message should be logged, + the rsyslog configuration has to be updated as follows. + action(type="omfwd" Target="<IP_ADDR>" Port="<PORT>" Protocol="tcp" ConErrSkip="10") + Thanks to Libor Bukata for the patch. +- 2021-02-15: action stats counter bugfix: failure count was not properly incremented + In some cases the counter was not incremented, most notably with transaction-enabled + actions. + Thanks to github user thinkst-marco for the patch. +- 2021-02-15: action stats counter bugfix: resume count was not incremented + And so it always stayed at zero. + Thanks to github user thinkst-marco for the patch. +- 2021-02-15: omfwd bugfix: segfault or error if port not given + If omfwd is configured via RainerScript config format and the "port" + parameter is not given, a segfault will most likely happen on + connection establishment for TCP connections. For UDP, this is + usually not the case. + Alternatively, in any case, errors may happen. + Note that the segfault will usually happen right on restart so this + was easy to detect. + We did not receive reports from practice. Instead, we found the bug + while conducting other work. +- 2021-01-29: lookup table bugfix: data race on lookup table reload + A data race could happen when a lookup table was reloaded. We found + this while moving to newer version of TSAN, but have no matching + report from practice. However, there is a potential for this to cause + a segfault under "bad circumstances". +- 2021-01-18: testbench modernization + Bump dependency versions, use newer distro versions for some tests. + Make kafka distcheck separate to help diagnose flaky kafka tests. +- 2021-01-16: testbench: fix invalid sequence of kafka tests runs + kafka tests can not run well in parallel (mostly due to ressource + constraints on CI machines). Accidentally, this was not enforced for + one of the tests. That could lead to random failures and false positives. +- 2021-01-14: testbench: fix kafkacat issues + The kafkacat tool has an upper limit of how many messages it can send + at once. Going over that limit causes messages loss. The exact limit + seems to depend on the environment. This causes testbench false positives. + This commit fixes two related issues: + - errors during kafkacat run were not detected - this has been added + - we now have a "max messages at once" setting, after which kafkacat + is restarted for the next batch of messages. It currently is set + to 25,000 msgs per incarnation. All tests loop now to send the + required number of messages. This has been fixed at the testbench + framework level, so no need to adjust individual tests. +- 2021-01-14: testbench: fix year-dependendt clickhouse test + A test had the year value hardcoded and as such failed whenever the + year changed. This patch corrects that. +---------------------------------------------------------------------------------------- +Scheduled Release 8.2012.0 (aka 2020.12) 2020-12-08 +- 2020-12-07: testbench bugfix: some tests did not work in make distcheck + - certificate file missing in dist tarball + - some test cases did not properly specify path to cert file + Thanks to Michael Biebl for alerting us and providing part of + the fix. + closes https://github.com/rsyslog/rsyslog/issues/4446 +- 2020-12-07: immark: rewrite with many improvements + - mark message text can now be specified + - support for rulesets + - support for using syslog API vs. regular internal interface + - support for output template system + - ability to specify is mark message flag can be set + - minor changes and improvements +- 2020-11-30: usability: re-phrase error message to help users better understand cause + see also https://github.com/rsyslog/rsyslog/issues/3910 +- 2020-11-10: add new system property $now-unixtimestamp + Among others, this may be used as a monotonic counter + for doing load-balancing and other things. + Thanks to Nicholas Brown for suggesting this feature. +- 2020-11-04: omfwd: add new rate limit option + Adding new rate limit option to omfwd for rate limiting + syslog messages sent to the remote server + ratelimit.interval: + Specifies the rate-limiting interval in seconds. + Default value is 0, which turns off rate limiting. + ratelimit.burst + Specifies the rate-limiting burst in number of messages. + closes https://github.com/rsyslog/rsyslog/issues/4423 + Thanks to Dinesh-Ramakrishnan for the patch. +- 2020-11-03: omfwd bug: param "StreamDriver.PermitExpiredCerts" is not "off" by default + The default behaviour of expired certificates of stream driver in TLS mode, should + have been that the see tcp transmission is closed due to expired certificates, and + error messages emited in rsyslog status. This was not the case. That in turn could + lead to permitting sessions which should not be permitted. + Thanks to Vincent Zhu for alerting us and providing a great problem analysis + closes: https://github.com/rsyslog/rsyslog/issues/4425 +---------------------------------------------------------------------------------------- +Scheduled Release 8.2010.0 (aka 2020.10) 2020-10-20 +- 2020-10-13: gnutls TLS subsystem bugfix: handshake error handling + If the tls handshake does not immediatelly finish, gnutls_handShake is called in + doRetry handler again. However the error handling was not + complete in the doRetry handler. A failed gnutls_handShake call + did not abort the connection and properly caused unexpected + problems like in issues: + https://github.com/rsyslog/rsyslog/issues/4270 + https://github.com/rsyslog/rsyslog/issues/4288 +- 2020-10-13: core/msg bugfix: memory leak + There is a missing call to json_object_put(json) if the call to + jsonPathFindParent() failed. It's leaking memory. Depending on workload and config, + this leak can potentially grow large (albeit we did not see reports from practice). + Thanks to Julien Thomas for the patch. +- 2020-10-13: core/msg bugfix: segfault in jsonPathFindNext() when <root> not an object + The segfault gets happens when <bCreate> is 1 and when the <root> + container where to insert the <namebuf> key is not an object. + Here is simple reproducible test case: + // ensure we start fresh + // unnecessary if there was no previous set + unset $!; + set $! = ""; + set $!event!created = 123; + Thanks to Julien Thomas for the patch. +- 2020-10-13: openssl TLS subsystem: improvments of error and status messages + Adding error logs at the ssl handshake failure scenarios. + Adding the header "nsd_ossl:" tag to these logs to identify + the origin module from which logs are generated. + Thanks to Anusha Pai G for the patch. +- 2020-10-06: add 'exists()' script function to check if variable exists |