diff options
58 files changed, 549 insertions, 94 deletions
diff --git a/.tarball-version b/.tarball-version index dddd617..799e196 100644 --- a/.tarball-version +++ b/.tarball-version @@ -1 +1 @@ -8.2404.0 +8.2406.0 @@ -1,4 +1,37 @@ ---------------------------------------------------------------------------------------- +Scheduled Release 8.2406.0 (aka 2024.06) 2024-07-02 +- 2024-07-01: ompgsql bugfix: unexpected and unnecessary message loss + In case of PG not available lets retry instead of dropping messages + Thanks to Nickolai Novik for the patch. +- 2024-07-01: tls subsystem/ossl driver + Several small fixes/additions + * output all loaded ciphers and engines into debug log + * Add new global option "defaultopensslengine" to customize the default openssl + engine. If not defined, openssl will handle the default engine automatically. + Sample: global(defaultopensslengine="rdrand") + * Add simple openssl performance test (imtcp-tls-ossl-basic-stress.sh) with + defaultopensslengine set to rdrand (Intel). + * removed unneeded testcase files in runtime folder. +- 2024-04-18: [o|i]mprog/mmexternal bugfix: invalid command line parameter passing + Quoted command line parameters were incorrectly passed to the called program. This + resulted in unexpected behaviour. For example, in + bash -c "echo test" + bash got passed parameters '-c" and '"echo test"'. Note the double quotes in + '"echo test"'. These needed to be removed by Unix/Linux standards but were instead + passed to bash. That in turn resulted in invalid execution. With the fix, the + behaviour is now correct. Now, bash gets passed '-c' and 'echo test'. + This actually is a BREAKING CHANGE. However, it was outright wrong behaviour from + the beginning. We assume that people either never noticed it (because they did not + use quoted parameters) or used some workaroud, likely a "starter script", which + performed the right task. As such, we do expect that only a very limited set of + installations might be affected by the change. + Even more important, we would need to change the default behaviour in any case, + because the previous handling was obviosuly unacceptable. As such, there was no + way to keep rsyslog perform the previous action. + Thanks to Paul Fertser for the patch. +- 2024-04-12: bugfixes related to time_t on 32 bit platforms (y38k isue) + Thanks to Michael Biebl for the patch. +---------------------------------------------------------------------------------------- Scheduled Release 8.2404.0 (aka 2024.04) 2024-04-02 - 2024-04-02: omhttp patches and enhancement New omhttp plugin configuration parameters added: @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for rsyslog 8.2404.0. +# Generated by GNU Autoconf 2.69 for rsyslog 8.2406.0. # # Report bugs to <rsyslog@lists.adiscon.com>. # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='rsyslog' PACKAGE_TARNAME='rsyslog' -PACKAGE_VERSION='8.2404.0' -PACKAGE_STRING='rsyslog 8.2404.0' +PACKAGE_VERSION='8.2406.0' +PACKAGE_STRING='rsyslog 8.2406.0' PACKAGE_BUGREPORT='rsyslog@lists.adiscon.com' PACKAGE_URL='' @@ -1913,7 +1913,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures rsyslog 8.2404.0 to adapt to many kinds of systems. +\`configure' configures rsyslog 8.2406.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1984,7 +1984,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of rsyslog 8.2404.0:";; + short | recursive ) echo "Configuration of rsyslog 8.2406.0:";; esac cat <<\_ACEOF @@ -2383,7 +2383,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -rsyslog configure 8.2404.0 +rsyslog configure 8.2406.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2963,7 +2963,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by rsyslog $as_me 8.2404.0, which was +It was created by rsyslog $as_me 8.2406.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3315,7 +3315,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu $as_echo "#define VERSION_YEAR 24" >>confdefs.h # UPDATE on release -$as_echo "#define VERSION_MONTH 4" >>confdefs.h +$as_echo "#define VERSION_MONTH 6" >>confdefs.h # UPDATE on release am__api_version='1.16' @@ -3833,7 +3833,7 @@ fi # Define the identity of the package. PACKAGE='rsyslog' - VERSION='8.2404.0' + VERSION='8.2406.0' cat >>confdefs.h <<_ACEOF @@ -28637,12 +28637,12 @@ if test -n "$OPENSSL_CFLAGS"; then pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5 - ($PKG_CONFIG --exists --print-errors "openssl") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.1.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "openssl >= 1.1.0") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl" 2>/dev/null` + pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 1.1.0" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -28654,12 +28654,12 @@ if test -n "$OPENSSL_LIBS"; then pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5 - ($PKG_CONFIG --exists --print-errors "openssl") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.1.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "openssl >= 1.1.0") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl" 2>/dev/null` + pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 1.1.0" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -28680,14 +28680,14 @@ else _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then - OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl" 2>&1` + OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 1.1.0" 2>&1` else - OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl" 2>&1` + OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 1.1.0" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$OPENSSL_PKG_ERRORS" >&5 - as_fn_error $? "Package requirements (openssl) were not met: + as_fn_error $? "Package requirements (openssl >= 1.1.0) were not met: $OPENSSL_PKG_ERRORS @@ -28754,12 +28754,12 @@ if test -n "$OPENSSL_CFLAGS"; then pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5 - ($PKG_CONFIG --exists --print-errors "openssl") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.0.2\""; } >&5 + ($PKG_CONFIG --exists --print-errors "openssl >= 1.0.2") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl" 2>/dev/null` + pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 1.0.2" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -28771,12 +28771,12 @@ if test -n "$OPENSSL_LIBS"; then pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ - { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5 - ($PKG_CONFIG --exists --print-errors "openssl") 2>&5 + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.0.2\""; } >&5 + ($PKG_CONFIG --exists --print-errors "openssl >= 1.0.2") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl" 2>/dev/null` + pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 1.0.2" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes @@ -28797,14 +28797,14 @@ else _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then - OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl" 2>&1` + OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 1.0.2" 2>&1` else - OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl" 2>&1` + OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 1.0.2" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$OPENSSL_PKG_ERRORS" >&5 - as_fn_error $? "Package requirements (openssl) were not met: + as_fn_error $? "Package requirements (openssl >= 1.0.2) were not met: $OPENSSL_PKG_ERRORS @@ -31741,7 +31741,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by rsyslog $as_me 8.2404.0, which was +This file was extended by rsyslog $as_me 8.2406.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -31807,7 +31807,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -rsyslog config.status 8.2404.0 +rsyslog config.status 8.2406.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index b86b491..a4506ec 100644 --- a/configure.ac +++ b/configure.ac @@ -2,9 +2,9 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -AC_INIT([rsyslog],[8.2404.0],[rsyslog@lists.adiscon.com]) # UPDATE on release +AC_INIT([rsyslog],[8.2406.0],[rsyslog@lists.adiscon.com]) # UPDATE on release AC_DEFINE(VERSION_YEAR, 24, [year part of real rsyslog version]) # UPDATE on release -AC_DEFINE(VERSION_MONTH, 4, [month part of real rsyslog version]) # UPDATE on release +AC_DEFINE(VERSION_MONTH, 6, [month part of real rsyslog version]) # UPDATE on release AM_INIT_AUTOMAKE([subdir-objects]) @@ -2510,7 +2510,7 @@ AC_ARG_ENABLE(imdtls, [enable_imdtls=no] ) if test "x$enable_imdtls" = "xyes"; then - PKG_CHECK_MODULES(OPENSSL, openssl) + PKG_CHECK_MODULES(OPENSSL, openssl >= 1.1.0) fi AM_CONDITIONAL(ENABLE_IMDTLS, test x$enable_imdtls = xyes) # END IMDTLS INPUT @@ -2527,7 +2527,7 @@ AC_ARG_ENABLE(omdtls, [enable_omdtls=no] ) if test "x$enable_omdtls" = "xyes"; then - PKG_CHECK_MODULES(OPENSSL, openssl) + PKG_CHECK_MODULES(OPENSSL, openssl >= 1.0.2) fi AM_CONDITIONAL(ENABLE_OMDTLS, test x$enable_omdtls = xyes) # END OMDTLS INPUT diff --git a/contrib/mmkubernetes/mmkubernetes.c b/contrib/mmkubernetes/mmkubernetes.c index 525962e..2445ed8 100644 --- a/contrib/mmkubernetes/mmkubernetes.c +++ b/contrib/mmkubernetes/mmkubernetes.c @@ -123,7 +123,7 @@ static struct cache_s { struct hashtable *mdHt; struct hashtable *nsHt; pthread_mutex_t *cacheMtx; - int lastBusyTime; /* when we got the last busy response from kubernetes */ + time_t lastBusyTime; /* when we got the last busy response from kubernetes */ time_t expirationTime; /* if cache expiration checking is enable, time to check for expiration */ } **caches; @@ -1722,8 +1722,9 @@ queryKB(wrkrInstanceData_t *pWrkrData, char *url, time_t now, struct json_object now -= pWrkrData->pData->cache->lastBusyTime; if (now < pWrkrData->pData->busyRetryInterval) { LogMsg(0, RS_RET_RETRY, LOG_DEBUG, - "mmkubernetes: Waited [%ld] of [%d] seconds for the requested url [%s]\n", - now, pWrkrData->pData->busyRetryInterval, url); + "mmkubernetes: Waited [%"PRId64"] of [%d] seconds for " + "the requested url [%s]\n", + (int64_t) now, pWrkrData->pData->busyRetryInterval, url); ABORT_FINALIZE(RS_RET_RETRY); } else { LogMsg(0, RS_RET_OK, LOG_DEBUG, diff --git a/contrib/omhttp/omhttp.c b/contrib/omhttp/omhttp.c index 14b98c1..e350322 100644 --- a/contrib/omhttp/omhttp.c +++ b/contrib/omhttp/omhttp.c @@ -163,7 +163,7 @@ typedef struct instanceConf_s { statsobj_t *stats; STATSCOUNTER_DEF(ctrHttpRequestsCount, mutCtrHttpRequestsCount); // Number of attempted HTTP requests STATSCOUNTER_DEF(httpRequestsBytes, mutHttpRequestsBytes); - STATSCOUNTER_DEF(httpRequestsTimeMs, muthttphttpRequestsTimeMs); + STATSCOUNTER_DEF(httpRequestsTimeMs, mutHttpRequestsTimeMs); STATSCOUNTER_DEF(ctrHttpRequestsStatus0xx, mutCtrHttpRequestsStatus0xx); // HTTP requests returning 0xx STATSCOUNTER_DEF(ctrHttpRequestsStatus1xx, mutCtrHttpRequestsStatus1xx); // HTTP requests returning 1xx STATSCOUNTER_DEF(ctrHttpRequestsStatus2xx, mutCtrHttpRequestsStatus2xx); // HTTP requests returning 2xx @@ -1287,7 +1287,7 @@ curlPost(wrkrInstanceData_t *pWrkrData, uchar *message, int msglen, uchar **tpls curlCode = curl_easy_perform(curl); DBGPRINTF("omhttp: curlPost curl returned %lld\n", (long long) curlCode); STATSCOUNTER_INC(ctrHttpRequestCount, mutCtrHttpRequestCount); - STATSCOUNTER_INC(pWrkrData->pData->ctrHttpRequestsCount, pWorkerData->pData->mutCtrHttpRequestsCount); + STATSCOUNTER_INC(pWrkrData->pData->ctrHttpRequestsCount, pWrkrData->pData->mutCtrHttpRequestsCount); if (curlCode != CURLE_OK) { STATSCOUNTER_INC(ctrHttpRequestFail, mutCtrHttpRequestFail); diff --git a/plugins/imfile/imfile.c b/plugins/imfile/imfile.c index 3b0bb10..c7572b4 100644 --- a/plugins/imfile/imfile.c +++ b/plugins/imfile/imfile.c @@ -857,13 +857,16 @@ detect_updates(fs_edge_t *const edge) sbool is_file = act->edge->is_file; if (!is_file || act->time_to_delete + FILE_DELETE_DELAY < ttNow) { DBGPRINTF("detect_updates obj gone away, unlinking: " - "'%s', ttDelete: %lds, ttNow:%ld isFile: %d\n", - act->name, ttNow - (act->time_to_delete + FILE_DELETE_DELAY), ttNow, is_file); + "'%s', ttDelete: %"PRId64"s, ttNow:%"PRId64" isFile: %d\n", + act->name, (int64_t) ttNow - (act->time_to_delete + FILE_DELETE_DELAY), + (int64_t) ttNow, is_file); act_obj_unlink(act); restart = 1; } else { - DBGPRINTF("detect_updates obj gone away, keep '%s' open: %ld/%ld/%lds!\n", - act->name, act->time_to_delete, ttNow, ttNow - act->time_to_delete); + DBGPRINTF("detect_updates obj gone away, keep '%s' " + "open: %"PRId64"/%"PRId64"/%"PRId64"s!\n", + act->name, (int64_t) act->time_to_delete, (int64_t) ttNow, + (int64_t) ttNow - act->time_to_delete); pollFile(act); } } diff --git a/plugins/ompgsql/ompgsql.c b/plugins/ompgsql/ompgsql.c index 27248ff..9c27de9 100644 --- a/plugins/ompgsql/ompgsql.c +++ b/plugins/ompgsql/ompgsql.c @@ -255,7 +255,8 @@ tryExec(uchar *pszCmd, wrkrInstanceData_t *pWrkrData) pgRet = PQexec(pWrkrData->f_hpgsql, (char*)pszCmd); execState = PQresultStatus(pgRet); if (execState != PGRES_COMMAND_OK && execState != PGRES_TUPLES_OK) { - dbgprintf("postgres query execution failed: %s\n", PQresStatus(PQresultStatus(pgRet))); + // complain a lot in case any issues with DB communication + LogError(0, execState, "postgres query execution failed: %s", PQresStatus(PQresultStatus(pgRet))); bHadError = 1; } PQclear(pgRet); @@ -352,13 +353,22 @@ CODESTARTcommitTransaction if (iRet != RS_RET_OK && iRet != RS_RET_DEFER_COMMIT && iRet != RS_RET_PREVIOUS_COMMITTED) { - /*if(mysql_rollback(pWrkrData->hmysql) != 0) { - DBGPRINTF("ommysql: server error: transaction could not be rolled back\n"); - }*/ - // closeMySQL(pWrkrData); - // FINALIZE; + // in case of any error lets retry, writePgSQL should return + // iRet = RS_RET_SUSPENDED and we need return it downstream, otherwise + // messages gonna be lost + LogError(0, iRet, "Failed too execute PG query. Message suspended."); + + // since writePgSQL may close connection in case of errors + // no point to issue rollback on new connection + // writePgSQL((uchar*) "ROLLBACK", pWrkrData); + + // To be on safe side lets kill connection similar to what + // ommysql plugin does. + closePgSQL(pWrkrData); + // signal mod.om.beginTransaction that we want retry + ABORT_FINALIZE(iRet); + } } - } CHKiRet(writePgSQL((uchar*) "COMMIT", pWrkrData)); /* TODO: make user-configurable */ diff --git a/runtime/glbl.c b/runtime/glbl.c index 6b4cb29..84cd7b2 100644 --- a/runtime/glbl.c +++ b/runtime/glbl.c @@ -119,6 +119,7 @@ static struct cnfparamdescr cnfparamdescr[] = { { "defaultnetstreamdriverkeyfile", eCmdHdlrString, 0 }, { "defaultnetstreamdrivercertfile", eCmdHdlrString, 0 }, { "defaultnetstreamdriver", eCmdHdlrString, 0 }, + { "defaultopensslengine", eCmdHdlrString, 0 }, { "netstreamdrivercaextrafiles", eCmdHdlrString, 0 }, { "maxmessagesize", eCmdHdlrSize, 0 }, { "oversizemsg.errorfile", eCmdHdlrGetWord, 0 }, @@ -519,6 +520,15 @@ setDfltNetstrmDrvr(void __attribute__((unused)) *pVal, uchar *pNewVal) { } static rsRetVal +setDfltOpensslEngine(void __attribute__((unused)) *pVal, uchar *pNewVal) { + DEFiRet; + free(loadConf->globals.pszDfltOpensslEngine); + loadConf->globals.pszDfltOpensslEngine = pNewVal; + RETiRet; +} + + +static rsRetVal setParserControlCharacterEscapePrefix(void __attribute__((unused)) *pVal, uchar *pNewVal) { DEFiRet; loadConf->globals.parser.cCCEscapeChar = *pNewVal; @@ -904,6 +914,13 @@ GetDfltNetstrmDrvr(rsconf_t *cnf) return(cnf->globals.pszDfltNetstrmDrvr == NULL ? DFLT_NETSTRM_DRVR : cnf->globals.pszDfltNetstrmDrvr); } +/* return the current default openssl engine name */ +static uchar* +GetDfltOpensslEngine(rsconf_t *cnf) +{ + return(cnf->globals.pszDfltOpensslEngine); +} + /* [ar] Source IP for local client to be used on multihomed host */ static rsRetVal SetSourceIPofLocalClient(uchar *newname) @@ -952,6 +969,7 @@ CODESTARTobjQueryInterface(glbl) pIf->GetDfltNetstrmDrvrCertFile = GetDfltNetstrmDrvrCertFile; pIf->GetDfltNetstrmDrvrKeyFile = GetDfltNetstrmDrvrKeyFile; pIf->GetDfltNetstrmDrvr = GetDfltNetstrmDrvr; + pIf->GetDfltOpensslEngine = GetDfltOpensslEngine; pIf->GetNetstrmDrvrCAExtraFiles = GetNetstrmDrvrCAExtraFiles; pIf->GetParserControlCharacterEscapePrefix = GetParserControlCharacterEscapePrefix; pIf->GetParserDropTrailingLFOnReception = GetParserDropTrailingLFOnReception; @@ -993,6 +1011,8 @@ static rsRetVal resetConfigVariables(uchar __attribute__((unused)) *pp, void __a loadConf->globals.pszDfltNetstrmDrvrKeyFile = NULL; free(loadConf->globals.pszDfltNetstrmDrvrCertFile); loadConf->globals.pszDfltNetstrmDrvrCertFile = NULL; + free(loadConf->globals.pszDfltOpensslEngine); + loadConf->globals.pszDfltOpensslEngine = NULL; free(LocalHostNameOverride); LocalHostNameOverride = NULL; free(loadConf->globals.oversizeMsgErrorFile); @@ -1247,6 +1267,9 @@ glblDoneLoadCnf(void) } else if(!strcmp(paramblk.descr[i].name, "defaultnetstreamdriver")) { cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL); setDfltNetstrmDrvr(NULL, cstr); + } else if(!strcmp(paramblk.descr[i].name, "defaultopensslengine")) { + cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL); + setDfltOpensslEngine(NULL, cstr); } else if(!strcmp(paramblk.descr[i].name, "netstreamdrivercaextrafiles")) { cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL); setNetstrmDrvrCAExtraFiles(NULL, cstr); @@ -1471,6 +1494,8 @@ BEGINAbstractObjClassInit(glbl, 1, OBJ_IS_CORE_MODULE) /* class, version */ NULL, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"defaultnetstreamdriver", 0, eCmdHdlrGetWord, setDfltNetstrmDrvr, NULL, NULL)); + CHKiRet(regCfSysLineHdlr((uchar *)"defaultopensslengine", 0, eCmdHdlrGetWord, setDfltOpensslEngine, NULL, + NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"defaultnetstreamdrivercafile", 0, eCmdHdlrGetWord, setDfltNetstrmDrvrCAF, NULL, NULL)); CHKiRet(regCfSysLineHdlr((uchar *)"defaultnetstreamdrivercrlfile", 0, eCmdHdlrGetWord, diff --git a/runtime/glbl.h b/runtime/glbl.h index d75d867..729ed53 100644 --- a/runtime/glbl.h +++ b/runtime/glbl.h @@ -95,6 +95,7 @@ BEGINinterface(glbl) /* name must also be changed in ENDinterface macro! */ SIMP_PROP(DfltNetstrmDrvrCertFile, uchar*) SIMP_PROP(DfltNetstrmDrvrKeyFile, uchar*) SIMP_PROP(DfltNetstrmDrvr, uchar*) + SIMP_PROP(DfltOpensslEngine, uchar*) SIMP_PROP(DefPFFamily, int) SIMP_PROP(DisableDNS, int) SIMP_PROP(NetstrmDrvrCAExtraFiles, uchar*) diff --git a/runtime/net_ossl.c b/runtime/net_ossl.c index 7008731..77d2141 100644 --- a/runtime/net_ossl.c +++ b/runtime/net_ossl.c @@ -59,7 +59,9 @@ void net_ossl_set_ssl_verify_callback(SSL *pSsl, int flags); void net_ossl_set_ctx_verify_callback(SSL_CTX *pCtx, int flags); void net_ossl_set_bio_callback(BIO *conn); int net_ossl_verify_callback(int status, X509_STORE_CTX *store); +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) rsRetVal net_ossl_apply_tlscgfcmd(net_ossl_t *pThis, uchar *tlscfgcmd); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L rsRetVal net_ossl_chkpeercertvalidity(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP); X509* net_ossl_getpeercert(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP); rsRetVal net_ossl_peerfingerprint(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP); @@ -188,7 +190,7 @@ int opensslh_THREAD_cleanup(void) void osslGlblInit(void) { - DBGPRINTF("openssl: entering osslGlblInit\n"); + DBGPRINTF("osslGlblInit: ENTER\n"); if((opensslh_THREAD_setup() == 0) || #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -217,6 +219,31 @@ osslGlblInit(void) ERR_load_BIO_strings(); ERR_load_crypto_strings(); #endif + +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wdeprecated-declarations" + + // Initialize OpenSSL engine library + ENGINE_load_builtin_engines(); + /* Register all of them for every algorithm they collectively implement */ + ENGINE_register_all_complete(); + + // Iterate through all available engines + ENGINE *osslEngine = ENGINE_get_first(); + const char *engine_id = NULL; + const char *engine_name = NULL; + while (osslEngine) { + // Print engine ID and name if the engine is loaded + if (ENGINE_get_init_function(osslEngine)) { // Check if engine is initialized + engine_id = ENGINE_get_id(osslEngine); + engine_name = ENGINE_get_name(osslEngine); + DBGPRINTF("osslGlblInit: Loaded Engine: ID = %s, Name = %s\n", engine_id, engine_name); + } + osslEngine = ENGINE_get_next(osslEngine); + } + // Free the engine reference when done + ENGINE_free(osslEngine); +#pragma GCC diagnostic pop } /* globally de-initialize OpenSSL */ @@ -472,6 +499,7 @@ void net_ossl_lastOpenSSLErrorMsg } } +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) /* initialize tls config commands in openssl context */ rsRetVal net_ossl_apply_tlscgfcmd(net_ossl_t *pThis, uchar *tlscfgcmd) @@ -557,7 +585,7 @@ rsRetVal net_ossl_apply_tlscgfcmd(net_ossl_t *pThis, uchar *tlscfgcmd) finalize_it: RETiRet; } - +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L /* Convert a fingerprint to printable data. The conversion is carried out * according IETF I-D syslog-transport-tls-12. The fingerprint string is @@ -730,7 +758,7 @@ net_ossl_peerfingerprint(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP) if(pThis->bReportAuthErr == 1) { errno = 0; LogMsg(0, RS_RET_INVALID_FINGERPRINT, LOG_WARNING, - "nsd_ossl:TLS session terminated with remote syslog server '%s': " + "net_ossl:TLS session terminated with remote syslog server '%s': " "Fingerprint check failed, not permitted to talk to %s", fromHostIP, cstrGetSzStrNoNULL(pstrFingerprint)); pThis->bReportAuthErr = 0; @@ -775,7 +803,7 @@ net_ossl_chkpeername(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP) cstrFinalize(pStr); errno = 0; LogMsg(0, RS_RET_INVALID_FINGERPRINT, LOG_WARNING, - "nsd_ossl:TLS session terminated with remote syslog server: " + "net_ossl:TLS session terminated with remote syslog server: " "peer name not authorized, not permitted to talk to %s", cstrGetSzStrNoNULL(pStr)); pThis->bReportAuthErr = 0; @@ -813,7 +841,7 @@ net_ossl_getpeercert(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP) errno = 0; pThis->bReportAuthErr = 0; LogMsg(0, RS_RET_TLS_NO_CERT, LOG_WARNING, - "nsd_ossl:TLS session terminated with remote syslog server '%s': " + "net_ossl:TLS session terminated with remote syslog server '%s': " "Peer check failed, peer did not provide a certificate.", fromHostIP); } } @@ -1115,6 +1143,58 @@ net_ossl_verify_cookie(SSL *ssl, const unsigned char *cookie, unsigned int cooki } static rsRetVal +net_ossl_init_engine(__attribute__((unused)) net_ossl_t *pThis) +{ + DEFiRet; + const char *engine_id = NULL; + const char *engine_name = NULL; + +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wdeprecated-declarations" + // Get the default RSA engine + ENGINE *default_engine = ENGINE_get_default_RSA(); + if (default_engine) { + engine_id = ENGINE_get_id(default_engine); + engine_name = ENGINE_get_name(default_engine); + DBGPRINTF("net_ossl_init_engine: Default RSA Engine: ID = %s, Name = %s\n", engine_id, engine_name); + + // Free the engine reference when done + ENGINE_free(default_engine); + } else { + DBGPRINTF("net_ossl_init_engine: No default RSA Engine set.\n"); + } + + /* Setting specific Engine */ + if (runConf != NULL && glbl.GetDfltOpensslEngine(runConf) != NULL) { + default_engine = ENGINE_by_id((char *)glbl.GetDfltOpensslEngine(runConf)); + if (default_engine && ENGINE_init(default_engine)) { + /* engine initialised */ + ENGINE_set_default_DSA(default_engine); + ENGINE_set_default_ciphers(default_engine); + + /* Switch to Engine */ + DBGPRINTF("net_ossl_init_engine: Changed default Engine to %s\n", + glbl.GetDfltOpensslEngine(runConf)); + + /* Release the functional reference from ENGINE_init() */ + ENGINE_finish(default_engine); + } else { + LogError(0, RS_RET_VALUE_NOT_SUPPORTED, "error: ENGINE_init failed to load Engine '%s'" + "ossl netstream driver", glbl.GetDfltOpensslEngine(runConf)); + net_ossl_lastOpenSSLErrorMsg(NULL, 0, NULL, LOG_ERR, "net_ossl_init_engine", "ENGINE_init"); + } + // Free the engine reference when done + ENGINE_free(default_engine); + } else { + DBGPRINTF("net_ossl_init_engine: use openssl default Engine"); + } +#pragma GCC diagnostic pop + + RETiRet; +} + + +static rsRetVal net_ossl_ctx_init_cookie(net_ossl_t *pThis) { DEFiRet; @@ -1159,6 +1239,10 @@ net_ossl_set_bio_callback(BIO *conn) BEGINobjConstruct(net_ossl) /* be sure to specify the object type also in END macro! */ DBGPRINTF("net_ossl_construct: [%p]\n", pThis); pThis->bReportAuthErr = 1; +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + CHKiRet(net_ossl_init_engine(pThis)); +finalize_it: +#endif ENDobjConstruct(net_ossl) /* destructor for the net_ossl object */ @@ -1195,13 +1279,16 @@ CODESTARTobjQueryInterface(net_ossl) pIf->osslPeerfingerprint = net_ossl_peerfingerprint; pIf->osslGetpeercert = net_ossl_getpeercert; pIf->osslChkpeercertvalidity = net_ossl_chkpeercertvalidity; +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) pIf->osslApplyTlscgfcmd = net_ossl_apply_tlscgfcmd; +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L pIf->osslSetBioCallback = net_ossl_set_bio_callback; pIf->osslSetCtxVerifyCallback = net_ossl_set_ctx_verify_callback; pIf->osslSetSslVerifyCallback = net_ossl_set_ssl_verify_callback; pIf->osslLastOpenSSLErrorMsg = net_ossl_lastOpenSSLErrorMsg; #if OPENSSL_VERSION_NUMBER >= 0x10100000L pIf->osslCtxInitCookie = net_ossl_ctx_init_cookie; + pIf->osslInitEngine = net_ossl_init_engine; #endif finalize_it: ENDobjQueryInterface(net_ossl) diff --git a/runtime/net_ossl.h b/runtime/net_ossl.h index eef69dd..af36ffe 100644 --- a/runtime/net_ossl.h +++ b/runtime/net_ossl.h @@ -33,6 +33,7 @@ #endif #include <openssl/engine.h> #include <openssl/rand.h> +#include <openssl/evp.h> /* Internal OpenSSL defined ENUMS */ typedef enum { @@ -83,12 +84,15 @@ BEGINinterface(net_ossl) /* name must also be changed in ENDinterface macro! */ #if OPENSSL_VERSION_NUMBER >= 0x10100000L rsRetVal (*osslCtxInitCookie)(net_ossl_t *pThis); #endif // OPENSSL_VERSION_NUMBER >= 0x10100000L + rsRetVal (*osslInitEngine)(net_ossl_t *pThis); // OpenSSL Helper function exports rsRetVal (*osslChkpeername)(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP); rsRetVal (*osslPeerfingerprint)(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP); X509* (*osslGetpeercert)(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP); rsRetVal (*osslChkpeercertvalidity)(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP); +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) rsRetVal (*osslApplyTlscgfcmd)(net_ossl_t *pThis, uchar *tlscfgcmd); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L void (*osslSetBioCallback)(BIO *conn); void (*osslSetCtxVerifyCallback)(SSL_CTX *pCtx, int flags); void (*osslSetSslVerifyCallback)(SSL *pSsl, int flags); @@ -142,7 +146,6 @@ int opensslh_THREAD_cleanup(void); void osslGlblInit(void); void osslGlblExit(void); - /*-----------------------------------------------------------------------------*/ /* prototypes */ diff --git a/runtime/netstrms.c b/runtime/netstrms.c index 74795ff..263abb7 100644 --- a/runtime/netstrms.c +++ b/runtime/netstrms.c @@ -289,7 +289,7 @@ finalize_it: } -/* Set the priorityString for GnuTLS +/* Set the priorityString * PascalWithopf 2017-08-16 */ static rsRetVal @@ -303,7 +303,7 @@ finalize_it: } -/* return the priorityString for GnuTLS +/* return the priorityString * PascalWithopf, 2017-08-16 */ static uchar* diff --git a/runtime/netstrms.h b/runtime/netstrms.h index 203ad22..982a349 100644 --- a/runtime/netstrms.h +++ b/runtime/netstrms.h @@ -82,6 +82,7 @@ BEGINinterface(netstrms) /* name must also be changed in ENDinterface macro! */ /* v3 */ rsRetVal (*SetDrvrTlsCRLFile)(netstrms_t *pThis, const uchar *); const uchar* (*GetDrvrTlsCRLFile)(netstrms_t *pThis); + ENDinterface(netstrms) #define netstrmsCURR_IF_VERSION 3 /* increment whenever you change the interface structure! */ diff --git a/runtime/nsd.h b/runtime/nsd.h index 03df7d2..b9501b4 100644 --- a/runtime/nsd.h +++ b/runtime/nsd.h @@ -100,6 +100,7 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */ /* v16 - Tls CRL */ rsRetVal (*SetTlsCRLFile)(nsd_t *pThis, const uchar *); + ENDinterface(nsd) #define nsdCURR_IF_VERSION 16 /* increment whenever you change the interface structure! */ /* interface version 4 added GetRemAddr() diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index b9c0f8a..7d4f314 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -2385,6 +2385,7 @@ CODESTARTobjQueryInterface(nsd_gtls) pIf->SetTlsCRLFile = SetTlsCRLFile; pIf->SetTlsKeyFile = SetTlsKeyFile; pIf->SetTlsCertFile = SetTlsCertFile; + finalize_it: ENDobjQueryInterface(nsd_gtls) diff --git a/runtime/nsd_ossl.c b/runtime/nsd_ossl.c index 095328b..e9dece2 100644 --- a/runtime/nsd_ossl.c +++ b/runtime/nsd_ossl.c @@ -443,6 +443,7 @@ osslEndSess(nsd_ossl_t *pThis) /* Standard-Constructor */ BEGINobjConstruct(nsd_ossl) /* be sure to specify the object type also in END macro! */ + DBGPRINTF("nsd_ossl_construct: [%p]\n", pThis); /* construct nsd_ptcp helper */ CHKiRet(nsd_ptcp.Construct(&pThis->pTcp)); /* construct net_ossl helper */ @@ -813,7 +814,7 @@ osslPostHandshakeCheck(nsd_ossl_t *pNsd) if (sslCipher != NULL){ if(SSL_CIPHER_get_version(sslCipher) == NULL) { LogError(0, RS_RET_NO_ERRCODE, "nsd_ossl:" - "TLS version mismatch between syslog client and server."); + "TLS version mismatch between syslog client and server."); } dbgprintf("osslPostHandshakeCheck: Debug Cipher Version: %s Name: %s\n", SSL_CIPHER_get_version(sslCipher), SSL_CIPHER_get_name(sslCipher)); @@ -1505,6 +1506,7 @@ CODESTARTmodInit *ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */ /* Initialize all classes that are in our module - this includes ourselfs */ + DBGPRINTF("modInit\n"); CHKiRet(net_osslClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ CHKiRet(nsd_osslClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ CHKiRet(nsdsel_osslClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c index 6e2fd67..7452094 100644 --- a/runtime/nsd_ptcp.c +++ b/runtime/nsd_ptcp.c @@ -231,7 +231,7 @@ SetPermitExpiredCerts(nsd_t __attribute__((unused)) *pNsd, uchar *mode) { DEFiRet; if(mode != NULL) { - LogError(0, RS_RET_VALUE_NOT_SUPPORTED, "error: permitexpiredcerts settingnot supported by " + LogError(0, RS_RET_VALUE_NOT_SUPPORTED, "error: permitexpiredcerts setting not supported by " "ptcp netstream driver"); ABORT_FINALIZE(RS_RET_VALUE_NOT_SUPPORTED); } diff --git a/runtime/rsconf.h b/runtime/rsconf.h index 453861e..63b251a 100644 --- a/runtime/rsconf.h +++ b/runtime/rsconf.h @@ -116,6 +116,7 @@ struct globals_s { uchar *pszDfltNetstrmDrvrKeyFile; /* default key file for the netstrm driver (server) */ uchar *pszDfltNetstrmDrvr; /* module name of default netstream driver */ uchar *pszNetstrmDrvrCAExtraFiles; /* CA extra file for the netstrm driver */ + uchar *pszDfltOpensslEngine; /* custom openssl engine */ uchar *oversizeMsgErrorFile; /* File where oversize messages are written to */ int reportOversizeMsg; /* shall error messages be generated for oversize messages? */ int oversizeMsgInputMode; /* Mode which oversize messages will be forwarded */ diff --git a/runtime/srutils.c b/runtime/srutils.c index 3369975..f949d5b 100644 --- a/runtime/srutils.c +++ b/runtime/srutils.c @@ -836,12 +836,25 @@ split_binary_parameters(uchar **const szBinary, char ***const __restrict__ aPara iCnt = iStr = 0; c = es_getBufAddr(estrParams); /* Reset to beginning */ while(iCnt < es_strlen(estrParams) ) { - if ( c[iCnt] == ' ' && !bInQuotes ) { - estrTmp = es_newStrFromSubStr( estrParams, iStr, iCnt-iStr); - } else if ( iCnt+1 >= es_strlen(estrParams) ) { - estrTmp = es_newStrFromSubStr( estrParams, iStr, iCnt-iStr+1); - } else if (c[iCnt] == '"') { - bInQuotes = !bInQuotes; + if (c[iCnt] == '"' && iCnt == iStr && !bInQuotes) { + bInQuotes = TRUE; + iStr++; + } else { + int bEOL = iCnt+1 == es_strlen(estrParams); + int bSpace = c[iCnt] == ' '; + int bQuoteEnd = bInQuotes && ((bSpace && c[iCnt-1] == '"') || + (c[iCnt] == '"' && bEOL)); + if (bEOL || bQuoteEnd || (bSpace && !bInQuotes)) { + int iSubCnt = iCnt - iStr; + if (bEOL) + iSubCnt++; + if (bQuoteEnd) + iSubCnt--; + estrTmp = es_newStrFromSubStr(estrParams, iStr, iSubCnt); + } + + if (bQuoteEnd) + bInQuotes = FALSE; } if ( estrTmp != NULL ) { diff --git a/runtime/tcpsrv.c b/runtime/tcpsrv.c index df9bcec..c66b3c9 100644 --- a/runtime/tcpsrv.c +++ b/runtime/tcpsrv.c @@ -1525,6 +1525,7 @@ SetDrvrTlsVerifyDepth(tcpsrv_t *pThis, int verifyDepth) RETiRet; } + /* End of methods to shuffle autentication settings to the driver.; * -------------------------------------------------------------------------- */ diff --git a/tests/Makefile.am b/tests/Makefile.am index 4534776..04223cd 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1475,6 +1475,7 @@ TESTS += \ imtcp-tls-ossl-error-cert.sh \ imtcp-tls-ossl-error-key.sh \ imtcp-tls-ossl-error-key2.sh +# imtcp-tls-ossl-basic-stress.sh if HAVE_VALGRIND TESTS += \ imtcp-tls-ossl-basic-vg.sh \ @@ -2426,6 +2427,7 @@ EXTRA_DIST= \ imtcp-tls-ossl-basic-tlscommands.sh \ imtcp-tls-ossl-basic-verifydepth.sh \ imtcp-tls-ossl-invalid-verifydepth.sh \ + imtcp-tls-ossl-basic-stress.sh \ sndrcv_tls_ossl_anon_ipv4.sh \ sndrcv_tls_ossl_anon_ipv6.sh \ sndrcv_tls_ossl_anon_rebind.sh \ @@ -2614,6 +2616,7 @@ EXTRA_DIST= \ testsuites/htpasswd \ omhttp-auth.sh \ omhttp-basic.sh \ + omhttp-basic-ignorecodes.sh \ omhttp-batch-fail-with-400.sh \ omhttp-batch-jsonarray-compress.sh \ omhttp-batch-jsonarray-retry.sh \ @@ -2624,6 +2627,11 @@ EXTRA_DIST= \ omhttp-batch-lokirest.sh \ omhttp-batch-lokirest-vg.sh \ omhttp-batch-newline.sh \ + omhttp-batch-retry-metadata.sh \ + omhttp-retry-timeout.sh \ + omhttp-basic-ignorecodes-vg.sh \ + omhttp-batch-retry-metadata-vg.sh \ + omhttp-retry-timeout-vg.sh \ omhttp-retry.sh \ omhttp-httpheaderkey.sh \ omhttp-multiplehttpheaders.sh \ diff --git a/tests/Makefile.in b/tests/Makefile.in index aff58a9..cfc04df 100644 --- a/tests/Makefile.in +++ b/tests/Makefile.in @@ -1300,6 +1300,7 @@ host_triplet = @host@ @ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@ imtcp-tls-ossl-error-key.sh \ @ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@ imtcp-tls-ossl-error-key2.sh +# imtcp-tls-ossl-basic-stress.sh @ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@@HAVE_VALGRIND_TRUE@am__append_94 = \ @ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@@HAVE_VALGRIND_TRUE@ imtcp-tls-ossl-basic-vg.sh \ @ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@@HAVE_VALGRIND_TRUE@ imtcp-tls-ossl-basic-brokenhandshake-vg.sh @@ -2890,6 +2891,7 @@ EXTRA_DIST = \ imtcp-tls-ossl-basic-tlscommands.sh \ imtcp-tls-ossl-basic-verifydepth.sh \ imtcp-tls-ossl-invalid-verifydepth.sh \ + imtcp-tls-ossl-basic-stress.sh \ sndrcv_tls_ossl_anon_ipv4.sh \ sndrcv_tls_ossl_anon_ipv6.sh \ sndrcv_tls_ossl_anon_rebind.sh \ @@ -3078,6 +3080,7 @@ EXTRA_DIST = \ testsuites/htpasswd \ omhttp-auth.sh \ omhttp-basic.sh \ + omhttp-basic-ignorecodes.sh \ omhttp-batch-fail-with-400.sh \ omhttp-batch-jsonarray-compress.sh \ omhttp-batch-jsonarray-retry.sh \ @@ -3088,6 +3091,11 @@ EXTRA_DIST = \ omhttp-batch-lokirest.sh \ omhttp-batch-lokirest-vg.sh \ omhttp-batch-newline.sh \ + omhttp-batch-retry-metadata.sh \ + omhttp-retry-timeout.sh \ + omhttp-basic-ignorecodes-vg.sh \ + omhttp-batch-retry-metadata-vg.sh \ + omhttp-retry-timeout-vg.sh \ omhttp-retry.sh \ omhttp-httpheaderkey.sh \ omhttp-multiplehttpheaders.sh \ diff --git a/tests/diag.sh b/tests/diag.sh index 73b93e8..f30290c 100755 --- a/tests/diag.sh +++ b/tests/diag.sh @@ -1718,9 +1718,9 @@ presort() { #START: ext kafka config #dep_cache_dir=$(readlink -f .dep_cache) -export RS_ZK_DOWNLOAD=apache-zookeeper-3.9.1-bin.tar.gz +export RS_ZK_DOWNLOAD=apache-zookeeper-3.9.2-bin.tar.gz dep_cache_dir=$(pwd)/.dep_cache -dep_zk_url=https://downloads.apache.org/zookeeper/zookeeper-3.9.1/$RS_ZK_DOWNLOAD +dep_zk_url=https://downloads.apache.org/zookeeper/zookeeper-3.9.2/$RS_ZK_DOWNLOAD dep_zk_cached_file=$dep_cache_dir/$RS_ZK_DOWNLOAD export RS_KAFKA_DOWNLOAD=kafka_2.13-2.8.0.tgz diff --git a/tests/imdtls-basic-timeout.sh b/tests/imdtls-basic-timeout.sh index 9b4c46a..2beec15 100755 --- a/tests/imdtls-basic-timeout.sh +++ b/tests/imdtls-basic-timeout.sh @@ -13,7 +13,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imdtls/.libs/imdtls" ) diff --git a/tests/imdtls-basic.sh b/tests/imdtls-basic.sh index 889caad..5d7a267 100755 --- a/tests/imdtls-basic.sh +++ b/tests/imdtls-basic.sh @@ -11,7 +11,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imdtls/.libs/imdtls" ) diff --git a/tests/imtcp-tls-gtls-x509fingerprint-invld.sh b/tests/imtcp-tls-gtls-x509fingerprint-invld.sh index af33b45..7415368 100755 --- a/tests/imtcp-tls-gtls-x509fingerprint-invld.sh +++ b/tests/imtcp-tls-gtls-x509fingerprint-invld.sh @@ -10,7 +10,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp-tls-gtls-x509fingerprint.sh b/tests/imtcp-tls-gtls-x509fingerprint.sh index 8cadd29..369b552 100755 --- a/tests/imtcp-tls-gtls-x509fingerprint.sh +++ b/tests/imtcp-tls-gtls-x509fingerprint.sh @@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh b/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh index 4e2ba98..1e5d65e 100755 --- a/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh +++ b/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh @@ -14,7 +14,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp-tls-ossl-basic-stress.sh b/tests/imtcp-tls-ossl-basic-stress.sh new file mode 100755 index 0000000..c711672 --- /dev/null +++ b/tests/imtcp-tls-ossl-basic-stress.sh @@ -0,0 +1,50 @@ +#!/bin/bash +# added 2018-04-27 by alorbach +# This file is part of the rsyslog project, released under ASL 2.0 +# +# List available valid OpenSSL Engines for defaultopensslengine with this command: +# openssl engine -t +# +. ${srcdir:=.}/diag.sh init +export NUMMESSAGES=100000 +# uncomment for debugging support: +#export RSYSLOG_DEBUG="debug nostdout noprintmutexaction" +#export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog" +generate_conf +add_conf ' +global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" + defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" + defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" + defaultopensslengine="rdrand" + debug.whitelist="on" + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +) + +module( load="../plugins/imtcp/.libs/imtcp" + StreamDriver.Name="ossl" + StreamDriver.Mode="1" + StreamDriver.AuthMode="anon" + gnutlsPriorityString="Protocol=-ALL,TLSv1.3,TLSv1.2 +Ciphersuites=TLS_AES_256_GCM_SHA384 +" +) +input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port") + +template(name="outfmt" type="string" string="%msg:F,58:2%\n") +:msg, contains, "msgnum:" action( type="omfile" + template="outfmt" + file=`echo $RSYSLOG_OUT_LOG`) + +' + +# SignatureAlgorithms=RSA+SHA384 + +# Begin actual testcase +startup +tcpflood -p$TCPFLOOD_PORT -d8192 -m$NUMMESSAGES -Ttls -x$srcdir/tls-certs/ca.pem -Z$srcdir/tls-certs/cert.pem -z$srcdir/tls-certs/key.pem +wait_file_lines +shutdown_when_empty +wait_shutdown +seq_check +exit_test + diff --git a/tests/imtcp-tls-ossl-basic-tlscommands.sh b/tests/imtcp-tls-ossl-basic-tlscommands.sh index 6f2e760..b7d5285 100755 --- a/tests/imtcp-tls-ossl-basic-tlscommands.sh +++ b/tests/imtcp-tls-ossl-basic-tlscommands.sh @@ -12,7 +12,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp-tls-ossl-x509fingerprint.sh b/tests/imtcp-tls-ossl-x509fingerprint.sh index 59167b0..d5b931b 100755 --- a/tests/imtcp-tls-ossl-x509fingerprint.sh +++ b/tests/imtcp-tls-ossl-x509fingerprint.sh @@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp-tls-ossl-x509name.sh b/tests/imtcp-tls-ossl-x509name.sh index fadd7f1..b404cb0 100755 --- a/tests/imtcp-tls-ossl-x509name.sh +++ b/tests/imtcp-tls-ossl-x509name.sh @@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp-tls-ossl-x509valid.sh b/tests/imtcp-tls-ossl-x509valid.sh index a796daa..a4c6678 100755 --- a/tests/imtcp-tls-ossl-x509valid.sh +++ b/tests/imtcp-tls-ossl-x509valid.sh @@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/imtcp_conndrop_tls.sh b/tests/imtcp_conndrop_tls.sh index 1b9e38b..ac81694 100755 --- a/tests/imtcp_conndrop_tls.sh +++ b/tests/imtcp_conndrop_tls.sh @@ -14,7 +14,7 @@ global( maxMessageSize="10k" defaultNetstreamDriverKeyFile="'$srcdir'/tls-certs/key.pem" defaultNetstreamDriver="gtls" debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module(load="../plugins/imtcp/.libs/imtcp" maxSessions="1100" diff --git a/tests/manytcp-too-few-tls-vg.sh b/tests/manytcp-too-few-tls-vg.sh index b03fdb9..81e65b7 100755 --- a/tests/manytcp-too-few-tls-vg.sh +++ b/tests/manytcp-too-few-tls-vg.sh @@ -14,7 +14,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir'/testsuites/x.509/client-key.pem" defaultNetstreamDriver="gtls" debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module(load="../plugins/imtcp/.libs/imtcp" maxSessions="1100" diff --git a/tests/omhttp-basic-ignorecodes-vg.sh b/tests/omhttp-basic-ignorecodes-vg.sh new file mode 100755 index 0000000..2bfb5ba --- /dev/null +++ b/tests/omhttp-basic-ignorecodes-vg.sh @@ -0,0 +1,3 @@ +#!/bin/bash +export USE_VALGRIND="YES" +source ${srcdir:=.}/omhttp-basic-ignorecodes.sh diff --git a/tests/omhttp-basic-ignorecodes.sh b/tests/omhttp-basic-ignorecodes.sh new file mode 100755 index 0000000..ebf1742 --- /dev/null +++ b/tests/omhttp-basic-ignorecodes.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# This file is part of the rsyslog project, released under ASL 2.0 + +# Starting actual testbench +. ${srcdir:=.}/diag.sh init + +export NUMMESSAGES=10000 + +port="$(get_free_port)" +omhttp_start_server $port --fail-with-401-or-403-after 5000 + +generate_conf +add_conf ' +template(name="tpl" type="string" + string="{\"msgnum\":\"%msg:F,58:2%\"}") + +module(load="../contrib/omhttp/.libs/omhttp") + +if $msg contains "msgnum:" then + action( + # Payload + name="my_http_action" + type="omhttp" + errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'" + template="tpl" + + server="localhost" + serverport="'$port'" + restpath="my/endpoint" + batch="off" + httpignorablecodes=["401", "NA", "403"] + + # Auth + usehttps="off" + ) +' +startup +injectmsg +shutdown_when_empty +wait_shutdown +omhttp_get_data $port my/endpoint +omhttp_stop_server +seq_check 0 4999 +exit_test diff --git a/tests/omhttp-batch-retry-metadata-vg.sh b/tests/omhttp-batch-retry-metadata-vg.sh new file mode 100755 index 0000000..9be8ab4 --- /dev/null +++ b/tests/omhttp-batch-retry-metadata-vg.sh @@ -0,0 +1,3 @@ +#!/bin/bash +export USE_VALGRIND="YES" +source ${srcdir:=.}/omhttp-batch-retry-metadata.sh diff --git a/tests/omhttp-batch-retry-metadata.sh b/tests/omhttp-batch-retry-metadata.sh new file mode 100755 index 0000000..5f2dad4 --- /dev/null +++ b/tests/omhttp-batch-retry-metadata.sh @@ -0,0 +1,89 @@ +#!/bin/bash +# This file is part of the rsyslog project, released under ASL 2.0 + +# Starting actual testbench +. ${srcdir:=.}/diag.sh init + +export NUMMESSAGES=50000 + +port="$(get_free_port)" +omhttp_start_server $port --fail-every 100 --fail-with 207 + +generate_conf +add_conf ' +module(load="../contrib/omhttp/.libs/omhttp") + +main_queue(queue.dequeueBatchSize="2048") + +template(name="tpl" type="string" + string="{\"msgnum\":\"%msg:F,58:2%\"}") + +# Echo message as-is for retry +template(name="tpl_echo" type="string" string="%msg%\n") + +# Echo response as-is for retry +template(name="tpl_response" type="string" string="{ \"message\": %msg%, \"response\": %$!omhttp!response% }\n") + +ruleset(name="ruleset_omhttp_retry") { + #action(type="omfile" file="'$RSYSLOG_DYNNAME/omhttp.message.log'" template="tpl_echo") + # log the response + action(type="omfile" file="'$RSYSLOG_DYNNAME/omhttp.response.log'" template="tpl_response") + action( + name="action_omhttp" + type="omhttp" + errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'" + template="tpl_echo" + + server="localhost" + serverport="'$port'" + restpath="my/endpoint" + batch="on" + batch.maxsize="100" + batch.format="kafkarest" + + httpretrycodes=["207","500"] + retry="on" + retry.ruleset="ruleset_omhttp_retry" + retry.addmetadata="on" + + # Auth + usehttps="off" + ) & stop +} + +ruleset(name="ruleset_omhttp") { + action( + name="action_omhttp" + type="omhttp" + errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'" + template="tpl" + + server="localhost" + serverport="'$port'" + restpath="my/endpoint" + batch="on" + batch.maxsize="100" + batch.format="kafkarest" + + httpretrycodes=["207", "500"] + retry="on" + retry.ruleset="ruleset_omhttp_retry" + retry.addmetadata="on" + + # Auth + usehttps="off" + ) & stop +} + +if $msg contains "msgnum:" then + call ruleset_omhttp +' +startup +injectmsg +shutdown_when_empty +wait_shutdown +omhttp_get_data $port my/endpoint kafkarest +omhttp_stop_server +seq_check +omhttp_validate_metadata_response +exit_test diff --git a/tests/omhttp-retry-timeout-vg.sh b/tests/omhttp-retry-timeout-vg.sh new file mode 100755 index 0000000..edb7808 --- /dev/null +++ b/tests/omhttp-retry-timeout-vg.sh @@ -0,0 +1,3 @@ +#!/bin/bash +export USE_VALGRIND="YES" +source ${srcdir:=.}/omhttp-retry-timeout.sh diff --git a/tests/omhttp-retry-timeout.sh b/tests/omhttp-retry-timeout.sh new file mode 100755 index 0000000..38ceecd --- /dev/null +++ b/tests/omhttp-retry-timeout.sh @@ -0,0 +1,49 @@ +#!/bin/bash +# This file is part of the rsyslog project, released under ASL 2.0 + +# Starting actual testbench +. ${srcdir:=.}/diag.sh init + +export NUMMESSAGES=10000 + +port="$(get_free_port)" +omhttp_start_server $port --fail-every 1000 --fail-with-delay-secs 2 + +generate_conf +add_conf ' +module(load="../contrib/omhttp/.libs/omhttp") + +main_queue(queue.dequeueBatchSize="2048") + +template(name="tpl" type="string" + string="{\"msgnum\":\"%msg:F,58:2%\"}") + +if $msg contains "msgnum:" then + action( + # Payload + action.resumeRetryCount="-1" + action.resumeInterval="1" + name="my_http_action" + type="omhttp" + errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'" + template="tpl" + + server="localhost" + serverport="'$port'" + restpath="my/endpoint" + restpathtimeout="1000" + checkpath="ping" + batch="off" + + # Auth + usehttps="off" + ) +' +startup +injectmsg +shutdown_when_empty +wait_shutdown +omhttp_get_data $port my/endpoint +omhttp_stop_server +seq_check +exit_test diff --git a/tests/omprog-defaults.sh b/tests/omprog-defaults.sh index 5c52550..356c5aa 100755 --- a/tests/omprog-defaults.sh +++ b/tests/omprog-defaults.sh @@ -26,7 +26,8 @@ template(name="outfmt" type="string" string="%msg%\n") :msg, contains, "msgnum:" { action( type="omprog" - binary=`echo $srcdir/testsuites/omprog-defaults-bin.sh p1 p2 p3` + binary="'$srcdir'/testsuites/omprog-defaults-bin.sh \"p1 with spaces\"'\ +' p2 \"\" --p4=\"middle quote\" \"--p6=\"proper middle quote\"\" \"p7 is last\"" template="outfmt" name="omprog_action" ) @@ -37,7 +38,14 @@ injectmsg 0 10 shutdown_when_empty wait_shutdown -export EXPECTED="Starting with parameters: p1 p2 p3 +export EXPECTED="Starting with parameters: p1 with spaces p2 --p4=\"middle quote\" --p6=\"proper middle quote\" p7 is last +Next parameter is \"p1 with spaces\" +Next parameter is \"p2\" +Next parameter is \"\" +Next parameter is \"--p4=\"middle\" +Next parameter is \"quote\"\" +Next parameter is \"--p6=\"proper middle quote\"\" +Next parameter is \"p7 is last\" Received msgnum:00000000: Received msgnum:00000001: Received msgnum:00000002: diff --git a/tests/omprog-if-error.sh b/tests/omprog-if-error.sh index 89e035e..6d5b0de 100755 --- a/tests/omprog-if-error.sh +++ b/tests/omprog-if-error.sh @@ -25,6 +25,9 @@ cat $RSYSLOG_DYNNAME.othermsg content_check 'must be terminated with \n' $RSYSLOG_DYNNAME.othermsg export EXPECTED="Starting with parameters: p1 p2 p3 +Next parameter is \"p1\" +Next parameter is \"p2\" +Next parameter is \"p3\" Received msgnum:00000000: Received msgnum:00000001: Received msgnum:00000002: diff --git a/tests/sndrcv_dtls_anon_ciphers.sh b/tests/sndrcv_dtls_anon_ciphers.sh index bac90da..4230c14 100755 --- a/tests/sndrcv_dtls_anon_ciphers.sh +++ b/tests/sndrcv_dtls_anon_ciphers.sh @@ -11,7 +11,7 @@ export PORT_RCVR="$(get_free_port)" add_conf ' global( debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imdtls/.libs/imdtls" diff --git a/tests/sndrcv_dtls_certvalid_ciphers.sh b/tests/sndrcv_dtls_certvalid_ciphers.sh index 93ff49f..2beaa3f 100755 --- a/tests/sndrcv_dtls_certvalid_ciphers.sh +++ b/tests/sndrcv_dtls_certvalid_ciphers.sh @@ -14,7 +14,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imdtls/.libs/imdtls" diff --git a/tests/sndrcv_tls_anon_ipv6.sh b/tests/sndrcv_tls_anon_ipv6.sh index 1770b17..5f73d22 100755 --- a/tests/sndrcv_tls_anon_ipv6.sh +++ b/tests/sndrcv_tls_anon_ipv6.sh @@ -19,7 +19,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir'/testsuites/x.509/client-key.pem" defaultNetstreamDriver="gtls" debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module(load="../plugins/imtcp/.libs/imtcp" maxSessions="1100" diff --git a/tests/sndrcv_tls_certvalid_expired.sh b/tests/sndrcv_tls_certvalid_expired.sh index bab916c..e9f6acd 100755 --- a/tests/sndrcv_tls_certvalid_expired.sh +++ b/tests/sndrcv_tls_certvalid_expired.sh @@ -14,7 +14,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" defaultNetstreamDriver="'$RS_TLS_DRIVER'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_certvalid_expired_defaultmode.sh b/tests/sndrcv_tls_certvalid_expired_defaultmode.sh index 47aaa10..0b62538 100755 --- a/tests/sndrcv_tls_certvalid_expired_defaultmode.sh +++ b/tests/sndrcv_tls_certvalid_expired_defaultmode.sh @@ -14,7 +14,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-expired-key.pem'" defaultNetstreamDriver="gtls" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_certvalid_revoked.sh b/tests/sndrcv_tls_certvalid_revoked.sh index b01699e..7e6b9a5 100755 --- a/tests/sndrcv_tls_certvalid_revoked.sh +++ b/tests/sndrcv_tls_certvalid_revoked.sh @@ -15,7 +15,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" defaultNetstreamDriver="'$RS_TLS_DRIVER'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_client_missing_cert.sh b/tests/sndrcv_tls_client_missing_cert.sh index 7045416..aa0c320 100755 --- a/tests/sndrcv_tls_client_missing_cert.sh +++ b/tests/sndrcv_tls_client_missing_cert.sh @@ -14,7 +14,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" defaultNetstreamDriver="'$RS_TLS_DRIVER'" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_ossl_anon_ciphers.sh b/tests/sndrcv_tls_ossl_anon_ciphers.sh index 80201ed..cfb9ded 100755 --- a/tests/sndrcv_tls_ossl_anon_ciphers.sh +++ b/tests/sndrcv_tls_ossl_anon_ciphers.sh @@ -10,7 +10,7 @@ add_conf ' global( defaultNetstreamDriver="ossl" debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_ossl_anon_ipv4.sh b/tests/sndrcv_tls_ossl_anon_ipv4.sh index 8bb4836..fa1a361 100755 --- a/tests/sndrcv_tls_ossl_anon_ipv4.sh +++ b/tests/sndrcv_tls_ossl_anon_ipv4.sh @@ -20,7 +20,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" defaultNetstreamDriver="ossl" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_ossl_anon_rebind.sh b/tests/sndrcv_tls_ossl_anon_rebind.sh index 6d7aaff..c0ac1eb 100755 --- a/tests/sndrcv_tls_ossl_anon_rebind.sh +++ b/tests/sndrcv_tls_ossl_anon_rebind.sh @@ -24,7 +24,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" defaultNetstreamDriver="ossl" debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_ossl_certvalid_ciphers.sh b/tests/sndrcv_tls_ossl_certvalid_ciphers.sh index 62fd636..8b40f9c 100755 --- a/tests/sndrcv_tls_ossl_certvalid_ciphers.sh +++ b/tests/sndrcv_tls_ossl_certvalid_ciphers.sh @@ -12,7 +12,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" defaultNetstreamDriver="ossl" debug.whitelist="on" - debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] + debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_ossl_certvalid_expired.sh b/tests/sndrcv_tls_ossl_certvalid_expired.sh index 5439acf..ade3f57 100755 --- a/tests/sndrcv_tls_ossl_certvalid_expired.sh +++ b/tests/sndrcv_tls_ossl_certvalid_expired.sh @@ -12,7 +12,7 @@ global( defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'" defaultNetstreamDriver="ossl" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh b/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh index b945abe..b16fba0 100755 --- a/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh +++ b/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh @@ -11,7 +11,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'" defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'" defaultNetstreamDriver="ossl" # debug.whitelist="on" -# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] +# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"] ) module( load="../plugins/imtcp/.libs/imtcp" diff --git a/tests/testsuites/omprog-defaults-bin.sh b/tests/testsuites/omprog-defaults-bin.sh index f7d43c7..3723d4d 100755 --- a/tests/testsuites/omprog-defaults-bin.sh +++ b/tests/testsuites/omprog-defaults-bin.sh @@ -3,6 +3,10 @@ outfile=$RSYSLOG_OUT_LOG echo "Starting with parameters: $@" >> $outfile +while [ $# -gt 0 ]; do + echo Next parameter is \""$1"\" + shift +done >> $outfile read log_line while [[ -n "$log_line" ]]; do |