summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.tarball-version2
-rw-r--r--ChangeLog33
-rwxr-xr-xconfigure58
-rw-r--r--configure.ac8
-rw-r--r--contrib/mmkubernetes/mmkubernetes.c7
-rw-r--r--contrib/omhttp/omhttp.c4
-rw-r--r--plugins/imfile/imfile.c11
-rw-r--r--plugins/ompgsql/ompgsql.c24
-rw-r--r--runtime/glbl.c25
-rw-r--r--runtime/glbl.h1
-rw-r--r--runtime/net_ossl.c97
-rw-r--r--runtime/net_ossl.h5
-rw-r--r--runtime/netstrms.c4
-rw-r--r--runtime/netstrms.h1
-rw-r--r--runtime/nsd.h1
-rw-r--r--runtime/nsd_gtls.c1
-rw-r--r--runtime/nsd_ossl.c4
-rw-r--r--runtime/nsd_ptcp.c2
-rw-r--r--runtime/rsconf.h1
-rw-r--r--runtime/srutils.c25
-rw-r--r--runtime/tcpsrv.c1
-rw-r--r--tests/Makefile.am8
-rw-r--r--tests/Makefile.in8
-rwxr-xr-xtests/diag.sh4
-rwxr-xr-xtests/imdtls-basic-timeout.sh2
-rwxr-xr-xtests/imdtls-basic.sh2
-rwxr-xr-xtests/imtcp-tls-gtls-x509fingerprint-invld.sh2
-rwxr-xr-xtests/imtcp-tls-gtls-x509fingerprint.sh2
-rwxr-xr-xtests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh2
-rwxr-xr-xtests/imtcp-tls-ossl-basic-stress.sh50
-rwxr-xr-xtests/imtcp-tls-ossl-basic-tlscommands.sh2
-rwxr-xr-xtests/imtcp-tls-ossl-x509fingerprint.sh2
-rwxr-xr-xtests/imtcp-tls-ossl-x509name.sh2
-rwxr-xr-xtests/imtcp-tls-ossl-x509valid.sh2
-rwxr-xr-xtests/imtcp_conndrop_tls.sh2
-rwxr-xr-xtests/manytcp-too-few-tls-vg.sh2
-rwxr-xr-xtests/omhttp-basic-ignorecodes-vg.sh3
-rwxr-xr-xtests/omhttp-basic-ignorecodes.sh44
-rwxr-xr-xtests/omhttp-batch-retry-metadata-vg.sh3
-rwxr-xr-xtests/omhttp-batch-retry-metadata.sh89
-rwxr-xr-xtests/omhttp-retry-timeout-vg.sh3
-rwxr-xr-xtests/omhttp-retry-timeout.sh49
-rwxr-xr-xtests/omprog-defaults.sh12
-rwxr-xr-xtests/omprog-if-error.sh3
-rwxr-xr-xtests/sndrcv_dtls_anon_ciphers.sh2
-rwxr-xr-xtests/sndrcv_dtls_certvalid_ciphers.sh2
-rwxr-xr-xtests/sndrcv_tls_anon_ipv6.sh2
-rwxr-xr-xtests/sndrcv_tls_certvalid_expired.sh2
-rwxr-xr-xtests/sndrcv_tls_certvalid_expired_defaultmode.sh2
-rwxr-xr-xtests/sndrcv_tls_certvalid_revoked.sh2
-rwxr-xr-xtests/sndrcv_tls_client_missing_cert.sh2
-rwxr-xr-xtests/sndrcv_tls_ossl_anon_ciphers.sh2
-rwxr-xr-xtests/sndrcv_tls_ossl_anon_ipv4.sh2
-rwxr-xr-xtests/sndrcv_tls_ossl_anon_rebind.sh2
-rwxr-xr-xtests/sndrcv_tls_ossl_certvalid_ciphers.sh2
-rwxr-xr-xtests/sndrcv_tls_ossl_certvalid_expired.sh2
-rwxr-xr-xtests/sndrcv_tls_ossl_certvalid_tlscommand.sh2
-rwxr-xr-xtests/testsuites/omprog-defaults-bin.sh4
58 files changed, 549 insertions, 94 deletions
diff --git a/.tarball-version b/.tarball-version
index dddd617..799e196 100644
--- a/.tarball-version
+++ b/.tarball-version
@@ -1 +1 @@
-8.2404.0
+8.2406.0
diff --git a/ChangeLog b/ChangeLog
index fbeea74..d52d8ca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,37 @@
----------------------------------------------------------------------------------------
+Scheduled Release 8.2406.0 (aka 2024.06) 2024-07-02
+- 2024-07-01: ompgsql bugfix: unexpected and unnecessary message loss
+ In case of PG not available lets retry instead of dropping messages
+ Thanks to Nickolai Novik for the patch.
+- 2024-07-01: tls subsystem/ossl driver
+ Several small fixes/additions
+ * output all loaded ciphers and engines into debug log
+ * Add new global option "defaultopensslengine" to customize the default openssl
+ engine. If not defined, openssl will handle the default engine automatically.
+ Sample: global(defaultopensslengine="rdrand")
+ * Add simple openssl performance test (imtcp-tls-ossl-basic-stress.sh) with
+ defaultopensslengine set to rdrand (Intel).
+ * removed unneeded testcase files in runtime folder.
+- 2024-04-18: [o|i]mprog/mmexternal bugfix: invalid command line parameter passing
+ Quoted command line parameters were incorrectly passed to the called program. This
+ resulted in unexpected behaviour. For example, in
+ bash -c "echo test"
+ bash got passed parameters '-c" and '"echo test"'. Note the double quotes in
+ '"echo test"'. These needed to be removed by Unix/Linux standards but were instead
+ passed to bash. That in turn resulted in invalid execution. With the fix, the
+ behaviour is now correct. Now, bash gets passed '-c' and 'echo test'.
+ This actually is a BREAKING CHANGE. However, it was outright wrong behaviour from
+ the beginning. We assume that people either never noticed it (because they did not
+ use quoted parameters) or used some workaroud, likely a "starter script", which
+ performed the right task. As such, we do expect that only a very limited set of
+ installations might be affected by the change.
+ Even more important, we would need to change the default behaviour in any case,
+ because the previous handling was obviosuly unacceptable. As such, there was no
+ way to keep rsyslog perform the previous action.
+ Thanks to Paul Fertser for the patch.
+- 2024-04-12: bugfixes related to time_t on 32 bit platforms (y38k isue)
+ Thanks to Michael Biebl for the patch.
+----------------------------------------------------------------------------------------
Scheduled Release 8.2404.0 (aka 2024.04) 2024-04-02
- 2024-04-02: omhttp patches and enhancement
New omhttp plugin configuration parameters added:
diff --git a/configure b/configure
index 2a23f55..6f62fe3 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for rsyslog 8.2404.0.
+# Generated by GNU Autoconf 2.69 for rsyslog 8.2406.0.
#
# Report bugs to <rsyslog@lists.adiscon.com>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='rsyslog'
PACKAGE_TARNAME='rsyslog'
-PACKAGE_VERSION='8.2404.0'
-PACKAGE_STRING='rsyslog 8.2404.0'
+PACKAGE_VERSION='8.2406.0'
+PACKAGE_STRING='rsyslog 8.2406.0'
PACKAGE_BUGREPORT='rsyslog@lists.adiscon.com'
PACKAGE_URL=''
@@ -1913,7 +1913,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures rsyslog 8.2404.0 to adapt to many kinds of systems.
+\`configure' configures rsyslog 8.2406.0 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1984,7 +1984,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of rsyslog 8.2404.0:";;
+ short | recursive ) echo "Configuration of rsyslog 8.2406.0:";;
esac
cat <<\_ACEOF
@@ -2383,7 +2383,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-rsyslog configure 8.2404.0
+rsyslog configure 8.2406.0
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2963,7 +2963,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by rsyslog $as_me 8.2404.0, which was
+It was created by rsyslog $as_me 8.2406.0, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3315,7 +3315,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
$as_echo "#define VERSION_YEAR 24" >>confdefs.h
# UPDATE on release
-$as_echo "#define VERSION_MONTH 4" >>confdefs.h
+$as_echo "#define VERSION_MONTH 6" >>confdefs.h
# UPDATE on release
am__api_version='1.16'
@@ -3833,7 +3833,7 @@ fi
# Define the identity of the package.
PACKAGE='rsyslog'
- VERSION='8.2404.0'
+ VERSION='8.2406.0'
cat >>confdefs.h <<_ACEOF
@@ -28637,12 +28637,12 @@ if test -n "$OPENSSL_CFLAGS"; then
pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
- { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5
- ($PKG_CONFIG --exists --print-errors "openssl") 2>&5
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.1.0\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "openssl >= 1.1.0") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
- pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl" 2>/dev/null`
+ pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 1.1.0" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
@@ -28654,12 +28654,12 @@ if test -n "$OPENSSL_LIBS"; then
pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
- { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5
- ($PKG_CONFIG --exists --print-errors "openssl") 2>&5
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.1.0\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "openssl >= 1.1.0") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
- pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl" 2>/dev/null`
+ pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 1.1.0" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
@@ -28680,14 +28680,14 @@ else
_pkg_short_errors_supported=no
fi
if test $_pkg_short_errors_supported = yes; then
- OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl" 2>&1`
+ OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 1.1.0" 2>&1`
else
- OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl" 2>&1`
+ OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 1.1.0" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$OPENSSL_PKG_ERRORS" >&5
- as_fn_error $? "Package requirements (openssl) were not met:
+ as_fn_error $? "Package requirements (openssl >= 1.1.0) were not met:
$OPENSSL_PKG_ERRORS
@@ -28754,12 +28754,12 @@ if test -n "$OPENSSL_CFLAGS"; then
pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
- { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5
- ($PKG_CONFIG --exists --print-errors "openssl") 2>&5
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.0.2\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "openssl >= 1.0.2") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
- pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl" 2>/dev/null`
+ pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 1.0.2" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
@@ -28771,12 +28771,12 @@ if test -n "$OPENSSL_LIBS"; then
pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
elif test -n "$PKG_CONFIG"; then
if test -n "$PKG_CONFIG" && \
- { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl\""; } >&5
- ($PKG_CONFIG --exists --print-errors "openssl") 2>&5
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.0.2\""; } >&5
+ ($PKG_CONFIG --exists --print-errors "openssl >= 1.0.2") 2>&5
ac_status=$?
$as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
test $ac_status = 0; }; then
- pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl" 2>/dev/null`
+ pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 1.0.2" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes
else
pkg_failed=yes
@@ -28797,14 +28797,14 @@ else
_pkg_short_errors_supported=no
fi
if test $_pkg_short_errors_supported = yes; then
- OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl" 2>&1`
+ OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 1.0.2" 2>&1`
else
- OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl" 2>&1`
+ OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 1.0.2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$OPENSSL_PKG_ERRORS" >&5
- as_fn_error $? "Package requirements (openssl) were not met:
+ as_fn_error $? "Package requirements (openssl >= 1.0.2) were not met:
$OPENSSL_PKG_ERRORS
@@ -31741,7 +31741,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by rsyslog $as_me 8.2404.0, which was
+This file was extended by rsyslog $as_me 8.2406.0, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -31807,7 +31807,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-rsyslog config.status 8.2404.0
+rsyslog config.status 8.2406.0
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index b86b491..a4506ec 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,9 +2,9 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.61)
-AC_INIT([rsyslog],[8.2404.0],[rsyslog@lists.adiscon.com]) # UPDATE on release
+AC_INIT([rsyslog],[8.2406.0],[rsyslog@lists.adiscon.com]) # UPDATE on release
AC_DEFINE(VERSION_YEAR, 24, [year part of real rsyslog version]) # UPDATE on release
-AC_DEFINE(VERSION_MONTH, 4, [month part of real rsyslog version]) # UPDATE on release
+AC_DEFINE(VERSION_MONTH, 6, [month part of real rsyslog version]) # UPDATE on release
AM_INIT_AUTOMAKE([subdir-objects])
@@ -2510,7 +2510,7 @@ AC_ARG_ENABLE(imdtls,
[enable_imdtls=no]
)
if test "x$enable_imdtls" = "xyes"; then
- PKG_CHECK_MODULES(OPENSSL, openssl)
+ PKG_CHECK_MODULES(OPENSSL, openssl >= 1.1.0)
fi
AM_CONDITIONAL(ENABLE_IMDTLS, test x$enable_imdtls = xyes)
# END IMDTLS INPUT
@@ -2527,7 +2527,7 @@ AC_ARG_ENABLE(omdtls,
[enable_omdtls=no]
)
if test "x$enable_omdtls" = "xyes"; then
- PKG_CHECK_MODULES(OPENSSL, openssl)
+ PKG_CHECK_MODULES(OPENSSL, openssl >= 1.0.2)
fi
AM_CONDITIONAL(ENABLE_OMDTLS, test x$enable_omdtls = xyes)
# END OMDTLS INPUT
diff --git a/contrib/mmkubernetes/mmkubernetes.c b/contrib/mmkubernetes/mmkubernetes.c
index 525962e..2445ed8 100644
--- a/contrib/mmkubernetes/mmkubernetes.c
+++ b/contrib/mmkubernetes/mmkubernetes.c
@@ -123,7 +123,7 @@ static struct cache_s {
struct hashtable *mdHt;
struct hashtable *nsHt;
pthread_mutex_t *cacheMtx;
- int lastBusyTime; /* when we got the last busy response from kubernetes */
+ time_t lastBusyTime; /* when we got the last busy response from kubernetes */
time_t expirationTime; /* if cache expiration checking is enable, time to check for expiration */
} **caches;
@@ -1722,8 +1722,9 @@ queryKB(wrkrInstanceData_t *pWrkrData, char *url, time_t now, struct json_object
now -= pWrkrData->pData->cache->lastBusyTime;
if (now < pWrkrData->pData->busyRetryInterval) {
LogMsg(0, RS_RET_RETRY, LOG_DEBUG,
- "mmkubernetes: Waited [%ld] of [%d] seconds for the requested url [%s]\n",
- now, pWrkrData->pData->busyRetryInterval, url);
+ "mmkubernetes: Waited [%"PRId64"] of [%d] seconds for "
+ "the requested url [%s]\n",
+ (int64_t) now, pWrkrData->pData->busyRetryInterval, url);
ABORT_FINALIZE(RS_RET_RETRY);
} else {
LogMsg(0, RS_RET_OK, LOG_DEBUG,
diff --git a/contrib/omhttp/omhttp.c b/contrib/omhttp/omhttp.c
index 14b98c1..e350322 100644
--- a/contrib/omhttp/omhttp.c
+++ b/contrib/omhttp/omhttp.c
@@ -163,7 +163,7 @@ typedef struct instanceConf_s {
statsobj_t *stats;
STATSCOUNTER_DEF(ctrHttpRequestsCount, mutCtrHttpRequestsCount); // Number of attempted HTTP requests
STATSCOUNTER_DEF(httpRequestsBytes, mutHttpRequestsBytes);
- STATSCOUNTER_DEF(httpRequestsTimeMs, muthttphttpRequestsTimeMs);
+ STATSCOUNTER_DEF(httpRequestsTimeMs, mutHttpRequestsTimeMs);
STATSCOUNTER_DEF(ctrHttpRequestsStatus0xx, mutCtrHttpRequestsStatus0xx); // HTTP requests returning 0xx
STATSCOUNTER_DEF(ctrHttpRequestsStatus1xx, mutCtrHttpRequestsStatus1xx); // HTTP requests returning 1xx
STATSCOUNTER_DEF(ctrHttpRequestsStatus2xx, mutCtrHttpRequestsStatus2xx); // HTTP requests returning 2xx
@@ -1287,7 +1287,7 @@ curlPost(wrkrInstanceData_t *pWrkrData, uchar *message, int msglen, uchar **tpls
curlCode = curl_easy_perform(curl);
DBGPRINTF("omhttp: curlPost curl returned %lld\n", (long long) curlCode);
STATSCOUNTER_INC(ctrHttpRequestCount, mutCtrHttpRequestCount);
- STATSCOUNTER_INC(pWrkrData->pData->ctrHttpRequestsCount, pWorkerData->pData->mutCtrHttpRequestsCount);
+ STATSCOUNTER_INC(pWrkrData->pData->ctrHttpRequestsCount, pWrkrData->pData->mutCtrHttpRequestsCount);
if (curlCode != CURLE_OK) {
STATSCOUNTER_INC(ctrHttpRequestFail, mutCtrHttpRequestFail);
diff --git a/plugins/imfile/imfile.c b/plugins/imfile/imfile.c
index 3b0bb10..c7572b4 100644
--- a/plugins/imfile/imfile.c
+++ b/plugins/imfile/imfile.c
@@ -857,13 +857,16 @@ detect_updates(fs_edge_t *const edge)
sbool is_file = act->edge->is_file;
if (!is_file || act->time_to_delete + FILE_DELETE_DELAY < ttNow) {
DBGPRINTF("detect_updates obj gone away, unlinking: "
- "'%s', ttDelete: %lds, ttNow:%ld isFile: %d\n",
- act->name, ttNow - (act->time_to_delete + FILE_DELETE_DELAY), ttNow, is_file);
+ "'%s', ttDelete: %"PRId64"s, ttNow:%"PRId64" isFile: %d\n",
+ act->name, (int64_t) ttNow - (act->time_to_delete + FILE_DELETE_DELAY),
+ (int64_t) ttNow, is_file);
act_obj_unlink(act);
restart = 1;
} else {
- DBGPRINTF("detect_updates obj gone away, keep '%s' open: %ld/%ld/%lds!\n",
- act->name, act->time_to_delete, ttNow, ttNow - act->time_to_delete);
+ DBGPRINTF("detect_updates obj gone away, keep '%s' "
+ "open: %"PRId64"/%"PRId64"/%"PRId64"s!\n",
+ act->name, (int64_t) act->time_to_delete, (int64_t) ttNow,
+ (int64_t) ttNow - act->time_to_delete);
pollFile(act);
}
}
diff --git a/plugins/ompgsql/ompgsql.c b/plugins/ompgsql/ompgsql.c
index 27248ff..9c27de9 100644
--- a/plugins/ompgsql/ompgsql.c
+++ b/plugins/ompgsql/ompgsql.c
@@ -255,7 +255,8 @@ tryExec(uchar *pszCmd, wrkrInstanceData_t *pWrkrData)
pgRet = PQexec(pWrkrData->f_hpgsql, (char*)pszCmd);
execState = PQresultStatus(pgRet);
if (execState != PGRES_COMMAND_OK && execState != PGRES_TUPLES_OK) {
- dbgprintf("postgres query execution failed: %s\n", PQresStatus(PQresultStatus(pgRet)));
+ // complain a lot in case any issues with DB communication
+ LogError(0, execState, "postgres query execution failed: %s", PQresStatus(PQresultStatus(pgRet)));
bHadError = 1;
}
PQclear(pgRet);
@@ -352,13 +353,22 @@ CODESTARTcommitTransaction
if (iRet != RS_RET_OK
&& iRet != RS_RET_DEFER_COMMIT
&& iRet != RS_RET_PREVIOUS_COMMITTED) {
- /*if(mysql_rollback(pWrkrData->hmysql) != 0) {
- DBGPRINTF("ommysql: server error: transaction could not be rolled back\n");
- }*/
- // closeMySQL(pWrkrData);
- // FINALIZE;
+ // in case of any error lets retry, writePgSQL should return
+ // iRet = RS_RET_SUSPENDED and we need return it downstream, otherwise
+ // messages gonna be lost
+ LogError(0, iRet, "Failed too execute PG query. Message suspended.");
+
+ // since writePgSQL may close connection in case of errors
+ // no point to issue rollback on new connection
+ // writePgSQL((uchar*) "ROLLBACK", pWrkrData);
+
+ // To be on safe side lets kill connection similar to what
+ // ommysql plugin does.
+ closePgSQL(pWrkrData);
+ // signal mod.om.beginTransaction that we want retry
+ ABORT_FINALIZE(iRet);
+ }
}
- }
CHKiRet(writePgSQL((uchar*) "COMMIT", pWrkrData)); /* TODO: make user-configurable */
diff --git a/runtime/glbl.c b/runtime/glbl.c
index 6b4cb29..84cd7b2 100644
--- a/runtime/glbl.c
+++ b/runtime/glbl.c
@@ -119,6 +119,7 @@ static struct cnfparamdescr cnfparamdescr[] = {
{ "defaultnetstreamdriverkeyfile", eCmdHdlrString, 0 },
{ "defaultnetstreamdrivercertfile", eCmdHdlrString, 0 },
{ "defaultnetstreamdriver", eCmdHdlrString, 0 },
+ { "defaultopensslengine", eCmdHdlrString, 0 },
{ "netstreamdrivercaextrafiles", eCmdHdlrString, 0 },
{ "maxmessagesize", eCmdHdlrSize, 0 },
{ "oversizemsg.errorfile", eCmdHdlrGetWord, 0 },
@@ -519,6 +520,15 @@ setDfltNetstrmDrvr(void __attribute__((unused)) *pVal, uchar *pNewVal) {
}
static rsRetVal
+setDfltOpensslEngine(void __attribute__((unused)) *pVal, uchar *pNewVal) {
+ DEFiRet;
+ free(loadConf->globals.pszDfltOpensslEngine);
+ loadConf->globals.pszDfltOpensslEngine = pNewVal;
+ RETiRet;
+}
+
+
+static rsRetVal
setParserControlCharacterEscapePrefix(void __attribute__((unused)) *pVal, uchar *pNewVal) {
DEFiRet;
loadConf->globals.parser.cCCEscapeChar = *pNewVal;
@@ -904,6 +914,13 @@ GetDfltNetstrmDrvr(rsconf_t *cnf)
return(cnf->globals.pszDfltNetstrmDrvr == NULL ? DFLT_NETSTRM_DRVR : cnf->globals.pszDfltNetstrmDrvr);
}
+/* return the current default openssl engine name */
+static uchar*
+GetDfltOpensslEngine(rsconf_t *cnf)
+{
+ return(cnf->globals.pszDfltOpensslEngine);
+}
+
/* [ar] Source IP for local client to be used on multihomed host */
static rsRetVal
SetSourceIPofLocalClient(uchar *newname)
@@ -952,6 +969,7 @@ CODESTARTobjQueryInterface(glbl)
pIf->GetDfltNetstrmDrvrCertFile = GetDfltNetstrmDrvrCertFile;
pIf->GetDfltNetstrmDrvrKeyFile = GetDfltNetstrmDrvrKeyFile;
pIf->GetDfltNetstrmDrvr = GetDfltNetstrmDrvr;
+ pIf->GetDfltOpensslEngine = GetDfltOpensslEngine;
pIf->GetNetstrmDrvrCAExtraFiles = GetNetstrmDrvrCAExtraFiles;
pIf->GetParserControlCharacterEscapePrefix = GetParserControlCharacterEscapePrefix;
pIf->GetParserDropTrailingLFOnReception = GetParserDropTrailingLFOnReception;
@@ -993,6 +1011,8 @@ static rsRetVal resetConfigVariables(uchar __attribute__((unused)) *pp, void __a
loadConf->globals.pszDfltNetstrmDrvrKeyFile = NULL;
free(loadConf->globals.pszDfltNetstrmDrvrCertFile);
loadConf->globals.pszDfltNetstrmDrvrCertFile = NULL;
+ free(loadConf->globals.pszDfltOpensslEngine);
+ loadConf->globals.pszDfltOpensslEngine = NULL;
free(LocalHostNameOverride);
LocalHostNameOverride = NULL;
free(loadConf->globals.oversizeMsgErrorFile);
@@ -1247,6 +1267,9 @@ glblDoneLoadCnf(void)
} else if(!strcmp(paramblk.descr[i].name, "defaultnetstreamdriver")) {
cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL);
setDfltNetstrmDrvr(NULL, cstr);
+ } else if(!strcmp(paramblk.descr[i].name, "defaultopensslengine")) {
+ cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL);
+ setDfltOpensslEngine(NULL, cstr);
} else if(!strcmp(paramblk.descr[i].name, "netstreamdrivercaextrafiles")) {
cstr = (uchar*) es_str2cstr(cnfparamvals[i].val.d.estr, NULL);
setNetstrmDrvrCAExtraFiles(NULL, cstr);
@@ -1471,6 +1494,8 @@ BEGINAbstractObjClassInit(glbl, 1, OBJ_IS_CORE_MODULE) /* class, version */
NULL, NULL));
CHKiRet(regCfSysLineHdlr((uchar *)"defaultnetstreamdriver", 0, eCmdHdlrGetWord, setDfltNetstrmDrvr, NULL,
NULL));
+ CHKiRet(regCfSysLineHdlr((uchar *)"defaultopensslengine", 0, eCmdHdlrGetWord, setDfltOpensslEngine, NULL,
+ NULL));
CHKiRet(regCfSysLineHdlr((uchar *)"defaultnetstreamdrivercafile", 0, eCmdHdlrGetWord,
setDfltNetstrmDrvrCAF, NULL, NULL));
CHKiRet(regCfSysLineHdlr((uchar *)"defaultnetstreamdrivercrlfile", 0, eCmdHdlrGetWord,
diff --git a/runtime/glbl.h b/runtime/glbl.h
index d75d867..729ed53 100644
--- a/runtime/glbl.h
+++ b/runtime/glbl.h
@@ -95,6 +95,7 @@ BEGINinterface(glbl) /* name must also be changed in ENDinterface macro! */
SIMP_PROP(DfltNetstrmDrvrCertFile, uchar*)
SIMP_PROP(DfltNetstrmDrvrKeyFile, uchar*)
SIMP_PROP(DfltNetstrmDrvr, uchar*)
+ SIMP_PROP(DfltOpensslEngine, uchar*)
SIMP_PROP(DefPFFamily, int)
SIMP_PROP(DisableDNS, int)
SIMP_PROP(NetstrmDrvrCAExtraFiles, uchar*)
diff --git a/runtime/net_ossl.c b/runtime/net_ossl.c
index 7008731..77d2141 100644
--- a/runtime/net_ossl.c
+++ b/runtime/net_ossl.c
@@ -59,7 +59,9 @@ void net_ossl_set_ssl_verify_callback(SSL *pSsl, int flags);
void net_ossl_set_ctx_verify_callback(SSL_CTX *pCtx, int flags);
void net_ossl_set_bio_callback(BIO *conn);
int net_ossl_verify_callback(int status, X509_STORE_CTX *store);
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
rsRetVal net_ossl_apply_tlscgfcmd(net_ossl_t *pThis, uchar *tlscfgcmd);
+#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
rsRetVal net_ossl_chkpeercertvalidity(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP);
X509* net_ossl_getpeercert(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP);
rsRetVal net_ossl_peerfingerprint(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP);
@@ -188,7 +190,7 @@ int opensslh_THREAD_cleanup(void)
void
osslGlblInit(void)
{
- DBGPRINTF("openssl: entering osslGlblInit\n");
+ DBGPRINTF("osslGlblInit: ENTER\n");
if((opensslh_THREAD_setup() == 0) ||
#if OPENSSL_VERSION_NUMBER < 0x10100000L
@@ -217,6 +219,31 @@ osslGlblInit(void)
ERR_load_BIO_strings();
ERR_load_crypto_strings();
#endif
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+
+ // Initialize OpenSSL engine library
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();
+
+ // Iterate through all available engines
+ ENGINE *osslEngine = ENGINE_get_first();
+ const char *engine_id = NULL;
+ const char *engine_name = NULL;
+ while (osslEngine) {
+ // Print engine ID and name if the engine is loaded
+ if (ENGINE_get_init_function(osslEngine)) { // Check if engine is initialized
+ engine_id = ENGINE_get_id(osslEngine);
+ engine_name = ENGINE_get_name(osslEngine);
+ DBGPRINTF("osslGlblInit: Loaded Engine: ID = %s, Name = %s\n", engine_id, engine_name);
+ }
+ osslEngine = ENGINE_get_next(osslEngine);
+ }
+ // Free the engine reference when done
+ ENGINE_free(osslEngine);
+#pragma GCC diagnostic pop
}
/* globally de-initialize OpenSSL */
@@ -472,6 +499,7 @@ void net_ossl_lastOpenSSLErrorMsg
}
}
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
/* initialize tls config commands in openssl context
*/
rsRetVal net_ossl_apply_tlscgfcmd(net_ossl_t *pThis, uchar *tlscfgcmd)
@@ -557,7 +585,7 @@ rsRetVal net_ossl_apply_tlscgfcmd(net_ossl_t *pThis, uchar *tlscfgcmd)
finalize_it:
RETiRet;
}
-
+#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
/* Convert a fingerprint to printable data. The conversion is carried out
* according IETF I-D syslog-transport-tls-12. The fingerprint string is
@@ -730,7 +758,7 @@ net_ossl_peerfingerprint(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP)
if(pThis->bReportAuthErr == 1) {
errno = 0;
LogMsg(0, RS_RET_INVALID_FINGERPRINT, LOG_WARNING,
- "nsd_ossl:TLS session terminated with remote syslog server '%s': "
+ "net_ossl:TLS session terminated with remote syslog server '%s': "
"Fingerprint check failed, not permitted to talk to %s",
fromHostIP, cstrGetSzStrNoNULL(pstrFingerprint));
pThis->bReportAuthErr = 0;
@@ -775,7 +803,7 @@ net_ossl_chkpeername(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP)
cstrFinalize(pStr);
errno = 0;
LogMsg(0, RS_RET_INVALID_FINGERPRINT, LOG_WARNING,
- "nsd_ossl:TLS session terminated with remote syslog server: "
+ "net_ossl:TLS session terminated with remote syslog server: "
"peer name not authorized, not permitted to talk to %s",
cstrGetSzStrNoNULL(pStr));
pThis->bReportAuthErr = 0;
@@ -813,7 +841,7 @@ net_ossl_getpeercert(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP)
errno = 0;
pThis->bReportAuthErr = 0;
LogMsg(0, RS_RET_TLS_NO_CERT, LOG_WARNING,
- "nsd_ossl:TLS session terminated with remote syslog server '%s': "
+ "net_ossl:TLS session terminated with remote syslog server '%s': "
"Peer check failed, peer did not provide a certificate.", fromHostIP);
}
}
@@ -1115,6 +1143,58 @@ net_ossl_verify_cookie(SSL *ssl, const unsigned char *cookie, unsigned int cooki
}
static rsRetVal
+net_ossl_init_engine(__attribute__((unused)) net_ossl_t *pThis)
+{
+ DEFiRet;
+ const char *engine_id = NULL;
+ const char *engine_name = NULL;
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+ // Get the default RSA engine
+ ENGINE *default_engine = ENGINE_get_default_RSA();
+ if (default_engine) {
+ engine_id = ENGINE_get_id(default_engine);
+ engine_name = ENGINE_get_name(default_engine);
+ DBGPRINTF("net_ossl_init_engine: Default RSA Engine: ID = %s, Name = %s\n", engine_id, engine_name);
+
+ // Free the engine reference when done
+ ENGINE_free(default_engine);
+ } else {
+ DBGPRINTF("net_ossl_init_engine: No default RSA Engine set.\n");
+ }
+
+ /* Setting specific Engine */
+ if (runConf != NULL && glbl.GetDfltOpensslEngine(runConf) != NULL) {
+ default_engine = ENGINE_by_id((char *)glbl.GetDfltOpensslEngine(runConf));
+ if (default_engine && ENGINE_init(default_engine)) {
+ /* engine initialised */
+ ENGINE_set_default_DSA(default_engine);
+ ENGINE_set_default_ciphers(default_engine);
+
+ /* Switch to Engine */
+ DBGPRINTF("net_ossl_init_engine: Changed default Engine to %s\n",
+ glbl.GetDfltOpensslEngine(runConf));
+
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(default_engine);
+ } else {
+ LogError(0, RS_RET_VALUE_NOT_SUPPORTED, "error: ENGINE_init failed to load Engine '%s'"
+ "ossl netstream driver", glbl.GetDfltOpensslEngine(runConf));
+ net_ossl_lastOpenSSLErrorMsg(NULL, 0, NULL, LOG_ERR, "net_ossl_init_engine", "ENGINE_init");
+ }
+ // Free the engine reference when done
+ ENGINE_free(default_engine);
+ } else {
+ DBGPRINTF("net_ossl_init_engine: use openssl default Engine");
+ }
+#pragma GCC diagnostic pop
+
+ RETiRet;
+}
+
+
+static rsRetVal
net_ossl_ctx_init_cookie(net_ossl_t *pThis)
{
DEFiRet;
@@ -1159,6 +1239,10 @@ net_ossl_set_bio_callback(BIO *conn)
BEGINobjConstruct(net_ossl) /* be sure to specify the object type also in END macro! */
DBGPRINTF("net_ossl_construct: [%p]\n", pThis);
pThis->bReportAuthErr = 1;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ CHKiRet(net_ossl_init_engine(pThis));
+finalize_it:
+#endif
ENDobjConstruct(net_ossl)
/* destructor for the net_ossl object */
@@ -1195,13 +1279,16 @@ CODESTARTobjQueryInterface(net_ossl)
pIf->osslPeerfingerprint = net_ossl_peerfingerprint;
pIf->osslGetpeercert = net_ossl_getpeercert;
pIf->osslChkpeercertvalidity = net_ossl_chkpeercertvalidity;
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
pIf->osslApplyTlscgfcmd = net_ossl_apply_tlscgfcmd;
+#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
pIf->osslSetBioCallback = net_ossl_set_bio_callback;
pIf->osslSetCtxVerifyCallback = net_ossl_set_ctx_verify_callback;
pIf->osslSetSslVerifyCallback = net_ossl_set_ssl_verify_callback;
pIf->osslLastOpenSSLErrorMsg = net_ossl_lastOpenSSLErrorMsg;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
pIf->osslCtxInitCookie = net_ossl_ctx_init_cookie;
+ pIf->osslInitEngine = net_ossl_init_engine;
#endif
finalize_it:
ENDobjQueryInterface(net_ossl)
diff --git a/runtime/net_ossl.h b/runtime/net_ossl.h
index eef69dd..af36ffe 100644
--- a/runtime/net_ossl.h
+++ b/runtime/net_ossl.h
@@ -33,6 +33,7 @@
#endif
#include <openssl/engine.h>
#include <openssl/rand.h>
+#include <openssl/evp.h>
/* Internal OpenSSL defined ENUMS */
typedef enum {
@@ -83,12 +84,15 @@ BEGINinterface(net_ossl) /* name must also be changed in ENDinterface macro! */
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
rsRetVal (*osslCtxInitCookie)(net_ossl_t *pThis);
#endif // OPENSSL_VERSION_NUMBER >= 0x10100000L
+ rsRetVal (*osslInitEngine)(net_ossl_t *pThis);
// OpenSSL Helper function exports
rsRetVal (*osslChkpeername)(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP);
rsRetVal (*osslPeerfingerprint)(net_ossl_t *pThis, X509* certpeer, uchar *fromHostIP);
X509* (*osslGetpeercert)(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP);
rsRetVal (*osslChkpeercertvalidity)(net_ossl_t *pThis, SSL *ssl, uchar *fromHostIP);
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER)
rsRetVal (*osslApplyTlscgfcmd)(net_ossl_t *pThis, uchar *tlscfgcmd);
+#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
void (*osslSetBioCallback)(BIO *conn);
void (*osslSetCtxVerifyCallback)(SSL_CTX *pCtx, int flags);
void (*osslSetSslVerifyCallback)(SSL *pSsl, int flags);
@@ -142,7 +146,6 @@ int opensslh_THREAD_cleanup(void);
void osslGlblInit(void);
void osslGlblExit(void);
-
/*-----------------------------------------------------------------------------*/
/* prototypes */
diff --git a/runtime/netstrms.c b/runtime/netstrms.c
index 74795ff..263abb7 100644
--- a/runtime/netstrms.c
+++ b/runtime/netstrms.c
@@ -289,7 +289,7 @@ finalize_it:
}
-/* Set the priorityString for GnuTLS
+/* Set the priorityString
* PascalWithopf 2017-08-16
*/
static rsRetVal
@@ -303,7 +303,7 @@ finalize_it:
}
-/* return the priorityString for GnuTLS
+/* return the priorityString
* PascalWithopf, 2017-08-16
*/
static uchar*
diff --git a/runtime/netstrms.h b/runtime/netstrms.h
index 203ad22..982a349 100644
--- a/runtime/netstrms.h
+++ b/runtime/netstrms.h
@@ -82,6 +82,7 @@ BEGINinterface(netstrms) /* name must also be changed in ENDinterface macro! */
/* v3 */
rsRetVal (*SetDrvrTlsCRLFile)(netstrms_t *pThis, const uchar *);
const uchar* (*GetDrvrTlsCRLFile)(netstrms_t *pThis);
+
ENDinterface(netstrms)
#define netstrmsCURR_IF_VERSION 3 /* increment whenever you change the interface structure! */
diff --git a/runtime/nsd.h b/runtime/nsd.h
index 03df7d2..b9501b4 100644
--- a/runtime/nsd.h
+++ b/runtime/nsd.h
@@ -100,6 +100,7 @@ BEGINinterface(nsd) /* name must also be changed in ENDinterface macro! */
/* v16 - Tls CRL */
rsRetVal (*SetTlsCRLFile)(nsd_t *pThis, const uchar *);
+
ENDinterface(nsd)
#define nsdCURR_IF_VERSION 16 /* increment whenever you change the interface structure! */
/* interface version 4 added GetRemAddr()
diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c
index b9c0f8a..7d4f314 100644
--- a/runtime/nsd_gtls.c
+++ b/runtime/nsd_gtls.c
@@ -2385,6 +2385,7 @@ CODESTARTobjQueryInterface(nsd_gtls)
pIf->SetTlsCRLFile = SetTlsCRLFile;
pIf->SetTlsKeyFile = SetTlsKeyFile;
pIf->SetTlsCertFile = SetTlsCertFile;
+
finalize_it:
ENDobjQueryInterface(nsd_gtls)
diff --git a/runtime/nsd_ossl.c b/runtime/nsd_ossl.c
index 095328b..e9dece2 100644
--- a/runtime/nsd_ossl.c
+++ b/runtime/nsd_ossl.c
@@ -443,6 +443,7 @@ osslEndSess(nsd_ossl_t *pThis)
/* Standard-Constructor */
BEGINobjConstruct(nsd_ossl) /* be sure to specify the object type also in END macro! */
+ DBGPRINTF("nsd_ossl_construct: [%p]\n", pThis);
/* construct nsd_ptcp helper */
CHKiRet(nsd_ptcp.Construct(&pThis->pTcp));
/* construct net_ossl helper */
@@ -813,7 +814,7 @@ osslPostHandshakeCheck(nsd_ossl_t *pNsd)
if (sslCipher != NULL){
if(SSL_CIPHER_get_version(sslCipher) == NULL) {
LogError(0, RS_RET_NO_ERRCODE, "nsd_ossl:"
- "TLS version mismatch between syslog client and server.");
+ "TLS version mismatch between syslog client and server.");
}
dbgprintf("osslPostHandshakeCheck: Debug Cipher Version: %s Name: %s\n",
SSL_CIPHER_get_version(sslCipher), SSL_CIPHER_get_name(sslCipher));
@@ -1505,6 +1506,7 @@ CODESTARTmodInit
*ipIFVersProvided = CURR_MOD_IF_VERSION; /* we only support the current interface specification */
/* Initialize all classes that are in our module - this includes ourselfs */
+ DBGPRINTF("modInit\n");
CHKiRet(net_osslClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */
CHKiRet(nsd_osslClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */
CHKiRet(nsdsel_osslClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */
diff --git a/runtime/nsd_ptcp.c b/runtime/nsd_ptcp.c
index 6e2fd67..7452094 100644
--- a/runtime/nsd_ptcp.c
+++ b/runtime/nsd_ptcp.c
@@ -231,7 +231,7 @@ SetPermitExpiredCerts(nsd_t __attribute__((unused)) *pNsd, uchar *mode)
{
DEFiRet;
if(mode != NULL) {
- LogError(0, RS_RET_VALUE_NOT_SUPPORTED, "error: permitexpiredcerts settingnot supported by "
+ LogError(0, RS_RET_VALUE_NOT_SUPPORTED, "error: permitexpiredcerts setting not supported by "
"ptcp netstream driver");
ABORT_FINALIZE(RS_RET_VALUE_NOT_SUPPORTED);
}
diff --git a/runtime/rsconf.h b/runtime/rsconf.h
index 453861e..63b251a 100644
--- a/runtime/rsconf.h
+++ b/runtime/rsconf.h
@@ -116,6 +116,7 @@ struct globals_s {
uchar *pszDfltNetstrmDrvrKeyFile; /* default key file for the netstrm driver (server) */
uchar *pszDfltNetstrmDrvr; /* module name of default netstream driver */
uchar *pszNetstrmDrvrCAExtraFiles; /* CA extra file for the netstrm driver */
+ uchar *pszDfltOpensslEngine; /* custom openssl engine */
uchar *oversizeMsgErrorFile; /* File where oversize messages are written to */
int reportOversizeMsg; /* shall error messages be generated for oversize messages? */
int oversizeMsgInputMode; /* Mode which oversize messages will be forwarded */
diff --git a/runtime/srutils.c b/runtime/srutils.c
index 3369975..f949d5b 100644
--- a/runtime/srutils.c
+++ b/runtime/srutils.c
@@ -836,12 +836,25 @@ split_binary_parameters(uchar **const szBinary, char ***const __restrict__ aPara
iCnt = iStr = 0;
c = es_getBufAddr(estrParams); /* Reset to beginning */
while(iCnt < es_strlen(estrParams) ) {
- if ( c[iCnt] == ' ' && !bInQuotes ) {
- estrTmp = es_newStrFromSubStr( estrParams, iStr, iCnt-iStr);
- } else if ( iCnt+1 >= es_strlen(estrParams) ) {
- estrTmp = es_newStrFromSubStr( estrParams, iStr, iCnt-iStr+1);
- } else if (c[iCnt] == '"') {
- bInQuotes = !bInQuotes;
+ if (c[iCnt] == '"' && iCnt == iStr && !bInQuotes) {
+ bInQuotes = TRUE;
+ iStr++;
+ } else {
+ int bEOL = iCnt+1 == es_strlen(estrParams);
+ int bSpace = c[iCnt] == ' ';
+ int bQuoteEnd = bInQuotes && ((bSpace && c[iCnt-1] == '"') ||
+ (c[iCnt] == '"' && bEOL));
+ if (bEOL || bQuoteEnd || (bSpace && !bInQuotes)) {
+ int iSubCnt = iCnt - iStr;
+ if (bEOL)
+ iSubCnt++;
+ if (bQuoteEnd)
+ iSubCnt--;
+ estrTmp = es_newStrFromSubStr(estrParams, iStr, iSubCnt);
+ }
+
+ if (bQuoteEnd)
+ bInQuotes = FALSE;
}
if ( estrTmp != NULL ) {
diff --git a/runtime/tcpsrv.c b/runtime/tcpsrv.c
index df9bcec..c66b3c9 100644
--- a/runtime/tcpsrv.c
+++ b/runtime/tcpsrv.c
@@ -1525,6 +1525,7 @@ SetDrvrTlsVerifyDepth(tcpsrv_t *pThis, int verifyDepth)
RETiRet;
}
+
/* End of methods to shuffle autentication settings to the driver.;
* -------------------------------------------------------------------------- */
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4534776..04223cd 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1475,6 +1475,7 @@ TESTS += \
imtcp-tls-ossl-error-cert.sh \
imtcp-tls-ossl-error-key.sh \
imtcp-tls-ossl-error-key2.sh
+# imtcp-tls-ossl-basic-stress.sh
if HAVE_VALGRIND
TESTS += \
imtcp-tls-ossl-basic-vg.sh \
@@ -2426,6 +2427,7 @@ EXTRA_DIST= \
imtcp-tls-ossl-basic-tlscommands.sh \
imtcp-tls-ossl-basic-verifydepth.sh \
imtcp-tls-ossl-invalid-verifydepth.sh \
+ imtcp-tls-ossl-basic-stress.sh \
sndrcv_tls_ossl_anon_ipv4.sh \
sndrcv_tls_ossl_anon_ipv6.sh \
sndrcv_tls_ossl_anon_rebind.sh \
@@ -2614,6 +2616,7 @@ EXTRA_DIST= \
testsuites/htpasswd \
omhttp-auth.sh \
omhttp-basic.sh \
+ omhttp-basic-ignorecodes.sh \
omhttp-batch-fail-with-400.sh \
omhttp-batch-jsonarray-compress.sh \
omhttp-batch-jsonarray-retry.sh \
@@ -2624,6 +2627,11 @@ EXTRA_DIST= \
omhttp-batch-lokirest.sh \
omhttp-batch-lokirest-vg.sh \
omhttp-batch-newline.sh \
+ omhttp-batch-retry-metadata.sh \
+ omhttp-retry-timeout.sh \
+ omhttp-basic-ignorecodes-vg.sh \
+ omhttp-batch-retry-metadata-vg.sh \
+ omhttp-retry-timeout-vg.sh \
omhttp-retry.sh \
omhttp-httpheaderkey.sh \
omhttp-multiplehttpheaders.sh \
diff --git a/tests/Makefile.in b/tests/Makefile.in
index aff58a9..cfc04df 100644
--- a/tests/Makefile.in
+++ b/tests/Makefile.in
@@ -1300,6 +1300,7 @@ host_triplet = @host@
@ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@ imtcp-tls-ossl-error-key.sh \
@ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@ imtcp-tls-ossl-error-key2.sh
+# imtcp-tls-ossl-basic-stress.sh
@ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@@HAVE_VALGRIND_TRUE@am__append_94 = \
@ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@@HAVE_VALGRIND_TRUE@ imtcp-tls-ossl-basic-vg.sh \
@ENABLE_OPENSSL_TRUE@@ENABLE_TESTBENCH_TRUE@@HAVE_VALGRIND_TRUE@ imtcp-tls-ossl-basic-brokenhandshake-vg.sh
@@ -2890,6 +2891,7 @@ EXTRA_DIST = \
imtcp-tls-ossl-basic-tlscommands.sh \
imtcp-tls-ossl-basic-verifydepth.sh \
imtcp-tls-ossl-invalid-verifydepth.sh \
+ imtcp-tls-ossl-basic-stress.sh \
sndrcv_tls_ossl_anon_ipv4.sh \
sndrcv_tls_ossl_anon_ipv6.sh \
sndrcv_tls_ossl_anon_rebind.sh \
@@ -3078,6 +3080,7 @@ EXTRA_DIST = \
testsuites/htpasswd \
omhttp-auth.sh \
omhttp-basic.sh \
+ omhttp-basic-ignorecodes.sh \
omhttp-batch-fail-with-400.sh \
omhttp-batch-jsonarray-compress.sh \
omhttp-batch-jsonarray-retry.sh \
@@ -3088,6 +3091,11 @@ EXTRA_DIST = \
omhttp-batch-lokirest.sh \
omhttp-batch-lokirest-vg.sh \
omhttp-batch-newline.sh \
+ omhttp-batch-retry-metadata.sh \
+ omhttp-retry-timeout.sh \
+ omhttp-basic-ignorecodes-vg.sh \
+ omhttp-batch-retry-metadata-vg.sh \
+ omhttp-retry-timeout-vg.sh \
omhttp-retry.sh \
omhttp-httpheaderkey.sh \
omhttp-multiplehttpheaders.sh \
diff --git a/tests/diag.sh b/tests/diag.sh
index 73b93e8..f30290c 100755
--- a/tests/diag.sh
+++ b/tests/diag.sh
@@ -1718,9 +1718,9 @@ presort() {
#START: ext kafka config
#dep_cache_dir=$(readlink -f .dep_cache)
-export RS_ZK_DOWNLOAD=apache-zookeeper-3.9.1-bin.tar.gz
+export RS_ZK_DOWNLOAD=apache-zookeeper-3.9.2-bin.tar.gz
dep_cache_dir=$(pwd)/.dep_cache
-dep_zk_url=https://downloads.apache.org/zookeeper/zookeeper-3.9.1/$RS_ZK_DOWNLOAD
+dep_zk_url=https://downloads.apache.org/zookeeper/zookeeper-3.9.2/$RS_ZK_DOWNLOAD
dep_zk_cached_file=$dep_cache_dir/$RS_ZK_DOWNLOAD
export RS_KAFKA_DOWNLOAD=kafka_2.13-2.8.0.tgz
diff --git a/tests/imdtls-basic-timeout.sh b/tests/imdtls-basic-timeout.sh
index 9b4c46a..2beec15 100755
--- a/tests/imdtls-basic-timeout.sh
+++ b/tests/imdtls-basic-timeout.sh
@@ -13,7 +13,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imdtls/.libs/imdtls" )
diff --git a/tests/imdtls-basic.sh b/tests/imdtls-basic.sh
index 889caad..5d7a267 100755
--- a/tests/imdtls-basic.sh
+++ b/tests/imdtls-basic.sh
@@ -11,7 +11,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imdtls/.libs/imdtls" )
diff --git a/tests/imtcp-tls-gtls-x509fingerprint-invld.sh b/tests/imtcp-tls-gtls-x509fingerprint-invld.sh
index af33b45..7415368 100755
--- a/tests/imtcp-tls-gtls-x509fingerprint-invld.sh
+++ b/tests/imtcp-tls-gtls-x509fingerprint-invld.sh
@@ -10,7 +10,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp-tls-gtls-x509fingerprint.sh b/tests/imtcp-tls-gtls-x509fingerprint.sh
index 8cadd29..369b552 100755
--- a/tests/imtcp-tls-gtls-x509fingerprint.sh
+++ b/tests/imtcp-tls-gtls-x509fingerprint.sh
@@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh b/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh
index 4e2ba98..1e5d65e 100755
--- a/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh
+++ b/tests/imtcp-tls-ossl-basic-brokenhandshake-vg.sh
@@ -14,7 +14,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp-tls-ossl-basic-stress.sh b/tests/imtcp-tls-ossl-basic-stress.sh
new file mode 100755
index 0000000..c711672
--- /dev/null
+++ b/tests/imtcp-tls-ossl-basic-stress.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+# added 2018-04-27 by alorbach
+# This file is part of the rsyslog project, released under ASL 2.0
+#
+# List available valid OpenSSL Engines for defaultopensslengine with this command:
+# openssl engine -t
+#
+. ${srcdir:=.}/diag.sh init
+export NUMMESSAGES=100000
+# uncomment for debugging support:
+#export RSYSLOG_DEBUG="debug nostdout noprintmutexaction"
+#export RSYSLOG_DEBUGLOG="$RSYSLOG_DYNNAME.receiver.debuglog"
+generate_conf
+add_conf '
+global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
+ defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
+ defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
+ defaultopensslengine="rdrand"
+ debug.whitelist="on"
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+)
+
+module( load="../plugins/imtcp/.libs/imtcp"
+ StreamDriver.Name="ossl"
+ StreamDriver.Mode="1"
+ StreamDriver.AuthMode="anon"
+ gnutlsPriorityString="Protocol=-ALL,TLSv1.3,TLSv1.2
+Ciphersuites=TLS_AES_256_GCM_SHA384
+"
+)
+input(type="imtcp" port="0" listenPortFileName="'$RSYSLOG_DYNNAME'.tcpflood_port")
+
+template(name="outfmt" type="string" string="%msg:F,58:2%\n")
+:msg, contains, "msgnum:" action( type="omfile"
+ template="outfmt"
+ file=`echo $RSYSLOG_OUT_LOG`)
+
+'
+
+# SignatureAlgorithms=RSA+SHA384
+
+# Begin actual testcase
+startup
+tcpflood -p$TCPFLOOD_PORT -d8192 -m$NUMMESSAGES -Ttls -x$srcdir/tls-certs/ca.pem -Z$srcdir/tls-certs/cert.pem -z$srcdir/tls-certs/key.pem
+wait_file_lines
+shutdown_when_empty
+wait_shutdown
+seq_check
+exit_test
+
diff --git a/tests/imtcp-tls-ossl-basic-tlscommands.sh b/tests/imtcp-tls-ossl-basic-tlscommands.sh
index 6f2e760..b7d5285 100755
--- a/tests/imtcp-tls-ossl-basic-tlscommands.sh
+++ b/tests/imtcp-tls-ossl-basic-tlscommands.sh
@@ -12,7 +12,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp-tls-ossl-x509fingerprint.sh b/tests/imtcp-tls-ossl-x509fingerprint.sh
index 59167b0..d5b931b 100755
--- a/tests/imtcp-tls-ossl-x509fingerprint.sh
+++ b/tests/imtcp-tls-ossl-x509fingerprint.sh
@@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp-tls-ossl-x509name.sh b/tests/imtcp-tls-ossl-x509name.sh
index fadd7f1..b404cb0 100755
--- a/tests/imtcp-tls-ossl-x509name.sh
+++ b/tests/imtcp-tls-ossl-x509name.sh
@@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp-tls-ossl-x509valid.sh b/tests/imtcp-tls-ossl-x509valid.sh
index a796daa..a4c6678 100755
--- a/tests/imtcp-tls-ossl-x509valid.sh
+++ b/tests/imtcp-tls-ossl-x509valid.sh
@@ -9,7 +9,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/imtcp_conndrop_tls.sh b/tests/imtcp_conndrop_tls.sh
index 1b9e38b..ac81694 100755
--- a/tests/imtcp_conndrop_tls.sh
+++ b/tests/imtcp_conndrop_tls.sh
@@ -14,7 +14,7 @@ global( maxMessageSize="10k"
defaultNetstreamDriverKeyFile="'$srcdir'/tls-certs/key.pem"
defaultNetstreamDriver="gtls"
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module(load="../plugins/imtcp/.libs/imtcp" maxSessions="1100"
diff --git a/tests/manytcp-too-few-tls-vg.sh b/tests/manytcp-too-few-tls-vg.sh
index b03fdb9..81e65b7 100755
--- a/tests/manytcp-too-few-tls-vg.sh
+++ b/tests/manytcp-too-few-tls-vg.sh
@@ -14,7 +14,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir'/testsuites/x.509/client-key.pem"
defaultNetstreamDriver="gtls"
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module(load="../plugins/imtcp/.libs/imtcp" maxSessions="1100"
diff --git a/tests/omhttp-basic-ignorecodes-vg.sh b/tests/omhttp-basic-ignorecodes-vg.sh
new file mode 100755
index 0000000..2bfb5ba
--- /dev/null
+++ b/tests/omhttp-basic-ignorecodes-vg.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+export USE_VALGRIND="YES"
+source ${srcdir:=.}/omhttp-basic-ignorecodes.sh
diff --git a/tests/omhttp-basic-ignorecodes.sh b/tests/omhttp-basic-ignorecodes.sh
new file mode 100755
index 0000000..ebf1742
--- /dev/null
+++ b/tests/omhttp-basic-ignorecodes.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+# This file is part of the rsyslog project, released under ASL 2.0
+
+# Starting actual testbench
+. ${srcdir:=.}/diag.sh init
+
+export NUMMESSAGES=10000
+
+port="$(get_free_port)"
+omhttp_start_server $port --fail-with-401-or-403-after 5000
+
+generate_conf
+add_conf '
+template(name="tpl" type="string"
+ string="{\"msgnum\":\"%msg:F,58:2%\"}")
+
+module(load="../contrib/omhttp/.libs/omhttp")
+
+if $msg contains "msgnum:" then
+ action(
+ # Payload
+ name="my_http_action"
+ type="omhttp"
+ errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'"
+ template="tpl"
+
+ server="localhost"
+ serverport="'$port'"
+ restpath="my/endpoint"
+ batch="off"
+ httpignorablecodes=["401", "NA", "403"]
+
+ # Auth
+ usehttps="off"
+ )
+'
+startup
+injectmsg
+shutdown_when_empty
+wait_shutdown
+omhttp_get_data $port my/endpoint
+omhttp_stop_server
+seq_check 0 4999
+exit_test
diff --git a/tests/omhttp-batch-retry-metadata-vg.sh b/tests/omhttp-batch-retry-metadata-vg.sh
new file mode 100755
index 0000000..9be8ab4
--- /dev/null
+++ b/tests/omhttp-batch-retry-metadata-vg.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+export USE_VALGRIND="YES"
+source ${srcdir:=.}/omhttp-batch-retry-metadata.sh
diff --git a/tests/omhttp-batch-retry-metadata.sh b/tests/omhttp-batch-retry-metadata.sh
new file mode 100755
index 0000000..5f2dad4
--- /dev/null
+++ b/tests/omhttp-batch-retry-metadata.sh
@@ -0,0 +1,89 @@
+#!/bin/bash
+# This file is part of the rsyslog project, released under ASL 2.0
+
+# Starting actual testbench
+. ${srcdir:=.}/diag.sh init
+
+export NUMMESSAGES=50000
+
+port="$(get_free_port)"
+omhttp_start_server $port --fail-every 100 --fail-with 207
+
+generate_conf
+add_conf '
+module(load="../contrib/omhttp/.libs/omhttp")
+
+main_queue(queue.dequeueBatchSize="2048")
+
+template(name="tpl" type="string"
+ string="{\"msgnum\":\"%msg:F,58:2%\"}")
+
+# Echo message as-is for retry
+template(name="tpl_echo" type="string" string="%msg%\n")
+
+# Echo response as-is for retry
+template(name="tpl_response" type="string" string="{ \"message\": %msg%, \"response\": %$!omhttp!response% }\n")
+
+ruleset(name="ruleset_omhttp_retry") {
+ #action(type="omfile" file="'$RSYSLOG_DYNNAME/omhttp.message.log'" template="tpl_echo")
+ # log the response
+ action(type="omfile" file="'$RSYSLOG_DYNNAME/omhttp.response.log'" template="tpl_response")
+ action(
+ name="action_omhttp"
+ type="omhttp"
+ errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'"
+ template="tpl_echo"
+
+ server="localhost"
+ serverport="'$port'"
+ restpath="my/endpoint"
+ batch="on"
+ batch.maxsize="100"
+ batch.format="kafkarest"
+
+ httpretrycodes=["207","500"]
+ retry="on"
+ retry.ruleset="ruleset_omhttp_retry"
+ retry.addmetadata="on"
+
+ # Auth
+ usehttps="off"
+ ) & stop
+}
+
+ruleset(name="ruleset_omhttp") {
+ action(
+ name="action_omhttp"
+ type="omhttp"
+ errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'"
+ template="tpl"
+
+ server="localhost"
+ serverport="'$port'"
+ restpath="my/endpoint"
+ batch="on"
+ batch.maxsize="100"
+ batch.format="kafkarest"
+
+ httpretrycodes=["207", "500"]
+ retry="on"
+ retry.ruleset="ruleset_omhttp_retry"
+ retry.addmetadata="on"
+
+ # Auth
+ usehttps="off"
+ ) & stop
+}
+
+if $msg contains "msgnum:" then
+ call ruleset_omhttp
+'
+startup
+injectmsg
+shutdown_when_empty
+wait_shutdown
+omhttp_get_data $port my/endpoint kafkarest
+omhttp_stop_server
+seq_check
+omhttp_validate_metadata_response
+exit_test
diff --git a/tests/omhttp-retry-timeout-vg.sh b/tests/omhttp-retry-timeout-vg.sh
new file mode 100755
index 0000000..edb7808
--- /dev/null
+++ b/tests/omhttp-retry-timeout-vg.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+export USE_VALGRIND="YES"
+source ${srcdir:=.}/omhttp-retry-timeout.sh
diff --git a/tests/omhttp-retry-timeout.sh b/tests/omhttp-retry-timeout.sh
new file mode 100755
index 0000000..38ceecd
--- /dev/null
+++ b/tests/omhttp-retry-timeout.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+# This file is part of the rsyslog project, released under ASL 2.0
+
+# Starting actual testbench
+. ${srcdir:=.}/diag.sh init
+
+export NUMMESSAGES=10000
+
+port="$(get_free_port)"
+omhttp_start_server $port --fail-every 1000 --fail-with-delay-secs 2
+
+generate_conf
+add_conf '
+module(load="../contrib/omhttp/.libs/omhttp")
+
+main_queue(queue.dequeueBatchSize="2048")
+
+template(name="tpl" type="string"
+ string="{\"msgnum\":\"%msg:F,58:2%\"}")
+
+if $msg contains "msgnum:" then
+ action(
+ # Payload
+ action.resumeRetryCount="-1"
+ action.resumeInterval="1"
+ name="my_http_action"
+ type="omhttp"
+ errorfile="'$RSYSLOG_DYNNAME/omhttp.error.log'"
+ template="tpl"
+
+ server="localhost"
+ serverport="'$port'"
+ restpath="my/endpoint"
+ restpathtimeout="1000"
+ checkpath="ping"
+ batch="off"
+
+ # Auth
+ usehttps="off"
+ )
+'
+startup
+injectmsg
+shutdown_when_empty
+wait_shutdown
+omhttp_get_data $port my/endpoint
+omhttp_stop_server
+seq_check
+exit_test
diff --git a/tests/omprog-defaults.sh b/tests/omprog-defaults.sh
index 5c52550..356c5aa 100755
--- a/tests/omprog-defaults.sh
+++ b/tests/omprog-defaults.sh
@@ -26,7 +26,8 @@ template(name="outfmt" type="string" string="%msg%\n")
:msg, contains, "msgnum:" {
action(
type="omprog"
- binary=`echo $srcdir/testsuites/omprog-defaults-bin.sh p1 p2 p3`
+ binary="'$srcdir'/testsuites/omprog-defaults-bin.sh \"p1 with spaces\"'\
+' p2 \"\" --p4=\"middle quote\" \"--p6=\"proper middle quote\"\" \"p7 is last\""
template="outfmt"
name="omprog_action"
)
@@ -37,7 +38,14 @@ injectmsg 0 10
shutdown_when_empty
wait_shutdown
-export EXPECTED="Starting with parameters: p1 p2 p3
+export EXPECTED="Starting with parameters: p1 with spaces p2 --p4=\"middle quote\" --p6=\"proper middle quote\" p7 is last
+Next parameter is \"p1 with spaces\"
+Next parameter is \"p2\"
+Next parameter is \"\"
+Next parameter is \"--p4=\"middle\"
+Next parameter is \"quote\"\"
+Next parameter is \"--p6=\"proper middle quote\"\"
+Next parameter is \"p7 is last\"
Received msgnum:00000000:
Received msgnum:00000001:
Received msgnum:00000002:
diff --git a/tests/omprog-if-error.sh b/tests/omprog-if-error.sh
index 89e035e..6d5b0de 100755
--- a/tests/omprog-if-error.sh
+++ b/tests/omprog-if-error.sh
@@ -25,6 +25,9 @@ cat $RSYSLOG_DYNNAME.othermsg
content_check 'must be terminated with \n' $RSYSLOG_DYNNAME.othermsg
export EXPECTED="Starting with parameters: p1 p2 p3
+Next parameter is \"p1\"
+Next parameter is \"p2\"
+Next parameter is \"p3\"
Received msgnum:00000000:
Received msgnum:00000001:
Received msgnum:00000002:
diff --git a/tests/sndrcv_dtls_anon_ciphers.sh b/tests/sndrcv_dtls_anon_ciphers.sh
index bac90da..4230c14 100755
--- a/tests/sndrcv_dtls_anon_ciphers.sh
+++ b/tests/sndrcv_dtls_anon_ciphers.sh
@@ -11,7 +11,7 @@ export PORT_RCVR="$(get_free_port)"
add_conf '
global(
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imdtls/.libs/imdtls"
diff --git a/tests/sndrcv_dtls_certvalid_ciphers.sh b/tests/sndrcv_dtls_certvalid_ciphers.sh
index 93ff49f..2beaa3f 100755
--- a/tests/sndrcv_dtls_certvalid_ciphers.sh
+++ b/tests/sndrcv_dtls_certvalid_ciphers.sh
@@ -14,7 +14,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverCertFile="'$srcdir/tls-certs/cert.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imdtls/.libs/imdtls"
diff --git a/tests/sndrcv_tls_anon_ipv6.sh b/tests/sndrcv_tls_anon_ipv6.sh
index 1770b17..5f73d22 100755
--- a/tests/sndrcv_tls_anon_ipv6.sh
+++ b/tests/sndrcv_tls_anon_ipv6.sh
@@ -19,7 +19,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir'/testsuites/x.509/client-key.pem"
defaultNetstreamDriver="gtls"
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module(load="../plugins/imtcp/.libs/imtcp" maxSessions="1100"
diff --git a/tests/sndrcv_tls_certvalid_expired.sh b/tests/sndrcv_tls_certvalid_expired.sh
index bab916c..e9f6acd 100755
--- a/tests/sndrcv_tls_certvalid_expired.sh
+++ b/tests/sndrcv_tls_certvalid_expired.sh
@@ -14,7 +14,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="'$RS_TLS_DRIVER'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_certvalid_expired_defaultmode.sh b/tests/sndrcv_tls_certvalid_expired_defaultmode.sh
index 47aaa10..0b62538 100755
--- a/tests/sndrcv_tls_certvalid_expired_defaultmode.sh
+++ b/tests/sndrcv_tls_certvalid_expired_defaultmode.sh
@@ -14,7 +14,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-expired-key.pem'"
defaultNetstreamDriver="gtls"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_certvalid_revoked.sh b/tests/sndrcv_tls_certvalid_revoked.sh
index b01699e..7e6b9a5 100755
--- a/tests/sndrcv_tls_certvalid_revoked.sh
+++ b/tests/sndrcv_tls_certvalid_revoked.sh
@@ -15,7 +15,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="'$RS_TLS_DRIVER'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_client_missing_cert.sh b/tests/sndrcv_tls_client_missing_cert.sh
index 7045416..aa0c320 100755
--- a/tests/sndrcv_tls_client_missing_cert.sh
+++ b/tests/sndrcv_tls_client_missing_cert.sh
@@ -14,7 +14,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="'$RS_TLS_DRIVER'"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_ossl_anon_ciphers.sh b/tests/sndrcv_tls_ossl_anon_ciphers.sh
index 80201ed..cfb9ded 100755
--- a/tests/sndrcv_tls_ossl_anon_ciphers.sh
+++ b/tests/sndrcv_tls_ossl_anon_ciphers.sh
@@ -10,7 +10,7 @@ add_conf '
global(
defaultNetstreamDriver="ossl"
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_ossl_anon_ipv4.sh b/tests/sndrcv_tls_ossl_anon_ipv4.sh
index 8bb4836..fa1a361 100755
--- a/tests/sndrcv_tls_ossl_anon_ipv4.sh
+++ b/tests/sndrcv_tls_ossl_anon_ipv4.sh
@@ -20,7 +20,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="ossl"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_ossl_anon_rebind.sh b/tests/sndrcv_tls_ossl_anon_rebind.sh
index 6d7aaff..c0ac1eb 100755
--- a/tests/sndrcv_tls_ossl_anon_rebind.sh
+++ b/tests/sndrcv_tls_ossl_anon_rebind.sh
@@ -24,7 +24,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="ossl"
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_ossl_certvalid_ciphers.sh b/tests/sndrcv_tls_ossl_certvalid_ciphers.sh
index 62fd636..8b40f9c 100755
--- a/tests/sndrcv_tls_ossl_certvalid_ciphers.sh
+++ b/tests/sndrcv_tls_ossl_certvalid_ciphers.sh
@@ -12,7 +12,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
defaultNetstreamDriver="ossl"
debug.whitelist="on"
- debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+ debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_ossl_certvalid_expired.sh b/tests/sndrcv_tls_ossl_certvalid_expired.sh
index 5439acf..ade3f57 100755
--- a/tests/sndrcv_tls_ossl_certvalid_expired.sh
+++ b/tests/sndrcv_tls_ossl_certvalid_expired.sh
@@ -12,7 +12,7 @@ global(
defaultNetstreamDriverKeyFile="'$srcdir/testsuites/x.509/client-key.pem'"
defaultNetstreamDriver="ossl"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh b/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh
index b945abe..b16fba0 100755
--- a/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh
+++ b/tests/sndrcv_tls_ossl_certvalid_tlscommand.sh
@@ -11,7 +11,7 @@ global( defaultNetstreamDriverCAFile="'$srcdir/tls-certs/ca.pem'"
defaultNetstreamDriverKeyFile="'$srcdir/tls-certs/key.pem'"
defaultNetstreamDriver="ossl"
# debug.whitelist="on"
-# debug.files=["nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
+# debug.files=["net_ossl.c", "nsd_ossl.c", "tcpsrv.c", "nsdsel_ossl.c", "nsdpoll_ptcp.c", "dnscache.c"]
)
module( load="../plugins/imtcp/.libs/imtcp"
diff --git a/tests/testsuites/omprog-defaults-bin.sh b/tests/testsuites/omprog-defaults-bin.sh
index f7d43c7..3723d4d 100755
--- a/tests/testsuites/omprog-defaults-bin.sh
+++ b/tests/testsuites/omprog-defaults-bin.sh
@@ -3,6 +3,10 @@
outfile=$RSYSLOG_OUT_LOG
echo "Starting with parameters: $@" >> $outfile
+while [ $# -gt 0 ]; do
+ echo Next parameter is \""$1"\"
+ shift
+done >> $outfile
read log_line
while [[ -n "$log_line" ]]; do