Saturday, February 29, 2020

[update] librelp version 1.5.0

librelp version 1.5.0 was released in January 2020. According to the
changelog it contains mostly bug fixes.
--> https://github.com/rsyslog/librelp/blob/master/ChangeLog

This release also introduces the usage of OpenSSL's SSL_CONF_cmd API.
--> https://github.com/rsyslog/librelp/blob/master/ChangeLog
This is a bit problematic since LibreSSL is not providing this API.
Are there better approaches for this issue than my patch?

I verified on amd64 that rsyslog from ports can send and receive messages
via imrelp and omrelp with librelp 1.5.0.

Comments? OKs?

Remi


Index: Makefile
===================================================================
RCS file: /cvs/ports/sysutils/librelp/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 12 Jul 2019 20:49:45 -0000 1.15
+++ Makefile 29 Feb 2020 18:52:48 -0000
@@ -2,9 +2,9 @@

COMMENT = reliable event logging protocol library

-DISTNAME = librelp-1.4.0
+DISTNAME = librelp-1.5.0

-SHARED_LIBS += relp 3.0 # 5.0
+SHARED_LIBS += relp 3.1 # 5.0

CATEGORIES = sysutils

Index: distinfo
===================================================================
RCS file: /cvs/ports/sysutils/librelp/distinfo,v
retrieving revision 1.7
diff -u -p -r1.7 distinfo
--- distinfo 4 May 2019 20:16:42 -0000 1.7
+++ distinfo 29 Feb 2020 13:47:21 -0000
@@ -1,2 +1,2 @@
-SHA256 (librelp-1.4.0.tar.gz) = XNAs5+3i/qA35lzFOJ5B3embabHfmEtCwUAp5gu53QU=
-SIZE (librelp-1.4.0.tar.gz) = 519235
+SHA256 (librelp-1.5.0.tar.gz) = aShO8aBRqywvd2WVjoR77x/POPR+sbA3LGX2PwPIOV4=
+SIZE (librelp-1.5.0.tar.gz) = 521793
Index: patches/patch-src_tcp_c
===================================================================
RCS file: /cvs/ports/sysutils/librelp/patches/patch-src_tcp_c,v
retrieving revision 1.1
diff -u -p -r1.1 patch-src_tcp_c
--- patches/patch-src_tcp_c 4 May 2019 20:16:42 -0000 1.1
+++ patches/patch-src_tcp_c 29 Feb 2020 15:29:22 -0000
@@ -1,11 +1,11 @@
$OpenBSD: patch-src_tcp_c,v 1.1 2019/05/04 20:16:42 remi Exp $

-LibreSSL has no support for @SECLEVEL
+LibreSSL has no support for @SECLEVEL and SSL_CONF_CTX_set_flags().

Index: src/tcp.c
--- src/tcp.c.orig
+++ src/tcp.c
-@@ -1183,14 +1183,8 @@ relpTcpTLSSetPrio_ossl(relpTcp_t *const pThis)
+@@ -1200,14 +1200,8 @@ relpTcpTLSSetPrio_ossl(relpTcp_t *const pThis)
/* Compute priority string (in simple cases where the user does not care...) */
if(pThis->pristring == NULL) {
if (pThis->authmode == eRelpAuthMode_None) {
@@ -20,3 +20,12 @@ Index: src/tcp.c
} else {
strncpy(pristringBuf, "DEFAULT", sizeof(pristringBuf));
}
+@@ -1578,7 +1572,7 @@ relpTcpSetSslConfCmd_ossl(relpTcp_t *const pThis, char
+ } else {
+ pThis->pEngine->dbgprint("relpTcpSetSslConfCmd_ossl: set to '%s'\n", tlsConfigCmd);
+ char errmsg[1424];
+-#if OPENSSL_VERSION_NUMBER >= 0x10020000L
++#if 0
+ char *pCurrentPos;
+ char *pNextPos;
+ char *pszCmd;

No comments:

Post a Comment