Adiscon

The Logging Experts

librelp 1.11.0 released

By friedlPosted on Posted in News, rsyslogTagged , ,

librelp 1.11.0 [download]

This new release of librelp has a lot of different fixes and changes for code cleanup, AIX compatibility, OpenSSL and GnuTLS as well as general stability and hardening.

For more details, please take a look at the changelog below.

———————————————————————

Version 1.11.0 – 2023-01-10

  • code cleanup
    During the initial librelp implementation it was thought about an
    auto-retry feature (whatever that means). Variable bAutoRetry was
    created to control that behaviour. It’s default was 0 (inactive).
    Some code has been written to evaluate that variable and act
    accordingly. However, no setter method for this variable was
    created and it was also nowhere changed from the default value
    of zero. As such, the code activated by it was never used.
    This patch now removes both the variable and the few code lines
    accessing it. This will have no effect, as the code was never
    used.
    closes: https://github.com/rsyslog/librelp/issues/223
  • testbench: Fix commands in some openssl tests
    Those commands were not correctly handeled on AIX, now they are.
  • AIX: Changed ERRNO handling after connect in tcp.c
    see also: https://github.com/rsyslog/librelp/issues/250
  • AIX: Add handling for other ERRNO codes in tcp.c
    For send(), recv() and connect() we need to handle different ERRNO
    codes on AIX according to doc:
    https://www.ibm.com/docs/en/aix/7.1?topic=r-recv-subroutine
    https://www.ibm.com/docs/en/aix/7.1?topic=s-send-subroutine
    https://www.ibm.com/docs/en/aix/7.1?topic=c-connect-subroutine
  • bugfix/TCP: relpTcpGetRtryDirection onyl needs to check direction if SSL is active.
    closes: https://github.com/rsyslog/librelp/issues/240
  • AIX: in relpTcpRcv we need to set RETRY_recv if errno is 0
    On AIX 10.x, when a recv call fails with len -1 and errno 0
    we can still go into relpTCP_RETRY_recv mode. Testbench on
    rsyslog side appears to be finally working with this fix.
    On AIX 10.x, same problem as above appear to happen with
    connect() as well not setting errno to EINPROGRESS on failure.
    rsyslog ptcp driver does not check errno value at all, which is
    why we did not have this problem on AIX with rsyslog.
    Reduce test message count in receiver-abort.sh to 50000,
    because otherwise the test can timeout on very slow machines.
    Moved receive buffer in relpSessRcvData back to stack memory
    closes: https://github.com/rsyslog/librelp/pull/239
  • openssl: fix openssl exit code avoid double free of ctx
    When more than one librelp instance are used in the same process,
    and the relpTcpExitTLS call was called a second time, the process
    could freeze due a double free (See SSL_CTX_free call).
    Thanks to David GOUARIN <david.gouarin@thalesgroup.com> for the
    discovery and initial fix.
    Also added an openssl instance counter to avoid freeing the SSL library
    which could be still in use by another librelp instance
    in the same process.
    closes: https://github.com/rsyslog/librelp/issues/235
  • librelp hardening: Fix multiple minor issues causing debugging trouble
    • avoid invalid dbgprint calls
    • avoid double free in relpTcpDestruct (if called twice).
    • add debug output into relpTcpRcv
  • OpenSSL: fix depreacted API issues for OpenSSL 3.x
    • OpenSSL error strings are loaded automatically now
    • Adapted Debug Callback for 3.x
    • See for more:
      https://www.openssl.org/docs/manmaster/man7/migration_guide.html
      closes: https://github.com/rsyslog/librelp/issues/246
  • bugfix: compatiblity problem with openssl 1.1
    There were undefined reference to CRYPTO_set_id_callback if system
    use openssl 1.1, which lead to load and/or other erros.
    Thanks to Alexander Eremin for the patch.
  • bugfix: Forward return code from relpEngineSetTLSLib to relpEngineSetTLSLibName
    Previous situation: In case librelp is compiled without openssl
    support but openssl is requested from the user side, then librelp
    silently switches to the default tls driver(gnutls).
    Thanks to Attila Lakatos for the patch.
  • bugfix: make relpEngineSetTLSLib debug safe
    In case pThis == NULL condition is true at line
    https://github.com/rsyslog/librelp/blob/master/src/relp.c#L345
    pThis->dbgprint(…) would cause unexpected behavior.
    Thanks to Attila Lakatos for the patch.
  • bugfix: warnings reported by coverity scan
    Thanks to Attila Lakatos for the patch.
  • testbench: Added compatiblity to run on AIX
    • removed long options from receive send utilities (Not supported on AIX).
    • added checks for existing commands in some tests.
    • added msleep utility from rsyslog (sleep, timeout etc. not supported on AIX).
    • github workflow: Disabled some unrelated tests from rsyslog testbench
      closes: https://github.com/rsyslog/librelp/issues/228
  • gnutls drvr bugfix: library called exit() under some circumstances
    When relpTcpRcv ran into an error, it could call exit() and thus
    terminate the calling process. This was a regression from commit
    6555545c4ebe9afe9259b15c176fd81eeecc93f4.
    closes: https://github.com/rsyslog/librelp/issues/230
sha256sum: 7719b5f31e07cbb9872289ad32b787c613b5355d407982a0a2c4d69938457fd6
librelp 1.11.0 released
Scroll to top