librelp 1.3.0 released

librelp 1.3.0 [download]

This new release of librelp is mostly for bugfixing. The most important changes are fixes for the openssl anon mode and to not send multiple open commands on reestablishing connections.

For more details, please take a look at the changelog below.


Version 1.3.0 – 2018-12-11
– improved error reporting
– bugfix openssl: anon mode did not work with openssl 1.1.0+
This was caused by “hardening” inside openssl, so not a real bug.
– bugfix: do not send multiple open commands
multiple open commands can happen when a session was broken
and is being reestablished. Chances to experience this problem
increase with the number of sessions broken in a row. A trigger
is that the remote system accepts the TCP connection, but does
NOT send a response to the “open” command (aka “very short-lived
session). This can happen e.g. with proxy servers which cannot
connect to the actual server.
– bugfix testbench: TLS tests were executed even when TLS was disabled
– testbench:
* add test for receiver abort and restart
* much improved testbench framework and tools to support
this type of test. Done some general improvements to the
* imported rsyslog tool “chkseq” for checking


sha256sum: 9f24a2fc5749b20c1fd4902332c853e3b06b8bf61b830173252815639b4de9f5

librelp 1.2.18 released

librelp 1.2.18 [download]

This new release of librelp added the certvalid authmode to TLS authentication and a bugfix for making make distcheck available again.

For more details, please take a look at the changelog below.


Version 1.2.18 – 2018-09-18
– added non-standard “certvalid” auth mode to TLS authentication
– bugfix CI: make distcheck did not work


sha256sum: a34c8fc98bf8eef2a5baf635a0f71813cce93b1185aa03648e31b5af60b7393f

librelp 1.2.17 released

librelp 1.2.17 [download

This new release of librelp provides support for openssl when using relp connections with tls enabled. You can now choose between openssl and gnutls.

Furthermore, this release has a few bugfixes and improvements of code quality and error output.

For more details, please take a look at the changelog below.


Version 1.2.17 – 2018-08-02
– added support for openssl
now, at configure time, openssl (–enable-tls-openssl) or gnutls
(–enable-tls) can be enabled. Openssl is recommended as it permits
better error messages and has more robust certificate handling,
but the default remains gnutls so that packagers do not need to
change without specific need.
Note: if openssl is selected, setting the gnutls priority string
does not have any effect. This will be worked on in later releases.
– improve code quality: replace strerror() by portable equivalent
– improve error message on connection failure
it now contains the OS-provided error message
Thanks to Justin Azoff for the patch.
– bugfix: 100% CPU utilization due to busy loop
happend because EAGAIN was not properly handled
Thanks to Lex Neva for the patch.
– bugfix: do not expose symbols that are not part of public API
Some other symbols were exported. Now only symbols starting with
“relp” are exported.
Thanks to Michael Biebl for the patch.
– bugfix: potential segfault when listener could not be bound
This was fixed as a side-effect of refactoring some static analyzer
warnings, exact commit is not flagged.
see also

sha256sum: 1bf88b9decdbcaf06454ea1362455aa5ceccbcce282f07a4dc95e6911da4cbf0