Fix compilation issues on macOS/Darwin systems and enhance cross-platform
compatibility for BSD variants:
- Add Darwin-specific pthread_setname_np call in tcpsrv.c with enhanced
platform-specific conditional compilation
- macOS (__APPLE__): Single parameter, returns int
- FreeBSD/NetBSD: Two parameters, returns void
- Linux/glibc (default): Two parameters, returns int
This prevents compilation failures across all BSD systems where the
function signature and return type differ, while maintaining existing
compatibility with macOS and Linux systems.
- Add _PATH_UTMP fallback definition in omusrmsg.c for systems
without paths.h or missing _PATH_UTMP definition
- Remove trailing empty line in cfsysline.c for consistency
The change adds proper platform-specific conditional compilation
with clear documentation for each variant and maintains error
checking where the return value is available.
Impact: Fixes build regressions on Darwin and BSD systems while
preserving backward compatibility with existing platforms.
Refs: https://github.com/rsyslog/rsyslog/pull/6069
Refs: https://github.com/rsyslog/rsyslog/pull/5635
Refs: https://github.com/Homebrew/homebrew-core/issues/221869
Refs: https://github.com/Homebrew/homebrew-core/issues/226378
Inline code docs clarify when omfwd should suspend an action in pooled
TCP forwarding. This improves maintainability and reduces ambiguity for
future changes and reviews.
Impact: No user-visible behavior change; semantics documented.
Before/After: Before, a per-target flush failure could be read as
suspending the action; after, SUSPENDED is returned only when the pool
has zero active targets.
Technically, commitTransaction no longer marks the action suspended on
a single-target flush failure. We destruct the failing target, keep the
commit OK, and rely on pool stats plus `countActiveTargets()` to decide
pool-wide availability. Only when `nActiveTargets == 0` do we return
RS_RET_SUSPENDED, engaging the action engine's retry. Buffered frames
for a failed target remain with that target and are flushed after
`doTryResume()` re-establishes the connection in a later transaction.
This preserves existing omfwd pool semantics while documenting them in
code comments for clarity.
Refs: no issue
Trailing semicolons in atomic helper macros caused double
semicolons when the macros expanded, producing build warnings.
Macros now omit semicolons and call sites add them explicitly.
STATSCOUNTER_DEF updated to terminate the generated mutex line.
AI-Agent: ChatGPT
This patch adds a robust, optional mechanism for handling "headerless" input—
log messages that do not conform to traditional syslog formatting.
- **Headerless detection (opt-in)**
- Controlled by the new `detect.headerless` boolean (default: off)
- Detects messages with **no PRI** and **no valid timestamp**
- Excludes structured inputs (e.g. JSON starting with `{` or `[`) as
before
- Injects default `hostname` and `tag` values
- Flags message internally as `HEADERLESS_MSG` for further processing
- **Fallback processing options**
- `headerless.ruleset`: route headerless messages to a dedicated ruleset
- `headerless.errorfile`: optionally store raw input to a file
- `headerless.drop`: discard headerless messages early if desired
- **Thread-safe HUP signal handling**
- New `doHUPParser` entry point allows safe log rotation for error file
- Follows standard reopen-on-write pattern post-HUP
- **Testing & Maintenance**
- Adds two test cases: `pmrfc3164-headerless.sh` and `pmrfc3164-drop.sh`
- Extends documentation for all new parameters
- Cleans up code formatting, includes, and bumps copyright
Some environments produce mixed or malformed input streams. This patch enables
early, lightweight detection of non-syslog input, with customizable recovery
and routing strategies. It avoids unnecessary parsing work and gives operators
better tools to isolate or discard garbage input—without breaking legacy behavior.
Introduce a new lifecycle callback—`checkParserInst`—to perform
configuration sanity checks on parser instances immediately after they’re
created. This establishes a standardized validation point (similar to
`checkCnf` in other module types) without altering existing parser logic.
By wiring `checkParserInst` into:
- the module template (macros for definition and registration),
- the module loader (`doModInit`) with graceful fallback,
- the runtime configuration flow (`rsconf.c`) just after
`newParserInst`,
and by providing empty stubs in all current parser modules (contrib and
plugins), we now have a clear, uniform spot to add parser-specific
validation rules in subsequent patches. This improves future
maintainability and robustness of parser configuration handling.
- add .editorconfig for indent, whitespace, and file-type rules
- add project-local .vimrc to enforce Vim settings via exrc
- add .clang-format for C/C++ style presets and list formatting
- add devtools/format-code.sh to run clang-format and fixups
- adjust clang-format config for stable, idempotent output
- update AGENTS.md with new formatting strategy
- add .git-blame-ignore-revs entry for format change commit
This commit sets up an automated formatting pipeline to let
contributors use their editor of choice while ensuring
consistent, stable code style across the project.
This commit applies the new canonical formatting style using `clang-format` with custom settings (notably 4-space indentation), as part of our shift toward automated formatting normalization.
⚠️ No functional changes are included — only whitespace and layout modifications as produced by `clang-format`.
This change is part of the formatting modernization strategy discussed in:
https://github.com/rsyslog/rsyslog/issues/5747
Key context:
- Formatting is now treated as a disposable view, normalized via tooling.
- The `.clang-format` file defines the canonical style.
- A fixup script (`devtools/format-code.sh`) handles remaining edge cases.
- Formatting commits are added to `.git-blame-ignore-revs` to reduce noise.
- Developers remain free to format code however they prefer locally.
This commit performs a broad modernization of widely used rsyslog
macros to align with modern C practices and support automated
formatting tools like clang-format. The changes focus on improving
syntactic regularity, readability, and tooling compatibility — without
altering behavior.
Macros refactored in this commit now follow a consistent,
statement-like form with explicit trailing semicolons. Where
applicable, macro blocks that define module interfaces (`queryEtryPt`)
have been updated to use simple `if` statements instead of `else if`
chains. While this slightly increases evaluation time, the affected
functions are only called once per module during load time to register
supported interfaces — making the performance cost irrelevant in
practice.
These improvements serve multiple purposes:
- Enable reliable clang-format usage without mangling macro logic
- Simplify reasoning about macro-expanded code for human readers
- Reduce style drift and merge conflicts
- Facilitate development for contributors using assistive tools
- Support future formatting pipelines using:
1. `clang-format`
2. a post-fixup normalization script
Refactored macros:
- MODULE_TYPE_NOKEEP
- MODULE_TYPE_KEEP
- MODULE_TYPE_INPUT
- MODULE_TYPE_OUTPUT
- MODULE_TYPE_FUNCTION
- MODULE_TYPE_PARSER
- MODULE_TYPE_LIB
- DEF_IMOD_STATIC_DATA
- DEF_OMOD_STATIC_DATA
- DEF_PMOD_STATIC_DATA
- DEF_FMOD_STATIC_DATA
- DEFobjStaticHelpers
- SIMP_PROP(...)
And all `queryEtryPt()` dispatch macros:
- CODEqueryEtryPt_STD_MOD_QUERIES
- CODEqueryEtryPt_STD_OMOD_QUERIES
- CODEqueryEtryPt_STD_OMODTX_QUERIES
- CODEqueryEtryPt_STD_OMOD8_QUERIES
- CODEqueryEtryPt_TXIF_OMOD_QUERIES
- CODEqueryEtryPt_IsCompatibleWithFeature_IF_OMOD_QUERIES
- CODEqueryEtryPt_STD_IMOD_QUERIES
- CODEqueryEtryPt_STD_CONF2_QUERIES
- CODEqueryEtryPt_STD_CONF2_setModCnf_QUERIES
- CODEqueryEtryPt_STD_CONF2_OMOD_QUERIES
- CODEqueryEtryPt_STD_CONF2_IMOD_QUERIES
- CODEqueryEtryPt_STD_CONF2_PREPRIVDROP_QUERIES
- CODEqueryEtryPt_STD_CONF2_CNFNAME_QUERIES
- CODEqueryEtryPt_STD_PMOD_QUERIES
- CODEqueryEtryPt_STD_PMOD2_QUERIES
- CODEqueryEtryPt_STD_FMOD_QUERIES
- CODEqueryEtryPt_STD_SMOD_QUERIES
- CODEqueryEtryPt_doHUPWrkr
- CODEqueryEtryPt_doHUP
This general modernization reduces macro misuse, improves DX, and
lays the foundation for a robust, automated style normalization
system.
See also: https://github.com/rsyslog/rsyslog/issues/5747
This may be an interim solution, but definitely a useful one
to address style inconsistencies.
Style inconsistencies are problematic as they tend to pollute
git history by causing pseudo-changes.
This commit also contains a set of fixes to existing files, so
that we get to a clean state.
- this is driven by Solaris: it does not provide UT_LINESIZE
- prefer utmpx when available and map setutent()/getutent()
- derive UT_LINESIZE from platform macros to compile on Solaris
- if nothing else helps, set UT_LINESIZE to 32
Note that 32 is a somewhat save default, but not perfect.
Fixes https://github.com/rsyslog/rsyslog/issues/5678
Commit ffaf6dc4620da added proper variable sync, but dropped the check
if active count had actually changed. As such, the output was always
generated, which could pollute the log heavily.
also fixes some codestyle issues introduced by earlier commits.
With the help of AI-Agent: Codex 2025-06
This code is inside rsyslog for many years w/o any problems, but
during new testing we saw that the signal mask is potentially not
properly initialized.
found be clang static analyzer, no report from practice. This could
potentially happend during early startup when the config was not
yet full read while HUP was received.
While this could lead to some inefficiency, it should not have caused
any real harm. But with data races it is never sure if more severe
issues occur. However, here only very strange use cases can be
envisioned where this might be the case.
In any case, the issue is now solved.
This also fixes some TSAN CI "flakes".
Parameter names have historically evolved and are sometimes
inconsistent between modules (while still having the same
semantics and similiar name).
This commit creates three aliases in omfwd to keep stream
driver parameter names consistent with the names used in
imtcp. Note that we do not create an alias for
"streamdriverpermittedpeers" because the name differ more
considerably and we would also need to create an alias
in imtcp as well. We will do this only on request.
Note: aliases help, but are not a great solution. They may
cause confusion if both names are used together in a single
config. So care must be taken when using an alias.
Note: The upcoming gnu23 C standard is overdoing it with type-safety. Inside
rsyslog, we historically have method tables for generic calls, which
keeps the code small and easy to understand. This would not decently be
possible with the new type-safety requirements.
So this commit works around these warning in a way that pretends to
provide more type safety. We have done this in the least intrusive
way to reduce the risk for regressions in code that works well in
since decades. Also note that the code already does parameter
validation.
There would have been more elaborate ways to make gnu23 compile happy,
e.g. by using a union of structs to provide the data element. Some folks
consider this type safe. In reality, it is not a bit better than
traditional C without types at all. Because the caller still needs to
ensure it picks the right struct from the union. As this approach
would also have larger regeression potential, we have not used it.
Right now, we have suppressed some of the new warnings, as working
around them would have required an even larger time budget and
potentially larger regression potential. In the long term we may
want to look into enabling them, as they would potentially be
beneficial for new code not involving method tables.
Some nits, however, were detected and have been fixed.
This patch also "fixes" some false positive test failures, mostly
be disabling some test functionality after confirmation these are
flakes.
see also https://github.com/rsyslog/rsyslog/issues/5507
also bump default development container to Ubuntu 24.04
This commit also contains some nitfixes that were detected
by the newer CI components. If it is just nitfixes, we do not
create separate commits for them.
`systemd restart rsyslog` in the early start of OS will let rsyslog segmentation fault.
This cmd will send sigTerm to rsylogd, and rsyslogd will handle the signal in rsyslogdDoDie.
If the rsyslogd havn't parse the conf, the runConf will be NULL
So check the pointer before reference it.
This patch implements a simple round-robin load balancer
for omfwd. It provides equal distribution of load to a pool
of target servers.
The code currently has no different modes and no special tuning
for the load balancer. However, it works very well in the most
common use cases. Furthermore, it provides a solid base on which
more elaborate functionality can be build if there is need to.
The new functionality is fully backwards compatible with previous
configuration settings.
New action() config params:
* pool.resumeinterval
New/"changed" rstats counters
Each target receives its own set of pstats counters. Most
importantly this is the case for byte counts. That counter retains
the same naming, but there may now be multiple of these counters,
one for each target ip, port tuple.
New pstats message count to target
Among others, this can be used for checking that the load balancer
works as intended. The so-far byte count emitted does not provide
a clear indication of how many messages the targets had actually
processed.
For obvious reasons, this message count makes most sense in
advanced load balancing scenarios, but also provides additional
insight into round-robin. Non-matches indicate that targets
went offline, and we can now evaluate the impact this had
on processing.
- re-design rebind functionality
This now works at the transaction level. It causes a rebind of all
pool members. Previous code did not work 100% correct since for a
couple of years now (after output batching integration).
As cleanup, rebindInterval support has been removed from tcpClt,
because omfwd is the only user. This permits a cleaner code path.
We also noticed a bug with rebindInterval: it caused some mild
message duplication for quite some time. This went unnoticed.
To address that efficiently, rebindInterval in the future will
be considered once per batch. That means up to (maxBatchSize - 1)
messages may be transmitted more than the rebindinterval is.
That's the cleanest mode of operation and should not make any
difference for real deployments.
Some additional work done in this commit:
netstream: harden component against upper-layer logic errors
network subsystem: better handle API errors and provide more info
omfwd: add new parameter "iobuffer.maxsize"
add new global parameter debug.abortoninternalerror and use it
This parameter permits to make test runs fail when an internal error
is detected and gracefully handled by rsyslog. While it is great to
have it gracefully handled in practice, we should not accept this
during testing. The new parameter permits to abort in this case and
emits the related error message beforehand. It is turned on by
default in our regular tests.
add dedicated error code for "hard" program errors
omfwd: some cleanup + error message fix + new debug level messages
imptcp: improve error messages
add omfwd option to NOT do extended connection check
also output wrkr id in some omfwd messages (primarily debugging aid)
better debug info via LogMsg() interface
improve messages regarding imptcp and omfwd suspension / thread IDs
refactor and enchance minitcpsrvr for mimicing died servers
new global (debugging) option, correction of an informational msg
add global option allmessagestostderr
add new tests
new crypto provider: lmcry_ossl
The new ossl crypto provider encapsulates the ability to use log
encryption in the omfile module. It provides the same functionality
as gcry, additionaly:
* Algorithm are not hardcoded. We simply provide everything what
can be fetched via the EVP_CIPHER_fetch() call. The same applies
to the mode parameter.
* It does not add extra dependency to a new package. Distro
maintainers who are already using openssl do not need add
anything in particular. By default, if rsyslog is compiled
with --enable-openssl, the ossl crypto provider will also be
included in both omfile and also rscryutil.
* Side-channel vulnerability in libgcrypt - the Marvin Attack
https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html
Some might be worried about other side-channel vulnerabilities
against it, like the Minerva Attack[1], and the Raccoon Attack[2],
given the way they handled one of the oldest, well known, and
most straightforward side-channel attacks. They did downgrade
their threat model as a result of Marvin too:
https://gnupg.org/documentation/security.html.
In some use cases omfile is configured to write to /dev/null. This seems
primarily be done because of statistics gathering but maybe some other
scenarios. We now add conditional logic to not do any actual omfile
action when the target file is /dev/null.
Note: this check only works on static file names. When /dev/null is
evaluated as part of dynafile, it will be handled just in the regular
case like before this patch.
omusrmsg frees a string which points to OS/system library memory. When
the os/libs clean up, it frees the memory as well. This results in a
double free. This bug interestingly seems to go unnoticed in many cases.
But it can cause a segfault or hard-to-trace memory corruptions which
could lead to other problems later on. The outcome of this bug most
probably depdns on os/library versions.
closes https://github.com/rsyslog/rsyslog/issues/5294
Even if hostname FQDN is configured, rsyslog internal messages generated
after rsyslog startup and before the first HUP will not necessarily have
FQDN but instead only the shortname of the local host. This commit
fixes the situation.
Special thanks to github user eciii for doing a great bug analysis
and helping us considerably to fix the issue.
closes https://github.com/rsyslog/rsyslog/issues/5218
Future SUSE versions will get rid of utmp due to a 32bit time_t counter
overflow in 2038.
See details at:
https://github.com/thkukuk/utmpx/blob/main/Y2038.md
On systemd based systems logind is an alternative to utmp.
