This will easily permit to drop the last n characters from a property
without the need to know the exact length of the string. This is
especially useful as the exact length is most often not known
beforehand.
Now, length can have a negative value -n to denote that the
substring should be build between startpos and the character
-n chars from the end. This is a shortcut for stripping charactes
on "both ends" of the string.
Also, some hardening against invalid startpos and length has
been added.
Add new action parameters
- rotation.sizeLimit
- rotation.sizeLimitCommand
provide automatic output file rotation functionality feature-wise
equivalent to legacy $outchannel. This finally permits to use
this feature set in rscript.
In some client-server test cases, messages are supposed to be injected into
the instance 2(client), but they are actually injected into instance 1(server),
which may lead to false negative results. This patch fixed it by replacing
'injectmsg' with 'injectmsg2', and dealt with some minor issues.
Many "$InputTCPServer..." config directives did no longer work
and were completely ignored (e.g. "$InputTCPServerStreamDriverMode").
This was a regression from a08591be5d9 (May, 5th 2021).
closes https://github.com/rsyslog/rsyslog/issues/5021
In some cases, the logrotate is not fast enough rotating the
logfile after sighub has been send to inputfilegen process. It appears
to happen more often on github CI machines, when it happens,
inputfilegen reopens the NOT yet rotated file and keeps writing
into it. However most messages written until the next sighub are lost
after the logfile finally is rotated.
In order to avoid this, I have added an extra sleep between file
CLOSE and OPEN after sighub with a default of 5ms which appears to work
very well. This should give logrotate enough time to perform the
actuzal rotate.
Also added another parameter to inputfilegen to keep the process
open after finish. Which helps syncing with the testcases.
closes: https://github.com/rsyslog/rsyslog/issues/5000
Due the patch in PR https://github.com/rsyslog/rsyslog/pull/4895
state files are deleted with a 5 second delay in order to fix
missing or duplicated messages. However in INOTIFY mode, we need
an INOTIFY event to trigger a poll_tree that triggers the
delayed deletion. The testcase imfile-statefile-delete.sh will now
create empty dummy files after 6 seconds delay in order to trigger
INOTIFY events.
This fixes & closes https://github.com/rsyslog/rsyslog/issues/4958
rsyslog.conf may affect the host's local name. These changes were
so far only activated after the first HUP. This patch now ensures
that the configured local host name is applied correctly throughout
all processing, including early startup.
This patch causes a slight change of behaviour. However, the behaviour
was inconsitent before. Now it is consistent and according to the config.
Please note: this patch also exposes a global entry point via "regular"
dynamic loading as this makes things much easier to do. This is in-line
with ongoing simplification effort.
Finally, we also remove a CI test that we do no longer need because
the problem covered is now addressed differently and the original issue
can no longer occur.
closes https://github.com/rsyslog/rsyslog/issues/4975
- These tests will help find race conditions hopefully
- fix diag.sh issues running second instance in valgrind mode only
- Add check for minimum valgrind version for new relp tests
Add this both as module an input parameter. Complements already-existing
config param notifyonconnectionclose and mirrors the similar feature from
imptcp.
The module parameter acts as default, similarly to notifyonconnectionclose.
Note that in contrast to imptcp, we emit IP addresses and not host
names. This sticks with the traditional semantics of imtcp.
Note that we also fixed a mislading error message in the case when a
disallowed sender tried to connect.
Thanks to John Chivian for suggesting the addition.
When a to-be-monitored file is being rotated, some messages may be lost or
duplicated. In case of duplication, many file lines may be duplicated
depending on actual timing. The whole bug was primarily timing depenedent
in general. It most often was visible in practice when the monitored
file was very frequently rotated (we had some report with every few
seconds).
Note that while we try hard to not lose any messages, input file
rotation always has some loss potential. This is inevitable if
the monitored file is being truncated.
Also note that this bugfix affects imfile, only. It has nothing to do
and no relation to rsyslog output files being rotated on HUP.
closes: https://github.com/rsyslog/rsyslog/issues/4797
- Fixed an issue with numbers above int64 in syntax_ipv4.
Numbers that were up to 256 above the max of an int64
could incorrectly be detected as valid ipv4 digit.
- Simplified the IPv4 digit detection function and renamed
to isPosByte.
- added testcasse for malformed IPvc4 addresses
closes: https://github.com/rsyslog/rsyslog/issues/4940
- Add support to split tls commands by semicolon.
- Changed one test with multiple tls commands to use semicolon as
seperator instead of newline.
closes: https://github.com/rsyslog/rsyslog/issues/4852
The zstd library provides better and faster compression than zlib.
This patch integrates zstd as a dynamically-loadable functionality.
As such, no further dependencies need to be added to the rsyslog
base package.
Due to the increased performance, usage of zstd is highly recommended
for high-volume use cases.
This patch also refactor zlib compression in order to unify handling
in both compression cases.
This is a cosmetic issue, only seen during debug logging. We actually
cannot fix it, as it would alter runtime behaviour too much and would
pontentially render debug runs useless. It also causes no harm.
This change allows to include extra CA files
so that no "unable to get issuer certificates" issue
is obtained when using chained cert files.
Proposed new parameter name is "NetstreamDriverCAExtraFiles"
fixes#4851
Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
We do not use a mutex an epd, but we do always access it in
pure sequence. Adding a mutex just to cover this "cosmetic"
would result in uncesseary performance penalty.
Matrix feature was initially barely usable because github did not permit
to restart just failed jobs. This has changed. So we now migrate back to
the use of matrix feature where it is useful.
We also reduce the number of plain compile tests to newest and oldest
compiler version only. This saves CI ressources. The important other
ones (distro default!) are used during other CI tests anyways.
We also fix some minor coding errors detected by new compiler builds.
None of them seems to be related to any real issues.
We disable ElasticSearch strict security in testbench, as
we do not need it for test runs, and it complicates thing.s
Note: this does NOT introduce a security weakness, because we use
only temporary testing ES instances which are always immediately
discarded after the test AND are run in our own test env with
user permissions.
Allow omitting the _type field by setting it to an empty string.
Setting this field has been deprecated since 6.0, and support will
be removed in 8.0
Also add testbench test for empty searchType with ES 7.0
This checks for messages in the deprecation log and also provides
avoids deprecation messages from usage of transport.tcp.port in the
test configuration
This patch slightly improves performance for tcpsrv-based servers.
This affects imtcp and imgssapi as well as some helpers.
No other functional change is included in this patch.
Testcase sndrcv_tls_certless_ossl_client.sh was not finished
and was not used by testbench. Newer tests replaced its test usage.
See testcases sndrcv_tls_gtls_serveranon*.sh and
sndrcv_tls_ossl_serveranon*.sh
closes: https://github.com/rsyslog/rsyslog/issues/4853
If the IPv6 is in non-recommended form followed by a 5 digit port number, it
is not anonymized.
A reproducer for this is: 1a00:c820:1180:c84c::ad3f:d991:ec2e:49255
closes https://github.com/rsyslog/rsyslog/issues/4856
There was a rare possibility that the E_AGAIN/E_INTERRUPT handling
could cause an infinite loop (100% CPU Usage), for example when a TLS
handshake is interrupted at a certain stage.
- After gnutls_record_recv is called, and E_AGAIN/E_INTERRUPT error
occurs, we need to do additional read/write direction handling
with gnutls_record_get_direction.
- After the second call of gnutls_record_recv (Expand buffer)
we needed to also check the eror codes for E_AGAIN/E_INTERRUPT
to do propper errorhandling.
- Add extra debug output based on ossl driver.
- Potential fix for 100% CPU Loop Receiveloop after gtlsRecordRecv
in doRetry call.
see also: https://github.com/rsyslog/rsyslog/issues/4818
