- output all loaded ciphers and engines.
- Add new global option "defaultopensslengine" to customize the
default openssl engine. If not defined, openssl will handle the
default engine automatically.
- Add simple openssl performance test with defaultopensslengine
set to rdrand (Intel).
- removed unneeded testcase files in runtime folder.
- corrected whitelist settings for debug.files in TLS testcases
Under io / cpu stress, the OpenSSL tls error can be SSL_ERROR_SYSCALL
instead of SSL_ERROR_SSL. The outcome it the same from the
test perspective.
closes: https://github.com/rsyslog/rsyslog/issues/4784
- Only apply default anon ciphers if gnutlsPriorityString is NULL and
Authentication Mode is set to anon. Otherwise we do not set them
as they overwrite custom Ciphers.
- Added two tests for custom cipher configuration (anon/certvalid mode).
- Add call for applyGnutlsPriorityString if gnutlsPriorityString changes.
- Merged openssl init code from Connect into osslInitSession
closes: https://github.com/rsyslog/rsyslog/issues/4686
Disable use of "@SECLEVEL" in default cipher string and
avoid SSL_CONF_CTX_set_flags() API when LIBRESSL is used.
This means tlscommands will not work.
closes: https://github.com/rsyslog/rsyslog/issues/4210
When first parameter is check_only, the tcpflood funtion shall not
abort the test itself (The fail is intended if this option is set).
closes issue #3625
This leads to a refactoring of the looking code; issue was caused
by new TTL cache expiration code which placed not semantics on the
cache. These were not properly handled under all circumstances.
Also added a test based on imtcp-tls-ossl-basic.sh which tests
the new -k parameter with tcpflood called:
imtcp-tls-ossl-basic-tlscommands.sh
Fixed OpenSSL error reporting in tcpflood which was running into
a loop when OpenSSL error stack was printed out.
