diff options
Diffstat (limited to 'import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog')
11 files changed, 795 insertions, 0 deletions
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/enable_tls_ptests.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/enable_tls_ptests.patch new file mode 100644 index 000000000..c858f32b9 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/enable_tls_ptests.patch @@ -0,0 +1,28 @@ +Enable tls ptest + +Signed-off-by: Tudor Florea <tudor.florea@enea.com> +Upstream-Status: Pending + +--- rsyslog-7.4.4/tests/Makefile.am.orig 2013-08-30 18:30:41.000000000 +0200 ++++ rsyslog-7.4.4/tests/Makefile.am 2015-10-01 09:38:45.176289031 +0200 +@@ -118,15 +118,13 @@ + endif + + if ENABLE_GNUTLS +-# TODO: re-enable in newer version +-#TESTS += \ +- #sndrcv_tls_anon.sh \ +- #sndrcv_tls_anon_rebind.sh \ +- #imtcp-tls-basic.sh ++TESTS += \ ++ imtcp-tls-basic.sh \ ++ imtcp_conndrop_tls.sh + if HAVE_VALGRIND + TESTS += imtcp-tls-basic-vg.sh \ +- imtcp_conndrop_tls-vg.sh +- manytcp-too-few-tls-vg.sh ++ imtcp_conndrop_tls-vg.sh \ ++ manytcp-too-few-tls.sh + endif + endif + diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/initscript b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/initscript new file mode 100644 index 000000000..7a8f8f991 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/initscript @@ -0,0 +1,118 @@ +#! /bin/sh +# +# This is an init script for openembedded +# Copy it to /etc/init.d/rsyslog and type +# > update-rc.d rsyslog defaults 5 +# + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +NAME=rsyslog +RSYSLOGD=rsyslogd +RSYSLOGD_BIN=/usr/sbin/rsyslogd +RSYSLOGD_OPTIONS="" +RSYSLOGD_PIDFILE=/var/run/rsyslogd.pid +SCRIPTNAME=/etc/init.d/$NAME +# Exit if the package is not installed +[ -x "$RSYSLOGD_BIN" ] || exit 0 +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME +# +# Function that starts the daemon/service +# +do_start() +{ + DAEMON=$1 + DAEMON_ARGS=$2 + PIDFILE=$3 + # Return + # 0 if daemon has been started + # 1 if daemon could not be started + # if daemon had already been started, start-stop-daemon will return 1 + # so add -o/--oknodo(if nothing is done, exit 0) + start-stop-daemon -S --quiet --pidfile $PIDFILE --exec $DAEMON \ + --oknodo -- $DAEMON_ARGS || return 1 +} +# +# Function that stops the daemon/service +# +do_stop() +{ + NAME=$1 + PIDFILE=$2 + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + # QUIT/TERM/INT should work here, but they don't ????? + start-stop-daemon -K --quiet --signal KILL --pidfile $PIDFILE --name $NAME + RETVAL="$?" + rm -f $PIDFILE + return "$RETVAL" +} +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + NAME=$1 + PIDFILE=$2 + start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +do_status() { + NAME=$1 + PIDFILE=$2 + # -t: test only but not stop + start-stop-daemon -K -t --quiet --pidfile $PIDFILE --name $NAME + # exit with status 0 if process is found + if [ "$?" = "0" ]; then + return 0 + else + return 1 + fi +} + +case "$1" in + start) + echo -n "starting $RSYSLOGD ... " + do_start "$RSYSLOGD_BIN" "$RSYSLOGD_OPTIONS" "$RSYSLOGD_PIDFILE" + case "$?" in + 0) echo "done" ;; + 1) echo "failed" ;; + esac + ;; + stop) + echo -n "stopping $RSYSLOGD ... " + do_stop "$RSYSLOGD" "$RSYSLOGD_PIDFILE" + case "$?" in + 0|1) echo "done" ;; + 2) echo "failed" ;; + esac + ;; + reload|force-reload) + echo -n "reloading $RSYSLOGD ... " + do_reload "$RSYSLOGD" "$RSYSLOGD_PIDFILE" + echo "done" + ;; + restart) + $0 stop + $0 start + ;; + status) + echo -n "status $RSYSLOGD ... " + do_status "$RSYSLOGD" "$RSYSLOGD_PIDFILE" + if [ "$?" = "0" ]; then + echo "running" + exit 0 + else + echo "stopped" + exit 1 + fi + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2 + exit 3 + ;; +esac +exit 0 diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/json-0.12-fix.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/json-0.12-fix.patch new file mode 100644 index 000000000..3dd85a7bb --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/json-0.12-fix.patch @@ -0,0 +1,47 @@ +json-c-0.12 unlike 0.11 doesn't install json -> json-c symlink in include + +* Resolved in Version 7.6.4 [v7.6-stable] 2014-09-12 + https://github.com/rsyslog/rsyslog/blob/v7-stable/ChangeLog +* permits to build against json-c 0.12 + Unfortunately, json-c had an ABI breakage, so this is necessary. Note + that versions prior to 0.12 had security issues (CVE-2013-6370, + CVE-2013-6371) and so it is desirable to link against the new version. + Thanks to Thomas D. for the patch. Note that at least some distros + have fixed the security issue in older versions of json-c, so this + seems to apply mostly when building from sources. + +Upstream-Status: Backport +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> + +diff --git a/plugins/ommongodb/ommongodb.c b/plugins/ommongodb/ommongodb.c +index 41c0d76..682c40e 100644 +--- a/plugins/ommongodb/ommongodb.c ++++ b/plugins/ommongodb/ommongodb.c +@@ -33,9 +33,9 @@ + #include <stdint.h> + #include <time.h> + #include <mongo.h> +-#include <json.h> ++#include <json-c/json.h> + /* For struct json_object_iter, should not be necessary in future versions */ +-#include <json_object_private.h> ++#include <json-c/json_object_private.h> + + #include "rsyslog.h" + #include "conf.h" +diff --git a/runtime/msg.c b/runtime/msg.c +index d04ce7b..b367e1f 100644 +--- a/runtime/msg.c ++++ b/runtime/msg.c +@@ -41,9 +41,9 @@ + #endif + #include <netdb.h> + #include <libestr.h> +-#include <json.h> ++#include <json-c/json.h> + /* For struct json_object_iter, should not be necessary in future versions */ +-#include <json_object_private.h> ++#include <json-c/json_object_private.h> + #if HAVE_MALLOC_H + # include <malloc.h> + #endif diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch new file mode 100644 index 000000000..be05eee82 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/replace_deprecated_GnuTLS_functions.patch @@ -0,0 +1,73 @@ +replace deprecated GnuTLS functions with newer ones if available + +closes https://github.com/rsyslog/rsyslog/issues/302 + +Upstream fix https://github.com/rsyslog/rsyslog/commit/b34c35e38f258935c0e92ca754da097d7f3f0f58 + +Upstream-Status: Backport +Signed-off-by: Tudor Florea <tudor.florea@enea.com> + +--- + configure.ac | 2 ++ + runtime/nsd_gtls.c | 21 ++++++++++++++++++--- + 2 files changed, 20 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 643fc94..56835fb 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -763,6 +763,8 @@ AC_ARG_ENABLE(gnutls, + if test "x$enable_gnutls" = "xyes"; then + PKG_CHECK_MODULES(GNUTLS, gnutls >= 1.4.0) + AC_DEFINE([ENABLE_GNUTLS], [1], [Indicator that GnuTLS is present]) ++ AC_CHECK_LIB(gnutls, gnutls_global_init) ++ AC_CHECK_FUNCS(gnutls_certificate_set_retrieve_function,,) + fi + AM_CONDITIONAL(ENABLE_GNUTLS, test x$enable_gnutls = xyes) + +diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c +index a763e4b..e127834 100644 +--- a/runtime/nsd_gtls.c ++++ b/runtime/nsd_gtls.c +@@ -232,15 +232,26 @@ gtlsLoadOurCertKey(nsd_gtls_t *pThis) + */ + static int + gtlsClientCertCallback(gnutls_session session, +- __attribute__((unused)) const gnutls_datum* req_ca_rdn, int __attribute__((unused)) nreqs, +- __attribute__((unused)) const gnutls_pk_algorithm* sign_algos, int __attribute__((unused)) sign_algos_length, +- gnutls_retr_st *st) ++ __attribute__((unused)) const gnutls_datum* req_ca_rdn, ++ int __attribute__((unused)) nreqs, ++ __attribute__((unused)) const gnutls_pk_algorithm* sign_algos, ++ int __attribute__((unused)) sign_algos_length, ++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION ++ gnutls_retr2_st* st ++#else ++ gnutls_retr_st *st ++#endif ++ ) + { + nsd_gtls_t *pThis; + + pThis = (nsd_gtls_t*) gnutls_session_get_ptr(session); + ++#if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION ++ st->cert_type = GNUTLS_CRT_X509; ++#else + st->type = GNUTLS_CRT_X509; ++#endif + st->ncerts = 1; + st->cert.x509 = &pThis->ourCert; + st->key.x509 = pThis->ourKey; +@@ -1625,7 +1625,11 @@ Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) + gnutls_session_set_ptr(pThis->sess, (void*)pThis); + iRet = gtlsLoadOurCertKey(pThis); /* first load .pem files */ + if(iRet == RS_RET_OK) { ++# if HAVE_GNUTLS_CERTIFICATE_SET_RETRIEVE_FUNCTION ++ gnutls_certificate_set_retrieve_function(xcred, gtlsClientCertCallback); ++# else + gnutls_certificate_client_set_retrieve_function(xcred, gtlsClientCertCallback); ++# endif + } else if(iRet != RS_RET_CERTLESS) { + FINALIZE; /* we have an error case! */ + } diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog-fix-ptest-not-finish.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog-fix-ptest-not-finish.patch new file mode 100644 index 000000000..bdcb6e22a --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog-fix-ptest-not-finish.patch @@ -0,0 +1,96 @@ +$MaxMessageSize doesn't work if before $IncludeConfig diag-common.conf, then +test cases fall into infinite loop with error message: + +8062.511110729:4902c480: error: message received is larger than max msg size, we split it +8062.511152265:4902c480: discarding zero-sized message + +Update configure to fix it. + +Upstream-Status: pending + +Kai Kang <kai.kang@windriver.com> +--- +diff -Nru rsyslog-7.4.4/tests/testsuites/complex1.conf rsyslog-7.4.4.new/tests/testsuites/complex1.conf +--- rsyslog-7.4.4/tests/testsuites/complex1.conf 2013-08-31 00:30:41.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/complex1.conf 2013-12-18 14:28:10.644004184 +0800 +@@ -1,7 +1,7 @@ + # complex test case with multiple actions in gzip mode + # rgerhards, 2009-05-22 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $MainMsgQueueTimeoutEnqueue 5000 + +diff -Nru rsyslog-7.4.4/tests/testsuites/gzipwr_large.conf rsyslog-7.4.4.new/tests/testsuites/gzipwr_large.conf +--- rsyslog-7.4.4/tests/testsuites/gzipwr_large.conf 2012-04-04 14:29:55.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/gzipwr_large.conf 2013-12-18 14:28:10.645004186 +0800 +@@ -1,7 +1,7 @@ + # simple async writing test + # rgerhards, 2010-03-09 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $ModLoad ../plugins/imtcp/.libs/imtcp + $MainMsgQueueTimeoutShutdown 10000 +diff -Nru rsyslog-7.4.4/tests/testsuites/gzipwr_large_dynfile.conf rsyslog-7.4.4.new/tests/testsuites/gzipwr_large_dynfile.conf +--- rsyslog-7.4.4/tests/testsuites/gzipwr_large_dynfile.conf 2012-04-04 14:29:55.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/gzipwr_large_dynfile.conf 2013-12-18 14:28:10.645004186 +0800 +@@ -1,7 +1,7 @@ + # simple async writing test + # rgerhards, 2010-03-09 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $ModLoad ../plugins/imtcp/.libs/imtcp + $MainMsgQueueTimeoutShutdown 10000 +diff -Nru rsyslog-7.4.4/tests/testsuites/imptcp_conndrop.conf rsyslog-7.4.4.new/tests/testsuites/imptcp_conndrop.conf +--- rsyslog-7.4.4/tests/testsuites/imptcp_conndrop.conf 2013-08-31 00:30:41.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/imptcp_conndrop.conf 2013-12-18 14:28:10.646004189 +0800 +@@ -1,7 +1,7 @@ + # simple async writing test + # rgerhards, 2010-03-09 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $ModLoad ../plugins/imptcp/.libs/imptcp + $MainMsgQueueTimeoutShutdown 10000 +diff -Nru rsyslog-7.4.4/tests/testsuites/imptcp_large.conf rsyslog-7.4.4.new/tests/testsuites/imptcp_large.conf +--- rsyslog-7.4.4/tests/testsuites/imptcp_large.conf 2013-08-31 00:30:41.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/imptcp_large.conf 2013-12-18 14:28:10.646004189 +0800 +@@ -1,7 +1,7 @@ + # simple async writing test + # rgerhards, 2010-03-09 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $ModLoad ../plugins/imptcp/.libs/imptcp + $MainMsgQueueTimeoutShutdown 10000 +diff -Nru rsyslog-7.4.4/tests/testsuites/imtcp_conndrop.conf rsyslog-7.4.4.new/tests/testsuites/imtcp_conndrop.conf +--- rsyslog-7.4.4/tests/testsuites/imtcp_conndrop.conf 2013-07-19 20:59:03.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/imtcp_conndrop.conf 2013-12-18 14:28:10.646004189 +0800 +@@ -1,7 +1,7 @@ + # simple async writing test + # rgerhards, 2010-03-09 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $ModLoad ../plugins/imtcp/.libs/imtcp + $MainMsgQueueTimeoutShutdown 10000 +diff -Nru rsyslog-7.4.4/tests/testsuites/wr_large.conf rsyslog-7.4.4.new/tests/testsuites/wr_large.conf +--- rsyslog-7.4.4/tests/testsuites/wr_large.conf 2012-04-04 14:29:55.000000000 +0800 ++++ rsyslog-7.4.4.new/tests/testsuites/wr_large.conf 2013-12-18 14:28:10.647004190 +0800 +@@ -1,7 +1,7 @@ + # simple async writing test + # rgerhards, 2010-03-09 +-$MaxMessageSize 10k + $IncludeConfig diag-common.conf ++$MaxMessageSize 10k + + $ModLoad ../plugins/imtcp/.libs/imtcp + $MainMsgQueueTimeoutShutdown 10000 diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog.conf b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog.conf new file mode 100644 index 000000000..324ae6d82 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog.conf @@ -0,0 +1,86 @@ +# if you experience problems, check +# http://www.rsyslog.com/troubleshoot for assistance + +# rsyslog v3: load input modules +# If you do not load inputs, nothing happens! +# You may need to set the module load path if modules are not found. +# +# Ported from debian's sysklogd.conf + +$ModLoad immark # provides --MARK-- message capability +$ModLoad imuxsock # provides support for local system logging (e.g. via logger command) +$ModLoad imklog # kernel logging (formerly provided by rklogd) + +# +# Set the default permissions +# +$FileOwner root +$FileGroup adm +$FileCreateMode 0640 +$DirCreateMode 0755 +$Umask 0022 + +auth,authpriv.* /var/log/auth.log +*.*;auth,authpriv.none -/var/log/syslog +cron.* /var/log/cron.log +daemon.* -/var/log/daemon.log +kern.* -/var/log/kern.log +lpr.* -/var/log/lpr.log +mail.* -/var/log/mail.log +user.* -/var/log/user.log + +# +# Logging for the mail system. Split it up so that +# it is easy to write scripts to parse these files. +# +mail.info -/var/log/mail.info +mail.warn -/var/log/mail.warn +mail.err /var/log/mail.err + +# Logging for INN news system +# +news.crit /var/log/news.crit +news.err /var/log/news.err +news.notice -/var/log/news.notice + +# +# Some `catch-all' logfiles. +# +*.=debug;\ + auth,authpriv.none;\ + news.none;mail.none -/var/log/debug +*.=info;*.=notice;*.=warn;\ + auth,authpriv.none;\ + cron,daemon.none;\ + mail,news.none -/var/log/messages + +# +# Emergencies are sent to everybody logged in. +# +*.emerg :omusrmsg:* + +# Save boot messages also to boot.log +local7.* /var/log/boot.log + +# Remote Logging (we use TCP for reliable delivery) +# An on-disk queue is created for this action. If the remote host is +# down, messages are spooled to disk and sent when it is up again. +#$WorkDirectory /var/spool/rsyslog # where to place spool files +#$ActionQueueFileName uniqName # unique name prefix for spool files +$ActionQueueMaxDiskSpace 10m # 1gb space limit (use as much as possible) +#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown +#$ActionQueueType LinkedList # run asynchronously +#$ActionResumeRetryCount -1 # infinite retries if host is down +# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional +#*.* @@remote-host:514 + + +# ######### Receiving Messages from Remote Hosts ########## +# TCP Syslog Server: +# provides TCP syslog reception and GSS-API (if compiled to support it) +#$ModLoad imtcp.so # load module +#$InputTCPServerRun 514 # start up TCP listener at port 514 + +# UDP Syslog Server: +#$ModLoad imudp.so # provides UDP syslog reception +#$UDPServerRun 514 # start a UDP syslog server at standard port 514 diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog.logrotate b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog.logrotate new file mode 100644 index 000000000..94ec517b2 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/rsyslog.logrotate @@ -0,0 +1,39 @@ +# /etc/logrotate.d/rsyslog - Ported from Debian + +/var/log/syslog +{ + rotate 7 + daily + missingok + notifempty + delaycompress + compress + postrotate + /bin/kill -HUP `cat /var/run/rsyslogd.pid 2> /dev/null` 2> /dev/null || true + endscript +} + +/var/log/mail.info +/var/log/mail.warn +/var/log/mail.err +/var/log/mail.log +/var/log/daemon.log +/var/log/kern.log +/var/log/auth.log +/var/log/user.log +/var/log/lpr.log +/var/log/cron.log +/var/log/debug +/var/log/messages +{ + rotate 4 + weekly + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + /bin/kill -HUP `cat /var/run/rsyslogd.pid 2> /dev/null` 2> /dev/null || true + endscript +} diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest new file mode 100644 index 000000000..3770a7506 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh +# +make -C tests -k check-TESTS diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch new file mode 100644 index 000000000..ebc10707c --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch @@ -0,0 +1,48 @@ +From 5c3ba79177f7d1763db33c4358af2af60ff214b7 Mon Sep 17 00:00:00 2001 +From: Roy Li <rongqing.li@windriver.com> +Date: Wed, 18 Jun 2014 13:46:52 +0800 +Subject: [PATCH] use pkgconfig to check libgcrypt + +Upstream-status: Inappropriate [configuration] + +libgcrypt does no longer provide libgcrypt-config, and provide +*.pc, so we should use pkgconfig to check + +Signed-off-by: Roy Li <rongqing.li@windriver.com> +--- + configure.ac | 19 +------------------ + 1 file changed, 1 insertion(+), 18 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 017116e..1b880f8 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -784,24 +784,7 @@ AC_ARG_ENABLE(libgcrypt, + [enable_libgcrypt=yes] + ) + if test "x$enable_libgcrypt" = "xyes"; then +- AC_CHECK_PROG( +- [HAVE_LIBGCRYPT_CONFIG], +- [libgcrypt-config], +- [yes],,, +- ) +- if test "x${HAVE_LIBGCRYPT_CONFIG}" != "xyes"; then +- AC_MSG_FAILURE([libgcrypt-config not found in PATH]) +- fi +- AC_CHECK_LIB( +- [gcrypt], +- [gcry_cipher_open], +- [LIBGCRYPT_CFLAGS="`libgcrypt-config --cflags`" +- LIBGCRYPT_LIBS="`libgcrypt-config --libs`" +- ], +- [AC_MSG_FAILURE([libgcrypt is missing])], +- [`libgcrypt-config --libs --cflags`] +- ) +- AC_DEFINE([ENABLE_LIBGCRYPT], [1], [Indicator that LIBGCRYPT is present]) ++ PKG_CHECK_MODULES(LIBGCRYPT, libgcrypt) + fi + AM_CONDITIONAL(ENABLE_LIBGCRYPT, test x$enable_libgcrypt = xyes) + AC_SUBST(LIBGCRYPT_CFLAGS) +-- +1.7.9.5 + diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/use_gnutls_certificate_type_set_priority_only_if_available.patch b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/use_gnutls_certificate_type_set_priority_only_if_available.patch new file mode 100644 index 000000000..e1dab759a --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/use_gnutls_certificate_type_set_priority_only_if_available.patch @@ -0,0 +1,79 @@ +From 21674039db99d1067e9df4df04d965297d62c6af Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards <rgerhards@adiscon.com> +Date: Mon, 18 May 2015 09:36:02 +0200 +Subject: [PATCH] use gnutls_certificate_type_set_priority() only if available + +The gnutls_certificate_type_set_priority function is deprecated +and not available in recent GnuTLS versions. However, there is no +doc how to properly replace it with gnutls_priority_set_direct. +A lot of folks have simply removed it, when they also called +gnutls_set_default_priority. This is what we now also do. If +this causes problems or someone has an idea of how to replace +the deprecated function in a better way, please let us know! +In any case, we use it as long as it is available and let +not insult us by the deprecation warnings. + +Upstream-Status: Backport +Signed-off-by: Tudor Florea <tudor.florea@enea.com> + +--- + configure.ac | 1 + + runtime/nsd_gtls.c | 18 ++++++++++++++++-- + 2 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 56835fb..1c2be01 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -765,6 +765,7 @@ if test "x$enable_gnutls" = "xyes"; then + AC_DEFINE([ENABLE_GNUTLS], [1], [Indicator that GnuTLS is present]) + AC_CHECK_LIB(gnutls, gnutls_global_init) + AC_CHECK_FUNCS(gnutls_certificate_set_retrieve_function,,) ++ AC_CHECK_FUNCS(gnutls_certificate_type_set_priority,,) + fi + AM_CONDITIONAL(ENABLE_GNUTLS, test x$enable_gnutls = xyes) + +diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c +index e127834..4b6aab1 100644 +--- a/runtime/nsd_gtls.c ++++ b/runtime/nsd_gtls.c +@@ -1658,8 +1658,9 @@ Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) + nsd_gtls_t *pThis = (nsd_gtls_t*) pNsd; + int sock; + int gnuRet; +- /* TODO: later? static const int cert_type_priority[3] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };*/ ++# if HAVE_GNUTLS_CERTIFICATE_TYPE_SET_PRIORITY + static const int cert_type_priority[2] = { GNUTLS_CRT_X509, 0 }; ++# endif + DEFiRet; + + ISOBJ_TYPE_assert(pThis, nsd_gtls); +@@ -1688,14 +1689,27 @@ Connect(nsd_t *pNsd, int family, uchar *port, uchar *host) + gnutls_certificate_set_retrieve_function(xcred, gtlsClientCertCallback); + # else + gnutls_certificate_client_set_retrieve_function(xcred, gtlsClientCertCallback); +-# endif ++# endif + } else if(iRet != RS_RET_CERTLESS) { + FINALIZE; /* we have an error case! */ + } + + /* Use default priorities */ + CHKgnutls(gnutls_set_default_priority(pThis->sess)); ++# if HAVE_GNUTLS_CERTIFICATE_TYPE_SET_PRIORITY ++ /* The gnutls_certificate_type_set_priority function is deprecated ++ * and not available in recent GnuTLS versions. However, there is no ++ * doc how to properly replace it with gnutls_priority_set_direct. ++ * A lot of folks have simply removed it, when they also called ++ * gnutls_set_default_priority. This is what we now also do. If ++ * this causes problems or someone has an idea of how to replace ++ * the deprecated function in a better way, please let us know! ++ * In any case, we use it as long as it is available and let ++ * not insult us by the deprecation warnings. ++ * 2015-05-18 rgerhards ++ */ + CHKgnutls(gnutls_certificate_type_set_priority(pThis->sess, cert_type_priority)); ++# endif + + /* put the x509 credentials to the current session */ + CHKgnutls(gnutls_credentials_set(pThis->sess, GNUTLS_CRD_CERTIFICATE, xcred)); diff --git a/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb new file mode 100644 index 000000000..c1d923c75 --- /dev/null +++ b/import-layers/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_7.6.1.bb @@ -0,0 +1,178 @@ +SUMMARY = "Rsyslog is an enhanced multi-threaded syslogd" +DESCRIPTION = "\ +Rsyslog is an enhanced syslogd supporting, among others, MySQL,\ + PostgreSQL, failover log destinations, syslog/tcp, fine grain\ + output format control, high precision timestamps, queued operations\ + and the ability to filter on any message part. It is quite\ + compatible to stock sysklogd and can be used as a drop-in replacement.\ + Its advanced features make it suitable for enterprise-class,\ + encryption protected syslog relay chains while at the same time being\ + very easy to setup for the novice user." + +DEPENDS = "zlib libestr json-c bison-native flex-native liblogging" +HOMEPAGE = "http://www.rsyslog.com/" +LICENSE = "GPLv3 & LGPLv3 & Apache-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=51d9635e646fb75e1b74c074f788e973 \ + file://COPYING.LESSER;md5=cb7903f1e5c39ae838209e130dca270a \ + file://COPYING.ASL20;md5=052f8a09206615ab07326ff8ce2d9d32\ +" + +SRC_URI = "http://www.rsyslog.com/download/files/download/rsyslog/${BPN}-${PV}.tar.gz \ + file://initscript \ + file://rsyslog.conf \ + file://rsyslog.logrotate \ + file://use-pkgconfig-to-check-libgcrypt.patch \ + file://run-ptest \ + file://rsyslog-fix-ptest-not-finish.patch \ + file://json-0.12-fix.patch \ + file://replace_deprecated_GnuTLS_functions.patch \ + file://use_gnutls_certificate_type_set_priority_only_if_available.patch \ + file://enable_tls_ptests.patch \ +" + +SRC_URI[md5sum] = "093c462a5245012bd9e7b82dd8aedffb" +SRC_URI[sha256sum] = "357f089d866c351d5fe5b7139fa85b010223d77b3c21f29b2a1baa8688926111" + +inherit autotools pkgconfig systemd update-rc.d update-alternatives ptest + +EXTRA_OECONF += "--enable-cached-man-pages" + +# first line is default yes in configure +PACKAGECONFIG ??= " \ + zlib rsyslogd rsyslogrt klog inet regexp uuid libgcrypt \ + imdiag gnutls imfile \ + ${@bb.utils.contains('DISTRO_FEATURES', 'snmp', 'snmp', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'testbench ${VALGRIND}', '', d)} \ +" + +# default yes in configure +PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib," +PACKAGECONFIG[rsyslogd] = "--enable-rsyslogd,--disable-rsyslogd,," +PACKAGECONFIG[rsyslogrt] = "--enable-rsyslogrt,--disable-rsyslogrt,," +PACKAGECONFIG[inet] = "--enable-inet,--disable-inet,," +PACKAGECONFIG[klog] = "--enable-klog,--disable-klog,," +PACKAGECONFIG[regexp] = "--enable-regexp,--disable-regexp,," +PACKAGECONFIG[uuid] = "--enable-uuid,--disable-uuid,util-linux," +PACKAGECONFIG[libgcrypt] = "--enable-libgcrypt,--disable-libgcrypt,libgcrypt," +PACKAGECONFIG[testbench] = "--enable-testbench,--disable-testbench,," + +# default no in configure +PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,," +PACKAGECONFIG[imdiag] = "--enable-imdiag,--disable-imdiag,," +PACKAGECONFIG[imfile] = "--enable-imfile,--disable-imfile,," +PACKAGECONFIG[snmp] = "--enable-snmp,--disable-snmp,net-snmp," +PACKAGECONFIG[gnutls] = "--enable-gnutls,--disable-gnutls,gnutls," +PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--without-systemdsystemunitdir,systemd," +PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5," +PACKAGECONFIG[postgresql] = "--enable-pgsql,--disable-pgsql,postgresql," +PACKAGECONFIG[libdbi] = "--enable-libdbi,--disable-libdbi,libdbi," +PACKAGECONFIG[mail] = "--enable-mail,--disable-mail,," +PACKAGECONFIG[gui] = "--enable-gui,--disable-gui,," +PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,valgrind," + +TESTDIR = "tests" +do_compile_ptest() { + echo 'buildtest-TESTS: $(check_PROGRAMS)' >> ${TESTDIR}/Makefile + oe_runmake -C ${TESTDIR} buildtest-TESTS +} + +do_install_ptest() { + # install the tests + cp -rf ${S}/${TESTDIR} ${D}${PTEST_PATH} + cp -rf ${B}/${TESTDIR} ${D}${PTEST_PATH} + + # do NOT need to rebuild Makefile itself + sed -i 's/^Makefile:.*$/Makefile:/' ${D}${PTEST_PATH}/${TESTDIR}/Makefile + + # fix the srcdir, top_srcdir + sed -i 's,^\(srcdir = \).*,\1${PTEST_PATH}/tests,' ${D}${PTEST_PATH}/${TESTDIR}/Makefile + sed -i 's,^\(top_srcdir = \).*,\1${PTEST_PATH}/tests,' ${D}${PTEST_PATH}/${TESTDIR}/Makefile + + # valgrind is not compatible with arm and mips, + # so remove related test cases if there is no valgrind. + if [ x${VALGRIND} = x ]; then + sed -i '/udp-msgreduc-/d' ${D}${PTEST_PATH}/${TESTDIR}/Makefile + fi + + # install test-driver + install -m 644 ${S}/test-driver ${D}${PTEST_PATH}/${TESTDIR} + + # install necessary links + install -d ${D}${PTEST_PATH}/tools + ln -sf ${sbindir}/rsyslogd ${D}${PTEST_PATH}/tools/rsyslogd + + install -d ${D}${PTEST_PATH}/runtime + install -d ${D}${PTEST_PATH}/runtime/.libs + ( + cd ${D}/${libdir}/rsyslog + allso="*.so" + for i in $allso; do + ln -sf ${libdir}/rsyslog/$i ${D}${PTEST_PATH}/runtime/.libs/$i + done + ) + + # fix the module load path with runtime/.libs + find ${D}${PTEST_PATH}/${TESTDIR} -name \*.conf -exec \ + sed -i -e 's:../plugins/.*/.libs/:../runtime/.libs/:' \ + '{}' \; +} + +do_install_append() { + install -d "${D}${sysconfdir}/init.d" + install -m 755 ${WORKDIR}/initscript ${D}${sysconfdir}/init.d/syslog.${BPN} + install -m 644 ${WORKDIR}/rsyslog.conf ${D}${sysconfdir}/rsyslog.conf + install -m 644 ${WORKDIR}/rsyslog.logrotate ${D}${sysconfdir}/logrotate.rsyslog +} + +FILES_${PN} += "${bindir}" + +INITSCRIPT_NAME = "syslog" +INITSCRIPT_PARAMS = "defaults" + +# higher than sysklogd's 100 +ALTERNATIVE_PRIORITY = "110" + +ALTERNATIVE_${PN} = "syslogd syslog-conf syslog-logrotate" + +ALTERNATIVE_LINK_NAME[syslogd] = "${base_sbindir}/syslogd" +ALTERNATIVE_TARGET[syslogd] = "${sbindir}/rsyslogd" +ALTERNATIVE_LINK_NAME[syslog-conf] = "${sysconfdir}/syslog.conf" +ALTERNATIVE_TARGET[syslog-conf] = "${sysconfdir}/rsyslog.conf" +ALTERNATIVE_LINK_NAME[syslog-logrotate] = "${sysconfdir}/logrotate.d/syslog" +ALTERNATIVE_TARGET[syslog-logrotate] = "${sysconfdir}/logrotate.rsyslog" + +CONFFILES_${PN} = "${sysconfdir}/rsyslog.conf" + +RPROVIDES_${PN} += "${PN}-systemd" +RREPLACES_${PN} += "${PN}-systemd" +RCONFLICTS_${PN} += "${PN}-systemd" +SYSTEMD_SERVICE_${PN} = "${BPN}.service" + +RDEPENDS_${PN} += "logrotate" + +# for rsyslog-ptest +VALGRIND = "valgrind" +VALGRIND_mips = "" +VALGRIND_mips64 = "" +VALGRIND_mips64n32 = "" +VALGRIND_arm = "" +VALGRIND_aarch64 = "" +RDEPENDS_${PN}-ptest += "make diffutils gzip" +RRECOMMENDS_${PN}-ptest += "${TCLIBC}-dbg ${VALGRIND}" + +# no syslog-init for systemd +python () { + if bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): + pn = d.getVar('PN', True) + sysconfdir = d.getVar('sysconfdir', True) + d.appendVar('ALTERNATIVE_%s' % (pn), ' syslog-init') + d.setVarFlag('ALTERNATIVE_LINK_NAME', 'syslog-init', '%s/init.d/syslog' % (sysconfdir)) + d.setVarFlag('ALTERNATIVE_TARGET', 'syslog-init', '%s/init.d/syslog.%s' % (d.getVar('sysconfdir', True), d.getVar('BPN', True))) + + if bb.utils.contains('DISTRO_FEATURES', 'systemd', True, False, d): + pn = d.getVar('PN', True) + d.appendVar('ALTERNATIVE_%s' % (pn), ' syslog-service') + d.setVarFlag('ALTERNATIVE_LINK_NAME', 'syslog-service', '%s/systemd/system/syslog.service' % (d.getVar('sysconfdir', True))) + d.setVarFlag('ALTERNATIVE_TARGET', 'syslog-service', '%s/system/rsyslog.service' % (d.getVar('systemd_unitdir', True))) +} |