File librelp.changes of Package librelp.28858

-------------------------------------------------------------------
Wed Apr 19 14:23:17 UTC 2023 - Thomas Blume <thomas.blume@suse.com>

- update to librelp 1.11.0 (bsc#1210649)
  the previous version became incompatible with current rsyslog
  version 8.2106.0

- Important changes per version

Version 1.11.0 - 2023-01-10
- code cleanup
- AIX: Changed ERRNO handling after connect in tcp.c
- AIX: Add handling for other ERRNO codes in tcp.c
- bugfix/TCP: relpTcpGetRtryDirection onyl needs to check direction if SSL is active.
- AIX: in relpTcpRcv we need to set RETRY_recv if errno is 0
- openssl: fix openssl exit code avoid double free of ctx
- librelp hardening: Fix multiple minor issues causing debugging trouble
- OpenSSL: fix depreacted API issues for OpenSSL 3.x
- bugfix: compatiblity problem with openssl 1.1
- bugfix: Forward return code from relpEngineSetTLSLib to relpEngineSetTLSLibName
- bugfix: make relpEngineSetTLSLib debug safe
- bugfix: warnings reported by coverity scan
- gnutls drvr bugfix: library called exit() under some circumstances

Version 1.10.0 - 2021-02-16
- TLS handling bugfix

Version 1.9.0 - 2020-11-24
- openssl bugfix: preprocessor check for tlsconfigcmd code
- solaris compatibility fix: add strndup compatibility code

Version 1.8.0 - 2020-09-29
- gnutls "bugfix": handle receives who break connection on close
- gnutls bugfix: per-session memory leak
- tls bugfix: RETRY not correctly handled in TLS Mode & CI improvement
- bugfix: librelp.h contains duplicate function definition
- removed some more externally visible symbols not being part of API

Version 1.7.0 - 2020-08-25
- some internal cleanup (const attributes and such)
- bugfix: library did export non-API symbols
- openssl: Fix chained certificate files for older OpenSSL Version.
- fix FD leak when socket shutdown is one-sided
- TLS: Added call to destruct OpenSSL remains to relpEngineDestruct
- fix memory leak on session break

Version 1.6.0 - 2020-04-21
- fix namespace pollution - some non-API functions were exported
- replsess: fix double free of sendbuf in some cases.
- improve support for libressl
- Modified GnuTLS priority according to standard crypto-policy guideline
- tcp: Missing pUsr Copy to relpTcp Pointer fixed in relpTcpAcceptConnReq
- report io errors for plain tcp connections

Version 1.5.0 - 2020-01-14
- bugfix: too late termination of relp Engine on shutdown
- build system fix: invalid default in configure help text
- error message on invalid TLS library request added

Version 1.4.0 - 2019-03-05
- build system: enable openssl by default, this means both TLS drivers
  are now build by default
- support that both GnuTLS and openssl TLS drivers are active together
- portability: use GCC __attribute__ only where supported
- bugfix: build problem when HAVE_STRERROR_R is undefined
- bugfix: openssl driver did not properly handle retries when sending
- bugfix: in openssl mode, cert name validation did not work properly
- bugfix: invalid handling of connection fail could lead to abort
- a couple of minor and cosmetic nitfixes, improvements and cleanup

Version 1.3.0 - 2018-12-11
- improved error reporting
- bugfix openssl: anon mode did not work with openssl 1.1.0+
- bugfix: do not send multiple open commands

Version 1.2.18 - 2018-09-18
- added non-standard "certvalid" auth mode to TLS authentication
- bugfix CI: make distcheck did not work
Version 1.2.17 - 2018-08-02
- added support for openssl
- improve code quality: replace strerror() by portable equivalent
- improve error message on connection failure
- bugfix: 100% CPU utilization due to busy loop
- bugfix: do not expose symbols that are not part of public API
- bugfix: potential segfault when listener could not be bound

Version 1.2.16 - 2018-05-14
- API changes
  * add new API: relpSrvSetOversizeMode()
  * add new API: relpSrvSetLstnAddr()
- support additional hashes for fingerprint mode
- bugfix: potential memory leak
- bugfix: memory leak on protocol error
- fixed a couple of minor issues:
  * fix memory leak when relp frame construction fails
  * removed unnecessary code
  * fix memory leak
  * fix memory leak on relpSrvRun() error
  * fix memory leak on relp listener construction error
  * also resolved all other issues reported by Coverity scan

-------------------------------------------------------------------
Sat Mar 24 08:48:48 UTC 2018 - astieger@suse.com

- librelp 1.2.15:
  * CVE-2018-1000140: A remote attackher could have used specially
    crafted x509 certificates when connecting to rsyslog to trigger
    a stack buffer overflow and run arbitrary code (bsc#1086730)
  * bugfix: invalid handling of snprintf() return code
  * bugfix: invalid assert predicate
  * some code cleanup
  * bugfix: error message on open error was truncated

-------------------------------------------------------------------
Mon May 29 15:46:36 UTC 2017 - astieger@suse.com

- librelp 1.2.14:
  * API extension: add relpSrvSetMaxDataSize()

-------------------------------------------------------------------
Thu Feb 23 13:28:52 UTC 2017 - astieger@suse.com

- librelp 1.2.13:
  * bugfix: duplicated lines after server reconnect

-------------------------------------------------------------------
Mon Jan 30 17:31:03 CET 2017 - ndas@suse.com

- This updated library is needed for latest rsyslog(fate#320546)

-------------------------------------------------------------------
Sun Jul 10 18:43:57 UTC 2016 - astieger@suse.com

- librelp 1.2.12:
  * API enhancement: permit to set connection timeout
  * cleanup: replace deprecated GnuTLS data types by current ones

-------------------------------------------------------------------
Tue Jun 28 15:29:05 UTC 2016 - astieger@suse.com

- librelp 1.2.11:
  * do not accept more than one "open" verb on a connection
  * fix potential segfault when high-numbered fd is used in sender
  * make librelp not run in thight loop when out of sockets
  * flush the current recv frame if it exists if the client session
    is restarting
  * API enhancement: add configurable connection timeout

-------------------------------------------------------------------
Mon Apr  4 11:55:31 UTC 2016 - astieger@suse.com

- librelp 1.2.10:
  * fix a problem with sending large buffers
  * improve sender/receiver code 
  * enable compatibility with older versions of GnuTLS

-------------------------------------------------------------------
Mon Feb  8 21:00:15 UTC 2016 - mpluskal@suse.com

- Make building more verbose

-------------------------------------------------------------------
Thu Jan 28 14:00:17 UTC 2016 - mrueckert@suse.de

- fix build on sle11. the sles_version conditional is just broken

-------------------------------------------------------------------
Sat Jan  2 15:17:45 UTC 2016 - astieger@suse.com

- librelp 1.2.9:
  * Ignoring return status when handling syslog frames now.
    Otherwise valid messages in the frame buffer will get lost when
    the remote connection is closed during meantime.

-------------------------------------------------------------------
Tue Sep  8 19:51:14 UTC 2015 - astieger@suse.com

- librelp 1.2.8:
  * fix segfault if KEEPALIVE is used

-------------------------------------------------------------------
Tue Apr 29 17:07:46 UTC 2014 - andreas.stieger@gmx.de

- update to 1.2.7
  - bugfix: librelp was incompatible with C++ without a real reason
  - bugfix: potential misadressing in wildcard match
  - bugfix: always last wildcard match was reported, not first
- contains changes from 1.2.6
  - report error when preparing for non-anon TLS and this is
    unsupported

-------------------------------------------------------------------
Thu Mar 20 16:18:03 UTC 2014 - andreas.stieger@gmx.de

- update to 1.2.5:
  - permit to use anonymous TLS on platforms where GnuTLS lacks
    certificate verification function

-------------------------------------------------------------------
Mon Mar 17 12:15:50 UTC 2014 - andreas.stieger@gmx.de

- update to 1.2.4:
  - correct API/ABI change in 1.2.3
  - revert back to previous state (return void)
    * relpSrvEnableTLS();
    * relpSrvEnableTLSZip();
    These functions are now deprecated.
  - introduce new functions that return a state
    * relpSrvEnableTLS2();
    * relpSrvEnableTLSZip2();

-------------------------------------------------------------------
Fri Mar 14 14:50:27 UTC 2014 - andreas.stieger@gmx.de

- update to 1.2.3:
  - add ability to build librelp without TLS
  - API change: two functions that used to return void now return
    state:
    * relpSrvEnableTLS();
    * relpSrvEnableTLSZip();

-------------------------------------------------------------------
Tue Jan 14 20:53:10 UTC 2014 - andreas.stieger@gmx.de

- update to 1.2.2:
  - add capability to enable tcp KEEPALIVE
  - introduced new API relpSrvSetKeepAlive() to support KEEPALIVE
  - errors binding listener port are now reported via error message
    callback

-------------------------------------------------------------------
Tue Jul 16 10:52:06 UTC 2013 - andreas.stieger@gmx.de

- update to 1.2.0:
  - support for epoll() added
  - API extension: relpEngineSetOnGenericErr

-------------------------------------------------------------------
Thu Jul 11 21:41:09 UTC 2013 - andreas.stieger@gmx.de

- update to 1.1.5:
  This is a bug-fixing release that takes care of a memory leak on 
  connection close as well as potential misadressing on session 
  close.
  - bugfix: memory leak on connection close
  - bugfix: potential misadressing on session close

-------------------------------------------------------------------
Thu Jul 11 21:35:53 UTC 2013 - andreas.stieger@gmx.de

- update to 1.1.4:
  This version of the library provides certificate wildcard name 
  checks. It also supports enhanced performance options (burst 
  support, requires support from the caller). It also contains 
  some bug fixes, especially for BSD.
  - fix build problems on BSD
  - add ability to specify a non-standard RELP Window size
  - add burst support to the client API
  - wildcards are now supported in TLS name peer authentication
  - new APIs: relpCltHintBurstBegin, relpCltHintBurstEnd,
    relpCltSetWindowSize

-------------------------------------------------------------------
Sun Jun 30 10:44:04 UTC 2013 - andreas.stieger@gmx.de

- update to 1.1.3:
  - increased performance of RELP connection
  - bugfix: potential segfault if no GnuTLS priority string was set
- includes changes from 1.1.2:
  - add capability to specify the GnuTLS priority string
    This gives callers complete control over crypto parameters, like
    ciphers to use.
  - add certificate-based authentication
  - add capability to specify number of Diffie-Hellman bits to use
  - API extension: relpSrvSetDHBits, relpSrvSetGnuTLSPriString,
    relpSrvSetGnuTLSPriString, relpCltSetGnuTLSPriString
    relpEngineSetOnAuthErr, relpCltSetUsrPtr,
    relpSrvSetAuthMode, relpCltSetAuthMode
- includes changes from 1.1.1:
  - added compression support for TLS
  - API extension: relpCltEnableTLSZip, relpSrvEnableTLSZip
- includes changes from 1.1.0
  - add TLS support
-   new api for creating listners:
    ... which permits us to set various properties before the listener
    is actually started. New callers should use it. Sequence is:
    * relpEngineListnerConstruct()
    * ... set properties ... (via relpSrv...() family)
    * relgEngineListnerConstructFinalize()
    This new style permits us to add/set additional listner options
    without the need to introduce ever-new listner create functions.
    Actually, their number would grow exponentionally, so this were
    a dead end.
    The old-style APIs relpEngineAddListner() and
    relpEngineAddListner2() are still fully supported (and supposed
    to be for a long time), but flagged as deprecated.
- includes changes from 1.0.7:
  - ABI change: removed relpCltConnect2() API which was against
    librelp API philosophy
    This was only introduced in 1.0.6 and been in the code for a very
    short time. So we decided that the best thing to do is actually
    remove it (there is NO known released user, this changes was for
    yet unreleased rsyslog 7.5.0).
- includes changes from 1.0.6:
  - enhanced API to permit binding a client to a specific IP address
- includes changes from 1.0.5:
  - bugfix: compile problem on Solaris
- includes changes from 1.0.4:
  - bugfix: busy loop on syslog sending as a client when server did not
    accept data; this was broken out only when the remote peer
    indicated that the connection as whole was broken. Now we properly
    timeout.
- make -devel package require gnutls-devel to be useful

-------------------------------------------------------------------
Tue Apr 23 20:06:57 UTC 2013 - andreas.stieger@gmx.de

- update to 1.0.3:
  - added relpCltSetTimeout() interface function
  - improved timeout handling
  - provide support for user-settable shutdown indicator
- includes changes from 1.0.2:
  - added capability to support only IPv4/v6 instead of both

-------------------------------------------------------------------
Mon Sep 24 20:20:59 UTC 2012 - andreas.stieger@gmx.de

- update to upstream 1.0.1:
  - added capability to stop server without canceling its thread
  - bugfix: interrupt of select() was not properly handled
- add pkgconfig support

-------------------------------------------------------------------
Mon May 14 14:01:23 UTC 2012 - cfarrell@suse.com

- license update: GPL-3.0+
  No indication of GPL-3.0 ^only^ files in package. Fedora also using
  GPL-3.0+

-------------------------------------------------------------------
Fri May 11 15:43:56 UTC 2012 - jengelh@inai.de

- Remove redundant sections and tags from specfile
- Enable parallel build

-------------------------------------------------------------------
Mon Feb 13 10:49:11 UTC 2012 - coolo@suse.com

- patch license to follow spdx.org standard

-------------------------------------------------------------------
Wed Apr 14 09:42:37 UTC 2010 - mrueckert@suse.de

- update to version 1.0.0
  This version of librelp matured in practice and it is now time
  for a 1.0 release. Besides that, it includes a small number of
  changes:
  - bugfix: user callback never received remote IP address
  - bugfix: offers builder did use a fixed size string without
    bounds checking. I don't think this was a real issue as it was
    not exposed to the outside world, but now the buffer
    dynamically grows (which is the right thing to do). Thank to
    mterry for alerting me.
- additional changes from version 0.1.3
  - the callback on message reception did not contain a way to pass
    on a caller cookie (e.g. for an instance pointer). An
    additional interface has been added to support that.
  - cleaned up FDL license specifics
  - added libtool versioning
  - made librelp compile out of the box on FreeBSD - thanks to
    Michael Biebl for the patch
- additional changes from version 0.1.2
  - forward compatibility changes in support of our plans to use
    the rsyslog runtime in the future

-------------------------------------------------------------------
Wed Apr  9 17:55:18 CEST 2008 - mrueckert@suse.de

- initial package

openSUSE Build Service is sponsored by