From e1437c7aa43df135b93aac1d2d3c7323b91c8ad4 Mon Sep 17 00:00:00 2001 From: Tom Bergfeld Date: Wed, 8 Sep 2010 13:48:37 +0200 Subject: minor doc fix: updated tls doc to match new gnutls toolset Signed-off-by: Rainer Gerhards --- doc/tls_cert_machine.html | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/doc/tls_cert_machine.html b/doc/tls_cert_machine.html index 5ecde0d1..095e15c2 100644 --- a/doc/tls_cert_machine.html +++ b/doc/tls_cert_machine.html @@ -75,7 +75,15 @@ Locality name: Somewhere State or province name: CA Common name: machine.example.net UID: -Enter a challenge password: +Enter a dnsName of the subject of the certificate: +Enter the IP address of the subject of the certificate: +Enter the e-mail of the subject of the certificate: +Enter a challange password: +Does the certificate belong to an authority? (y/N): n +Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (y/N): +Will the certificate be used for encryption (RSA ciphersuites)? (y/N): +Is this a TLS web client certificate? (y/N): y +Is this also a TLS web server certificate? (y/N): y [root@rgf9dev sample]# certtool --generate-certificate --load-request request.pem --outfile cert.pem --load-ca-certificate ca.pem --load-ca-privkey ca-key.pem Generating a signed certificate... Enter the certificate's serial number (decimal): @@ -86,10 +94,12 @@ The certificate will expire in (days): 1000 Extensions. +Do you want to honour the extensions from the request? (y/N): Does the certificate belong to an authority? (Y/N): n Is this a TLS web client certificate? (Y/N): y Is this also a TLS web server certificate? (Y/N): y Enter the dnsName of the subject of the certificate: machine.example.net {This is the name of the machine that will use the certificate} +Enter the IP address of the subject of certificate: Will the certificate be used for signing (DHE and RSA-EXPORT ciphersuites)? (Y/N): Will the certificate be used for encryption (RSA ciphersuites)? (Y/N): X.509 Certificate Information: -- cgit v1.2.3 From 90933057bc2f014fd2124ba7d830652e9b1ead96 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 15 Oct 2010 16:39:10 +0200 Subject: imfile: bugfixes in regard to large files (> 2GB) - bugfix: a couple of problems that imfile had on some platforms, namely Ubuntu (not their fault, but occured there) - bugfix: imfile utilizes 32 bit to track offset. Most importantly, this problem can not experienced on Fedora 64 bit OS (which has 64 bit long's!) --- ChangeLog | 9 ++++++++- plugins/imfile/imfile.c | 4 +++- runtime/stream.c | 16 ++++++++-------- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index df29694c..05137f28 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,12 @@ --------------------------------------------------------------------------- -Version 4.6.4 [v4-stable] (rgerhards), 2010-08.05 +Version 4.6.5 [v4-stable] (rgerhards), 2010-??-?? +- bugfix: a couple of problems that imfile had on some platforms, namely + Ubuntu (not their fault, but occured there) +- bugfix: imfile utilizes 32 bit to track offset. Most importantly, + this problem can not experienced on Fedora 64 bit OS (which has + 64 bit long's!) +--------------------------------------------------------------------------- +Version 4.6.4 [v4-stable] (rgerhards), 2010-08-05 - bugfix: zero-sized (empty) messages were processed by imtcp they are now dropped as they always should have been - bugfix: programname filter in ! configuration can not be reset diff --git a/plugins/imfile/imfile.c b/plugins/imfile/imfile.c index 7c588f90..e16f26f8 100644 --- a/plugins/imfile/imfile.c +++ b/plugins/imfile/imfile.c @@ -359,12 +359,14 @@ persistStrmState(fileInfo_t *pInfo) { DEFiRet; strm_t *psSF = NULL; /* state file (stream) */ + size_t lenDir; ASSERT(pInfo != NULL); /* TODO: create a function persistObj in obj.c? */ CHKiRet(strm.Construct(&psSF)); - CHKiRet(strm.SetDir(psSF, glbl.GetWorkDir(), strlen((char*)glbl.GetWorkDir()))); + lenDir = strlen((char*)glbl.GetWorkDir()); + CHKiRet(strm.SetDir(psSF, glbl.GetWorkDir(), lenDir)); CHKiRet(strm.SettOperationsMode(psSF, STREAMMODE_WRITE_TRUNC)); CHKiRet(strm.SetsType(psSF, STREAMTYPE_FILE_SINGLE)); CHKiRet(strm.SetFName(psSF, pInfo->pszStateFile, strlen((char*) pInfo->pszStateFile))); diff --git a/runtime/stream.c b/runtime/stream.c index e8805a40..696986c7 100644 --- a/runtime/stream.c +++ b/runtime/stream.c @@ -214,7 +214,7 @@ doPhysOpen(strm_t *pThis) iFlags |= O_NONBLOCK; } - pThis->fd = open((char*)pThis->pszCurrFName, iFlags, pThis->tOpenMode); + pThis->fd = open((char*)pThis->pszCurrFName, iFlags | O_LARGEFILE, pThis->tOpenMode); DBGPRINTF("file '%s' opened as #%d with mode %d\n", pThis->pszCurrFName, pThis->fd, pThis->tOpenMode); if(pThis->fd == -1) { char errStr[1024]; @@ -1188,7 +1188,7 @@ finalize_it: * is invalidated. * rgerhards, 2008-01-12 */ -static rsRetVal strmSeek(strm_t *pThis, off_t offs) +static rsRetVal strmSeek(strm_t *pThis, off64_t offs) { DEFiRet; @@ -1198,9 +1198,9 @@ static rsRetVal strmSeek(strm_t *pThis, off_t offs) strmOpenFile(pThis); else strmFlushInternal(pThis); - int i; - DBGOPRINT((obj_t*) pThis, "file %d seek, pos %ld\n", pThis->fd, (long) offs); - i = lseek(pThis->fd, offs, SEEK_SET); // TODO: check error! + long long i; + DBGOPRINT((obj_t*) pThis, "file %d seek, pos %llu\n", pThis->fd, (long long unsigned) offs); + i = lseek64(pThis->fd, offs, SEEK_SET); // TODO: check error! pThis->iCurrOffs = offs; /* we are now at *this* offset */ pThis->iBufPtr = 0; /* buffer invalidated */ @@ -1477,7 +1477,7 @@ static rsRetVal strmSerialize(strm_t *pThis, strm_t *pStrm) { DEFiRet; int i; - long l; + int64 l; ISOBJ_TYPE_assert(pThis, strm); ISOBJ_TYPE_assert(pStrm, strm); @@ -1499,8 +1499,8 @@ static rsRetVal strmSerialize(strm_t *pThis, strm_t *pStrm) i = pThis->tOpenMode; objSerializeSCALAR_VAR(pStrm, tOpenMode, INT, i); - l = (long) pThis->iCurrOffs; - objSerializeSCALAR_VAR(pStrm, iCurrOffs, LONG, l); + l = pThis->iCurrOffs; + objSerializeSCALAR_VAR(pStrm, iCurrOffs, INT64, l); CHKiRet(obj.EndSerialize(pStrm)); -- cgit v1.2.3 From c27a2ab6867897ec379ec1e9afb216c99070b33e Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 15 Oct 2010 07:47:31 -0700 Subject: fixed incomplete merge --- plugins/imfile/imfile.c | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/imfile/imfile.c b/plugins/imfile/imfile.c index e16f26f8..3981f9f7 100644 --- a/plugins/imfile/imfile.c +++ b/plugins/imfile/imfile.c @@ -366,6 +366,7 @@ persistStrmState(fileInfo_t *pInfo) /* TODO: create a function persistObj in obj.c? */ CHKiRet(strm.Construct(&psSF)); lenDir = strlen((char*)glbl.GetWorkDir()); + if(lenDir > 0) CHKiRet(strm.SetDir(psSF, glbl.GetWorkDir(), lenDir)); CHKiRet(strm.SettOperationsMode(psSF, STREAMMODE_WRITE_TRUNC)); CHKiRet(strm.SetsType(psSF, STREAMTYPE_FILE_SINGLE)); -- cgit v1.2.3 From f76b826989cea5fdfbb7b313557775cf082a398e Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Fri, 15 Oct 2010 17:21:03 +0200 Subject: solved minor compile problem (caused by merge) --- plugins/imptcp/imptcp.c | 1 - 1 file changed, 1 deletion(-) diff --git a/plugins/imptcp/imptcp.c b/plugins/imptcp/imptcp.c index 93906ba0..9b24dbc2 100644 --- a/plugins/imptcp/imptcp.c +++ b/plugins/imptcp/imptcp.c @@ -498,7 +498,6 @@ doSubmitMsg(ptcpsess_t *pThis, struct syslogTime *stTime, time_t ttGenTime, mult MsgSetInputName(pMsg, pThis->pSrv->pInputName); MsgSetFlowControlType(pMsg, eFLOWCTL_LIGHT_DELAY); pMsg->msgFlags = NEEDS_PARSING | PARSE_HOSTNAME; - pMsg->bParseHOSTNAME = 1; MsgSetRcvFrom(pMsg, pThis->peerName); CHKiRet(MsgSetRcvFromIP(pMsg, pThis->peerIP)); MsgSetRuleset(pMsg, pThis->pSrv->pRuleset); -- cgit v1.2.3