search

sous-chefs / rsyslog

Development repository for the rsyslog cookbook
https://supermarket.chef.io/cookbooks/rsyslog
Apache License 2.0
65 stars 199 forks source link

Add facility to choose TLS driver #162

Closed amarkelov closed 3 years ago

amarkelov commented 4 years ago

Add node attribute for TLS driver Add TLS driver package installation Add the attribute to rsyslog.conf template

Signed-off-by: Alex Markelov alex@markelov.org

Description

The change allows to choose between GnuTLS and OpenSSL TLS drivers. Without the change only GnuTLS can be used.

Issues Resolved

rsyslog has a bug in GnuTLS driver, see https://github.com/rsyslog/rsyslog/issues/2547 whereby server's full chain of trust is not exposed to clients and breaks TLS handshake. Switching to OpenSSL driver fixes the issue.

Check List

xorima commented 3 years ago

Hey @amarkelov

any chance you can rebase this?

Thanks!

amarkelov commented 3 years ago

Hey @amarkelov

any chance you can rebase this?

Thanks!

Hi @Xorima !

You mean rebase to the original master? What would be the correct way of doing this, so I don't ruin anything?

Alex.

xorima commented 3 years ago

Hey @amarkelov

any chance you can rebase this?

Thanks!

Hi @Xorima !

You mean rebase to the original master? What would be the correct way of doing this, so I don't ruin anything?

Alex.

Yep, we then we can look into getting this merged

amarkelov commented 3 years ago

Hey @amarkelov any chance you can rebase this? Thanks!

Hi @Xorima ! You mean rebase to the original master? What would be the correct way of doing this, so I don't ruin anything? Alex.

Yep, we then we can look into getting this merged

OK, I need your help with this to make it right I guess. What I did so far on the road to rebase was:

1) git remote add upstream git@github.com:sous-chefs/rsyslog.git 2) git fetch upstream 3) git rebase upstream/master

That had some conflicts

$ git rebase upstream/master
First, rewinding head to replay your work on top of it...
Applying: Add facility to choose TLS driver
Using index info to reconstruct a base tree...
A   .travis.yml
M   README.md
M   attributes/default.rb
M   kitchen.yml
M   recipes/default.rb
M   recipes/server.rb
M   spec/server_spec.rb
Falling back to patching base and 3-way merge...
Auto-merging spec/server_spec.rb
CONFLICT (content): Merge conflict in spec/server_spec.rb
Auto-merging recipes/server.rb
CONFLICT (content): Merge conflict in recipes/server.rb
Auto-merging recipes/default.rb
CONFLICT (content): Merge conflict in recipes/default.rb
Auto-merging kitchen.yml
CONFLICT (content): Merge conflict in kitchen.yml
Auto-merging attributes/default.rb
Auto-merging README.md
CONFLICT (modify/delete): .travis.yml deleted in HEAD and modified in Add facility to choose TLS driver. Version Add facility to choose TLS driver of .travis.yml left in tree.
error: Failed to merge in the changes.
Patch failed at 0001 Add facility to choose TLS driver
hint: Use 'git am --show-current-patch' to see the failed patch
Resolve all conflicts manually, mark them as resolved with
"git add/rm <conflicted_files>", then run "git rebase --continue".
You can instead skip this commit: run "git rebase --skip".
To abort and get back to the state before "git rebase", run "git rebase --abort".
AIDEHONEYFIX:rsyslog alex.markelov$ git rm .travis.yml 
rm '.travis.yml'

Those I resolved and did git add followed by git rebase --continue

Now when I try to git push origin master I get this

$ git push origin master 
To https://github.com/amarkelov/rsyslog-1.git
 ! [rejected]        master -> master (non-fast-forward)
error: failed to push some refs to 'https://github.com/amarkelov/rsyslog-1.git'
hint: Updates were rejected because the tip of your current branch is behind
hint: its remote counterpart. Integrate the remote changes (e.g.
hint: 'git pull ...') before pushing again.
hint: See the 'Note about fast-forwards' in 'git push --help' for details.

Shall I just add --force to my push and be done with that?

Sorry, my git-foo is not as strong yet :-)

ramereth commented 3 years ago

Shall I just add --force to my push and be done with that?

Sorry, my git-foo is not as strong yet :-)

Yes, you'll have to do that since you rewrote history.

amarkelov commented 3 years ago

@Xorima looks like checks passed this time. Would you mind to review this, please?

kitchen-porter commented 3 years ago

Released as: 7.4.0