Hi all,
I am glad to announce rsyslog 3.19.4. Its main new feature is greatly
improved authorization settings for TLS peers. It now contains a full
implementation of IETF's most recent additions to the
syslog-transport-tls draft. Certificates can now be verified and
authentication be based on names inside certificates, including the
ability to use wildcard matches. The changed fingerprint syntax is also
supported (this requires a config change in existing installations).
There is one important bug fix, solving a situation where imklog could
cause 100% CPU utilization. This is a recommended update for all
development branch users.
Change Log:
http://www.rsyslog.com/Article232.phtml
Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-108.phtml
I expect TLS support to be feature-complete with this release (except if
something major is changing inside the IETF drafts). My focus will now
be on polishing that release a bit and then move on to another target
while this release matures in practice. I do not yet recommend placing
3.19.4 onto a production box.
As always, feedback is appreciated.
Rainer
I am glad to announce rsyslog 3.19.4. Its main new feature is greatly
improved authorization settings for TLS peers. It now contains a full
implementation of IETF's most recent additions to the
syslog-transport-tls draft. Certificates can now be verified and
authentication be based on names inside certificates, including the
ability to use wildcard matches. The changed fingerprint syntax is also
supported (this requires a config change in existing installations).
There is one important bug fix, solving a situation where imklog could
cause 100% CPU utilization. This is a recommended update for all
development branch users.
Change Log:
http://www.rsyslog.com/Article232.phtml
Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-108.phtml
I expect TLS support to be feature-complete with this release (except if
something major is changing inside the IETF drafts). My focus will now
be on polishing that release a bit and then move on to another target
while this release matures in practice. I do not yet recommend placing
3.19.4 onto a production box.
As always, feedback is appreciated.
Rainer