On 2024/07/14 21:08, Remi Locherer wrote:
> -V =			8.2208.0
> +V =			8.2404.0
>  DISTNAME =		rsyslog-$V
>  PKGNAME-main =		rsyslog-$V
>  PKGNAME-mysql =		rsyslog-mysql-$V
> @@ -22,8 +22,6 @@ REVISION-pgsql =	0

There are some REVISION-* to remove too.

> --- /dev/null	1 Jan 1970 00:00:00 -0000
> +++ patches/patch-runtime_net_ossl_c	20 May 2024 19:52:41 -0000
> @@ -0,0 +1,24 @@
> +LibreSSL does not support SSL_CONF_CTX.
> +This patch is already present in rsyslog master and will most likely
> +ship with a future version.

I'm not sure if this is quite enough. It removes the
net_ossl_apply_tlscgfcmd function but not the prototype, and it's still
referenced later in the BEGINobjQueryInterface(net_ossl) bits below in
that file,

...
1196         pIf->osslGetpeercert            = net_ossl_getpeercert;
1197         pIf->osslChkpeercertvalidity    = net_ossl_chkpeercertvalidity;
1198         pIf->osslApplyTlscgfcmd         = net_ossl_apply_tlscgfcmd;
1199         pIf->osslSetBioCallback         = net_ossl_set_bio_callback;
...

I think rsyslog will probably crash if any functions using that are
called.

Is there anyone reading who uses the rsyslog port with TLS who could
check runtime?