.gitignore

@@ -1,3 +1,6 @@
 SOURCES/qpid-proton-0.34.0.tar.gz
 SOURCES/rsyslog-8.2102.0.tar.gz
 SOURCES/rsyslog-doc-8.2102.0.tar.gz
+/qpid-proton-0.34.0.tar.gz
+/rsyslog-8.2102.0.tar.gz
+/rsyslog-doc-8.2102.0.tar.gz

.rsyslog.metadata

@@ -1,3 +0,0 @@
-390e5cb87a6331cf0ce451d7f6552e2c0d97f706 SOURCES/qpid-proton-0.34.0.tar.gz
-fdda78ed808e7a0dca03ead9227a0a5d913a050f SOURCES/rsyslog-8.2102.0.tar.gz
-9c2188d435cb5f79c1c35749003bd2a61e7f2d07 SOURCES/rsyslog-doc-8.2102.0.tar.gz

gating.yaml

@@ -0,0 +1,8 @@
+--- !Policy
+product_versions:
+  - rhel-8
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation}

propagate-gnutlsPriorityString.patch

@@ -0,0 +1,11 @@
+diff -up rsyslog-8.2102.0/runtime/nsd_ossl.c.orig rsyslog-8.2102.0/runtime/nsd_ossl.c
+--- rsyslog-8.2102.0/runtime/nsd_ossl.c.orig	2024-08-26 15:27:50.528691153 +0200
++++ rsyslog-8.2102.0/runtime/nsd_ossl.c	2024-08-26 15:28:06.950855632 +0200
+@@ -1544,6 +1544,7 @@ AcceptConnReq(nsd_t *pNsd, nsd_t **ppNew
+ 	pNew->permitExpiredCerts = pThis->permitExpiredCerts;
+ 	pNew->pPermPeers = pThis->pPermPeers;
+ 	pNew->DrvrVerifyDepth = pThis->DrvrVerifyDepth;
++	pNew->gnutlsPriorityString = pThis->gnutlsPriorityString;
+ 	CHKiRet(osslInitSession(pNew, osslServer));
+ 
+ 	/* Store nsd_ossl_t* reference in SSL obj */

rsyslog.spec

@@ -6,7 +6,7 @@
 Summary: Enhanced system logging and kernel message trapping daemon
 Name: rsyslog
 Version: 8.2102.0
-Release: 15%{?dist}
+Release: 15%{?dist}.1
 License: (GPLv3+ and ASL 2.0)
 Group: System Environment/Daemons
 ExcludeArch: i686
@@ -76,6 +76,7 @@ Patch24: rsyslog-8.2102.0-rhbz2192955-es-4.patch
 Patch25: rsyslog-8.2102.0-rhbz2192955-es-5.patch
 Patch26: rsyslog-8.2102.0-rhbz2192955-es-6.patch
 Patch27: rsyslog-8.2102.0-rhbz2192955-es-doc.patch
+Patch28: propagate-gnutlsPriorityString.patch
 
 %package crypto
 Summary: Encryption support
@@ -299,34 +300,35 @@ mv build doc
 %setup -q -D
 %setup -q -D -T -b 5
 
-%patch0  -p1 -b .default-tag
-%patch1  -p1 -b .fd-leak-on-fsync
-%patch2  -p1 -b .timeout
-%patch3  -p1 -b .unexpected-priority-length
-%patch4  -p1 -b .imuxsock-rate-limit
-%patch5  -p1 -b .abort-on-id-resolution-fail
-%patch6  -p1 -b .prioritizeSAN
-%patch7  -p1 -b .errfile-maxsize
-%patch8  -p1 -b .state-file-leaking
-%patch9  -p1 -b .state-file-leaking-doc
-%patch10 -p1 -b .ossl-better-logs
-%patch11 -p1 -b .imtcp-refactor-params
-%patch12 -p1 -b .ossl-memory-leak
-%patch13 -p1 -b .ossl-ciphers-behaviour
-%patch14 -p1 -b .CVE-24903
-%patch15 -p1 -b .gnutls-error-handling
-%patch16 -p1 -b .extra-ca-files
-%patch17 -p1 -b .extra-ca-files-doc
-%patch18 -p1 -b .imklog-heap
-%patch19 -p1 -b .cstrlen
-%patch20 -p1 -b .es0
-%patch21 -p1 -b .es1
-%patch22 -p1 -b .es2
-%patch23 -p1 -b .es3
-%patch24 -p1 -b .es4
-%patch25 -p1 -b .es5
-%patch26 -p1 -b .es6
-%patch27 -p1 -b .es-doc
+%patch -P 0 -p1
+%patch -P 1 -p1
+%patch -P 2 -p1
+%patch -P 3 -p1
+%patch -P 4 -p1
+%patch -P 5 -p1
+%patch -P 6 -p1
+%patch -P 7 -p1
+%patch -P 8 -p1
+%patch -P 9 -p1
+%patch -P 10 -p1
+%patch -P 11 -p1
+%patch -P 12 -p1
+%patch -P 13 -p1
+%patch -P 14 -p1
+%patch -P 15 -p1
+%patch -P 16 -p1
+%patch -P 17 -p1
+%patch -P 18 -p1
+%patch -P 19 -p1
+%patch -P 20 -p1
+%patch -P 21 -p1
+%patch -P 22 -p1
+%patch -P 23 -p1
+%patch -P 24 -p1
+%patch -P 25 -p1
+%patch -P 26 -p1
+%patch -P 27 -p1
+%patch -P 28 -p1
 
 %build
 %ifarch sparc64
@@ -571,6 +573,10 @@ done
 %{_libdir}/rsyslog/omudpspoof.so
 
 %changelog
+* Mon Aug 26 2024 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-15.1
+- Propagate gnutlsPriorityString when accepting new connection
+  resolves: RHEL-54663
+
 * Thu May 11 2023 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-15
 - omelasticsearch: make compatible with elasticsearch>=8
 - add new action specific parameter esversion.major

sources

@@ -0,0 +1,3 @@
+SHA512 (qpid-proton-0.34.0.tar.gz) = 0de6c3d11baeee1d69821a0f1879a61b314f14589e02ea7ed0de8814c741217fdcafdd978b4061f73bc75588886299f4ac6808021506545ec8a883f39ad54fb3
+SHA512 (rsyslog-8.2102.0.tar.gz) = 281b0e5d5cb548c39a6e514e5fd5b1bdbe8ca0bdd9234f4fea581ed7679f76d2d75b65d14c3c5e799f86f91600074ff75b467aa1ff27cdbec0f4197261c5aec0
+SHA512 (rsyslog-doc-8.2102.0.tar.gz) = a5dc4fb9bd8892fac693c5692b926c8d7d9fa36667d6b4c6eccba750713af88d4317f6232efc2a16de38c2e58c4a8bc4d04c9ebb2e7ebc3b0878d53eef20dd2e