Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
add a parameter to enable in-depth GnuTLS debug output #219
GnuTLS is often very picky about certificates, and the error codes are sometimes quite generic. Inside rsyslog's ./runtime/nsd_gtls.c there is a code to enable very in-depth logging of GnuTLS actions, but it is commented out via "#if 0". This was based on the assumption that it is only useful for rsyslog developers.
As it turned out, it's useful for users as well, at least in otherwise hard to solve cases. So we should add a (probably global) option to enable GnuTLS debugging.
While this is not available, users can get the same benefits by building rsyslog from source and changing the "#if 0" to "#if 1" in all cases.
added a commit
Jan 26, 2015
I don't know their schedule, but you are probably right. I suggest to build from source. A tarball is already available at http://www.rsyslog.com/downloads/download-daily-build/
Old, but important. The GnuTLS debug directive (late rsyslog 8.x code) now uses a quoted-integer from zero (0) to ten (10), with most useful output emitted at level "3" or higher. The old "on" value (such as referenced in #184) simply throws a configuration file parser error. :-)
Example rsyslog.conf line: