11 files changed, 49 insertions, 12 deletions

diff --git a/ChangeLog b/ChangeLog
index 6becbda9..a94eb24a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,19 @@
   go to vbernetr, who performed the analysis and provided patch, which
   I only tweaked a very little bit.
 ---------------------------------------------------------------------------
+Version 3.20.5 [v3-stable] (rgerhards), 2009-0?-??
+- fixed bugs in RainerScript:
+  o when converting a number and a string to a common type, both were 
+    actually converted to the other variable's type.
+  o the value of rsCStrConvertToNumber() was miscalculated.
+  Thanks to varmojfekoj for the patch
+- fixed a bug in configure.ac which resulted in problems with
+  environment detection - thanks to Michael Biebl for the patch
+- fixed a potential segfault problem in gssapi code
+  thanks to varmojfekoj for the patch
+- doc enhance: provide standard template for MySQL module and instructions
+  on how to modify schema
+---------------------------------------------------------------------------
 Version 3.20.4 [v3-stable] (rgerhards), 2009-02-09
 - bugfix: inconsistent use of mutex/atomic operations could cause segfault
   details are too many, for full analysis see blog post at:
diff --git a/configure.ac b/configure.ac
index c5bcaecf..6a79d9a3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -19,6 +19,8 @@ AC_DISABLE_STATIC
 AC_PROG_LIBTOOL
 AC_CANONICAL_HOST
 
+PKG_PROG_PKG_CONFIG
+
 case "${host}" in
   *-*-linux*)
     os_type="linux"
diff --git a/doc/manual.html b/doc/manual.html
index aa0fdb3b..e7db5768 100644
--- a/doc/manual.html
+++ b/doc/manual.html
@@ -53,7 +53,7 @@ modules</a></li><li><a href="man_rsyslogd.html">rsyslogd man page</a>
 <li><a href="install.html">installing rsyslog</a></li>
 <li><a href="build_from_repo.html">obtaining rsyslog from the source repository</a></li>
 <li><a href="ipv6.html">rsyslog and IPv6</a> (which is fully supported)</li>
-<li><a href="rsyslog_tls.html">native TLS encryption for syslog</a></li>
+<li><a href="rsyslog_secure_tls.html">native TLS encryption for syslog</a></li>
 <li><a href="rsyslog_stunnel.html">ssl-encrypting syslog with stunnel</a></li>
 <li><a href="rsyslog_mysql.html">writing syslog messages to MySQL (and other databases as well)</a></li>
 <li><a href="rsyslog_high_database_rate.html">writing massive amounts of syslog messages to a database</a></li>
@@ -86,6 +86,7 @@ wiki</a>, a community resource which&nbsp;includes <a href="http://wiki.rsyslog.
 online documentation (most current version only)</a></li>
 
 <li><a href="http://kb.monitorware.com/rsyslog-f40.html">rsyslog discussion forum - use this for technical support</a></li>
+<li><a href="http://www.rsyslog.com/Topic8.phtml">rsyslog video tutorials</a></li>
 <li><a href="http://www.rsyslog.com/Topic4.phtml">rsyslog change log</a></li>
 <li><a href="http://www.rsyslog.com/Topic3.phtml">rsyslog FAQ</a></li> 
 <li><a href="http://www.monitorware.com/en/syslog-enabled-products/">syslog device configuration guide</a> (off-site)</li>
diff --git a/doc/ommysql.html b/doc/ommysql.html
index 79d913eb..e81ce532 100644
--- a/doc/ommysql.html
+++ b/doc/ommysql.html
@@ -26,6 +26,17 @@ you know the server is running on a non-standard listen port.
 <br><b>:ommysql:database-server,database-name,database-userid,database-password</b>
 <br>All parameters should be filled in for a successful connect.
 </ul>
+<p>Note rsyslog contains a canned default template to write to the MySQL
+database. It works on the MonitorWare schema. This template is:
+<p>
+<textarea rows="5" cols="80">$template tpl,"insert into SystemEvents (Message, Facility, FromHost, Priority, DeviceReportedTime, ReceivedAt, InfoUnitID, SysLogTag) values ('%msg%', %syslogfacility%, '%HOSTNAME%', %syslogpriority%, '%timereported:::date-mysql%', '%timegenerated:::date-mysql%', %iut%, '%syslogtag%')",SQL
+</textarea>
+<p>As you can see, the template is an actual SQL statement. Note the ",SQL" option: it tells the
+template processor that the template is used for SQL processing, thus quote characters are quoted
+to prevent security issues. You can not assign a template without ",SQL" to a MySQL output action.
+<p>If you would like to change fields contents or add or delete your own fields, you
+can simply do so by modifying the schema (if required) and creating your own custom
+template.
 <p><b>Sample:</b></p>
 <p>The following sample writes all syslog messages to the
 database "syslog_db" on mysqlsever.example.com. The server is
@@ -40,7 +51,7 @@ $ActionOmmysqlServerPort 1234 # use non-standard port
 <p><font size="2">This documentation is part of the
 <a href="http://www.rsyslog.com/">rsyslog</a>
 project.<br>
-Copyright &copy; 2008 by <a href="http://www.gerhards.net/rainer">Rainer Gerhards</a> and
+Copyright &copy; 2008, 2009 by <a href="http://www.gerhards.net/rainer">Rainer Gerhards</a> and
 <a href="http://www.adiscon.com/">Adiscon</a>.
 Released under the GNU GPL version 3 or higher.</font></p>
 </body></html>
diff --git a/doc/rsyslog_conf.html b/doc/rsyslog_conf.html
index 01e693e4..9855a1b0 100644
--- a/doc/rsyslog_conf.html
+++ b/doc/rsyslog_conf.html
@@ -232,7 +232,11 @@ Lines starting with a hash mark ("#'') and empty lines are ignored.
 any
 format a user might want. They are also used for dynamic file name
 generation. Every output in rsyslog uses templates - this holds true
-for files, user messages and so on. The database writer expects its
+for files, user messages and so on.
+Please note that there is an 
+<a href="http://www.rsyslog.com/Article354.phtml">online tutorial on rsyslog templates</a>
+available on the web. We recommend viewing it.
+The database writer expects its
 template to be a proper SQL statement - so this is highly customizable
 too. You might ask how does all of this work when no templates at all
 are specified. Good question ;) The answer is simple, though. Templates
diff --git a/doc/rsyslog_stunnel.html b/doc/rsyslog_stunnel.html
index 104a672e..1d024934 100644
--- a/doc/rsyslog_stunnel.html
+++ b/doc/rsyslog_stunnel.html
@@ -22,7 +22,7 @@ a peek at your data.</b> In some environments, this is no problem at all. In
 others, it is a huge setback, probably even preventing deployment of syslog 
 solutions. Thankfully, there is an easy way to encrypt syslog communication. I 
 will describe one approach in this paper.</p>
-<p>The most straigthforward solution would be that the syslogd itself encrypts 
+<p>The most straightforward solution would be that the syslogd itself encrypts 
 messages. Unfortuantely, encryption is only standardized in
 <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">RFC 3195</a>. But there 
 is currently no syslogd that implements RFC 3195's encryption features, 
@@ -237,4 +237,4 @@ comments or find bugs (I *do* bugs - no way... ;)), please
 <a href="http://www.gnu.org/copyleft/fdl.html">
 http://www.gnu.org/copyleft/fdl.html</a>.</p>
 
-</body></html>
\ No newline at end of file
+</body></html>
diff --git a/doc/rsyslog_tls.html b/doc/rsyslog_tls.html
index 7d156c3a..a26a9f53 100644
--- a/doc/rsyslog_tls.html
+++ b/doc/rsyslog_tls.html
@@ -116,7 +116,7 @@ $DefaultNetstreamDriverCAFile /path/to/contrib/gnutls/ca.pem
 $DefaultNetstreamDriverCertFile /path/to/contrib/gnutls/cert.pem
 $DefaultNetstreamDriverKeyFile /path/to/contrib/gnutls/key.pem
 
-$ModLoad /home/rger/proj/rsyslog/plugins/imtcp/.libs/imtcp # load listener
+$ModLoad imtcp # load TCP listener
 
 $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
 $InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated
diff --git a/doc/tls_cert_server.html b/doc/tls_cert_server.html
index 51ad7bed..9c68db5d 100644
--- a/doc/tls_cert_server.html
+++ b/doc/tls_cert_server.html
@@ -87,8 +87,8 @@ what we assume in this tutorial. Evaluate your options based on your security ne
 <p>Keep in mind that this rsyslog.conf accepts messages via TCP, only. The only other
 source accepted is messages from the server itself.
 <code><pre>
-$ModLoad /home/rger/proj/rsyslog/plugins/imuxsock/.libs/imuxsock # local messages
-$ModLoad /home/rger/proj/rsyslog/plugins/imtcp/.libs/imtcp
+$ModLoad imuxsock # local messages
+$ModLoad imtcp # TCP listener
 
 # make gtls driver the default
 $DefaultNetstreamDriver gtls
diff --git a/plugins/imgssapi/imgssapi.c b/plugins/imgssapi/imgssapi.c
index df080020..d2b5fd8e 100644
--- a/plugins/imgssapi/imgssapi.c
+++ b/plugins/imgssapi/imgssapi.c
@@ -266,7 +266,8 @@ doOpenLstnSocks(tcpsrv_t *pSrv)
 		if(pGSrv->allowedMethods) {
 			/* fallback to plain TCP */
 			CHKiRet(tcpsrv.create_tcp_socket(pSrv));
-			dbgprintf("Opened %d syslog TCP port(s).\n", *pRet);
+		} else {
+			ABORT_FINALIZE(RS_RET_GSS_ERR);
 		}
 	}
 
@@ -333,6 +334,11 @@ addGSSListener(void __attribute__((unused)) *pVal, uchar *pNewVal)
 	}
 
 finalize_it:
+	if(iRet != RS_RET_OK) {
+		errmsg.LogError(0, NO_ERRCODE, "error %d trying to add listener", iRet);
+		if(pOurTcpsrv != NULL)
+			tcpsrv.Destruct(&pOurTcpsrv);
+	}
 	RETiRet;
 }
 
diff --git a/runtime/stringbuf.c b/runtime/stringbuf.c
index 93d1e1ef..63b42348 100644
--- a/runtime/stringbuf.c
+++ b/runtime/stringbuf.c
@@ -820,7 +820,7 @@ rsCStrConvertToNumber(cstr_t *pStr, number_t *pNumber)
 	/* TODO: octal? hex? */
 	n = 0;
 	while(i < pStr->iStrLen && isdigit(pStr->pBuf[i])) {
-		n = n * 10 + pStr->pBuf[i] * 10;
+		n = n * 10 + pStr->pBuf[i] - '0';
 		++i;
 	}
 	
diff --git a/runtime/var.c b/runtime/var.c
index 7e51fc6d..f964874b 100644
--- a/runtime/var.c
+++ b/runtime/var.c
@@ -327,7 +327,7 @@ ConvForOperation(var_t *pThis, var_t *pOther)
 				case VARTYPE_NUMBER:
 					/* check if we can convert pThis to a number, if so use number format. */
 					iRet = ConvToNumber(pThis);
-					if(iRet != RS_RET_NOT_A_NUMBER) {
+					if(iRet == RS_RET_NOT_A_NUMBER) {
 						CHKiRet(ConvToString(pOther));
 					} else {
 						FINALIZE; /* OK or error */
@@ -345,7 +345,7 @@ ConvForOperation(var_t *pThis, var_t *pOther)
 					break;
 				case VARTYPE_STR:
 					iRet = ConvToNumber(pOther);
-					if(iRet != RS_RET_NOT_A_NUMBER) {
+					if(iRet == RS_RET_NOT_A_NUMBER) {
 						CHKiRet(ConvToString(pThis));
 					} else {
 						FINALIZE; /* OK or error */