app-admin/rsyslog: Bump to version 8.16.0

Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

5 files changed, 527 insertions, 0 deletions

diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest
index fcdb4848a28f..66ab9443dd85 100644
--- a/app-admin/rsyslog/Manifest
+++ b/app-admin/rsyslog/Manifest
@@ -1,6 +1,8 @@
 DIST rsyslog-8.12.0.tar.gz 2091620 SHA256 466bfeac8296e89de1eb9029880998ba7b5fc25694143197bb47167df6cb7e20 SHA512 7735f15f8a843ee41530d180d00ab3a6854ef28e9036db7ecfe0525549b3ab2b184149c2edc4553240dd4e3003ee12ebcdf47719669daa3cc6915d5a30888c72 WHIRLPOOL b96faab541fd8b53558738b7bd71d3b6acc7d66da4fb0552d781f0e214c00a11b4a74464f7b9c9a1d62bc359658f93d380a490ee78afc11d1702975a6edc6823
 DIST rsyslog-8.13.0.tar.gz 2077267 SHA256 b182bd0a7686bef093be570bfb850417191292522fb58e0ad32f2c824f754a33 SHA512 a3245e5b10ae96e6df981291f55a43fa9a8258db213e33a36d7b5a620ea7daaac04a1f93a56304105c4fd10e546f92789831f5b2188b418b4b3b248a4e7795c9 WHIRLPOOL 8473e2c272182d84c629175aafd185cfa6fcafad8a028fd212de118f2e9abf458e062c6065dc5ebb1df27e81546a37387944ad1b3f0d16a38ee25a409b51b1c7
+DIST rsyslog-8.16.0.tar.gz 2132012 SHA256 4fe4f97c10899086d98b9401d7e8d2bcff61c7c3f7cde8627891e36fc6ec1b76 SHA512 e45acc16078d83937edd7e22f916fe050b62aa057ca4dd980823850f2195213c12db36f759c528b5fe6f1b061a61e2117fca6086245bc248392cc4e61b2383dc WHIRLPOOL 809035873565645cea5896fb19882239a0d70776ea0b948739440f7a28baf6df4bf4e958de7506d289355eadc26e1fba7e9cd8df315339f18f89acaecc462eaa
 DIST rsyslog-8.7.0.tar.gz 2003365 SHA256 c77125b67a623569c9bdca8136b9aac013f1c6fd82fb8595e3ea267e61800f9c SHA512 53feac42c14134d76f5592ee491bb56fb2c4c33822a7a5609a5267b6911a5c5c4e73c5d66a913a666967d8826ee3077b91d8d2a1d1b60bcb3d425b35ec4677b0 WHIRLPOOL c74c401de68bb59310e307a0d9859d2f58bcbf8126d637d23d4f3979a0d6c69bce8ca850c2942b43f311ea83f47c9554f34e5dc10623d32324da1b18023d357d
 DIST rsyslog-doc-8.12.0.tar.gz 4212441 SHA256 f88517c1e5ae3a8ba129d531b5b4bb79e80f70898a8a5b72a0abd7a8a0feb8f0 SHA512 a1b3907e1a474076dd11e76b267eff35dadbd5abaf3ab802a187ce045eecc6028c854ed8e661650e10c74c79408c6ded341d16af94a05f10c529faaa8f606afb WHIRLPOOL aa21ea93536bab4c9761bdbe2e6c67f650bf181f64cb7c4a78c646d319a5472895be2a118c90d7c42548575b76f62e5dc6b0c4103cf373ab9e3704a6999c6c1b
 DIST rsyslog-doc-8.13.0.tar.gz 4147364 SHA256 3da9a1446686d1cfa82c123a610f2c30f4dc1cbfa608f44ded2baf168e86b67b SHA512 6676533b1e4884f18e583be19c5a50b8f12017ecc2c6860d54dcc72d64e7eafe20a2af3a22817226df123a7a193c7090097502f287455488dd8806b7aac0a5cd WHIRLPOOL 1231580f2bf8af42a7dd34f0a88315ff56324eb64d1259a281a5266fdbe7a472f596d66a5b6d1f5cbf19fdb6f76a2083753e0de224a07653454178128de4fead
+DIST rsyslog-doc-8.16.0.tar.gz 4174347 SHA256 03033d264b29fd791299d5d618bd061853c008ac8087f3b6c4870e1b8f6abc39 SHA512 746e4de102f15ea10085ca21eeed74dd8264742ba7029cb54caf87b72070ab6a73e79af46d97717323be1e68d9d1fa78807d5d4446d15524aa4c565650f7b0d0 WHIRLPOOL ff8dfcc3dd7e87a7316f94a3b8f199cd902cbf99772bb97147b9af37b8c6941f13341438450b3dbf3139d5518488e74df6b77c1eec3182e92a9476ccb951ec5b
 DIST rsyslog-doc-8.7.0.tar.gz 4105507 SHA256 f131bfb963eed4fe74d7336ee5261876b436004b78994d47523a82c0f7d666a8 SHA512 9b5b6f28a55b58c956ca614301fc9667243d02c321f8b4071264e4040dd8fe79ba7eb5a08912e2a229bdcf12f68eec24f1c65ba7b82ccd60c8e70d34267b8405 WHIRLPOOL 386ad5164768a5a4919ba5acda29f3ef670b78cc9d6845e3c8ee252b43d6622c19c7f8ec1edd7d0f1d111bf2c06d29fb5dbf9af6b46c426932ae6caa0e63c30c
diff --git a/app-admin/rsyslog/files/8-stable/50-rsyslog-8.15.0-imfile-readmode2-vg-test-workaround.patch b/app-admin/rsyslog/files/8-stable/50-rsyslog-8.15.0-imfile-readmode2-vg-test-workaround.patch
new file mode 100644
index 000000000000..99e2d3642981
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/50-rsyslog-8.15.0-imfile-readmode2-vg-test-workaround.patch
@@ -0,0 +1,30 @@
+Workaround for https://github.com/rsyslog/rsyslog/issues/746
+
+--- rsyslog-9999/tests/imfile-readmode2-vg.sh	2016-01-20 12:35:20.368238216 +0100
++++ rsyslog-9999/tests/imfile-readmode2-vg.sh	2016-01-20 12:36:14.357031527 +0100
+@@ -11,7 +11,7 @@ echo 'msgnum:0
+ echo 'msgnum:2' >> rsyslog.input
+ 
+ # sleep a little to give rsyslog a chance to begin processing
+-sleep 1
++sleep 10
+ 
+ # write some more lines (see https://github.com/rsyslog/rsyslog/issues/144)
+ echo 'msgnum:3
+@@ -19,14 +19,14 @@ echo 'msgnum:3
+ echo 'msgnum:5' >> rsyslog.input # this one shouldn't be written to the output file because of ReadMode 2
+ 
+ # give it time to finish
+-sleep 1
++sleep 10
+ 
+ . $srcdir/diag.sh shutdown-when-empty # shut down rsyslogd when done processing messages
+ . $srcdir/diag.sh wait-shutdown-vg    # we need to wait until rsyslogd is finished!
+ . $srcdir/diag.sh check-exit-vg
+ 
+ # give it time to write the output file
+-sleep 1
++sleep 10
+ 
+ ## check if we have the correct number of messages
+ 
diff --git a/app-admin/rsyslog/files/8-stable/50-rsyslog-8.15.0-imtcp-tls-basic-vg-test-workaround.patch b/app-admin/rsyslog/files/8-stable/50-rsyslog-8.15.0-imtcp-tls-basic-vg-test-workaround.patch
new file mode 100644
index 000000000000..2157607e60d6
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/50-rsyslog-8.15.0-imtcp-tls-basic-vg-test-workaround.patch
@@ -0,0 +1,12 @@
+Workaround for https://github.com/rsyslog/rsyslog/issues/688
+
+--- rsyslog-9999/tests/imtcp-tls-basic-vg.sh	2016-01-20 12:01:44.493617917 +0100
++++ rsyslog-9999/tests/imtcp-tls-basic-vg.sh	2016-01-20 12:04:18.394711527 +0100
+@@ -9,6 +9,7 @@ echo \$DefaultNetstreamDriverCertFile $s
+ echo \$DefaultNetstreamDriverKeyFile $srcdir/tls-certs/key.pem   >>rsyslog.conf.tlscert
+ . $srcdir/diag.sh startup-vg-noleak imtcp-tls-basic.conf
+ . $srcdir/diag.sh tcpflood -p13514 -m50000 -Ttls -Z$srcdir/tls-certs/cert.pem -z$srcdir/tls-certs/key.pem
++sleep 10
+ . $srcdir/diag.sh shutdown-when-empty # shut down rsyslogd when done processing messages
+ . $srcdir/diag.sh wait-shutdown-vg
+ . $srcdir/diag.sh check-exit-vg
diff --git a/app-admin/rsyslog/files/8-stable/50-rsyslog-8.16.0-fix-queue-engine-issue-262.patch b/app-admin/rsyslog/files/8-stable/50-rsyslog-8.16.0-fix-queue-engine-issue-262.patch
new file mode 100644
index 000000000000..c906c05f0e55
--- /dev/null
+++ b/app-admin/rsyslog/files/8-stable/50-rsyslog-8.16.0-fix-queue-engine-issue-262.patch
@@ -0,0 +1,51 @@
+From b435f4e7d2ece7f2ea0a7b42826498e224be3f23 Mon Sep 17 00:00:00 2001
+From: Rainer Gerhards <rgerhards@adiscon.com>
+Date: Wed, 3 Feb 2016 16:32:07 +0100
+Subject: [PATCH] bugfix: queue engine can loose one message during queue
+ shutdown
+
+... due to improper checking of return states.
+
+closes https://github.com/rsyslog/rsyslog/issues/262
+---
+ runtime/ruleset.c | 17 +++++++++++------
+ 1 file changed, 11 insertions(+), 6 deletions(-)
+
+diff --git a/runtime/ruleset.c b/runtime/ruleset.c
+index ae5a9bd..6ca97e8 100644
+--- a/runtime/ruleset.c
++++ b/runtime/ruleset.c
+@@ -495,6 +495,7 @@ processBatch(batch_t *pBatch, wti_t *pWti)
+ 	int i;
+ 	msg_t *pMsg;
+ 	ruleset_t *pRuleset;
++	rsRetVal localRet;
+ 	DEFiRet;
+ 
+ 	DBGPRINTF("processBATCH: batch of %d elements must be processed\n", pBatch->nElem);
+@@ -506,15 +507,19 @@ processBatch(batch_t *pBatch, wti_t *pWti)
+ 		pMsg = pBatch->pElem[i].pMsg;
+ 		DBGPRINTF("processBATCH: next msg %d: %.128s\n", i, pMsg->pszRawMsg);
+ 		pRuleset = (pMsg->pRuleset == NULL) ? ourConf->rulesets.pDflt : pMsg->pRuleset;
+-		scriptExec(pRuleset->root, pMsg, pWti);
+-		// TODO: think if we need a return state of scriptExec - most probably
+-		// the answer is "no", as we need to process the batch in any case!
+-		// TODO: we must refactor this!  flag messages as committed
+-		batchSetElemState(pBatch, i, BATCH_STATE_COMM);
++		localRet = scriptExec(pRuleset->root, pMsg, pWti);
++		/* the most important case here is that processing may be aborted
++		 * due to pbShutdownImmediate, in which case we MUST NOT flag this
++		 * message as committed. If we would do so, the message would
++		 * potentially be lost.
++		 */
++		if(localRet == RS_RET_OK)
++			batchSetElemState(pBatch, i, BATCH_STATE_COMM);
+ 	}
+ 
+ 	/* commit phase */
+-	dbgprintf("END batch execution phase, entering to commit phase\n");
++	DBGPRINTF("END batch execution phase, entering to commit phase "
++		"[processed %d of %d messages]\n", i, batchNumMsgs(pBatch));
+ 	actionCommitAllDirect(pWti);
+ 
+ 	DBGPRINTF("processBATCH: batch of %d elements has been processed\n", pBatch->nElem);
diff --git a/app-admin/rsyslog/rsyslog-8.16.0.ebuild b/app-admin/rsyslog/rsyslog-8.16.0.ebuild
new file mode 100644
index 000000000000..7cd6c0023e75
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.16.0.ebuild
@@ -0,0 +1,432 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools eutils systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="http://www.rsyslog.com/"
+
+BRANCH="8-stable"
+
+PATCHES=(
+	"${FILESDIR}"/8-stable/50-rsyslog-8.15.0-imtcp-tls-basic-vg-test-workaround.patch
+	"${FILESDIR}"/8-stable/50-rsyslog-8.15.0-imfile-readmode2-vg-test-workaround.patch
+	"${FILESDIR}"/8-stable/50-rsyslog-8.16.0-fix-queue-engine-issue-262.patch
+)
+
+if [[ ${PV} == "9999" ]]; then
+	EGIT_REPO_URI="
+		git://github.com/rsyslog/${PN}.git
+		https://github.com/rsyslog/${PN}.git
+	"
+
+	DOC_REPO_URI="
+		git://github.com/rsyslog/${PN}-doc.git
+		https://github.com/rsyslog/${PN}-doc.git
+	"
+
+	inherit git-r3
+else
+	SRC_URI="
+		http://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
+		doc? ( http://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )
+	"
+	KEYWORDS="~amd64 ~arm ~hppa ~x86"
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="dbi debug doc elasticsearch +gcrypt jemalloc kerberos libressl mongodb mysql normalize omudpspoof"
+IUSE+=" postgres rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools zeromq"
+
+RDEPEND="
+	>=dev-libs/json-c-0.11:=
+	>=dev-libs/libestr-0.1.9
+	>=dev-libs/liblogging-1.0.1:=[stdlog]
+	>=sys-libs/zlib-1.2.5
+	dbi? ( >=dev-db/libdbi-0.8.3 )
+	elasticsearch? ( >=net-misc/curl-7.35.0 )
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+	jemalloc? ( >=dev-libs/jemalloc-3.3.1 )
+	kerberos? ( virtual/krb5 )
+	mongodb? ( >=dev-libs/libmongo-client-0.1.4 )
+	mysql? ( virtual/mysql )
+	normalize? (
+		>=dev-libs/libee-0.4.0
+		>=dev-libs/liblognorm-1.1.2:=
+	)
+	omudpspoof? ( >=net-libs/libnet-1.1.6 )
+	postgres? ( >=dev-db/postgresql-8.4.20:= )
+	rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0 )
+	redis? ( >=dev-libs/hiredis-0.11.0 )
+	relp? ( >=dev-libs/librelp-1.2.5 )
+	rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+	rfc5424hmac? (
+		!libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+	ssl? ( >=net-libs/gnutls-2.12.23:0= )
+	systemd? ( >=sys-apps/systemd-208 )
+	zeromq? ( >=net-libs/czmq-1.2.0 )"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig"
+
+if [[ ${PV} == "9999" ]]; then
+	DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+	DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+	DEPEND+=" >=sys-devel/bison-2.4.3"
+	DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+# Maitainer note : open a bug to upstream
+# showing that building in a separate dir fails
+AUTOTOOLS_IN_SOURCE_BUILD=1
+
+AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules"
+
+DOCS=(
+	AUTHORS
+	ChangeLog
+	"${FILESDIR}"/${BRANCH}/README.gentoo
+)
+
+src_unpack() {
+	if [[ ${PV} == "9999" ]]; then
+		git-r3_fetch
+		git-r3_checkout
+	else
+		unpack ${P}.tar.gz
+	fi
+
+	if use doc; then
+		if [[ ${PV} == "9999" ]]; then
+			local _EGIT_BRANCH=
+			if [ -n "${EGIT_BRANCH}" ]; then
+				# Cannot use rsyslog commits/branches for documentation repository
+				_EGIT_BRANCH=${EGIT_BRANCH}
+				unset EGIT_BRANCH
+			fi
+
+			git-r3_fetch "${DOC_REPO_URI}"
+			git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+			if [ -n "${_EGIT_BRANCH}" ]; then
+				# Restore previous EGIT_BRANCH information
+				EGIT_BRANCH=${_EGIT_BRANCH}
+			fi
+		else
+			local doc_tarball="${PN}-doc-${PV}.tar.gz"
+
+			cd "${S}" || die "Cannot change dir into '$S'"
+			mkdir docs || die "Failed to create docs directory"
+			cd docs || die "Failed to change dir into '${S}/docs'"
+			unpack ${doc_tarball}
+		fi
+	fi
+}
+
+src_prepare() {
+	default
+
+	eautoreconf
+	elibtoolize --patch-only
+}
+
+src_configure() {
+	# Maintainer notes:
+	# * Guardtime support is missing because libgt isn't yet available
+	#   in portage.
+	# * Hadoop's HDFS file system output module is currently not
+	#   supported in Gentoo because nobody is able to test it
+	#   (JAVA dependency).
+	# * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+	#   upstream PR 129 and 136) so we need to export HIREDIS_*
+	#   variables because rsyslog's build system depends on pkg-config.
+
+	if use redis; then
+		export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+		export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+	fi
+
+	local myeconfargs=(
+		--disable-debug-symbols
+		--disable-generate-man-pages
+		--without-valgrind-testbench
+		$(use_enable test testbench)
+		# Input Plugins without depedencies
+		--enable-imdiag
+		--enable-imfile
+		--enable-impstats
+		--enable-imptcp
+		# Message Modificiation Plugins without depedencies
+		--enable-mmanon
+		--enable-mmaudit
+		--enable-mmfields
+		--enable-mmjsonparse
+		--enable-mmpstrucdata
+		--enable-mmsequence
+		--enable-mmutf8fix
+		# Output Modification Plugins without dependencies
+		--enable-mail
+		--enable-omprog
+		--enable-omruleset
+		--enable-omstdout
+		--enable-omuxsock
+		# Misc
+		--disable-omkafka
+		--enable-pmaixforwardedfrom
+		--enable-pmciscoios
+		--enable-pmcisconames
+		--enable-pmlastmsg
+		--enable-pmsnare
+		--with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+		# DB
+		$(use_enable dbi libdbi)
+		$(use_enable mongodb ommongodb)
+		$(use_enable mysql)
+		$(use_enable postgres pgsql)
+		$(use_enable redis omhiredis)
+		# Debug
+		$(use_enable debug)
+		$(use_enable debug diagtools)
+		$(use_enable debug memcheck)
+		$(use_enable debug rtinst)
+		$(use_enable debug valgrind)
+		# Misc
+		$(use_enable elasticsearch)
+		$(use_enable gcrypt libgcrypt)
+		$(use_enable jemalloc)
+		$(use_enable kerberos gssapi-krb5)
+		$(use_enable normalize mmnormalize)
+		$(use_enable omudpspoof)
+		$(use_enable rabbitmq omrabbitmq)
+		$(use_enable relp)
+		$(use_enable rfc3195)
+		$(use_enable rfc5424hmac mmrfc5424addhmac)
+		$(use_enable snmp)
+		$(use_enable snmp mmsnmptrapd)
+		$(use_enable ssl gnutls)
+		$(use_enable systemd imjournal)
+		$(use_enable systemd omjournal)
+		$(use_enable usertools)
+		$(use_enable zeromq imzmq3)
+		$(use_enable zeromq omzmq3)
+	)
+
+	econf ${myeconfargs[@]}
+}
+
+src_compile() {
+	default
+
+	if use doc && [[ "${PV}" == "9999" ]]; then
+		einfo "Building documentation ..."
+		local doc_dir="${S}/docs"
+		cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+		sphinx-build -b html source build || die "Building documentation failed!"
+	fi
+}
+
+src_test() {
+	local _has_increased_ulimit=
+
+	# When adding new tests via patches we have to make them executable
+	einfo "Adjusting permissions of test scripts ..."
+	find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+		die "Failed to adjust test scripts permission"
+
+	if ulimit -n 3072; then
+		_has_increased_ulimit="true"
+	fi
+
+	if ! emake --jobs 1 check; then
+		eerror "Test suite failed! :("
+
+		if [ -z "${_has_increased_ulimit}" ]; then
+			eerror "Probably because open file limit couldn't be set to 3072."
+		fi
+
+		if has userpriv $FEATURES; then
+			eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+				"before you submit a bug report."
+		fi
+
+	fi
+}
+
+src_install() {
+	default
+
+	newconfd "${FILESDIR}/${BRANCH}/${PN}.confd-r1" ${PN}
+	newinitd "${FILESDIR}/${BRANCH}/${PN}.initd-r1" ${PN}
+
+	keepdir /var/empty/dev
+	keepdir /var/spool/${PN}
+	keepdir /etc/ssl/${PN}
+	keepdir /etc/${PN}.d
+
+	insinto /etc
+	newins "${FILESDIR}/${BRANCH}/${PN}.conf" ${PN}.conf
+
+	insinto /etc/rsyslog.d/
+	doins "${FILESDIR}/${BRANCH}/50-default.conf"
+
+	insinto /etc/logrotate.d/
+	newins "${FILESDIR}/${BRANCH}/${PN}.logrotate" ${PN}
+
+	if use mysql; then
+		insinto /usr/share/doc/${PF}/scripts/mysql
+		doins plugins/ommysql/createDB.sql
+	fi
+
+	if use postgres; then
+		insinto /usr/share/doc/${PF}/scripts/pgsql
+		doins plugins/ompgsql/createDB.sql
+	fi
+
+	use doc && dohtml -r "${S}/docs/build/"
+}
+
+pkg_postinst() {
+	local advertise_readme=0
+
+	if [[ -z "${REPLACING_VERSIONS}" ]]; then
+		# This is a new installation
+
+		advertise_readme=1
+
+		if use mysql || use postgres; then
+			echo
+			elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+			elog "  /usr/share/doc/${PF}/scripts"
+		fi
+
+		if use ssl; then
+			echo
+			elog "To create a default CA and certificates for your server and clients, run:"
+			elog "  emerge --config =${PF}"
+			elog "on your logging server. You can run it several times,"
+			elog "once for each logging client. The client certificates will be signed"
+			elog "using the CA certificate generated during the first run."
+		fi
+	fi
+
+	if [[ -z "${REPLACING_VERSIONS}" ]] || [[ ${REPLACING_VERSIONS} < 8.0 ]]; then
+		# Show this message until rsyslog-8.x
+		echo
+		elog "Since ${PN}-7.6.3 we no longer use the catch-all log target"
+		elog "\"/var/log/syslog\" due to its redundancy to the other log targets."
+
+		advertise_readme=1
+	fi
+
+	if [[ ${advertise_readme} -gt 0 ]]; then
+		# We need to show the README file location
+
+		echo ""
+		elog "Please read"
+		elog ""
+		elog "  ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+		elog ""
+		elog "for more details."
+	fi
+}
+
+pkg_config() {
+	if ! use ssl ; then
+		einfo "There is nothing to configure for rsyslog unless you"
+		einfo "used USE=ssl to build it."
+		return 0
+	fi
+
+	# Make sure the certificates directory exists
+	CERTDIR="${EROOT}/etc/ssl/${PN}"
+	if [ ! -d "${CERTDIR}" ]; then
+		mkdir "${CERTDIR}" || die
+	fi
+	einfo "Your certificates will be stored in ${CERTDIR}"
+
+	# Create a default CA if needed
+	if [ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]; then
+		einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = Portage automated CA
+		ca
+		cert_signing_key
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-self-signed \
+			--load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+		# Create the server certificate
+		echo
+		einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+		read -r CN
+
+		einfo "Creating private key and certificate for server ${CN}..."
+		certtool --generate-privkey \
+			--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+		cat > "${T}/${PF}.$$" <<- _EOF
+		cn = ${CN}
+		tls_www_server
+		dns_name = ${CN}
+		expiration_days = 3650
+		_EOF
+
+		certtool --generate-certificate \
+			--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+			--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+			--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+			--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+			--template "${T}/${PF}.$$" &>/dev/null
+		chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	else
+		einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+	fi
+
+	# Create a client certificate
+	echo
+	einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+	read -r CN
+
+	einfo "Creating private key and certificate for client ${CN}..."
+	certtool --generate-privkey \
+		--outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+	cat > "${T}/${PF}.$$" <<- _EOF
+	cn = ${CN}
+	tls_www_client
+	dns_name = ${CN}
+	expiration_days = 3650
+	_EOF
+
+	certtool --generate-certificate \
+		--outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+		--load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+		--load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+		--load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+		--template "${T}/${PF}.$$" &>/dev/null
+	chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+	rm -f "${T}/${PF}.$$"
+
+	echo
+	einfo "Here is the documentation on how to encrypt your log traffic:"
+	einfo " http://www.rsyslog.com/doc/rsyslog_tls.html"
+}