fluent-logger 0.8.2 → 0.9.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7be5ae39c39ebb27bdeeaa66b1d103cb6e7d8f7d6f0f5073ff5320c333345c37
4
- data.tar.gz: 6f226c613086aff26729786e088a2923552fd02a8e28ebe88654d1dda068b98f
3
+ metadata.gz: 00161d7e89f54b0c1627bb5b0ce36a7689405b84da319db5c4052e585c09f6a7
4
+ data.tar.gz: fc7229efbe7fb40412fe22080aa974156f49f7d5e4257c0071d82eb7359cca72
5
5
  SHA512:
6
- metadata.gz: 53da0192645010cd5fe3ddc739ff4a6c5784ceb5ddbb8216b25ccd562a176606abfeeb5a9e164d0734e53467b69de749075136c07aebfa02e1da9babfb3f5e1b
7
- data.tar.gz: db4c2283dc26641cdf4ac727ebb8815fa0e9ce3c0672b0e5bb98030aa83538005d653547551fa1ac954e591013ff1aaefbf1556905e5e4445479492e5b07b6a0
6
+ metadata.gz: 1066053b93cf4173b29e063659d7f80bb42b77a116b85b2a18f3d43cf19c54538359336b4b120d0ff43b65cc58110ae8a3357a52f417a0379ea09c306e27b808
7
+ data.tar.gz: 8c7839a41b615ccf34ebcd656c1719ba99245c39abe9981969b8cb7d1a9cf57ad972dfb8276ebffe4c8c132d95d2a1dfc1db5b354bfc720b4a7c569722688a33
@@ -1,15 +1,12 @@
1
1
  rvm:
2
- - 2.1
3
- - 2.2
4
- - 2.3.7
5
- - 2.4.5
6
- - 2.5.3
7
- - 2.6.0
2
+ - 2.4.10
3
+ - 2.5
4
+ - 2.6
5
+ - 2.7
8
6
  - ruby-head
9
7
 
10
8
  gemfile:
11
9
  - Gemfile
12
- - Gemfile.v0.12
13
10
 
14
11
  before_install: gem update bundler
15
12
  script: bundle exec rake spec
@@ -19,16 +16,3 @@ sudo: false
19
16
  matrix:
20
17
  allow_failures:
21
18
  - rvm: ruby-head
22
- exclude:
23
- - rvm: 2.2
24
- gemfile: Gemfile.v0.12
25
- - rvm: 2.3.7
26
- gemfile: Gemfile.v0.12
27
- - rvm: 2.4.5
28
- gemfile: Gemfile.v0.12
29
- - rvm: 2.5.3
30
- gemfile: Gemfile.v0.12
31
- - rvm: 2.6.0
32
- gemfile: Gemfile.v0.12
33
- - rvm: ruby-head
34
- gemfile: Gemfile.v0.12
data/ChangeLog CHANGED
@@ -1,3 +1,7 @@
1
+ Release 0.9.0 - 2020/09/04
2
+
3
+ * FluentLogger supports TLS
4
+
1
5
  Release 0.8.2 - 2019/08/21
2
6
 
3
7
  * Block timeout during IO#write to avoid writing invalid bytes
data/README.md CHANGED
@@ -82,6 +82,36 @@ end
82
82
  # output: myapp.access {"agent":"foo"}
83
83
  ```
84
84
 
85
+ ### TLS setting
86
+
87
+ ```ruby
88
+ require 'fluent-logger'
89
+
90
+ tls_opts = {
91
+ :ca => '/path/to/cacert.pem',
92
+ :cert => '/path/to/client-cert.pem',
93
+ :key => '/path/to/client-key.pem',
94
+ :key_passphrase => 'test'
95
+ }
96
+ log = Fluent::Logger::FluentLogger.new(nil, :host => 'localhost', :port => 24224, :tls_options => tls_opts)
97
+ ```
98
+
99
+ `in_forward` config example:
100
+
101
+ ```
102
+ <source>
103
+ @type forward
104
+ <transport tcp>
105
+ version TLS1_2
106
+ ca_path /path/to/cacert.pem
107
+ cert_path /path/to/server-cert.pem
108
+ private_key_path /path/to/server-key.pem
109
+ private_key_passphrase test
110
+ client_cert_auth true
111
+ </transport>
112
+ </source>
113
+ ```
114
+
85
115
  ### Singleton
86
116
  ```ruby
87
117
  require 'fluent-logger'
@@ -122,6 +152,19 @@ If `false`, `Logger#post` raises an error when nonblocking write gets `EAGAIN` (
122
152
 
123
153
  Pass callback for handling buffer overflow with pending data. See "Buffer overflow" section.
124
154
 
155
+ #### tls_options (Hash)
156
+
157
+ Pass TLS related options.
158
+
159
+ - use_default_ca: Set `true` if you want to use default CA
160
+ - ca: CA file path
161
+ - cert: Certificate file path
162
+ - key: Private key file path
163
+ - key_passphrase: Private key passphrase
164
+ - version: TLS version. Default is `OpenSSL::SSL::TLS1_2_VERSION`
165
+ - ciphers: The list of cipher suites. Default is `ALL:!aNULL:!eNULL:!SSLv2`
166
+ - insecure: Set `true` when `in_forward` uses `insecure true`
167
+
125
168
  ### Standard ::Logger compatible interface
126
169
 
127
170
  #### Example1
@@ -18,6 +18,7 @@
18
18
  require 'timeout'
19
19
  require 'msgpack'
20
20
  require 'socket'
21
+ require 'openssl'
21
22
  require 'monitor'
22
23
  require 'logger'
23
24
  require 'json'
@@ -84,6 +85,7 @@ module Fluent
84
85
  @socket_path = options[:socket_path]
85
86
  @nanosecond_precision = options[:nanosecond_precision]
86
87
  @use_nonblock = options[:use_nonblock]
88
+ @tls_options = options[:tls_options]
87
89
 
88
90
  @factory = MessagePack::Factory.new
89
91
  if @nanosecond_precision
@@ -169,6 +171,33 @@ module Fluent
169
171
  @con = UNIXSocket.new(@socket_path)
170
172
  else
171
173
  @con = TCPSocket.new(@host, @port)
174
+ if @tls_options
175
+ context = OpenSSL::SSL::SSLContext.new
176
+ if @tls_options[:insecure]
177
+ context.verify_mode = OpenSSL::SSL::VERIFY_NONE
178
+ else
179
+ context.set_params({})
180
+ context.verify_mode = OpenSSL::SSL::VERIFY_PEER
181
+ cert_store = OpenSSL::X509::Store.new
182
+ if @tls_options[:use_default_ca]
183
+ cert_store.set_default_paths
184
+ end
185
+ if @tls_options[:ca]
186
+ cert_store.add_file(@tls_options[:ca])
187
+ end
188
+
189
+ context.cert = OpenSSL::X509::Certificate.new(File.read(@tls_options[:cert])) if @tls_options[:cert]
190
+ context.key = OpenSSL::PKey::read(File.read(@tls_options[:key]), @tls_options[:key_passphrase]) if @tls_options[:key]
191
+ context.ciphers = @tls_options[:ciphers] || "ALL:!aNULL:!eNULL:!SSLv2".freeze
192
+ context.cert_store = cert_store
193
+ end
194
+ set_tls_version(context)
195
+
196
+ @con = OpenSSL::SSL::SSLSocket.new(@con, context)
197
+ @con.sync_close = true
198
+ @con.connect
199
+ end
200
+ @con
172
201
  end
173
202
  end
174
203
 
@@ -186,6 +215,16 @@ module Fluent
186
215
 
187
216
  private
188
217
 
218
+ def set_tls_version(context)
219
+ if context.respond_to?(:min_version=)
220
+ ver = @tls_options[:version] || OpenSSL::SSL::TLS1_2_VERSION
221
+ context.min_version = ver
222
+ context.max_version = ver
223
+ else
224
+ context.ssl_version = @tls_options[:version] || :'TLSv1_2'
225
+ end
226
+ end
227
+
189
228
  def to_msgpack(msg)
190
229
  @mon.synchronize {
191
230
  res = begin
@@ -1,5 +1,5 @@
1
1
  module Fluent
2
2
  module Logger
3
- VERSION = '0.8.2'
3
+ VERSION = '0.9.0'
4
4
  end
5
5
  end
@@ -373,4 +373,51 @@ describe Fluent::Logger::FluentLogger do
373
373
  end
374
374
  end
375
375
  end
376
+
377
+ context "running fluentd with TLS" do
378
+ before(:all) do
379
+ @serverengine = DummyServerengine.new
380
+ @serverengine.startup
381
+ end
382
+
383
+ before(:each) do
384
+ fluentd.startup(true)
385
+ end
386
+
387
+ after(:each) do
388
+ fluentd.shutdown
389
+ end
390
+
391
+ after(:all) do
392
+ @serverengine.shutdown
393
+ end
394
+
395
+ let(:logger_config) {
396
+ {
397
+ :host => 'localhost',
398
+ :port => fluentd.port,
399
+ :logger => internal_logger,
400
+ :buffer_overflow_handler => buffer_overflow_handler,
401
+ :tls_options => {:insecure => true}
402
+ }
403
+ }
404
+
405
+ context('post') do
406
+ it ('success') {
407
+ expect(logger.pending_bytesize).to eq 0
408
+ expect(logger.post('tag', {'a' => 'b'})).to be true
409
+ fluentd.wait_transfer
410
+ expect(fluentd.queue.last).to eq ['logger-test.tag', {'a' => 'b'}]
411
+ expect(logger.pending_bytesize).to eq 0
412
+ }
413
+
414
+ it ('success with nanosecond') {
415
+ expect(logger_with_nanosec.pending_bytesize).to eq 0
416
+ expect(logger_with_nanosec.post('tag', {'a' => 'b'})).to be true
417
+ fluentd.wait_transfer
418
+ expect(fluentd.queue.last).to eq ['logger-test.tag', {'a' => 'b'}]
419
+ expect(fluentd.output.emits.first[1]).to be_a_kind_of(Fluent::EventTime)
420
+ }
421
+ end
422
+ end
376
423
  end
@@ -51,8 +51,22 @@ class DummyFluentd
51
51
  queue
52
52
  end
53
53
 
54
- def startup
55
- config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
54
+ def startup(with_tls = false)
55
+ if with_tls
56
+ config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
57
+ <source>
58
+ type forward
59
+ port #{port}
60
+ <transport tls>
61
+ insecure true
62
+ </transport>
63
+ </source>
64
+ <match logger-test.**>
65
+ type test
66
+ </match>
67
+ EOF
68
+ else
69
+ config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
56
70
  <source>
57
71
  type forward
58
72
  port #{port}
@@ -61,6 +75,8 @@ class DummyFluentd
61
75
  type test
62
76
  </match>
63
77
  EOF
78
+ end
79
+
64
80
  Fluent::Test.setup
65
81
  Fluent::Engine.run_configure(config)
66
82
  @coolio_default_loop = nil
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-logger
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.2
4
+ version: 0.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sadayuki Furuhashi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-21 00:00:00.000000000 Z
11
+ date: 2020-09-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: msgpack
@@ -161,7 +161,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
161
161
  - !ruby/object:Gem::Version
162
162
  version: '0'
163
163
  requirements: []
164
- rubygems_version: 3.0.3
164
+ rubygems_version: 3.1.2
165
165
  signing_key:
166
166
  specification_version: 4
167
167
  summary: fluent logger for ruby