fluent-mixin-certificate 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +22 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +50 -0
- data/Rakefile +2 -0
- data/fluent-mixin-certificate.gemspec +22 -0
- data/lib/fluent/mixin/certificate.rb +73 -0
- metadata +108 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 54f51ae6db9b220a1120c6a9a00ef6aaf453aee1
|
4
|
+
data.tar.gz: 1baeb05a5c88da7938f6014ee7ca6cbf513b6855
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 6d49e2db0316ea2aa83171f77c1e32ea6d42072fcea788ba7b33a5f1b3f19b90f950095723fb45c06c06d632a04b03681df09bfd8c00967900c2726c2f4bc1e1
|
7
|
+
data.tar.gz: bcec7877232e6a3c41b512f6156f492b5fb3f39026c73b3fde1dd4b870515627a781207a136097ec5fd7b5a49da67c02690ecc33b88dd431ea3e235872ddd8a8
|
data/.gitignore
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
*.gem
|
2
|
+
*.rbc
|
3
|
+
.bundle
|
4
|
+
.config
|
5
|
+
.yardoc
|
6
|
+
Gemfile.lock
|
7
|
+
InstalledFiles
|
8
|
+
_yardoc
|
9
|
+
coverage
|
10
|
+
doc/
|
11
|
+
lib/bundler/man
|
12
|
+
pkg
|
13
|
+
rdoc
|
14
|
+
spec/reports
|
15
|
+
test/tmp
|
16
|
+
test/version_tmp
|
17
|
+
tmp
|
18
|
+
*.bundle
|
19
|
+
*.so
|
20
|
+
*.o
|
21
|
+
*.a
|
22
|
+
mkmf.log
|
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2014 TAGOMORI Satoshi
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
# Fluent::Mixin::Certificate
|
2
|
+
|
3
|
+
Fluent::Mixin::Certificate is a mixin-module, that provides certificate/private-key managements for Fluentd plugins.
|
4
|
+
|
5
|
+
This module provides:
|
6
|
+
|
7
|
+
* configration parameters for SSL certificate/private-key generation
|
8
|
+
* `#certificate` instance method to return `cert` and `key` values which specified by configuration parameters
|
9
|
+
|
10
|
+
## Usage
|
11
|
+
|
12
|
+
To use this module in your fluentd plugin, just include this module.
|
13
|
+
|
14
|
+
```ruby
|
15
|
+
module Fluent
|
16
|
+
class YourAwesomeInput < Input
|
17
|
+
Fluent::Plugin.register_input('your_awesome', self)
|
18
|
+
#
|
19
|
+
include Fluent::Mixin::Certificate
|
20
|
+
### this 'include' adds these config_param items below.
|
21
|
+
# config_param :self_hostname, :string
|
22
|
+
#
|
23
|
+
# config_param :cert_auto_generate, :bool, :default => false
|
24
|
+
# config_param :generate_private_key_length, :integer, :default => 2048
|
25
|
+
#
|
26
|
+
# config_param :generate_cert_country, :string, :default => 'US'
|
27
|
+
# config_param :generate_cert_state, :string, :default => 'CA'
|
28
|
+
# config_param :generate_cert_locality, :string, :default => 'Mountain View'
|
29
|
+
# config_param :generate_cert_common_name, :string, :default => nil
|
30
|
+
#
|
31
|
+
# config_param :cert_file_path, :string, :default => nil
|
32
|
+
# config_param :private_key_file, :string, :default => nil
|
33
|
+
# config_param :private_key_passphrase, :string, :default => nil
|
34
|
+
end
|
35
|
+
end
|
36
|
+
```
|
37
|
+
|
38
|
+
This module use `self_host` parameter to generate common name of certificates. This is a required configuration parameter.
|
39
|
+
|
40
|
+
Moreover, just one of `cert_auto_generate yes` or `cert_file_path PATH` must be specified.
|
41
|
+
|
42
|
+
## AUTHOR / CONTRIBUTORS
|
43
|
+
|
44
|
+
* AUTHOR
|
45
|
+
* TAGOMORI Satoshi <tagomoris@gmail.com>
|
46
|
+
|
47
|
+
## LICENSE
|
48
|
+
|
49
|
+
* Copyright: Copyright (c) 2014- tagomoris
|
50
|
+
* License: Apache License, Version 2.0
|
data/Rakefile
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
|
3
|
+
Gem::Specification.new do |spec|
|
4
|
+
spec.name = "fluent-mixin-certificate"
|
5
|
+
spec.version = "0.0.1"
|
6
|
+
spec.authors = ["TAGOMORI Satoshi"]
|
7
|
+
spec.email = ["tagomoris@gmail.com"]
|
8
|
+
spec.summary = %q{Fluentd mixin module to provide certificate/key generation/handling}
|
9
|
+
spec.description = %q{}
|
10
|
+
spec.homepage = "https://github.com/tagomoris/fluent-mixin-certificate"
|
11
|
+
spec.license = "APLv2"
|
12
|
+
|
13
|
+
spec.files = `git ls-files -z`.split("\x0")
|
14
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
15
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
16
|
+
spec.require_paths = ["lib"]
|
17
|
+
|
18
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
19
|
+
spec.add_development_dependency "rake"
|
20
|
+
spec.add_runtime_dependency "fluentd"
|
21
|
+
spec.add_runtime_dependency "fluent-mixin-config-placeholders"
|
22
|
+
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
require 'fluent/config'
|
2
|
+
require 'fluent/mixin/config_placeholders'
|
3
|
+
|
4
|
+
module Fluent
|
5
|
+
module Mixin
|
6
|
+
module Certificate
|
7
|
+
def self.included(mod)
|
8
|
+
mod.config_param :self_hostname, :string
|
9
|
+
|
10
|
+
mod.config_param :cert_auto_generate, :bool, :default => false
|
11
|
+
mod.config_param :generate_private_key_length, :integer, :default => 2048
|
12
|
+
|
13
|
+
mod.config_param :generate_cert_country, :string, :default => 'US'
|
14
|
+
mod.config_param :generate_cert_state, :string, :default => 'CA'
|
15
|
+
mod.config_param :generate_cert_locality, :string, :default => 'Mountain View'
|
16
|
+
mod.config_param :generate_cert_common_name, :string, :default => nil
|
17
|
+
|
18
|
+
mod.config_param :cert_file_path, :string, :default => nil
|
19
|
+
mod.config_param :private_key_file, :string, :default => nil
|
20
|
+
mod.config_param :private_key_passphrase, :string, :default => nil
|
21
|
+
end
|
22
|
+
|
23
|
+
def initialize
|
24
|
+
super
|
25
|
+
require 'openssl'
|
26
|
+
end
|
27
|
+
|
28
|
+
def configure(conf)
|
29
|
+
super
|
30
|
+
|
31
|
+
raise Fluent::ConfigError, "self_hostname missing" unless @self_hostname
|
32
|
+
|
33
|
+
if ! @cert_auto_generate and ! @cert_file_path
|
34
|
+
raise Fluent::ConfigError, "Both of cert_auto_generate and cert_file_path are not specified. See README."
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
def certificate
|
39
|
+
return @cert, @key if @cert && @key
|
40
|
+
|
41
|
+
if @cert_auto_generate
|
42
|
+
@generate_cert_common_name ||= @self_hostname
|
43
|
+
|
44
|
+
key = OpenSSL::PKey::RSA.generate(@generate_private_key_length)
|
45
|
+
|
46
|
+
digest = OpenSSL::Digest::SHA1.new
|
47
|
+
issuer = subject = OpenSSL::X509::Name.new
|
48
|
+
subject.add_entry('C', @generate_cert_country)
|
49
|
+
subject.add_entry('ST', @generate_cert_state)
|
50
|
+
subject.add_entry('L', @generate_cert_locality)
|
51
|
+
subject.add_entry('CN', @generate_cert_common_name)
|
52
|
+
|
53
|
+
cer = OpenSSL::X509::Certificate.new
|
54
|
+
cer.not_before = Time.at(0)
|
55
|
+
cer.not_after = Time.at(0)
|
56
|
+
cer.public_key = key
|
57
|
+
cer.serial = 1
|
58
|
+
cer.issuer = issuer
|
59
|
+
cer.subject = subject
|
60
|
+
cer.sign(key, digest)
|
61
|
+
|
62
|
+
@cert = cer
|
63
|
+
@key = key
|
64
|
+
return @cert, @key
|
65
|
+
end
|
66
|
+
|
67
|
+
@cert = OpenSSL::X509::Certificate.new(File.read(@cert_file_path))
|
68
|
+
@key = OpenSSL::PKey::RSA.new(File.read(@private_key_file), @private_key_passphrase)
|
69
|
+
return @cert, @key
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
metadata
ADDED
@@ -0,0 +1,108 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: fluent-mixin-certificate
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- TAGOMORI Satoshi
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-07-26 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.6'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.6'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: fluentd
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - ">="
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - ">="
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: fluent-mixin-config-placeholders
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :runtime
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
description: ''
|
70
|
+
email:
|
71
|
+
- tagomoris@gmail.com
|
72
|
+
executables: []
|
73
|
+
extensions: []
|
74
|
+
extra_rdoc_files: []
|
75
|
+
files:
|
76
|
+
- ".gitignore"
|
77
|
+
- Gemfile
|
78
|
+
- LICENSE.txt
|
79
|
+
- README.md
|
80
|
+
- Rakefile
|
81
|
+
- fluent-mixin-certificate.gemspec
|
82
|
+
- lib/fluent/mixin/certificate.rb
|
83
|
+
homepage: https://github.com/tagomoris/fluent-mixin-certificate
|
84
|
+
licenses:
|
85
|
+
- APLv2
|
86
|
+
metadata: {}
|
87
|
+
post_install_message:
|
88
|
+
rdoc_options: []
|
89
|
+
require_paths:
|
90
|
+
- lib
|
91
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
92
|
+
requirements:
|
93
|
+
- - ">="
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '0'
|
96
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
97
|
+
requirements:
|
98
|
+
- - ">="
|
99
|
+
- !ruby/object:Gem::Version
|
100
|
+
version: '0'
|
101
|
+
requirements: []
|
102
|
+
rubyforge_project:
|
103
|
+
rubygems_version: 2.2.2
|
104
|
+
signing_key:
|
105
|
+
specification_version: 4
|
106
|
+
summary: Fluentd mixin module to provide certificate/key generation/handling
|
107
|
+
test_files: []
|
108
|
+
has_rdoc:
|