fluent-mixin-certificate 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 54f51ae6db9b220a1120c6a9a00ef6aaf453aee1
+  data.tar.gz: 1baeb05a5c88da7938f6014ee7ca6cbf513b6855
+SHA512:
+  metadata.gz: 6d49e2db0316ea2aa83171f77c1e32ea6d42072fcea788ba7b33a5f1b3f19b90f950095723fb45c06c06d632a04b03681df09bfd8c00967900c2726c2f4bc1e1
+  data.tar.gz: bcec7877232e6a3c41b512f6156f492b5fb3f39026c73b3fde1dd4b870515627a781207a136097ec5fd7b5a49da67c02690ecc33b88dd431ea3e235872ddd8a8

data/.gitignore

@@ -0,0 +1,22 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in fluent-mixin-certificate.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 TAGOMORI Satoshi
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,50 @@
+# Fluent::Mixin::Certificate
+
+Fluent::Mixin::Certificate is a mixin-module, that provides certificate/private-key managements for Fluentd plugins.
+
+This module provides:
+
+* configration parameters for SSL certificate/private-key generation
+* `#certificate` instance method to return `cert` and `key` values which specified by configuration parameters
+
+## Usage
+
+To use this module in your fluentd plugin, just include this module.
+
+```ruby
+module Fluent
+  class YourAwesomeInput < Input
+    Fluent::Plugin.register_input('your_awesome', self)
+    #
+    include Fluent::Mixin::Certificate
+    ### this 'include' adds these config_param items below.
+    # config_param :self_hostname, :string
+    #
+    # config_param :cert_auto_generate, :bool, :default => false
+    # config_param :generate_private_key_length, :integer, :default => 2048
+    #
+    # config_param :generate_cert_country, :string, :default => 'US'
+    # config_param :generate_cert_state, :string, :default => 'CA'
+    # config_param :generate_cert_locality, :string, :default => 'Mountain View'
+    # config_param :generate_cert_common_name, :string, :default => nil
+    #
+    # config_param :cert_file_path, :string, :default => nil
+    # config_param :private_key_file, :string, :default => nil
+    # config_param :private_key_passphrase, :string, :default => nil
+  end
+end
+```
+
+This module use `self_host` parameter to generate common name of certificates. This is a required configuration parameter.
+
+Moreover, just one of `cert_auto_generate yes` or `cert_file_path PATH` must be specified.
+
+## AUTHOR / CONTRIBUTORS
+
+* AUTHOR
+  * TAGOMORI Satoshi <tagomoris@gmail.com>
+
+## LICENSE
+
+* Copyright: Copyright (c) 2014- tagomoris
+* License: Apache License, Version 2.0

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/fluent-mixin-certificate.gemspec

@@ -0,0 +1,22 @@
+# coding: utf-8
+
+Gem::Specification.new do |spec|
+  spec.name          = "fluent-mixin-certificate"
+  spec.version       = "0.0.1"
+  spec.authors       = ["TAGOMORI Satoshi"]
+  spec.email         = ["tagomoris@gmail.com"]
+  spec.summary       = %q{Fluentd mixin module to provide certificate/key generation/handling}
+  spec.description   = %q{}
+  spec.homepage      = "https://github.com/tagomoris/fluent-mixin-certificate"
+  spec.license       = "APLv2"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.6"
+  spec.add_development_dependency "rake"
+  spec.add_runtime_dependency "fluentd"
+  spec.add_runtime_dependency "fluent-mixin-config-placeholders"
+end

data/lib/fluent/mixin/certificate.rb

@@ -0,0 +1,73 @@
+require 'fluent/config'
+require 'fluent/mixin/config_placeholders'
+
+module Fluent
+  module Mixin
+    module Certificate
+      def self.included(mod)
+        mod.config_param :self_hostname, :string
+
+        mod.config_param :cert_auto_generate, :bool, :default => false
+        mod.config_param :generate_private_key_length, :integer, :default => 2048
+
+        mod.config_param :generate_cert_country, :string, :default => 'US'
+        mod.config_param :generate_cert_state, :string, :default => 'CA'
+        mod.config_param :generate_cert_locality, :string, :default => 'Mountain View'
+        mod.config_param :generate_cert_common_name, :string, :default => nil
+
+        mod.config_param :cert_file_path, :string, :default => nil
+        mod.config_param :private_key_file, :string, :default => nil
+        mod.config_param :private_key_passphrase, :string, :default => nil
+      end
+
+      def initialize
+        super
+        require 'openssl'
+      end
+
+      def configure(conf)
+        super
+
+        raise Fluent::ConfigError, "self_hostname missing" unless @self_hostname
+
+        if ! @cert_auto_generate and ! @cert_file_path
+          raise Fluent::ConfigError, "Both of cert_auto_generate and cert_file_path are not specified. See README."
+        end
+      end
+
+      def certificate
+        return @cert, @key if @cert && @key
+
+        if @cert_auto_generate
+          @generate_cert_common_name ||= @self_hostname
+
+          key = OpenSSL::PKey::RSA.generate(@generate_private_key_length)
+
+          digest = OpenSSL::Digest::SHA1.new
+          issuer = subject = OpenSSL::X509::Name.new
+          subject.add_entry('C', @generate_cert_country)
+          subject.add_entry('ST', @generate_cert_state)
+          subject.add_entry('L', @generate_cert_locality)
+          subject.add_entry('CN', @generate_cert_common_name)
+
+          cer = OpenSSL::X509::Certificate.new
+          cer.not_before = Time.at(0)
+          cer.not_after = Time.at(0)
+          cer.public_key = key
+          cer.serial = 1
+          cer.issuer = issuer
+          cer.subject  = subject
+          cer.sign(key, digest)
+
+          @cert = cer
+          @key = key
+          return @cert, @key
+        end
+
+        @cert = OpenSSL::X509::Certificate.new(File.read(@cert_file_path))
+        @key = OpenSSL::PKey::RSA.new(File.read(@private_key_file), @private_key_passphrase)
+        return @cert, @key
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,108 @@
+--- !ruby/object:Gem::Specification
+name: fluent-mixin-certificate
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- TAGOMORI Satoshi
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-07-26 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fluentd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fluent-mixin-config-placeholders
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ''
+email:
+- tagomoris@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- fluent-mixin-certificate.gemspec
+- lib/fluent/mixin/certificate.rb
+homepage: https://github.com/tagomoris/fluent-mixin-certificate
+licenses:
+- APLv2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Fluentd mixin module to provide certificate/key generation/handling
+test_files: []
+has_rdoc: