fluent-plugin-syslog-tls 2.0.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 262868fd779671864af8b5cef830ce93520fead4d2180961594f6fa936eeeb85
-  data.tar.gz: b8268ed11a3bd9f0735894d7ff53593f4a1f505b0ed2cb754d40faab78cecd2f
+  metadata.gz: 51cd955b5a0f3da96a8ea87a27efe4c9cde8a91cbf9db6d67d9714a4fa85c76d
+  data.tar.gz: 9e0a6b08a4dd7d9a853608f4076756b812aea1205d0a2439891d8446b402ffcf
 SHA512:
-  metadata.gz: a867380a0f4fec32d2db3a2713b1d0249c0ffbac667517d38163e3215c59c82a1ed1f73c14e78c9ec60a68cc4d93a4b1c36d7fe9f90a2c73d13d6d7c3429ad51
-  data.tar.gz: 1815edfd8f9faf39328de0c2690f13e95572dfd7d0e34e828562a83dcb1aee3c1890a1950491696ed573c33a33884b80b89cebde473ede9b48ba13e4ef089b66
+  metadata.gz: e8d8b1f440747076ad6edbf0cd05bb07070376eddeb82763c6e08f15c449ce1cda62560bc6dd3dbd3451b2b7540549e87a33583c30f1f20b5c8329df2d0d16b3
+  data.tar.gz: 95855ddb4df1d04d664318175327817673f397b56610b2a990c8e088a44f6c663df82894622022d039a05d08032d2270d2e2e441b5ad7f3fcec967ca82706a98

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+#### 2.1.0
+
+* Require Ruby 2.5
+* Allow TLS 1.3 (minimum remains TLS 1.2)
+
+
 #### 2.0.0
 
 * Require Ruby 2.4

data/Gemfile

@@ -15,5 +15,3 @@
 source 'https://rubygems.org'
 
 gemspec
-
-gem 'coveralls', require: false

data/Gemfile.lock

@@ -1,77 +1,67 @@
 PATH
   remote: .
   specs:
-    fluent-plugin-syslog-tls (2.0.0)
+    fluent-plugin-syslog-tls (2.1.0.rc1)
       fluentd (>= 0.14.0, < 2)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.6.0)
-      public_suffix (>= 2.0.2, < 4.0)
-    cool.io (1.5.4)
-    coveralls (0.8.23)
-      json (>= 1.8, < 3)
-      simplecov (~> 0.16.1)
-      term-ansicolor (~> 1.3)
-      thor (>= 0.19.4, < 2.0)
-      tins (~> 1.6)
-    crack (0.4.3)
-      safe_yaml (~> 1.0.0)
-    dig_rb (1.0.1)
-    docile (1.3.1)
-    fluentd (1.5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
+    concurrent-ruby (1.1.10)
+    cool.io (1.7.1)
+    crack (0.4.5)
+      rexml
+    docile (1.4.0)
+    fluentd (1.15.3)
+      bundler
       cool.io (>= 1.4.5, < 2.0.0)
-      dig_rb (~> 1.0.0)
-      http_parser.rb (>= 0.5.1, < 0.7.0)
-      msgpack (>= 0.7.0, < 2.0.0)
-      serverengine (>= 2.0.4, < 3.0.0)
+      http_parser.rb (>= 0.5.1, < 0.9.0)
+      msgpack (>= 1.3.1, < 2.0.0)
+      serverengine (>= 2.3.0, < 3.0.0)
       sigdump (~> 0.2.2)
-      strptime (>= 0.2.2, < 1.0.0)
-      tzinfo (~> 1.0)
+      strptime (>= 0.2.4, < 1.0.0)
+      tzinfo (>= 1.0, < 3.0)
       tzinfo-data (~> 1.0)
+      webrick (>= 1.4.2, < 1.8.0)
       yajl-ruby (~> 1.0)
-    hashdiff (0.4.0)
-    http_parser.rb (0.6.0)
-    json (2.2.0)
-    minitest (5.11.3)
-    minitest-stub_any_instance (1.0.2)
-    msgpack (1.2.10)
-    power_assert (1.1.4)
-    public_suffix (3.1.0)
-    rake (12.3.2)
-    safe_yaml (1.0.5)
-    serverengine (2.1.1)
+    hashdiff (1.0.1)
+    http_parser.rb (0.8.0)
+    minitest (5.17.0)
+    minitest-stub_any_instance (1.0.3)
+    msgpack (1.6.0)
+    power_assert (2.0.3)
+    public_suffix (5.0.1)
+    rake (13.0.6)
+    rexml (3.2.5)
+    serverengine (2.3.1)
       sigdump (~> 0.2.2)
     sigdump (0.2.4)
-    simplecov (0.16.1)
+    simplecov (0.22.0)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
-    strptime (0.2.3)
-    term-ansicolor (1.7.1)
-      tins (~> 1.0)
-    test-unit (3.3.3)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    strptime (0.2.5)
+    test-unit (3.5.7)
       power_assert
-    thor (0.20.3)
-    thread_safe (0.3.6)
-    tins (1.20.3)
-    tzinfo (1.2.5)
-      thread_safe (~> 0.1)
-    tzinfo-data (1.2019.1)
+    tzinfo (2.0.5)
+      concurrent-ruby (~> 1.0)
+    tzinfo-data (1.2022.7)
       tzinfo (>= 1.0.0)
-    webmock (3.5.1)
-      addressable (>= 2.3.6)
+    webmock (3.18.1)
+      addressable (>= 2.8.0)
       crack (>= 0.3.2)
-      hashdiff
-    yajl-ruby (1.4.1)
+      hashdiff (>= 0.4.0, < 2.0.0)
+    webrick (1.7.0)
+    yajl-ruby (1.4.3)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  coveralls
   fluent-plugin-syslog-tls!
   minitest (~> 5.8)
   minitest-stub_any_instance (~> 1.0.0)
@@ -81,4 +71,4 @@ DEPENDENCIES
   webmock (~> 3.0)
 
 BUNDLED WITH
-   1.17.3
+   2.3.26

data/fluent-plugin-syslog-tls.gemspec

@@ -1,5 +1,5 @@
 # Copyright 2016 Acquia, Inc.
-# Copyright 2016-2019 t.e.morgan.
+# Copyright 2016-2023 t.e.morgan.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -30,7 +30,7 @@ Gem::Specification.new do |s|
   s.executables   = s.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
   s.test_files    = s.files.grep(%r{^(test|spec|features)/})
   s.require_paths = ['lib']
-  s.required_ruby_version = '>= 2.4'
+  s.required_ruby_version = '>= 2.5'
 
   s.add_runtime_dependency 'fluentd', [">= 0.14.0", "< 2"]
 

data/lib/syslog_tls/ssl_transport.rb

@@ -1,5 +1,5 @@
 # Copyright 2016 Acquia, Inc.
-# Copyright 2016-2019 t.e.morgan.
+# Copyright 2016-2023 t.e.morgan.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -29,7 +29,7 @@ module SyslogTls
 
     attr_writer :retries
 
-    def initialize(host, port, idle_timeout: nil, ca_cert: 'system', client_cert: nil, client_key: nil, verify_cert_name: true, ssl_version: :TLSv1_2, max_retries: 1)
+    def initialize(host, port, idle_timeout: nil, ca_cert: 'system', client_cert: nil, client_key: nil, verify_cert_name: true, ssl_version: :TLS1_2, max_retries: 1)
       @host = host
       @port = port
       @idle_timeout = idle_timeout
@@ -96,7 +96,7 @@ module SyslogTls
 
       ctx = OpenSSL::SSL::SSLContext.new
       ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
-      ctx.ssl_version = ssl_version
+      ctx.min_version = ssl_version
 
       ctx.verify_hostname = verify_cert_name != false
 

data/lib/syslog_tls/version.rb

@@ -14,5 +14,5 @@
 # limitations under the License.
 
 module SyslogTls
-  VERSION = '2.0.0'
+  VERSION = '2.1.0'
 end

data/test/helper.rb

@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-require 'coveralls'
 require 'simplecov'
 
 SimpleCov.start
 
-Coveralls.wear! if ENV['TRAVIS']
-
 require 'test/unit'
 require 'fluent/test'
 require 'minitest/pride'

data/test/ssl.rb

@@ -2,12 +2,14 @@ require 'socket'
 require 'openssl'
 
 module SSLTestHelper
-  def ssl_server
+  def ssl_server(min_version: nil, max_version: nil)
     @ssl_server ||= begin
       tcp_server = TCPServer.new("localhost", 33000 + Random.rand(1000))
       ssl_context = OpenSSL::SSL::SSLContext.new
       ssl_context.cert = certificate
       ssl_context.key = rsa_key
+      ssl_context.min_version = min_version if min_version
+      ssl_context.max_version = max_version if max_version
       OpenSSL::SSL::SSLServer.new(tcp_server, ssl_context)
     end
   end

data/test/syslog_tls/test_ssl_transport.rb

@@ -1,5 +1,5 @@
 # Copyright 2016 Acquia, Inc.
-# Copyright 2016 t.e.morgan.
+# Copyright 2016-2023 t.e.morgan.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -20,19 +20,36 @@ require 'syslog_tls/ssl_transport'
 class SSLTransportTest < Test::Unit::TestCase
   include SSLTestHelper
 
-  def test_ok_connection
-    server = ssl_server
-    st = Thread.new {
-      client = server.accept
-      assert_equal "TESTTEST2\n", client.gets
-      client.close
-    }
-    SyslogTls::SSLTransport.stub_any_instance(:get_ssl_connection, ssl_client) do
-      t = SyslogTls::SSLTransport.new("localhost", server.addr[1], max_retries: 3)
-      t.write("TEST")
-      t.write("TEST2\n")
+  # srvr-min  srvr-max clnt-min should-raise?
+  [ [:TLS1_2, :TLS1_2, :TLS1_2],
+    [:TLS1_2, :TLS1_3, :TLS1_2],
+    [:TLS1_3, :TLS1_3, :TLS1_2],
+    [:TLS1_2, :TLS1_2, :TLS1_3, true],
+    [:TLS1_2, :TLS1_3, :TLS1_3],
+    [:TLS1_3, :TLS1_3, :TLS1_3],
+  ].each do |(server_min, server_max, client_min, should_raise)|
+    define_method "test_#{server_min}-#{server_max}_server_#{client_min}_client" do
+      Thread.report_on_exception = false
+      blk = lambda do
+        server = ssl_server(min_version: server_min, max_version: server_max)
+        st = Thread.new {
+          client = server.accept
+          assert_equal "TESTTEST2\n", client.gets
+          client.close
+        }
+        t = SyslogTls::SSLTransport.new("localhost", server.addr[1], ca_cert: false, ssl_version: client_min)
+        t.write("TEST")
+        t.write("TEST2\n")
+        st.join
+      end
+      if should_raise
+        assert_raises OpenSSL::SSL::SSLError, &blk
+      else
+        blk.call
+      end
+    ensure
+      Thread.report_on_exception = true
     end
-    st.join
   end
 
   def test_retry

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-syslog-tls
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - thomas morgan
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-01 00:00:00.000000000 Z
+date: 2023-02-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fluentd
@@ -150,7 +150,7 @@ homepage: https://github.com/zarqman/fluent-plugin-syslog-tls
 licenses:
 - Apache v2
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -158,15 +158,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
-signing_key: 
+rubygems_version: 3.3.26
+signing_key:
 specification_version: 4
 summary: Fluent Syslog TLS output plugin
 test_files: