fluentd 0.14.13-x64-mingw32 → 0.14.17-x64-mingw32

data/test/plugin/test_output_as_buffered.rb

@@ -75,6 +75,31 @@ module FluentPluginOutputAsBufferedTest
     end
   end
   class DummyCustomFormatBufferedOutput < DummyBareOutput
+    def initialize
+      super
+      @format_type_is_msgpack = nil
+      @prefer_delayed_commit = nil
+      @write = nil
+      @try_write = nil
+    end
+    def format(tag, time, record)
+      @format ? @format.call(tag, time, record) : [tag, time, record].to_json
+    end
+    def formatted_to_msgpack_binary?
+      @format_type_is_msgpack ? @format_type_is_msgpack.call : false
+    end
+    def prefer_delayed_commit
+      @prefer_delayed_commit ? @prefer_delayed_commit.call : false
+    end
+    def write(chunk)
+      @write ? @write.call(chunk) : nil
+    end
+    def try_write(chunk)
+      @try_write ? @try_write.call(chunk) : nil
+    end
+  end
+  # check for formatted_to_msgpack_binary compatibility
+  class DummyOldCustomFormatBufferedOutput < DummyBareOutput
     def initialize
       super
       @format_type_is_msgpack = nil
@@ -163,6 +188,7 @@ class BufferedOutputTest < Test::Unit::TestCase
     when :full     then FluentPluginOutputAsBufferedTest::DummyFullFeatureOutput.new
     when :old_buf  then FluentPluginOutputAsBufferedTest::DummyOldBufferedOutput.new
     when :old_obj  then FluentPluginOutputAsBufferedTest::DummyOldObjectBufferedOutput.new
+    when :old_custom then FluentPluginOutputAsBufferedTest::DummyOldCustomFormatBufferedOutput.new
     else
       raise ArgumentError, "unknown type: #{type}"
     end
@@ -306,9 +332,11 @@ class BufferedOutputTest < Test::Unit::TestCase
       assert_equal 0, events_from_chunk.size
     end
 
-    test 'plugin using custom format can iterate chunk in #write if #format returns msgpack' do
+    data('formatted_to_msgpack_binary?' => :custom,
+         'formatted_to_msgpack_binary' => :old_custom)
+    test 'plugin using custom format can iterate chunk in #write if #format returns msgpack' do |out_type|
       events_from_chunk = []
-      @i = create_output(:custom)
+      @i = create_output(out_type)
       @i.configure(config_element('ROOT','',{},[config_element('buffer','',@hash)]))
       @i.register(:prefer_delayed_commit){ false }
       @i.register(:format){ |tag, time, record| [tag,time,record].to_msgpack }

data/test/plugin/test_parser_apache2.rb

@@ -35,4 +35,12 @@ class Apache2ParserTest < ::Test::Unit::TestCase
       assert_equal(@expected, record)
     }
   end
+
+  def test_parse_with_escape_sequence
+    @parser.instance.parse('192.168.0.1 - - [28/Feb/2013:12:00:00 +0900] "GET /\" HTTP/1.1" 200 777 "referer \\\ \"" "user agent \\\ \""') { |_, record|
+      assert_equal('/\"', record['path'])
+      assert_equal('referer \\\ \"', record['referer'])
+      assert_equal('user agent \\\ \"', record['agent'])
+    }
+  end
 end

data/test/plugin/test_parser_syslog.rb

@@ -63,4 +63,180 @@ class SyslogParserTest < ::Test::Unit::TestCase
       assert_equal "Feb 28 00:00:12", record['time']
     end
   end
+
+  class TestRFC5424Regexp < self
+    def test_parse_with_rfc5424_message
+      @parser.configure(
+                        'time_format' => '%Y-%m-%dT%H:%M:%S.%L%z',
+                        'message_format' => 'rfc5424',
+                        )
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd - - - Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "-", record["pid"]
+        assert_equal "-", record["msgid"]
+        assert_equal "-", record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+
+    def test_parse_with_rfc5424_message_without_time_format
+      @parser.configure(
+                        'message_format' => 'rfc5424',
+                        )
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd - - - Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "-", record["pid"]
+        assert_equal "-", record["msgid"]
+        assert_equal "-", record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+
+    def test_parse_with_rfc5424_structured_message
+      @parser.configure(
+                        'time_format' => '%Y-%m-%dT%H:%M:%S.%L%z',
+                        'message_format' => 'rfc5424',
+                        )
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd 11111 ID24224 [exampleSDID@20224 iut="3" eventSource="Application" eventID="11211"] Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+assert_equal "11111", record["pid"]
+        assert_equal "ID24224", record["msgid"]
+        assert_equal "[exampleSDID@20224 iut=\"3\" eventSource=\"Application\" eventID=\"11211\"]",
+                     record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+  end
+
+  class TestAutoRegexp < self
+    def test_auto_with_legacy_syslog_message
+      @parser.configure(
+                        'time_format' => '%b %d %M:%S:%H',
+                        'mseeage_format' => 'auto',
+                        )
+      text = 'Feb 28 00:00:12 192.168.0.1 fluentd[11111]: [error] Syslog test'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("Feb 28 00:00:12", format: '%b %d %M:%S:%H'), time)
+        assert_equal(@expected, record)
+      end
+    end
+
+    def test_auto_with_legacy_syslog_priority_message
+      @parser.configure(
+                        'time_format' => '%b %d %M:%S:%H',
+                        'with_priority' => true,
+                        'mseeage_format' => 'auto',
+                        )
+      text = '<6>Feb 28 12:00:00 192.168.0.1 fluentd[11111]: [error] Syslog test'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("Feb 28 12:00:00", format: '%b %d %M:%S:%H'), time)
+        assert_equal(@expected.merge('pri' => 6), record)
+      end
+    end
+
+    def test_parse_with_rfc5424_message
+      @parser.configure(
+                        'time_format' => '%Y-%m-%dT%H:%M:%S.%L%z',
+                        'message_format' => 'auto',
+                        )
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd - - - Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "-", record["pid"]
+        assert_equal "-", record["msgid"]
+        assert_equal "-", record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+
+    def test_parse_with_rfc5424_structured_message
+      @parser.configure(
+                        'time_format' => '%Y-%m-%dT%H:%M:%S.%L%z',
+                        'message_format' => 'auto',
+                        )
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd 11111 ID24224 [exampleSDID@20224 iut="3" eventSource="Application" eventID="11211"] Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "11111", record["pid"]
+        assert_equal "ID24224", record["msgid"]
+        assert_equal "[exampleSDID@20224 iut=\"3\" eventSource=\"Application\" eventID=\"11211\"]",
+                     record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+
+    def test_parse_with_both_message_type
+      @parser.configure(
+        'time_format' => '%b %d %M:%S:%H',
+        'rfc5424_time_format' => '%Y-%m-%dT%H:%M:%S.%L%z',
+        'message_format' => 'auto',
+      )
+      text = 'Feb 28 12:00:00 192.168.0.1 fluentd[11111]: [error] Syslog test'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("Feb 28 12:00:00", format: '%b %d %M:%S:%H'), time)
+        assert_equal(@expected, record)
+      end
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd 11111 ID24224 [exampleSDID@20224 iut="3" eventSource="Application" eventID="11211"] Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "11111", record["pid"]
+        assert_equal "ID24224", record["msgid"]
+        assert_equal "[exampleSDID@20224 iut=\"3\" eventSource=\"Application\" eventID=\"11211\"]",
+                     record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+      text = 'Feb 28 12:00:02 192.168.0.1 fluentd[11111]: [error] Syslog test'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("Feb 28 12:00:02", format: '%b %d %M:%S:%H'), time)
+        assert_equal(@expected, record)
+      end
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd - - - Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "-", record["pid"]
+        assert_equal "-", record["msgid"]
+        assert_equal "-", record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+
+    def test_parse_with_both_message_type_and_priority
+      @parser.configure(
+                        'time_format' => '%b %d %M:%S:%H',
+                        'rfc5424_time_format' => '%Y-%m-%dT%H:%M:%S.%L%z',
+                        'with_priority' => true,
+                        'message_format' => 'auto',
+                        )
+      text = '<6>Feb 28 12:00:00 192.168.0.1 fluentd[11111]: [error] Syslog test'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("Feb 28 12:00:00", format: '%b %d %M:%S:%H'), time)
+        assert_equal(@expected.merge('pri' => 6), record)
+      end
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd 11111 ID24224 [exampleSDID@20224 iut="3" eventSource="Application" eventID="11211"] Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "11111", record["pid"]
+        assert_equal "ID24224", record["msgid"]
+        assert_equal "[exampleSDID@20224 iut=\"3\" eventSource=\"Application\" eventID=\"11211\"]",
+                     record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+      text = '<16>Feb 28 12:00:02 192.168.0.1 fluentd[11111]: [error] Syslog test'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("Feb 28 12:00:02", format: '%b %d %M:%S:%H'), time)
+        assert_equal(@expected.merge('pri' => 16), record)
+      end
+      text = '<16>1 2017-02-06T13:14:15.003Z 192.168.0.1 fluentd - - - Hi, from Fluentd!'
+      @parser.instance.parse(text) do |time, record|
+        assert_equal(event_time("2017-02-06T13:14:15.003Z", format: '%Y-%m-%dT%H:%M:%S.%L%z'), time)
+        assert_equal "-", record["pid"]
+        assert_equal "-", record["msgid"]
+        assert_equal "-", record["extradata"]
+        assert_equal "Hi, from Fluentd!", record["message"]
+      end
+    end
+  end
 end

data/test/plugin_helper/test_server.rb

@@ -767,8 +767,9 @@ class ServerPluginHelperTest < Test::Unit::TestCase
 
   def write_cert_and_key(cert_path, cert, key_path, key, passphrase)
     File.open(cert_path, "w"){|f| f.write(cert.to_pem) }
-    # Encrypt secret key by AES256, and write it in PEM format
-    File.open(key_path, "w"){|f| f.write(key.export(OpenSSL::Cipher.new("AES-256-CBC"), passphrase)) }
+    # Write the secret key (raw or ecnrypted by AES256) in PEM format
+    key_str = passphrase ? key.export(OpenSSL::Cipher.new("AES-256-CBC"), passphrase) : key.export
+    File.open(key_path, "w"){|f| f.write(key_str) }
     File.chmod(0600, cert_path, key_path)
   end
 
@@ -807,7 +808,8 @@ class ServerPluginHelperTest < Test::Unit::TestCase
       f.write server_cert.to_pem
       f.write chain_cert.to_pem
     end
-    File.open(private_key_path, "w"){|f| f.write(server_key.export(OpenSSL::Cipher.new("AES-256-CBC"), passphrase)) }
+    key_str = passphrase ? server_key.export(OpenSSL::Cipher.new("AES-256-CBC"), passphrase) : server_key.export
+    File.open(private_key_path, "w"){|f| f.write(key_str) }
     File.chmod(0600, cert_path, private_key_path)
   end
 
@@ -889,10 +891,11 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'load self-signed cert/key pair (files), verified from clients using cert files' do
+      data('with passphrase' => 'yaaaaaaaaaaaaaaaaaaay',
+           'without passphrase'  => nil)
+      test 'load self-signed cert/key pair (files), verified from clients using cert files' do |private_key_passphrase|
         cert_path = File.join(@server_cert_dir, "cert.pem")
         private_key_path = File.join(@certs_dir, "server.key.pem")
-        private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
         create_server_pair_signed_by_self(cert_path, private_key_path, private_key_passphrase)
 
         tls_options = {
@@ -902,8 +905,8 @@ class ServerPluginHelperTest < Test::Unit::TestCase
           insecure: false,
           cert_path: cert_path,
           private_key_path: private_key_path,
-          private_key_passphrase: private_key_passphrase,
         }
+        tls_options[:private_key_passphrase] = private_key_passphrase if private_key_passphrase
         received = ""
         @d.server_create_tls(:s, PORT, tls_options: tls_options) do |data, conn|
           received << data
@@ -922,10 +925,11 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'create dynamic server cert by private CA cert file, verified from clients using CA cert file' do
+      data('with passphrase' => "fooooooooooooooooooooooooo",
+           'without passphrase'  => nil)
+      test 'create dynamic server cert by private CA cert file, verified from clients using CA cert file' do |ca_key_passphrase|
         ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
         ca_key_path = File.join(@certs_dir, "ca.key.pem")
-        ca_key_passphrase = "fooooooooooooooooooooooooo"
         create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
 
         tls_options = {
@@ -935,9 +939,9 @@ class ServerPluginHelperTest < Test::Unit::TestCase
           insecure: false,
           ca_cert_path: ca_cert_path,
           ca_private_key_path: ca_key_path,
-          ca_private_key_passphrase: ca_key_passphrase,
           generate_private_key_length: 2048,
         }
+        tls_options[:ca_private_key_passphrase] = ca_key_passphrase if ca_key_passphrase
         received = ""
         @d.server_create_tls(:s, PORT, tls_options: tls_options) do |data, conn|
           received << data
@@ -950,15 +954,15 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'load static server cert by private CA cert file, verified from clients using CA cert file' do
+      data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
+           'without passphrase'  => [nil, nil])
+      test 'load static server cert by private CA cert file, verified from clients using CA cert file' do |(ca_key_passphrase, private_key_passphrase)|
         ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
         ca_key_path = File.join(@certs_dir, "ca.key.pem")
-        ca_key_passphrase = "foooooooo"
         create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
 
         cert_path = File.join(@server_cert_dir, "cert.pem")
         private_key_path = File.join(@certs_dir, "server.key.pem")
-        private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
         create_server_pair_signed_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
 
         tls_options = {
@@ -968,8 +972,8 @@ class ServerPluginHelperTest < Test::Unit::TestCase
           insecure: false,
           cert_path: cert_path,
           private_key_path: private_key_path,
-          private_key_passphrase: private_key_passphrase,
         }
+        tls_options[:private_key_passphrase] = private_key_passphrase if private_key_passphrase
         received = ""
         @d.server_create_tls(:s, PORT, tls_options: tls_options) do |data, conn|
           received << data
@@ -982,13 +986,13 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'load chained server cert by private CA cert file, verified from clients using CA cert file as root' do
+      data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
+           'without passphrase'  => [nil, nil])
+      test 'load chained server cert by private CA cert file, verified from clients using CA cert file as root' do |(ca_key_passphrase, private_key_passphrase)|
         ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
         ca_key_path = File.join(@certs_dir, "ca.key.pem")
-        ca_key_passphrase = "foooooooo"
         cert_path = File.join(@server_cert_dir, "cert.pem")
         private_key_path = File.join(@certs_dir, "server.key.pem")
-        private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
         create_server_pair_chained_with_root_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
 
         tls_options = {
@@ -998,8 +1002,8 @@ class ServerPluginHelperTest < Test::Unit::TestCase
           insecure: false,
           cert_path: cert_path,
           private_key_path: private_key_path,
-          private_key_passphrase: private_key_passphrase,
         }
+        tls_options[:private_key_passphrase] = private_key_passphrase if private_key_passphrase
         received = ""
         @d.server_create_tls(:s, PORT, tls_options: tls_options) do |data, conn|
           received << data
@@ -1042,17 +1046,18 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'load self-signed cert/key pair (files), verified from clients using cert files' do
+      data('with passphrase' => "yaaaaaaaaaaaaaaaaaaay",
+           'without passphrase'  => nil)
+      test 'load self-signed cert/key pair (files), verified from clients using cert files' do |private_key_passphrase|
         cert_path = File.join(@server_cert_dir, "cert.pem")
         private_key_path = File.join(@certs_dir, "server.key.pem")
-        private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
         create_server_pair_signed_by_self(cert_path, private_key_path, private_key_passphrase)
 
         transport_opts = {
           'cert_path' => cert_path,
           'private_key_path' => private_key_path,
-          'private_key_passphrase' => private_key_passphrase,
         }
+        transport_opts['private_key_passphrase'] = private_key_passphrase if private_key_passphrase
         transport_conf = config_element('transport', 'tls', transport_opts)
         conf = config_element('match', 'tag.*', {}, [transport_conf])
 
@@ -1076,17 +1081,18 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'create dynamic server cert by private CA cert file, verified from clients using CA cert file' do
+      data('with passphrase' => "fooooooooooooooooooooooooo",
+           'without passphrase'  => nil)
+      test 'create dynamic server cert by private CA cert file, verified from clients using CA cert file' do |ca_key_passphrase|
         ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
         ca_key_path = File.join(@certs_dir, "ca.key.pem")
-        ca_key_passphrase = "fooooooooooooooooooooooooo"
         create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
 
         transport_opts = {
           'ca_cert_path' => ca_cert_path,
           'ca_private_key_path' => ca_key_path,
-          'ca_private_key_passphrase' => ca_key_passphrase,
         }
+        transport_opts['ca_private_key_passphrase'] = ca_key_passphrase if ca_key_passphrase
         transport_conf = config_element('transport', 'tls', transport_opts)
         conf = config_element('match', 'tag.*', {}, [transport_conf])
 
@@ -1104,22 +1110,22 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'load static server cert by private CA cert file, verified from clients using CA cert file' do
+      data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
+           'without passphrase'  => [nil, nil])
+      test 'load static server cert by private CA cert file, verified from clients using CA cert file' do |(ca_key_passphrase, private_key_passphrase)|
         ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
         ca_key_path = File.join(@certs_dir, "ca.key.pem")
-        ca_key_passphrase = "foooooooo"
         create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
 
         cert_path = File.join(@server_cert_dir, "cert.pem")
         private_key_path = File.join(@certs_dir, "server.key.pem")
-        private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
         create_server_pair_signed_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
 
         transport_opts = {
           'cert_path' => cert_path,
           'private_key_path' => private_key_path,
-          'private_key_passphrase' => private_key_passphrase,
         }
+        transport_opts['private_key_passphrase'] = private_key_passphrase if private_key_passphrase
         transport_conf = config_element('transport', 'tls', transport_opts)
         conf = config_element('match', 'tag.*', {}, [transport_conf])
 
@@ -1137,20 +1143,20 @@ class ServerPluginHelperTest < Test::Unit::TestCase
         assert_equal "yay\nfoo\n", received
       end
 
-      test 'load chained server cert by private CA cert file, verified from clients using CA cert file as root' do
+      data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
+           'without passphrase'  => [nil, nil])
+      test 'load chained server cert by private CA cert file, verified from clients using CA cert file as root' do |(ca_key_passphrase, private_key_passphrase)|
         ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
         ca_key_path = File.join(@certs_dir, "ca.key.pem")
-        ca_key_passphrase = "foooooooo"
         cert_path = File.join(@server_cert_dir, "cert.pem")
         private_key_path = File.join(@certs_dir, "server.key.pem")
-        private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
         create_server_pair_chained_with_root_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
 
         transport_opts = {
           'cert_path' => cert_path,
           'private_key_path' => private_key_path,
-          'private_key_passphrase' => private_key_passphrase,
         }
+        transport_opts['private_key_passphrase'] = private_key_passphrase if private_key_passphrase
         transport_conf = config_element('transport', 'tls', transport_opts)
         conf = config_element('match', 'tag.*', {}, [transport_conf])