fluentd 0.14.4-x86-mingw32 → 0.14.5-x86-mingw32

data/lib/fluent/plugin/buffer.rb

@@ -55,7 +55,11 @@ module Fluent
       # if chunk size (or records) is 95% or more after #write, then that chunk will be enqueued
       config_param :chunk_full_threshold, :float, default: DEFAULT_CHUNK_FULL_THRESHOLD
 
-      Metadata = Struct.new(:timekey, :tag, :variables)
+      Metadata = Struct.new(:timekey, :tag, :variables) do
+        def empty?
+          timekey.nil? && tag.nil? && variables.nil?
+        end
+      end
 
       # for tests
       attr_accessor :stage_size, :queue_size

data/lib/fluent/plugin/in_forward.rb

@@ -42,6 +42,8 @@ module Fluent
     config_param :linger_timeout, :integer, default: 0
     # This option is for Cool.io's loop wait timeout to avoid loop stuck at shutdown. Almost users don't need to change this value.
     config_param :blocking_timeout, :time, default: 0.5
+    desc 'Connections will be disconnected right after receiving first message if this value is true.'
+    config_param :deny_keepalive, :bool, default: false
 
     desc 'Log warning if received chunk size is larger than this value.'
     config_param :chunk_size_warn_limit, :size, default: nil
@@ -52,8 +54,77 @@ module Fluent
     desc "The field name of the client's hostname."
     config_param :source_hostname_key, :string, default: nil
 
+    config_section :security, required: false, multi: false do
+      desc 'The hostname'
+      config_param :self_hostname, :string
+      desc 'Shared key for authentication'
+      config_param :shared_key, :string
+      desc 'If true, use user based authentication'
+      config_param :user_auth, :bool, default: false
+      desc 'Allow anonymous source. <client> sections required if disabled.'
+      config_param :allow_anonymous_source, :bool, default: true
+
+      ### User based authentication
+      config_section :user, param_name: :users, required: false, multi: true do
+        desc 'The username for authentication'
+        config_param :username, :string
+        desc 'The password for authentication'
+        config_param :password, :string
+      end
+
+      ### Client ip/network authentication & per_host shared key
+      config_section :client, param_name: :clients, required: false, multi: true do
+        desc 'The IP address or host name of the client'
+        config_param :host, :string, default: nil
+        desc 'Network address specification'
+        config_param :network, :string, default: nil
+        desc 'Shared key per client'
+        config_param :shared_key, :string, default: nil
+        desc 'Array of username.'
+        config_param :users, :array, default: []
+      end
+    end
+
     def configure(conf)
       super
+
+      if @security
+        if @security.user_auth && @security.users.empty?
+          raise Fluent::ConfigError, "<user> sections required if user_auth enabled"
+        end
+        if !@security.allow_anonymous_source && @security.clients.empty?
+          raise Fluent::ConfigError, "<client> sections required if allow_anonymous_source disabled"
+        end
+
+        @nodes = []
+
+        @security.clients.each do |client|
+          if client.host && client.network
+            raise Fluent::ConfigError, "both of 'host' and 'network' are specified for client"
+          end
+          if !client.host && !client.network
+            raise Fluent::ConfigError, "Either of 'host' and 'network' must be specified for client"
+          end
+          source = nil
+          if client.host
+            begin
+              source = IPSocket.getaddress(client.host)
+            rescue SocketError => e
+              raise Fluent::ConfigError, "host '#{client.host}' cannot be resolved"
+            end
+          end
+          source_addr = begin
+                          IPAddr.new(source || client.network)
+                        rescue ArgumentError => e
+                          raise Fluent::ConfigError, "network '#{client.network}' address format is invalid"
+                        end
+          @nodes.push({
+              address: source_addr,
+              shared_key: (client.shared_key || @security.shared_key),
+              users: client.users
+            })
+        end
+      end
     end
 
     def start
@@ -100,7 +171,7 @@ module Fluent
     def listen(client)
       log.info "listening fluent socket on #{@bind}:#{@port}"
       sock = client.listen_tcp(@bind, @port)
-      s = Coolio::TCPServer.new(sock, nil, Handler, @linger_timeout, log, method(:on_message))
+      s = Coolio::TCPServer.new(sock, nil, Handler, @linger_timeout, log, method(:handle_connection))
       s.listen(@backlog) unless @backlog.nil?
       s
     end
@@ -124,6 +195,99 @@ module Fluent
 
     private
 
+    def handle_connection(conn)
+      send_data = ->(serializer, data){ conn.write serializer.call(data) }
+
+      log.trace "connected fluent socket", address: conn.remote_addr, port: conn.remote_port
+      state = :established
+      nonce = nil
+      user_auth_salt = nil
+
+      if @security
+        # security enabled session MUST use MessagePack as serialization format
+        state = :helo
+        nonce = generate_salt
+        user_auth_salt = generate_salt
+        send_data.call(:to_msgpack.to_proc, generate_helo(nonce, user_auth_salt))
+        state = :pingpong
+      end
+
+      log.trace "accepted fluent socket", address: conn.remote_addr, port: conn.remote_port
+
+      read_messages(conn) do |msg, chunk_size, serializer|
+        case state
+        when :pingpong
+          success, reason_or_salt, shared_key = check_ping(msg, conn.remote_addr, user_auth_salt, nonce)
+          unless success
+            send_data.call(serializer, generate_pong(false, reason_or_salt, nonce, shared_key))
+            conn.close
+            next
+          end
+          send_data.call(serializer, generate_pong(true, reason_or_salt, nonce, shared_key))
+
+          log.debug "connection established", address: conn.remote_addr, port: conn.remote_port
+          state = :established
+        when :established
+          options = on_message(msg, chunk_size, conn.remote_addr)
+          if options && r = response(options)
+            send_data.call(serializer, r)
+            log.trace "sent response to fluent socket", address: conn.remote_addr, response: r
+            if @deny_keepalive
+              conn.on_write_complete do
+                conn.close
+              end
+            end
+          else
+            if @deny_keepalive
+              conn.close
+            end
+          end
+        else
+          raise "BUG: unknown session state: #{state}"
+        end
+      end
+    end
+
+    def read_messages(conn, &block)
+      feeder = nil
+      serializer = nil
+      bytes = 0
+      conn.on_data do |data|
+        # only for first call of callback
+        unless feeder
+          first = data[0]
+          if first == '{' || first == '[' # json
+            parser = Yajl::Parser.new
+            parser.on_parse_complete = ->(obj){
+              block.call(obj, bytes, serializer)
+              bytes = 0
+            }
+            serializer = :to_json.to_proc
+            feeder = ->(d){ parser << d }
+          else # msgpack
+            parser = Fluent::Engine.msgpack_factory.unpacker
+            serializer = :to_msgpack.to_proc
+            feeder = ->(d){
+              parser.feed_each(d){|obj|
+                block.call(obj, bytes, serializer)
+                bytes = 0
+              }
+            }
+          end
+        end
+
+        bytes += data.bytesize
+        feeder.call(data)
+      end
+    end
+
+    def response(option)
+      if option && option['chunk']
+        return { 'ack' => option['chunk'] }
+      end
+      nil
+    end
+
     # message Entry {
     #   1: long time
     #   2: object record
@@ -169,7 +333,8 @@ module Fluent
         log.warn "Input chunk size is larger than 'chunk_size_warn_limit':", tag: tag, source: source_message(peeraddr), limit: @chunk_size_warn_limit, size: chunk_size
       end
 
-      if entries.class == String
+      case entries
+      when String
         # PackedForward
         option = msg[2]
         size = (option && option['size']) || 0
@@ -178,7 +343,7 @@ module Fluent
         es = add_source_host(es, peeraddr[2]) if @source_hostname_key
         router.emit_stream(tag, es)
 
-      elsif entries.class == Array
+      when Array
         # Forward
         es = if @skip_invalid_event
                check_and_skip_invalid_event(tag, entries, peeraddr)
@@ -246,10 +411,105 @@ module Fluent
       "host: #{host}, addr: #{addr}, port: #{port}"
     end
 
+    def select_authenticate_users(node, username)
+      if node.nil? || node[:users].empty?
+        @security.users.select{|u| u.username == username}
+      else
+        @security.users.select{|u| node[:users].include?(u.username) && u.username == username}
+      end
+    end
+
+    def generate_salt
+      OpenSSL::Random.random_bytes(16)
+    end
+
+    def generate_helo(nonce, user_auth_salt)
+      log.debug "generating helo"
+      # ['HELO', options(hash)]
+      ['HELO', {'nonce' => nonce, 'auth' => (@security ? user_auth_salt : ''), 'keepalive' => !@deny_keepalive}]
+    end
+
+    ##### Authentication Handshake
+    #
+    # 1. (client) connect to server
+    #   * Socket handshake, checks certificate and its significate (in client, if using SSL)
+    # 2. (server)
+    #   * check network/domain acl (if enabled)
+    #   * disconnect when failed
+    # 3. (server) send HELO
+    #   * ['HELO', options(hash)]
+    #   * options:
+    #     * nonce: string (required)
+    #     * auth: string or blank_string (string: authentication required, and its salt is this value)
+    # 4. (client) send PING
+    #   * ['PING', selfhostname, sharedkey_salt, sha512_hex(sharedkey_salt + selfhostname + nonce + sharedkey), username || '', sha512_hex(auth_salt + username + password) || '']
+    # 5. (server) check PING
+    #   * check sharedkey
+    #   * check username / password (if required)
+    #   * send PONG FAILURE if failed
+    #   * ['PONG', false, 'reason of authentication failure', '', '']
+    # 6. (server) send PONG
+    #   * ['PONG', bool(authentication result), 'reason if authentication failed', selfhostname, sha512_hex(salt + selfhostname + nonce + sharedkey)]
+    # 7. (client) check PONG
+    #   * check sharedkey
+    #   * disconnect when failed
+    # 8. connection established
+    #   * send data from client
+
+    def check_ping(message, remote_addr, user_auth_salt, nonce)
+      log.debug "checking ping"
+      # ['PING', self_hostname, shared_key_salt, sha512_hex(shared_key_salt + self_hostname + nonce + shared_key), username || '', sha512_hex(auth_salt + username + password) || '']
+      unless message.size == 6 && message[0] == 'PING'
+        return false, 'invalid ping message'
+      end
+      _ping, hostname, shared_key_salt, shared_key_hexdigest, username, password_digest = message
+
+      node = @nodes.select{|n| n[:address].include?(remote_addr) rescue false }.first
+      if !node && !@security.allow_anonymous_source
+        log.warn "Anonymous client disallowed", address: remote_addr, hostname: hostname
+        return false, "anonymous source host '#{remote_addr}' denied", nil
+      end
+
+      shared_key = node ? node[:shared_key] : @security.shared_key
+      serverside = Digest::SHA512.new.update(shared_key_salt).update(hostname).update(nonce).update(shared_key).hexdigest
+      if shared_key_hexdigest != serverside
+        log.warn "Shared key mismatch", address: remote_addr, hostname: hostname
+        return false, 'shared_key mismatch', nil
+      end
+
+      if @security.user_auth
+        users = select_authenticate_users(node, username)
+        success = false
+        users.each do |user|
+          passhash = Digest::SHA512.new.update(user_auth_salt).update(username).update(user[:password]).hexdigest
+          success ||= (passhash == password_digest)
+        end
+        unless success
+          log.warn "Authentication failed", address: remote_addr, hostname: hostname, username: username
+          return false, 'username/password mismatch', nil
+        end
+      end
+
+      return true, shared_key_salt, shared_key
+    end
+
+    def generate_pong(auth_result, reason_or_salt, nonce, shared_key)
+      log.debug "generating pong"
+      # ['PONG', bool(authentication result), 'reason if authentication failed', self_hostname, sha512_hex(salt + self_hostname + nonce + sharedkey)]
+      unless auth_result
+        return ['PONG', false, reason_or_salt, '', '']
+      end
+
+      shared_key_digest_hex = Digest::SHA512.new.update(reason_or_salt).update(@security.self_hostname).update(nonce).update(shared_key).hexdigest
+      ['PONG', true, '', @security.self_hostname, shared_key_digest_hex]
+    end
+
     class Handler < Coolio::Socket
+      attr_reader :protocol, :remote_port, :remote_addr, :remote_host
+
       PEERADDR_FAILED = ["?", "?", "name resolusion failed", "?"]
 
-      def initialize(io, linger_timeout, log, on_message)
+      def initialize(io, linger_timeout, log, on_connect_callback)
         super(io)
 
         @peeraddr = nil
@@ -259,8 +519,21 @@ module Fluent
           io.setsockopt(Socket::SOL_SOCKET, Socket::SO_LINGER, opt)
         end
 
+        ### TODO: disabling name rev resolv
+        proto, port, host, addr = ( io.peeraddr rescue PEERADDR_FAILED )
+        if addr == '?'
+          port, addr = *Socket.unpack_sockaddr_in(io.getpeername) rescue nil
+        end
+        @protocol = proto
+        @remote_port = port
+        @remote_addr = addr
+        @remote_host = host
+        @writing = false
+        @closing = false
+        @mutex = Mutex.new
+
         @chunk_counter = 0
-        @on_message = on_message
+        @on_connect_callback = on_connect_callback
         @log = log
         @log.trace {
           begin
@@ -269,69 +542,46 @@ module Fluent
             remote_port = nil
             remote_addr = nil
           end
-          "accepted fluent socket from '#{remote_addr}:#{remote_port}': object_id=#{self.object_id}"
+          [ "accepted fluent socket", {address: remote_addr, port: remote_port, instance: self.object_id} ]
         }
       end
 
       def on_connect
+        @on_connect_callback.call(self)
       end
 
-      def on_read(data)
-        first = data[0]
-        if first == '{' || first == '['
-          m = method(:on_read_json)
-          @serializer = :to_json.to_proc
-          @y = Yajl::Parser.new
-          @y.on_parse_complete = lambda { |obj|
-            option = @on_message.call(obj, @chunk_counter, @peeraddr)
-            respond option
-            @chunk_counter = 0
-          }
-        else
-          m = method(:on_read_msgpack)
-          @serializer = :to_msgpack.to_proc
-          @u = Fluent::Engine.msgpack_factory.unpacker
-        end
-
-        (class << self; self; end).module_eval do
-          define_method(:on_read, m)
-        end
-        m.call(data)
+      # API to register callback for data arrival
+      def on_data(&callback)
+        @on_read_callback = callback
       end
 
-      def on_read_json(data)
-        @chunk_counter += data.bytesize
-        @y << data
+      def on_read(data)
+        @on_read_callback.call(data)
       rescue => e
-        @log.error "forward error", error: e, error_class: e.class
+        @log.error "unexpected error on reading data from client", address: @remote_addr, error: e
         @log.error_backtrace
         close
       end
 
-      def on_read_msgpack(data)
-        @chunk_counter += data.bytesize
-        @u.feed_each(data) do |obj|
-          option = @on_message.call(obj, @chunk_counter, @peeraddr)
-          respond option if option
-          @chunk_counter = 0
+      def on_write_complete
+        closing = @mutex.synchronize {
+          @writing = false
+          @closing
+        }
+        if closing
+          close
         end
-      rescue => e
-        @log.error "forward error", error: e, error_class: e.class
-        @log.error_backtrace
-        close
       end
 
-      def respond(option)
-        if option && option['chunk']
-          res = { 'ack' => option['chunk'] }
-          write @serializer.call(res)
-          @log.trace { "sent response to fluent socket" }
+      def close
+        writing = @mutex.synchronize {
+          @closing = true
+          @writing
+        }
+        unless writing
+          super
         end
       end
-
-      def on_close
-        @log.trace { "closed socket" }
-      end
     end
 
     class HeartbeatRequestHandler < Coolio::IO

data/lib/fluent/plugin/in_tail.rb

@@ -16,10 +16,9 @@
 
 require 'cool.io'
 
-require 'fluent/input'
+require 'fluent/plugin/input'
 require 'fluent/config/error'
 require 'fluent/event'
-require 'fluent/system_config'
 require 'fluent/plugin/buffer'
 
 if Fluent.windows?
@@ -28,11 +27,11 @@ else
   Fluent::FileWrapper = File
 end
 
-module Fluent
-  class TailInput < Input
-    include SystemConfig::Mixin
+module Fluent::Plugin
+  class TailInput < Fluent::Plugin::Input
+    Fluent::Plugin.register_input('tail', self)
 
-    Plugin.register_input('tail', self)
+    helpers :timer, :event_loop, :parser, :compat_parameters
 
     FILE_PERMISSION = 0644
 
@@ -77,11 +76,24 @@ module Fluent
     attr_reader :paths
 
     def configure(conf)
+      compat_parameters_convert(conf, :parser)
+      parser_config = conf.elements('parse').first
+      unless parser_config
+        raise Fluent::ConfigError, "<parse> section is required."
+      end
+      unless parser_config["@type"]
+        raise Fluent::ConfigError, "parse/@type is required."
+      end
+
+      (1..Fluent::Plugin::MultilineParser::FORMAT_MAX_NUM).each do |n|
+        parser_config["format#{n}"] = conf["format#{n}"] if conf["format#{n}"]
+      end
+
       super
 
       @paths = @path.split(',').map {|path| path.strip }
       if @paths.empty?
-        raise ConfigError, "tail: 'path' parameter is required on tail input"
+        raise Fluent::ConfigError, "tail: 'path' parameter is required on tail input"
       end
 
       unless @pos_file
@@ -89,22 +101,17 @@ module Fluent
         $log.warn "this parameter is highly recommended to save the position to resume tailing."
       end
 
-      configure_parser(conf)
       configure_tag
       configure_encoding
 
-      @multiline_mode = conf['format'] =~ /multiline/
+      @multiline_mode = parser_config["@type"] =~ /multiline/
       @receive_handler = if @multiline_mode
                            method(:parse_multilines)
                          else
                            method(:parse_singleline)
                          end
       @file_perm = system_config.file_permission || FILE_PERMISSION
-    end
-
-    def configure_parser(conf)
-      @parser = Plugin.new_parser(conf['format'])
-      @parser.configure(conf)
+      @parser = parser_create(conf: parser_config)
     end
 
     def configure_tag
@@ -120,7 +127,7 @@ module Fluent
     def configure_encoding
       unless @encoding
         if @from_encoding
-          raise ConfigError, "tail: 'from_encoding' parameter must be specified with 'encoding' parameter."
+          raise Fluent::ConfigError, "tail: 'from_encoding' parameter must be specified with 'encoding' parameter."
         end
       end
 
@@ -132,7 +139,7 @@ module Fluent
       begin
         Encoding.find(encoding_name) if encoding_name
       rescue ArgumentError => e
-        raise ConfigError, e.message
+        raise Fluent::ConfigError, e.message
       end
     end
 
@@ -145,20 +152,12 @@ module Fluent
         @pf = PositionFile.parse(@pf_file)
       end
 
-      @loop = Coolio::Loop.new
       refresh_watchers
-
-      @refresh_trigger = TailWatcher::TimerWatcher.new(@refresh_interval, true, log, &method(:refresh_watchers))
-      @refresh_trigger.attach(@loop)
-      @thread = Thread.new(&method(:run))
+      timer_execute(:in_tail_refresh_watchers, @refresh_interval, &method(:refresh_watchers))
     end
 
     def shutdown
-      @refresh_trigger.detach if @refresh_trigger && @refresh_trigger.attached?
-
       stop_watchers(@tails.keys, true)
-      @loop.stop rescue nil # when all watchers are detached, `stop` raises RuntimeError. We can ignore this exception.
-      @thread.join
       @pf_file.close if @pf_file
 
       super
@@ -206,8 +205,11 @@ module Fluent
 
     def setup_watcher(path, pe)
       line_buffer_timer_flusher = (@multiline_mode && @multiline_flush_interval) ? TailWatcher::LineBufferTimerFlusher.new(log, @multiline_flush_interval, &method(:flush_buffer)) : nil
-      tw = TailWatcher.new(path, @rotate_wait, pe, log, @read_from_head, @enable_watch_timer, @read_lines_limit, method(:update_watcher), line_buffer_timer_flusher,  &method(:receive_lines))
-      tw.attach(@loop)
+      tw = TailWatcher.new(path, @rotate_wait, pe, log, @read_from_head, @enable_watch_timer, @read_lines_limit, method(:update_watcher), line_buffer_timer_flusher, &method(:receive_lines))
+      tw.attach do |watcher|
+        timer_execute(:in_tail_timer_trigger, 1, &watcher.method(:on_notify)) if watcher.enable_watch_timer
+        event_loop_attach(watcher.stat_trigger)
+      end
       tw
     end
 
@@ -218,7 +220,7 @@ module Fluent
           pe = @pf[path]
           if @read_from_head && pe.read_inode.zero?
             begin
-              pe.update(FileWrapper.stat(path).ino, 0)
+              pe.update(Fluent::FileWrapper.stat(path).ino, 0)
             rescue Errno::ENOENT
               $log.warn "#{path} not found. Continuing without tailing it."
             end
@@ -263,8 +265,9 @@ module Fluent
     end
 
     def close_watcher_after_rotate_wait(tw)
-      closer = TailWatcher::Closer.new(@rotate_wait, tw, log, &method(:close_watcher))
-      closer.attach(@loop)
+      timer_execute(:in_tail_close_watcher, @rotate_wait, repeat: false) do
+        close_watcher(tw)
+      end
     end
 
     def flush_buffer(tw)
@@ -293,13 +296,6 @@ module Fluent
       end
     end
 
-    def run
-      @loop.run
-    rescue
-      log.error "unexpected error", error: $!.to_s
-      log.error_backtrace
-    end
-
     # @return true if no error or unrecoverable error happens in emit action. false if got BufferOverflowError
     def receive_lines(lines, tail_watcher)
       es = @receive_handler.call(lines, tail_watcher)
@@ -347,7 +343,7 @@ module Fluent
     end
 
     def parse_singleline(lines, tail_watcher)
-      es = MultiEventStream.new
+      es = Fluent::MultiEventStream.new
       lines.each { |line|
         convert_line_to_event(line, es, tail_watcher)
       }
@@ -356,7 +352,7 @@ module Fluent
 
     def parse_multilines(lines, tail_watcher)
       lb = tail_watcher.line_buffer
-      es = MultiEventStream.new
+      es = Fluent::MultiEventStream.new
       if @parser.has_firstline?
         tail_watcher.line_buffer_timer_flusher.reset_timer if tail_watcher.line_buffer_timer_flusher
         lines.each { |line|
@@ -400,8 +396,6 @@ module Fluent
         @receive_lines = receive_lines
         @update_watcher = update_watcher
 
-        @timer_trigger = TimerWatcher.new(1, true, log, &method(:on_notify)) if @enable_watch_timer
-
         @stat_trigger = StatWatcher.new(path, log, &method(:on_notify))
 
         @rotate_handler = RotateHandler.new(path, log, &method(:on_rotate))
@@ -412,6 +406,8 @@ module Fluent
       end
 
       attr_reader :path
+      attr_reader :stat_trigger, :enable_watch_timer
+      attr_accessor :timer_trigger
       attr_accessor :line_buffer, :line_buffer_timer_flusher
       attr_accessor :unwatched  # This is used for removing position entry from PositionFile
 
@@ -423,14 +419,12 @@ module Fluent
         @receive_lines.call(lines, self)
       end
 
-      def attach(loop)
-        @timer_trigger.attach(loop) if @enable_watch_timer
-        @stat_trigger.attach(loop)
+      def attach
+        yield self
         on_notify
       end
 
       def detach
-        @timer_trigger.detach if @enable_watch_timer && @timer_trigger.attached?
         @stat_trigger.detach if @stat_trigger.attached?
       end
 
@@ -523,22 +517,6 @@ module Fluent
         pe # This pe will be updated in on_rotate after TailWatcher is initialized
       end
 
-      class TimerWatcher < Coolio::TimerWatcher
-        def initialize(interval, repeat, log, &callback)
-          @callback = callback
-          @log = log
-          super(interval, repeat)
-        end
-
-        def on_timer
-          @callback.call
-        rescue
-          # TODO log?
-          @log.error $!.to_s
-          @log.error_backtrace
-        end
-      end
-
       class StatWatcher < Coolio::StatWatcher
         def initialize(path, log, &callback)
           @callback = callback
@@ -555,24 +533,6 @@ module Fluent
         end
       end
 
-      class Closer < Coolio::TimerWatcher
-        def initialize(interval, tw, log, &callback)
-          @callback = callback
-          @tw = tw
-          @log = log
-          super(interval, false)
-        end
-
-        def on_timer
-          @callback.call(@tw)
-        rescue => e
-          @log.error e.to_s
-          @log.error_backtrace(e.backtrace)
-        ensure
-          detach
-        end
-      end
-
       class IOHandler
         def initialize(io, pe, log, read_lines_limit, first = true, &receive_lines)
           @log = log
@@ -660,7 +620,7 @@ module Fluent
 
         def on_notify
           begin
-            stat = FileWrapper.stat(@path)
+            stat = Fluent::FileWrapper.stat(@path)
             inode = stat.ino
             fsize = stat.size
           rescue Errno::ENOENT
@@ -673,7 +633,7 @@ module Fluent
             if @inode != inode || fsize < @fsize
               # rotated or truncated
               begin
-                io = FileWrapper.open(@path)
+                io = Fluent::FileWrapper.open(@path)
               rescue Errno::ENOENT
               end
               @on_rotate.call(io)
@@ -688,7 +648,6 @@ module Fluent
         end
       end
 
-
       class LineBufferTimerFlusher
         def initialize(log, flush_interval, &flush_method)
           @log = log
@@ -713,7 +672,6 @@ module Fluent
       end
     end
 
-
     class PositionFile
       UNWATCHED_POSITION = 0xffffffffffffffff
 
@@ -833,6 +791,4 @@ module Fluent
       end
     end
   end
-
-  NewTailInput = TailInput # for backward compatibility
 end