fluentd 1.17.0-x86-mingw32 → 1.17.1-x86-mingw32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (259) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +46 -0
  3. data/README.md +1 -0
  4. data/SECURITY.md +2 -2
  5. data/fluent.conf +14 -14
  6. data/lib/fluent/command/cap_ctl.rb +4 -4
  7. data/lib/fluent/compat/call_super_mixin.rb +3 -3
  8. data/lib/fluent/compat/propagate_default.rb +4 -4
  9. data/lib/fluent/config/yaml_parser/parser.rb +4 -0
  10. data/lib/fluent/log/console_adapter.rb +4 -2
  11. data/lib/fluent/plugin/in_exec.rb +14 -2
  12. data/lib/fluent/plugin/in_http.rb +1 -1
  13. data/lib/fluent/plugin/in_sample.rb +13 -7
  14. data/lib/fluent/plugin/in_tail.rb +65 -23
  15. data/lib/fluent/plugin/out_copy.rb +1 -1
  16. data/lib/fluent/plugin/out_file.rb +8 -0
  17. data/lib/fluent/plugin/out_http.rb +12 -0
  18. data/lib/fluent/plugin/parser_json.rb +4 -12
  19. data/lib/fluent/plugin_helper/http_server/server.rb +1 -1
  20. data/lib/fluent/version.rb +1 -1
  21. data/templates/new_gem/fluent-plugin.gemspec.erb +6 -5
  22. metadata +25 -472
  23. data/.github/DISCUSSION_TEMPLATE/q-a-japanese.yml +0 -50
  24. data/.github/DISCUSSION_TEMPLATE/q-a.yml +0 -47
  25. data/.github/ISSUE_TEMPLATE/bug_report.yml +0 -71
  26. data/.github/ISSUE_TEMPLATE/config.yml +0 -5
  27. data/.github/ISSUE_TEMPLATE/feature_request.yml +0 -39
  28. data/.github/ISSUE_TEMPLATE.md +0 -17
  29. data/.github/PULL_REQUEST_TEMPLATE.md +0 -14
  30. data/.github/workflows/stale-actions.yml +0 -24
  31. data/.github/workflows/test-ruby-head.yml +0 -31
  32. data/.github/workflows/test.yml +0 -32
  33. data/.gitignore +0 -30
  34. data/Gemfile +0 -9
  35. data/fluentd.gemspec +0 -62
  36. data/test/command/test_binlog_reader.rb +0 -362
  37. data/test/command/test_ca_generate.rb +0 -70
  38. data/test/command/test_cap_ctl.rb +0 -100
  39. data/test/command/test_cat.rb +0 -128
  40. data/test/command/test_ctl.rb +0 -56
  41. data/test/command/test_fluentd.rb +0 -1291
  42. data/test/command/test_plugin_config_formatter.rb +0 -397
  43. data/test/command/test_plugin_generator.rb +0 -109
  44. data/test/compat/test_calls_super.rb +0 -166
  45. data/test/compat/test_parser.rb +0 -92
  46. data/test/config/assertions.rb +0 -42
  47. data/test/config/test_config_parser.rb +0 -551
  48. data/test/config/test_configurable.rb +0 -1784
  49. data/test/config/test_configure_proxy.rb +0 -604
  50. data/test/config/test_dsl.rb +0 -415
  51. data/test/config/test_element.rb +0 -518
  52. data/test/config/test_literal_parser.rb +0 -309
  53. data/test/config/test_plugin_configuration.rb +0 -56
  54. data/test/config/test_section.rb +0 -191
  55. data/test/config/test_system_config.rb +0 -195
  56. data/test/config/test_types.rb +0 -408
  57. data/test/counter/test_client.rb +0 -563
  58. data/test/counter/test_error.rb +0 -44
  59. data/test/counter/test_mutex_hash.rb +0 -179
  60. data/test/counter/test_server.rb +0 -589
  61. data/test/counter/test_store.rb +0 -258
  62. data/test/counter/test_validator.rb +0 -137
  63. data/test/helper.rb +0 -155
  64. data/test/helpers/fuzzy_assert.rb +0 -89
  65. data/test/helpers/process_extenstion.rb +0 -33
  66. data/test/log/test_console_adapter.rb +0 -117
  67. data/test/plugin/data/2010/01/20100102-030405.log +0 -0
  68. data/test/plugin/data/2010/01/20100102-030406.log +0 -0
  69. data/test/plugin/data/2010/01/20100102.log +0 -0
  70. data/test/plugin/data/log/bar +0 -0
  71. data/test/plugin/data/log/foo/bar.log +0 -0
  72. data/test/plugin/data/log/foo/bar2 +0 -0
  73. data/test/plugin/data/log/test.log +0 -0
  74. data/test/plugin/data/log_numeric/01.log +0 -0
  75. data/test/plugin/data/log_numeric/02.log +0 -0
  76. data/test/plugin/data/log_numeric/12.log +0 -0
  77. data/test/plugin/data/log_numeric/14.log +0 -0
  78. data/test/plugin/data/sd_file/config +0 -11
  79. data/test/plugin/data/sd_file/config.json +0 -17
  80. data/test/plugin/data/sd_file/config.yaml +0 -11
  81. data/test/plugin/data/sd_file/config.yml +0 -11
  82. data/test/plugin/data/sd_file/invalid_config.yml +0 -7
  83. data/test/plugin/in_tail/test_fifo.rb +0 -121
  84. data/test/plugin/in_tail/test_io_handler.rb +0 -150
  85. data/test/plugin/in_tail/test_position_file.rb +0 -346
  86. data/test/plugin/out_forward/test_ack_handler.rb +0 -140
  87. data/test/plugin/out_forward/test_connection_manager.rb +0 -145
  88. data/test/plugin/out_forward/test_handshake_protocol.rb +0 -112
  89. data/test/plugin/out_forward/test_load_balancer.rb +0 -106
  90. data/test/plugin/out_forward/test_socket_cache.rb +0 -174
  91. data/test/plugin/test_bare_output.rb +0 -131
  92. data/test/plugin/test_base.rb +0 -247
  93. data/test/plugin/test_buf_file.rb +0 -1314
  94. data/test/plugin/test_buf_file_single.rb +0 -898
  95. data/test/plugin/test_buf_memory.rb +0 -42
  96. data/test/plugin/test_buffer.rb +0 -1493
  97. data/test/plugin/test_buffer_chunk.rb +0 -209
  98. data/test/plugin/test_buffer_file_chunk.rb +0 -871
  99. data/test/plugin/test_buffer_file_single_chunk.rb +0 -611
  100. data/test/plugin/test_buffer_memory_chunk.rb +0 -339
  101. data/test/plugin/test_compressable.rb +0 -87
  102. data/test/plugin/test_file_util.rb +0 -96
  103. data/test/plugin/test_filter.rb +0 -368
  104. data/test/plugin/test_filter_grep.rb +0 -697
  105. data/test/plugin/test_filter_parser.rb +0 -731
  106. data/test/plugin/test_filter_record_transformer.rb +0 -577
  107. data/test/plugin/test_filter_stdout.rb +0 -207
  108. data/test/plugin/test_formatter_csv.rb +0 -136
  109. data/test/plugin/test_formatter_hash.rb +0 -38
  110. data/test/plugin/test_formatter_json.rb +0 -61
  111. data/test/plugin/test_formatter_ltsv.rb +0 -70
  112. data/test/plugin/test_formatter_msgpack.rb +0 -28
  113. data/test/plugin/test_formatter_out_file.rb +0 -116
  114. data/test/plugin/test_formatter_single_value.rb +0 -44
  115. data/test/plugin/test_formatter_tsv.rb +0 -76
  116. data/test/plugin/test_in_debug_agent.rb +0 -49
  117. data/test/plugin/test_in_exec.rb +0 -261
  118. data/test/plugin/test_in_forward.rb +0 -1178
  119. data/test/plugin/test_in_gc_stat.rb +0 -62
  120. data/test/plugin/test_in_http.rb +0 -1124
  121. data/test/plugin/test_in_monitor_agent.rb +0 -922
  122. data/test/plugin/test_in_object_space.rb +0 -66
  123. data/test/plugin/test_in_sample.rb +0 -190
  124. data/test/plugin/test_in_syslog.rb +0 -505
  125. data/test/plugin/test_in_tail.rb +0 -3429
  126. data/test/plugin/test_in_tcp.rb +0 -328
  127. data/test/plugin/test_in_udp.rb +0 -296
  128. data/test/plugin/test_in_unix.rb +0 -181
  129. data/test/plugin/test_input.rb +0 -137
  130. data/test/plugin/test_metadata.rb +0 -89
  131. data/test/plugin/test_metrics.rb +0 -294
  132. data/test/plugin/test_metrics_local.rb +0 -96
  133. data/test/plugin/test_multi_output.rb +0 -204
  134. data/test/plugin/test_out_copy.rb +0 -308
  135. data/test/plugin/test_out_exec.rb +0 -312
  136. data/test/plugin/test_out_exec_filter.rb +0 -606
  137. data/test/plugin/test_out_file.rb +0 -1038
  138. data/test/plugin/test_out_forward.rb +0 -1349
  139. data/test/plugin/test_out_http.rb +0 -557
  140. data/test/plugin/test_out_null.rb +0 -105
  141. data/test/plugin/test_out_relabel.rb +0 -28
  142. data/test/plugin/test_out_roundrobin.rb +0 -146
  143. data/test/plugin/test_out_secondary_file.rb +0 -458
  144. data/test/plugin/test_out_stdout.rb +0 -205
  145. data/test/plugin/test_out_stream.rb +0 -103
  146. data/test/plugin/test_output.rb +0 -1334
  147. data/test/plugin/test_output_as_buffered.rb +0 -2024
  148. data/test/plugin/test_output_as_buffered_backup.rb +0 -363
  149. data/test/plugin/test_output_as_buffered_compress.rb +0 -179
  150. data/test/plugin/test_output_as_buffered_overflow.rb +0 -250
  151. data/test/plugin/test_output_as_buffered_retries.rb +0 -966
  152. data/test/plugin/test_output_as_buffered_secondary.rb +0 -882
  153. data/test/plugin/test_output_as_standard.rb +0 -374
  154. data/test/plugin/test_owned_by.rb +0 -34
  155. data/test/plugin/test_parser.rb +0 -399
  156. data/test/plugin/test_parser_apache.rb +0 -42
  157. data/test/plugin/test_parser_apache2.rb +0 -47
  158. data/test/plugin/test_parser_apache_error.rb +0 -45
  159. data/test/plugin/test_parser_csv.rb +0 -200
  160. data/test/plugin/test_parser_json.rb +0 -244
  161. data/test/plugin/test_parser_labeled_tsv.rb +0 -160
  162. data/test/plugin/test_parser_msgpack.rb +0 -127
  163. data/test/plugin/test_parser_multiline.rb +0 -111
  164. data/test/plugin/test_parser_nginx.rb +0 -88
  165. data/test/plugin/test_parser_none.rb +0 -52
  166. data/test/plugin/test_parser_regexp.rb +0 -284
  167. data/test/plugin/test_parser_syslog.rb +0 -650
  168. data/test/plugin/test_parser_tsv.rb +0 -122
  169. data/test/plugin/test_sd_file.rb +0 -228
  170. data/test/plugin/test_sd_srv.rb +0 -230
  171. data/test/plugin/test_storage.rb +0 -166
  172. data/test/plugin/test_storage_local.rb +0 -335
  173. data/test/plugin/test_string_util.rb +0 -26
  174. data/test/plugin_helper/data/cert/cert-key.pem +0 -27
  175. data/test/plugin_helper/data/cert/cert-with-CRLF.pem +0 -19
  176. data/test/plugin_helper/data/cert/cert-with-no-newline.pem +0 -19
  177. data/test/plugin_helper/data/cert/cert.pem +0 -19
  178. data/test/plugin_helper/data/cert/cert_chains/ca-cert-key.pem +0 -27
  179. data/test/plugin_helper/data/cert/cert_chains/ca-cert.pem +0 -20
  180. data/test/plugin_helper/data/cert/cert_chains/cert-key.pem +0 -27
  181. data/test/plugin_helper/data/cert/cert_chains/cert.pem +0 -40
  182. data/test/plugin_helper/data/cert/empty.pem +0 -0
  183. data/test/plugin_helper/data/cert/generate_cert.rb +0 -125
  184. data/test/plugin_helper/data/cert/with_ca/ca-cert-key-pass.pem +0 -30
  185. data/test/plugin_helper/data/cert/with_ca/ca-cert-key.pem +0 -27
  186. data/test/plugin_helper/data/cert/with_ca/ca-cert-pass.pem +0 -20
  187. data/test/plugin_helper/data/cert/with_ca/ca-cert.pem +0 -20
  188. data/test/plugin_helper/data/cert/with_ca/cert-key-pass.pem +0 -30
  189. data/test/plugin_helper/data/cert/with_ca/cert-key.pem +0 -27
  190. data/test/plugin_helper/data/cert/with_ca/cert-pass.pem +0 -21
  191. data/test/plugin_helper/data/cert/with_ca/cert.pem +0 -21
  192. data/test/plugin_helper/data/cert/without_ca/cert-key-pass.pem +0 -30
  193. data/test/plugin_helper/data/cert/without_ca/cert-key.pem +0 -27
  194. data/test/plugin_helper/data/cert/without_ca/cert-pass.pem +0 -20
  195. data/test/plugin_helper/data/cert/without_ca/cert.pem +0 -20
  196. data/test/plugin_helper/http_server/test_app.rb +0 -65
  197. data/test/plugin_helper/http_server/test_route.rb +0 -32
  198. data/test/plugin_helper/service_discovery/test_manager.rb +0 -93
  199. data/test/plugin_helper/service_discovery/test_round_robin_balancer.rb +0 -21
  200. data/test/plugin_helper/test_cert_option.rb +0 -25
  201. data/test/plugin_helper/test_child_process.rb +0 -862
  202. data/test/plugin_helper/test_compat_parameters.rb +0 -358
  203. data/test/plugin_helper/test_event_emitter.rb +0 -80
  204. data/test/plugin_helper/test_event_loop.rb +0 -52
  205. data/test/plugin_helper/test_extract.rb +0 -194
  206. data/test/plugin_helper/test_formatter.rb +0 -255
  207. data/test/plugin_helper/test_http_server_helper.rb +0 -372
  208. data/test/plugin_helper/test_inject.rb +0 -561
  209. data/test/plugin_helper/test_metrics.rb +0 -137
  210. data/test/plugin_helper/test_parser.rb +0 -264
  211. data/test/plugin_helper/test_record_accessor.rb +0 -238
  212. data/test/plugin_helper/test_retry_state.rb +0 -1006
  213. data/test/plugin_helper/test_server.rb +0 -1895
  214. data/test/plugin_helper/test_service_discovery.rb +0 -165
  215. data/test/plugin_helper/test_socket.rb +0 -146
  216. data/test/plugin_helper/test_storage.rb +0 -542
  217. data/test/plugin_helper/test_thread.rb +0 -164
  218. data/test/plugin_helper/test_timer.rb +0 -130
  219. data/test/scripts/exec_script.rb +0 -32
  220. data/test/scripts/fluent/plugin/formatter1/formatter_test1.rb +0 -7
  221. data/test/scripts/fluent/plugin/formatter2/formatter_test2.rb +0 -7
  222. data/test/scripts/fluent/plugin/formatter_known.rb +0 -8
  223. data/test/scripts/fluent/plugin/out_test.rb +0 -81
  224. data/test/scripts/fluent/plugin/out_test2.rb +0 -80
  225. data/test/scripts/fluent/plugin/parser_known.rb +0 -4
  226. data/test/test_capability.rb +0 -74
  227. data/test/test_clock.rb +0 -164
  228. data/test/test_config.rb +0 -369
  229. data/test/test_configdsl.rb +0 -148
  230. data/test/test_daemonizer.rb +0 -91
  231. data/test/test_engine.rb +0 -203
  232. data/test/test_event.rb +0 -531
  233. data/test/test_event_router.rb +0 -348
  234. data/test/test_event_time.rb +0 -199
  235. data/test/test_file_wrapper.rb +0 -53
  236. data/test/test_filter.rb +0 -121
  237. data/test/test_fluent_log_event_router.rb +0 -99
  238. data/test/test_formatter.rb +0 -369
  239. data/test/test_input.rb +0 -31
  240. data/test/test_log.rb +0 -1076
  241. data/test/test_match.rb +0 -148
  242. data/test/test_mixin.rb +0 -351
  243. data/test/test_msgpack_factory.rb +0 -50
  244. data/test/test_oj_options.rb +0 -55
  245. data/test/test_output.rb +0 -278
  246. data/test/test_plugin.rb +0 -251
  247. data/test/test_plugin_classes.rb +0 -370
  248. data/test/test_plugin_helper.rb +0 -81
  249. data/test/test_plugin_id.rb +0 -119
  250. data/test/test_process.rb +0 -14
  251. data/test/test_root_agent.rb +0 -951
  252. data/test/test_static_config_analysis.rb +0 -177
  253. data/test/test_supervisor.rb +0 -821
  254. data/test/test_test_drivers.rb +0 -136
  255. data/test/test_time_formatter.rb +0 -301
  256. data/test/test_time_parser.rb +0 -362
  257. data/test/test_tls.rb +0 -65
  258. data/test/test_unique_id.rb +0 -47
  259. data/test/test_variable_store.rb +0 -65
@@ -1,1895 +0,0 @@
1
- require_relative '../helper'
2
- require 'fluent/plugin_helper/server'
3
- require 'fluent/plugin_helper/cert_option' # to create certs for tests
4
- require 'fluent/plugin/base'
5
- require 'timeout'
6
-
7
- require 'serverengine'
8
- require 'fileutils'
9
-
10
- class ServerPluginHelperTest < Test::Unit::TestCase
11
- class Dummy < Fluent::Plugin::TestBase
12
- helpers :server
13
- end
14
-
15
- TMP_DIR = File.expand_path(File.dirname(__FILE__) + "/../tmp/plugin_helper_server")
16
-
17
- setup do
18
- @port = unused_port
19
- if Fluent.windows?
20
- @socket_manager_server = ServerEngine::SocketManager::Server.open
21
- @socket_manager_path = @socket_manager_server.path
22
- else
23
- @socket_manager_path = ServerEngine::SocketManager::Server.generate_path
24
- if @socket_manager_path.is_a?(String) && File.exist?(@socket_manager_path)
25
- FileUtils.rm_f @socket_manager_path
26
- end
27
- @socket_manager_server = ServerEngine::SocketManager::Server.open(@socket_manager_path)
28
- end
29
- ENV['SERVERENGINE_SOCKETMANAGER_PATH'] = @socket_manager_path.to_s
30
-
31
- @d = Dummy.new
32
- @d.under_plugin_development = true
33
- @d.start
34
- @d.after_start
35
- end
36
-
37
- teardown do
38
- (@d.stopped? || @d.stop) rescue nil
39
- (@d.before_shutdown? || @d.before_shutdown) rescue nil
40
- (@d.shutdown? || @d.shutdown) rescue nil
41
- (@d.after_shutdown? || @d.after_shutdown) rescue nil
42
- (@d.closed? || @d.close) rescue nil
43
- (@d.terminated? || @d.terminate) rescue nil
44
-
45
- @socket_manager_server.close
46
- if @socket_manager_path.is_a?(String) && File.exist?(@socket_manager_path)
47
- FileUtils.rm_f @socket_manager_path
48
- end
49
- end
50
-
51
- sub_test_case 'plugin instance' do
52
- test 'can be instantiated to be able to create threads' do
53
- d = Dummy.new
54
- assert d.respond_to?(:_servers)
55
- assert d._servers.empty?
56
-
57
- assert d.respond_to?(:server_wait_until_start)
58
- assert d.respond_to?(:server_wait_until_stop)
59
- assert d.respond_to?(:server_create_connection)
60
- assert d.respond_to?(:server_create)
61
- assert d.respond_to?(:server_create_tcp)
62
- assert d.respond_to?(:server_create_udp)
63
- assert d.respond_to?(:server_create_tls)
64
- end
65
-
66
- test 'can be configured' do
67
- d = Dummy.new
68
- assert_nothing_raised do
69
- d.configure(config_element())
70
- end
71
- assert d.plugin_id
72
- assert d.log
73
- assert_equal 0, d.transport_config.linger_timeout
74
- end
75
-
76
- test 'can change linger_timeout option' do
77
- d = Dummy.new
78
-
79
- transport_opts = {
80
- 'linger_timeout' => 1,
81
- }
82
- transport_conf = config_element('transport', 'tcp', transport_opts)
83
- conf = config_element('source', 'tag.*', {}, [transport_conf])
84
-
85
- assert_nothing_raised do
86
- d.configure(conf)
87
- end
88
- assert d.plugin_id
89
- assert d.log
90
- assert_equal 1, d.transport_config.linger_timeout
91
- end
92
- end
93
-
94
- # run tests for tcp, udp, tls and unix
95
- sub_test_case '#server_create and #server_create_connection' do
96
- methods = {server_create: :server_create, server_create_connection: :server_create_connection}
97
-
98
- data(methods)
99
- test 'raise error if title is not specified or not a symbol' do |m|
100
- assert_raise(ArgumentError.new("BUG: title must be a symbol")) do
101
- @d.__send__(m, nil, @port){|x| x }
102
- end
103
- assert_raise(ArgumentError.new("BUG: title must be a symbol")) do
104
- @d.__send__(m, "", @port){|x| x }
105
- end
106
- assert_raise(ArgumentError.new("BUG: title must be a symbol")) do
107
- @d.__send__(m, "title", @port){|x| x }
108
- end
109
- assert_nothing_raised do
110
- @d.__send__(m, :myserver, @port){|x| x }
111
- end
112
- end
113
-
114
- data(methods)
115
- test 'raise error if port is not specified or not an integer' do |m|
116
- assert_raise(ArgumentError.new("BUG: port must be an integer")) do
117
- @d.__send__(m, :myserver, nil){|x| x }
118
- end
119
- assert_raise(ArgumentError.new("BUG: port must be an integer")) do
120
- @d.__send__(m, :myserver, "1"){|x| x }
121
- end
122
- assert_raise(ArgumentError.new("BUG: port must be an integer")) do
123
- @d.__send__(m, :myserver, 1.5){|x| x }
124
- end
125
- assert_nothing_raised do
126
- @d.__send__(m, :myserver, @port){|x| x }
127
- end
128
- end
129
-
130
- data(methods)
131
- test 'raise error if block is not specified' do |m|
132
- assert_raise(ArgumentError) do
133
- @d.__send__(m, :myserver, @port)
134
- end
135
- assert_nothing_raised do
136
- @d.__send__(m, :myserver, @port){|x| x }
137
- end
138
- end
139
-
140
- data(methods)
141
- test 'creates tcp server, binds 0.0.0.0 in default' do |m|
142
- @d.__send__(m, :myserver, @port){|x| x }
143
-
144
- assert_equal 1, @d._servers.size
145
-
146
- created_server_info = @d._servers.first
147
-
148
- assert_equal :myserver, created_server_info.title
149
- assert_equal @port, created_server_info.port
150
-
151
- assert_equal :tcp, created_server_info.proto
152
- assert_equal "0.0.0.0", created_server_info.bind
153
-
154
- created_server = created_server_info.server
155
-
156
- assert created_server.is_a?(Coolio::TCPServer)
157
- assert_equal "0.0.0.0", created_server.instance_eval{ @listen_socket }.addr[3]
158
- end
159
-
160
- data(methods)
161
- test 'creates tcp server if specified in proto' do |m|
162
- @d.__send__(m, :myserver, @port, proto: :tcp){|x| x }
163
-
164
- created_server_info = @d._servers.first
165
- assert_equal :tcp, created_server_info.proto
166
- created_server = created_server_info.server
167
- assert created_server.is_a?(Coolio::TCPServer)
168
- end
169
-
170
- data(methods)
171
- test 'creates tls server in default if transport section and tcp protocol specified' do |m|
172
- @d = d = Dummy.new
173
- transport_conf = config_element('transport', 'tcp', {}, [])
174
- d.configure(config_element('ROOT', '', {}, [transport_conf]))
175
- d.start
176
- d.after_start
177
-
178
- d.__send__(m, :myserver, @port){|x| x }
179
-
180
- created_server_info = @d._servers.first
181
- assert_equal :tcp, created_server_info.proto
182
- created_server = created_server_info.server
183
- assert created_server.is_a?(Coolio::TCPServer)
184
- end
185
-
186
- data(methods)
187
- test 'creates tls server if specified in proto' do |m|
188
- assert_raise(ArgumentError.new("BUG: TLS transport specified, but certification options are not specified")) do
189
- @d.__send__(m, :myserver, @port, proto: :tls){|x| x }
190
- end
191
- @d.__send__(m, :myserver, @port, proto: :tls, tls_options: {insecure: true}){|x| x }
192
-
193
- created_server_info = @d._servers.first
194
- assert_equal :tls, created_server_info.proto
195
- created_server = created_server_info.server
196
- assert created_server.is_a?(Coolio::TCPServer) # yes, TCP here
197
- end
198
-
199
- data(methods)
200
- test 'creates tls server in default if transport section and tls protocol specified' do |m|
201
- @d = d = Dummy.new
202
- transport_conf = config_element('transport', 'tls', {'insecure' => 'true'}, [])
203
- d.configure(config_element('ROOT', '', {}, [transport_conf]))
204
- d.start
205
- d.after_start
206
-
207
- d.__send__(m, :myserver, @port){|x| x }
208
-
209
- created_server_info = @d._servers.first
210
- assert_equal :tls, created_server_info.proto
211
- created_server = created_server_info.server
212
- assert created_server.is_a?(Coolio::TCPServer) # OK, it's Coolio::TCPServer
213
- end
214
-
215
- data(methods)
216
- test 'creates unix server if specified in proto' do |m|
217
- # pend "not implemented yet"
218
- end
219
-
220
- data(methods)
221
- test 'raise error if unknown protocol specified' do |m|
222
- assert_raise(ArgumentError.new("BUG: invalid protocol name")) do
223
- @d.__send__(m, :myserver, @port, proto: :quic){|x| x }
224
- end
225
- end
226
-
227
- data(
228
- 'server_create tcp' => [:server_create, :tcp],
229
- 'server_create tls' => [:server_create, :tls],
230
- # 'server_create unix' => [:server_create, :unix],
231
- 'server_create_connection tcp' => [:server_create_connection, :tcp],
232
- 'server_create_connection tls' => [:server_create_connection, :tls],
233
- # 'server_create_connection tcp' => [:server_create_connection, :unix],
234
- )
235
- test 'raise error if udp options specified for tcp/tls/unix' do |(m, proto)|
236
- assert_raise ArgumentError do
237
- @d.__send__(m, :myserver, @port, proto: proto, max_bytes: 128){|x| x }
238
- end
239
- assert_raise ArgumentError do
240
- @d.__send__(m, :myserver, @port, proto: proto, flags: 1){|x| x }
241
- end
242
- end
243
-
244
- data(
245
- 'server_create udp' => [:server_create, :udp],
246
- )
247
- test 'raise error if tcp/tls options specified for udp' do |(m, proto)|
248
- assert_raise(ArgumentError.new("BUG: linger_timeout is available for tcp/tls")) do
249
- @d.__send__(m, :myserver, @port, proto: proto, linger_timeout: 1, max_bytes: 128){|x| x }
250
- end
251
- end
252
-
253
- data(
254
- 'server_create udp' => [:server_create, :udp],
255
- )
256
- test 'raise error if tcp/tls/unix backlog options specified for udp' do |(m, proto)|
257
- assert_raise(ArgumentError.new("BUG: backlog is available for tcp/tls")) do
258
- @d.__send__(m, :myserver, @port, proto: proto, backlog: 500){|x| x }
259
- end
260
- end
261
-
262
- data(
263
- 'server_create udp' => [:server_create, :udp],
264
- )
265
- test 'raise error if tcp/tls send_keepalive_packet option is specified for udp' do |(m, proto)|
266
- assert_raise(ArgumentError.new("BUG: send_keepalive_packet is available for tcp/tls")) do
267
- @d.__send__(m, :myserver, @port, proto: proto, send_keepalive_packet: true){|x| x }
268
- end
269
- end
270
-
271
- data(
272
- 'server_create tcp' => [:server_create, :tcp, {}],
273
- 'server_create udp' => [:server_create, :udp, {max_bytes: 128}],
274
- # 'server_create unix' => [:server_create, :unix, {}],
275
- 'server_create_connection tcp' => [:server_create_connection, :tcp, {}],
276
- # 'server_create_connection unix' => [:server_create_connection, :unix, {}],
277
- )
278
- test 'raise error if tls options specified for tcp/udp/unix' do |(m, proto, kwargs)|
279
- assert_raise(ArgumentError.new("BUG: tls_options is available only for tls")) do
280
- @d.__send__(m, :myserver, @port, proto: proto, tls_options: {}, **kwargs){|x| x }
281
- end
282
- end
283
-
284
- data(
285
- 'server_create tcp' => [:server_create, :tcp, {}],
286
- 'server_create udp' => [:server_create, :udp, {max_bytes: 128}],
287
- 'server_create tls' => [:server_create, :tls, {tls_options: {insecure: true}}],
288
- 'server_create_connection tcp' => [:server_create_connection, :tcp, {}],
289
- 'server_create_connection tls' => [:server_create_connection, :tls, {tls_options: {insecure: true}}],
290
- )
291
- test 'can bind specified IPv4 address' do |(m, proto, kwargs)|
292
- @d.__send__(m, :myserver, @port, proto: proto, bind: "127.0.0.1", **kwargs){|x| x }
293
- assert_equal "127.0.0.1", @d._servers.first.bind
294
- assert_equal "127.0.0.1", @d._servers.first.server.instance_eval{ instance_variable_defined?(:@listen_socket) ? @listen_socket : @_io }.addr[3]
295
- end
296
-
297
- data(
298
- 'server_create tcp' => [:server_create, :tcp, {}],
299
- 'server_create udp' => [:server_create, :udp, {max_bytes: 128}],
300
- 'server_create tls' => [:server_create, :tls, {tls_options: {insecure: true}}],
301
- 'server_create_connection tcp' => [:server_create_connection, :tcp, {}],
302
- 'server_create_connection tls' => [:server_create_connection, :tls, {tls_options: {insecure: true}}],
303
- )
304
- test 'can bind specified IPv6 address' do |(m, proto, kwargs)| # if available
305
- omit "IPv6 unavailable here" unless ipv6_enabled?
306
- @d.__send__(m, :myserver, @port, proto: proto, bind: "::1", **kwargs){|x| x }
307
- assert_equal "::1", @d._servers.first.bind
308
- assert_equal "::1", @d._servers.first.server.instance_eval{ instance_variable_defined?(:@listen_socket) ? @listen_socket : @_io }.addr[3]
309
- end
310
-
311
- data(
312
- 'server_create tcp' => [:server_create, :tcp, {}],
313
- 'server_create udp' => [:server_create, :udp, {max_bytes: 128}],
314
- 'server_create tls' => [:server_create, :tls, {tls_options: {insecure: true}}],
315
- # 'server_create unix' => [:server_create, :unix, {}],
316
- 'server_create_connection tcp' => [:server_create, :tcp, {}],
317
- 'server_create_connection tls' => [:server_create, :tls, {tls_options: {insecure: true}}],
318
- # 'server_create_connection unix' => [:server_create, :unix, {}],
319
- )
320
- test 'can create 2 or more servers which share same bind address and port if shared option is true' do |(m, proto, kwargs)|
321
- begin
322
- d2 = Dummy.new; d2.start; d2.after_start
323
-
324
- assert_nothing_raised do
325
- @d.__send__(m, :myserver, @port, proto: proto, **kwargs){|x| x }
326
- d2.__send__(m, :myserver, @port, proto: proto, **kwargs){|x| x }
327
- end
328
- ensure
329
- d2.stop; d2.before_shutdown; d2.shutdown; d2.after_shutdown; d2.close; d2.terminate
330
- end
331
- end
332
-
333
- data(
334
- 'server_create tcp' => [:server_create, :tcp, {}],
335
- # Disable udp test because the behaviour of SO_REUSEXXX option is different betweeen BSD, Linux and others...
336
- # Need to find good way for testing on local, CI service and others.
337
- #'server_create udp' => [:server_create, :udp, {max_bytes: 128}],
338
- 'server_create tls' => [:server_create, :tls, {tls_options: {insecure: true}}],
339
- # 'server_create unix' => [:server_create, :unix, {}],
340
- 'server_create_connection tcp' => [:server_create, :tcp, {}],
341
- 'server_create_connection tls' => [:server_create, :tls, {tls_options: {insecure: true}}],
342
- # 'server_create_connection unix' => [:server_create, :unix, {}],
343
- )
344
- test 'cannot create 2 or more servers using same bind address and port if shared option is false' do |(m, proto, kwargs)|
345
- begin
346
- d2 = Dummy.new; d2.start; d2.after_start
347
-
348
- assert_nothing_raised do
349
- @d.__send__(m, :myserver, @port, proto: proto, shared: false, **kwargs){|x| x }
350
- end
351
- assert_raise(Errno::EADDRINUSE, Errno::EACCES) do
352
- d2.__send__(m, :myserver, @port, proto: proto, **kwargs){|x| x }
353
- end
354
- ensure
355
- d2.stop; d2.before_shutdown; d2.shutdown; d2.after_shutdown; d2.close; d2.terminate
356
- end
357
- end
358
- end
359
-
360
- sub_test_case '#server_create' do
361
- data(
362
- 'tcp' => [:tcp, {}],
363
- 'udp' => [:udp, {max_bytes: 128}],
364
- 'tls' => [:tls, {tls_options: {insecure: true}}],
365
- # 'unix' => [:unix, {}],
366
- )
367
- test 'raise error if block argument is not specified or too many' do |(proto, kwargs)|
368
- assert_raise(ArgumentError.new("BUG: block must have 1 or 2 arguments")) do
369
- @d.server_create(:myserver, @port, proto: proto, **kwargs){ 1 }
370
- end
371
- assert_raise(ArgumentError.new("BUG: block must have 1 or 2 arguments")) do
372
- @d.server_create(:myserver, @port, proto: proto, **kwargs){|sock, conn, what_is_this| 1 }
373
- end
374
- end
375
-
376
- test 'creates udp server if specified in proto' do
377
- @d.server_create(:myserver, @port, proto: :udp, max_bytes: 512){|x| x }
378
-
379
- created_server_info = @d._servers.first
380
- assert_equal :udp, created_server_info.proto
381
- created_server = created_server_info.server
382
- assert created_server.is_a?(Fluent::PluginHelper::Server::EventHandler::UDPServer)
383
- end
384
- end
385
-
386
- sub_test_case '#server_create_tcp' do
387
- test 'can accept all keyword arguments valid for tcp server' do
388
- assert_nothing_raised do
389
- @d.server_create_tcp(:s, @port, bind: '127.0.0.1', shared: false, resolve_name: true, linger_timeout: 10, backlog: 500, send_keepalive_packet: true) do |data, conn|
390
- # ...
391
- end
392
- end
393
- end
394
-
395
- test 'creates a tcp server just to read data' do
396
- received = ""
397
- @d.server_create_tcp(:s, @port) do |data|
398
- received << data
399
- end
400
- 3.times do
401
- sock = TCPSocket.new("127.0.0.1", @port)
402
- sock.puts "yay"
403
- sock.puts "foo"
404
- sock.close
405
- end
406
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
407
- assert_equal "yay\nfoo\nyay\nfoo\nyay\nfoo\n", received
408
- end
409
-
410
- test 'creates a tcp server to read and write data' do
411
- received = ""
412
- responses = []
413
- @d.server_create_tcp(:s, @port) do |data, conn|
414
- received << data
415
- conn.write "ack\n"
416
- end
417
- 3.times do
418
- TCPSocket.open("127.0.0.1", @port) do |sock|
419
- sock.puts "yay"
420
- sock.puts "foo"
421
- responses << sock.readline
422
- end
423
- end
424
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
425
- assert_equal "yay\nfoo\nyay\nfoo\nyay\nfoo\n", received
426
- assert_equal ["ack\n","ack\n","ack\n"], responses
427
- end
428
-
429
- test 'creates a tcp server to read and write data using IPv6' do
430
- omit "IPv6 unavailable here" unless ipv6_enabled?
431
-
432
- received = ""
433
- responses = []
434
- @d.server_create_tcp(:s, @port, bind: "::1") do |data, conn|
435
- received << data
436
- conn.write "ack\n"
437
- end
438
- 3.times do
439
- TCPSocket.open("::1", @port) do |sock|
440
- sock.puts "yay"
441
- sock.puts "foo"
442
- responses << sock.readline
443
- end
444
- end
445
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
446
- assert_equal "yay\nfoo\nyay\nfoo\nyay\nfoo\n", received
447
- assert_equal ["ack\n","ack\n","ack\n"], responses
448
- end
449
-
450
- test 'does not resolve name of client address in default' do
451
- received = ""
452
- sources = []
453
- @d.server_create_tcp(:s, @port) do |data, conn|
454
- received << data
455
- sources << conn.remote_host
456
- end
457
- 3.times do
458
- TCPSocket.open("127.0.0.1", @port) do |sock|
459
- sock.puts "yay"
460
- end
461
- end
462
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
463
- assert_equal "yay\nyay\nyay\n", received
464
- assert{ sources.all?{|s| s == "127.0.0.1" } }
465
- end
466
-
467
- test 'does resolve name of client address if resolve_name is true' do
468
- hostname = Socket.getnameinfo([nil, nil, nil, "127.0.0.1"])[0]
469
-
470
- received = ""
471
- sources = []
472
- @d.server_create_tcp(:s, @port, resolve_name: true) do |data, conn|
473
- received << data
474
- sources << conn.remote_host
475
- end
476
- 3.times do
477
- TCPSocket.open("127.0.0.1", @port) do |sock|
478
- sock.puts "yay"
479
- end
480
- end
481
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
482
- assert_equal "yay\nyay\nyay\n", received
483
- assert{ sources.all?{|s| s == hostname } }
484
- end
485
-
486
- test 'can keep connections alive for tcp if keepalive specified' do
487
- # pend "not implemented yet"
488
- end
489
-
490
- test 'raises error if plugin registers data callback for connection object from #server_create' do
491
- received = ""
492
- errors = []
493
- @d.server_create_tcp(:s, @port) do |data, conn|
494
- received << data
495
- begin
496
- conn.data{|d| received << d.upcase }
497
- rescue => e
498
- errors << e
499
- end
500
- end
501
- TCPSocket.open("127.0.0.1", @port) do |sock|
502
- sock.puts "foo"
503
- end
504
- waiting(10){ sleep 0.1 until received.bytesize == 4 || errors.size == 1 }
505
- assert_equal "foo\n", received
506
- assert{ errors.size > 0 } # it might be called twice (or more) when connection was accepted, and then data arrived (or more)
507
- assert_equal "data callback can be registered just once, but registered twice", errors.first.message
508
- end
509
-
510
- test 'can call write_complete callback if registered' do
511
- buffer = ""
512
- lines = []
513
- responses = []
514
- response_completes = []
515
- @d.server_create_tcp(:s, @port) do |data, conn|
516
- conn.on(:write_complete){|c| response_completes << true }
517
- buffer << data
518
- if idx = buffer.index("\n")
519
- lines << buffer.slice!(0,idx+1)
520
- conn.write "ack\n"
521
- end
522
- end
523
- 3.times do
524
- TCPSocket.open("127.0.0.1", @port) do |sock|
525
- sock.write "yay"
526
- sock.write "foo\n"
527
- begin
528
- responses << sock.readline
529
- rescue EOFError, IOError, Errno::ECONNRESET
530
- # ignore
531
- end
532
- sock.close
533
- end
534
- end
535
- waiting(10){ sleep 0.1 until lines.size == 3 && response_completes.size == 3 }
536
- assert_equal ["yayfoo\n", "yayfoo\n", "yayfoo\n"], lines
537
- assert_equal ["ack\n","ack\n","ack\n"], responses
538
- assert_equal [true, true, true], response_completes
539
- end
540
-
541
- test 'can call close callback if registered' do
542
- buffer = ""
543
- lines = []
544
- callback_results = []
545
- @d.server_create_tcp(:s, @port) do |data, conn|
546
- conn.on(:close){|c| callback_results << "closed" }
547
- buffer << data
548
- if idx = buffer.index("\n")
549
- lines << buffer.slice!(0,idx+1)
550
- conn.write "ack\n"
551
- end
552
- end
553
- 3.times do
554
- TCPSocket.open("127.0.0.1", @port) do |sock|
555
- sock.write "yay"
556
- sock.write "foo\n"
557
- begin
558
- while line = sock.readline
559
- if line == "ack\n"
560
- sock.close
561
- end
562
- end
563
- rescue EOFError, IOError, Errno::ECONNRESET
564
- # ignore
565
- end
566
- end
567
- end
568
- waiting(10){ sleep 0.1 until lines.size == 3 && callback_results.size == 3 }
569
- assert_equal ["yayfoo\n", "yayfoo\n", "yayfoo\n"], lines
570
- assert_equal ["closed", "closed", "closed"], callback_results
571
- end
572
-
573
- test 'can listen IPv4 / IPv6 together' do
574
- omit "IPv6 unavailable here" unless ipv6_enabled?
575
-
576
- assert_nothing_raised do
577
- @d.server_create_tcp(:s_ipv4, @port, bind: '0.0.0.0', shared: false) do |data, conn|
578
- # ...
579
- end
580
- @d.server_create_tcp(:s_ipv6, @port, bind: '::', shared: false) do |data, conn|
581
- # ...
582
- end
583
- end
584
- end
585
- end
586
-
587
- sub_test_case '#server_create_udp' do
588
- test 'can accept all keyword arguments valid for udp server' do
589
- assert_nothing_raised do
590
- @d.server_create_udp(:s, @port, bind: '127.0.0.1', shared: false, resolve_name: true, max_bytes: 100, flags: 1) do |data, conn|
591
- # ...
592
- end
593
- end
594
- end
595
-
596
- test 'creates a udp server just to read data' do
597
- received = ""
598
- @d.server_create_udp(:s, @port, max_bytes: 128) do |data|
599
- received << data
600
- end
601
- bind_port = unused_port(protocol: :udp, bind: "127.0.0.1")
602
- 3.times do
603
- sock = UDPSocket.new(Socket::AF_INET)
604
- sock.bind("127.0.0.1", bind_port)
605
- sock.connect("127.0.0.1", @port)
606
- sock.puts "yay"
607
- sock.puts "foo"
608
- sock.close
609
- end
610
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
611
- assert_equal "yay\nfoo\nyay\nfoo\nyay\nfoo\n", received
612
- end
613
-
614
- test 'creates a udp server to read and write data' do
615
- received = ""
616
- responses = []
617
- @d.server_create_udp(:s, @port, max_bytes: 128) do |data, sock|
618
- received << data
619
- sock.write "ack\n"
620
- end
621
- bind_port = unused_port
622
- 3.times do
623
- begin
624
- sock = UDPSocket.new(Socket::AF_INET)
625
- sock.bind("127.0.0.1", bind_port)
626
- sock.connect("127.0.0.1", @port)
627
- th = Thread.new do
628
- while true
629
- begin
630
- in_data, _addr = sock.recvfrom_nonblock(16)
631
- if in_data
632
- responses << in_data
633
- break
634
- end
635
- rescue IO::WaitReadable
636
- IO.select([sock])
637
- end
638
- end
639
- true
640
- end
641
- sock.write "yay\nfoo\n"
642
- th.join(5)
643
- ensure
644
- sock.close
645
- end
646
- end
647
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
648
- assert_equal "yay\nfoo\nyay\nfoo\nyay\nfoo\n", received
649
- assert_equal ["ack\n","ack\n","ack\n"], responses
650
- end
651
-
652
- test 'creates a udp server to read and write data using IPv6' do
653
- omit "IPv6 unavailable here" unless ipv6_enabled?
654
-
655
- received = ""
656
- responses = []
657
- @d.server_create_udp(:s, @port, bind: "::1", max_bytes: 128) do |data, sock|
658
- received << data
659
- sock.write "ack\n"
660
- end
661
- bind_port = unused_port
662
- 3.times do
663
- begin
664
- sock = UDPSocket.new(Socket::AF_INET6)
665
- sock.bind("::1", bind_port)
666
- th = Thread.new do
667
- responses << sock.recv(16)
668
- true
669
- end
670
- sock.connect("::1", @port)
671
- sock.write "yay\nfoo\n"
672
- th.join(5)
673
- ensure
674
- sock.close
675
- end
676
- end
677
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
678
- assert_equal "yay\nfoo\nyay\nfoo\nyay\nfoo\n", received
679
- assert_equal ["ack\n","ack\n","ack\n"], responses
680
- end
681
-
682
- test 'does not resolve name of client address in default' do
683
- received = ""
684
- sources = []
685
- @d.server_create_udp(:s, @port, max_bytes: 128) do |data, sock|
686
- received << data
687
- sources << sock.remote_host
688
- end
689
- 3.times do
690
- sock = UDPSocket.new(Socket::AF_INET)
691
- sock.connect("127.0.0.1", @port)
692
- sock.puts "yay"
693
- sock.close
694
- end
695
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
696
- assert_equal "yay\nyay\nyay\n", received
697
- assert{ sources.all?{|s| s == "127.0.0.1" } }
698
- end
699
-
700
- test 'does resolve name of client address if resolve_name is true' do
701
- hostname = Socket.getnameinfo([nil, nil, nil, "127.0.0.1"])[0]
702
-
703
- received = ""
704
- sources = []
705
- @d.server_create_udp(:s, @port, resolve_name: true, max_bytes: 128) do |data, sock|
706
- received << data
707
- sources << sock.remote_host
708
- end
709
- 3.times do
710
- sock = UDPSocket.new(Socket::AF_INET)
711
- sock.connect("127.0.0.1", @port)
712
- sock.puts "yay"
713
- sock.close
714
- end
715
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
716
- assert_equal "yay\nyay\nyay\n", received
717
- assert{ sources.all?{|s| s == hostname } }
718
- end
719
-
720
- test 'raises error if plugin registers data callback for connection object from #server_create' do
721
- received = ""
722
- errors = []
723
- @d.server_create_udp(:s, @port, max_bytes: 128) do |data, sock|
724
- received << data
725
- begin
726
- sock.data{|d| received << d.upcase }
727
- rescue => e
728
- errors << e
729
- end
730
- end
731
- sock = UDPSocket.new(Socket::AF_INET)
732
- sock.connect("127.0.0.1", @port)
733
- sock.write "foo\n"
734
- sock.close
735
-
736
- waiting(10){ sleep 0.1 until received.bytesize == 4 && errors.size == 1 }
737
- assert_equal "foo\n", received
738
- assert_equal 1, errors.size
739
- assert_equal "BUG: this event is disabled for udp: data", errors.first.message
740
- end
741
-
742
- test 'raise error if plugin registers write_complete callback for udp' do
743
- received = ""
744
- errors = []
745
- @d.server_create_udp(:s, @port, max_bytes: 128) do |data, sock|
746
- received << data
747
- begin
748
- sock.on(:write_complete){|conn| "" }
749
- rescue => e
750
- errors << e
751
- end
752
- end
753
- sock = UDPSocket.new(Socket::AF_INET)
754
- sock.connect("127.0.0.1", @port)
755
- sock.write "foo\n"
756
- sock.close
757
-
758
- waiting(10){ sleep 0.1 until received.bytesize == 4 && errors.size == 1 }
759
- assert_equal "foo\n", received
760
- assert_equal 1, errors.size
761
- assert_equal "BUG: this event is disabled for udp: write_complete", errors.first.message
762
- end
763
-
764
- test 'raises error if plugin registers close callback for udp' do
765
- received = ""
766
- errors = []
767
- @d.server_create_udp(:s, @port, max_bytes: 128) do |data, sock|
768
- received << data
769
- begin
770
- sock.on(:close){|d| "" }
771
- rescue => e
772
- errors << e
773
- end
774
- end
775
- sock = UDPSocket.new(Socket::AF_INET)
776
- sock.connect("127.0.0.1", @port)
777
- sock.write "foo\n"
778
- sock.close
779
-
780
- waiting(10){ sleep 0.1 until received.bytesize == 4 && errors.size == 1 }
781
- assert_equal "foo\n", received
782
- assert_equal 1, errors.size
783
- assert_equal "BUG: this event is disabled for udp: close", errors.first.message
784
- end
785
-
786
- test 'can bind IPv4 / IPv6 together' do
787
- omit "IPv6 unavailable here" unless ipv6_enabled?
788
-
789
- assert_nothing_raised do
790
- @d.server_create_udp(:s_ipv4_udp, @port, bind: '0.0.0.0', shared: false, max_bytes: 128) do |data, sock|
791
- # ...
792
- end
793
- @d.server_create_udp(:s_ipv6_udp, @port, bind: '::', shared: false, max_bytes: 128) do |data, sock|
794
- # ...
795
- end
796
- end
797
- end
798
-
799
- sub_test_case 'over max_bytes' do
800
- data("cut off on Non-Windows", { max_bytes: 32, records: ["a" * 40], expected: ["a" * 32] }, keep: true) unless Fluent.windows?
801
- data("drop on Windows", { max_bytes: 32, records: ["a" * 40], expected: [] }, keep: true) if Fluent.windows?
802
- test 'with sock' do |data|
803
- max_bytes, records, expected = data.values
804
-
805
- actual_records = []
806
- @d.server_create_udp(:myserver, @port, max_bytes: max_bytes) do |data, sock|
807
- actual_records << data
808
- end
809
-
810
- open_client(:udp, "127.0.0.1", @port) do |sock|
811
- records.each do |record|
812
- sock.send(record, 0)
813
- end
814
- end
815
-
816
- waiting(10) { sleep 0.1 until actual_records.size >= expected.size }
817
- sleep 1 if expected.size == 0 # To confirm no record recieved.
818
-
819
- assert_equal expected, actual_records
820
- end
821
-
822
- test 'without sock' do |data|
823
- max_bytes, records, expected = data.values
824
-
825
- actual_records = []
826
- @d.server_create_udp(:myserver, @port, max_bytes: max_bytes) do |data|
827
- actual_records << data
828
- end
829
-
830
- open_client(:udp, "127.0.0.1", @port) do |sock|
831
- records.each do |record|
832
- sock.send(record, 0)
833
- end
834
- end
835
-
836
- waiting(10) { sleep 0.1 until actual_records.size >= expected.size }
837
- sleep 1 if expected.size == 0 # To confirm no record recieved.
838
-
839
- assert_equal expected, actual_records
840
- end
841
- end
842
- end
843
-
844
- module CertUtil
845
- extend Fluent::PluginHelper::CertOption
846
- end
847
-
848
- def create_ca_options
849
- {
850
- private_key_length: 2048,
851
- country: 'US',
852
- state: 'CA',
853
- locality: 'Mountain View',
854
- common_name: 'ca.testing.fluentd.org',
855
- expiration: 30 * 86400,
856
- digest: :sha256,
857
- }
858
- end
859
-
860
- def create_server_options
861
- {
862
- private_key_length: 2048,
863
- country: 'US',
864
- state: 'CA',
865
- locality: 'Mountain View',
866
- common_name: 'server.testing.fluentd.org',
867
- expiration: 30 * 86400,
868
- digest: :sha256,
869
- }
870
- end
871
-
872
- def write_cert_and_key(cert_path, cert, key_path, key, passphrase)
873
- File.open(cert_path, "w"){|f| f.write(cert.to_pem) }
874
- # Write the secret key (raw or encrypted by AES256) in PEM format
875
- key_str = passphrase ? key.export(OpenSSL::Cipher.new("AES-256-CBC"), passphrase) : key.export
876
- File.open(key_path, "w"){|f| f.write(key_str) }
877
- File.chmod(0600, cert_path, key_path)
878
- end
879
-
880
- def create_server_pair_signed_by_self(cert_path, private_key_path, passphrase)
881
- cert, key, _ = CertUtil.cert_option_generate_server_pair_self_signed(create_server_options)
882
- write_cert_and_key(cert_path, cert, private_key_path, key, passphrase)
883
- return cert
884
- end
885
-
886
- def create_ca_pair_signed_by_self(cert_path, private_key_path, passphrase)
887
- cert, key, _ = CertUtil.cert_option_generate_ca_pair_self_signed(create_ca_options)
888
- write_cert_and_key(cert_path, cert, private_key_path, key, passphrase)
889
- end
890
-
891
- def create_server_pair_signed_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, passphrase)
892
- cert, key, _ = CertUtil.cert_option_generate_server_pair_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, create_server_options)
893
- write_cert_and_key(cert_path, cert, private_key_path, key, passphrase)
894
- return cert
895
- end
896
-
897
- def create_server_pair_chained_with_root_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, passphrase)
898
- root_cert, root_key, _ = CertUtil.cert_option_generate_ca_pair_self_signed(create_ca_options)
899
- write_cert_and_key(ca_cert_path, root_cert, ca_key_path, root_key, ca_key_passphrase)
900
-
901
- intermediate_ca_options = create_ca_options
902
- intermediate_ca_options[:common_name] = 'ca2.testing.fluentd.org'
903
- chain_cert, chain_key = CertUtil.cert_option_generate_pair(intermediate_ca_options, root_cert.subject)
904
- chain_cert.add_extension OpenSSL::X509::Extension.new('basicConstraints', OpenSSL::ASN1.Sequence([OpenSSL::ASN1::Boolean(true)]))
905
- chain_cert.sign(root_key, "sha256")
906
-
907
- server_cert, server_key, _ = CertUtil.cert_option_generate_pair(create_server_options, chain_cert.subject)
908
- factory = OpenSSL::X509::ExtensionFactory.new
909
- server_cert.add_extension(factory.create_extension('basicConstraints', 'CA:FALSE'))
910
- server_cert.add_extension(factory.create_extension('nsCertType', 'server'))
911
- server_cert.sign(chain_key, "sha256")
912
-
913
- # write chained cert
914
- File.open(cert_path, "w") do |f|
915
- f.write server_cert.to_pem
916
- f.write chain_cert.to_pem
917
- end
918
- key_str = passphrase ? server_key.export(OpenSSL::Cipher.new("AES-256-CBC"), passphrase) : server_key.export
919
- File.open(private_key_path, "w"){|f| f.write(key_str) }
920
- File.chmod(0600, cert_path, private_key_path)
921
- end
922
-
923
- def open_tls_session(addr, port, version: Fluent::TLS::DEFAULT_VERSION, verify: true, cert_path: nil, selfsigned: true, hostname: nil)
924
- context = OpenSSL::SSL::SSLContext.new
925
- context.set_params({})
926
- if verify
927
- cert_store = OpenSSL::X509::Store.new
928
- cert_store.set_default_paths
929
- if selfsigned && OpenSSL::X509.const_defined?('V_FLAG_CHECK_SS_SIGNATURE')
930
- cert_store.flags = OpenSSL::X509::V_FLAG_CHECK_SS_SIGNATURE
931
- end
932
- if cert_path
933
- cert_store.add_file(cert_path)
934
- end
935
- context.verify_mode = OpenSSL::SSL::VERIFY_PEER
936
- context.cert_store = cert_store
937
- if !hostname
938
- context.verify_hostname = false # In test code, using hostname to be connected is very difficult
939
- end
940
- else
941
- context.verify_mode = OpenSSL::SSL::VERIFY_NONE
942
- end
943
- Fluent::TLS.set_version_to_context(context, version, nil, nil)
944
-
945
- sock = OpenSSL::SSL::SSLSocket.new(TCPSocket.new(addr, port), context)
946
- sock.hostname = hostname if hostname && sock.respond_to?(:hostname)
947
- sock.connect
948
- yield sock
949
- ensure
950
- sock.close rescue nil
951
- end
952
-
953
- def assert_certificate(cert, expected_extensions)
954
- get_extension = lambda do |oid|
955
- cert.extensions.detect { |e| e.oid == oid }
956
- end
957
-
958
- assert_true cert.serial > 1
959
- assert_equal 2, cert.version
960
-
961
- expected_extensions.each do |ext|
962
- expected_oid, expected_value = ext
963
- assert_equal expected_value, get_extension.call(expected_oid).value
964
- end
965
- end
966
-
967
- sub_test_case '#server_create_tls with various certificate options' do
968
- setup do
969
- @d = Dummy.new # to get plugin not configured/started yet
970
-
971
- @certs_dir = File.join(TMP_DIR, "tls_certs")
972
- @server_cert_dir = File.join(@certs_dir, "server")
973
- FileUtils.rm_rf @certs_dir
974
- FileUtils.mkdir_p @server_cert_dir
975
- end
976
-
977
- sub_test_case 'using tls_options arguments to specify cert options' do
978
- setup do
979
- @d.configure(config_element()); @d.start; @d.after_start
980
- end
981
-
982
- test 'create dynamic self-signed cert/key pair (without any verification from clients)' do
983
- # insecure
984
- tls_options = {
985
- protocol: :tls,
986
- version: :'TLSv1_2',
987
- ciphers: 'ALL:!aNULL:!eNULL:!SSLv2',
988
- insecure: true,
989
- generate_private_key_length: 2048,
990
- generate_cert_country: 'US',
991
- generate_cert_state: 'CA',
992
- generate_cert_locality: 'Mountain View',
993
- generate_cert_common_name: 'myserver.testing.fluentd.org',
994
- generate_cert_expiration: 10 * 365 * 86400,
995
- generate_cert_digest: :sha256,
996
- }
997
-
998
- received = ""
999
- @d.server_create_tls(:s, @port, tls_options: tls_options) do |data, conn|
1000
- received << data
1001
- end
1002
- assert_raise "" do
1003
- open_tls_session('127.0.0.1', @port) do |sock|
1004
- sock.post_connection_check('myserver.testing.fluentd.org')
1005
- # cannot connect ....
1006
- end
1007
- end
1008
- open_tls_session('127.0.0.1', @port, verify: false) do |sock|
1009
- sock.puts "yay"
1010
- sock.puts "foo"
1011
- end
1012
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1013
- assert_equal "yay\nfoo\n", received
1014
- end
1015
-
1016
- data('with passphrase' => 'yaaaaaaaaaaaaaaaaaaay',
1017
- 'without passphrase' => nil)
1018
- test 'load self-signed cert/key pair (files), verified from clients using cert files' do |private_key_passphrase|
1019
- cert_path = File.join(@server_cert_dir, "cert.pem")
1020
- private_key_path = File.join(@certs_dir, "server.key.pem")
1021
- cert = create_server_pair_signed_by_self(cert_path, private_key_path, private_key_passphrase)
1022
-
1023
- assert_certificate(cert,[
1024
- ['basicConstraints', 'CA:FALSE'],
1025
- ['nsCertType', 'SSL Server']
1026
- ])
1027
-
1028
- tls_options = {
1029
- protocol: :tls,
1030
- version: :'TLSv1_2',
1031
- ciphers: 'ALL:!aNULL:!eNULL:!SSLv2',
1032
- insecure: false,
1033
- cert_path: cert_path,
1034
- private_key_path: private_key_path,
1035
- }
1036
- tls_options[:private_key_passphrase] = private_key_passphrase if private_key_passphrase
1037
- received = ""
1038
- @d.server_create_tls(:s, @port, tls_options: tls_options) do |data, conn|
1039
- received << data
1040
- end
1041
- assert_raise "" do
1042
- open_tls_session('127.0.0.1', @port) do |sock|
1043
- sock.post_connection_check('server.testing.fluentd.org')
1044
- # cannot connect by failing verification without server cert
1045
- end
1046
- end
1047
- open_tls_session('127.0.0.1', @port, cert_path: cert_path) do |sock|
1048
- sock.puts "yay"
1049
- sock.puts "foo"
1050
- end
1051
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1052
- assert_equal "yay\nfoo\n", received
1053
- end
1054
-
1055
- data('with passphrase' => "fooooooooooooooooooooooooo",
1056
- 'without passphrase' => nil)
1057
- test 'create dynamic server cert by private CA cert file, verified from clients using CA cert file' do |ca_key_passphrase|
1058
- ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
1059
- ca_key_path = File.join(@certs_dir, "ca.key.pem")
1060
- create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
1061
-
1062
- tls_options = {
1063
- protocol: :tls,
1064
- version: :'TLSv1_2',
1065
- ciphers: 'ALL:!aNULL:!eNULL:!SSLv2',
1066
- insecure: false,
1067
- ca_cert_path: ca_cert_path,
1068
- ca_private_key_path: ca_key_path,
1069
- generate_private_key_length: 2048,
1070
- }
1071
- tls_options[:ca_private_key_passphrase] = ca_key_passphrase if ca_key_passphrase
1072
- received = ""
1073
- @d.server_create_tls(:s, @port, tls_options: tls_options) do |data, conn|
1074
- received << data
1075
- end
1076
- open_tls_session('127.0.0.1', @port, cert_path: ca_cert_path) do |sock|
1077
- sock.puts "yay"
1078
- sock.puts "foo"
1079
- end
1080
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1081
- assert_equal "yay\nfoo\n", received
1082
- end
1083
-
1084
- data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
1085
- 'without passphrase' => [nil, nil])
1086
- test 'load static server cert by private CA cert file, verified from clients using CA cert file' do |(ca_key_passphrase, private_key_passphrase)|
1087
- ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
1088
- ca_key_path = File.join(@certs_dir, "ca.key.pem")
1089
- create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
1090
-
1091
- cert_path = File.join(@server_cert_dir, "cert.pem")
1092
- private_key_path = File.join(@certs_dir, "server.key.pem")
1093
- cert = create_server_pair_signed_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
1094
-
1095
- assert_certificate(cert,[
1096
- ['basicConstraints', 'CA:FALSE'],
1097
- ['nsCertType', 'SSL Server'],
1098
- ['keyUsage', 'Digital Signature, Key Encipherment'],
1099
- ['extendedKeyUsage', 'TLS Web Server Authentication']
1100
- ])
1101
-
1102
- tls_options = {
1103
- protocol: :tls,
1104
- version: :'TLSv1_2',
1105
- ciphers: 'ALL:!aNULL:!eNULL:!SSLv2',
1106
- insecure: false,
1107
- cert_path: cert_path,
1108
- private_key_path: private_key_path,
1109
- }
1110
- tls_options[:private_key_passphrase] = private_key_passphrase if private_key_passphrase
1111
- received = ""
1112
- @d.server_create_tls(:s, @port, tls_options: tls_options) do |data, conn|
1113
- received << data
1114
- end
1115
- open_tls_session('127.0.0.1', @port, cert_path: ca_cert_path) do |sock|
1116
- sock.puts "yay"
1117
- sock.puts "foo"
1118
- end
1119
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1120
- assert_equal "yay\nfoo\n", received
1121
- end
1122
-
1123
- data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
1124
- 'without passphrase' => [nil, nil])
1125
- test 'load chained server cert by private CA cert file, verified from clients using CA cert file as root' do |(ca_key_passphrase, private_key_passphrase)|
1126
- ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
1127
- ca_key_path = File.join(@certs_dir, "ca.key.pem")
1128
- cert_path = File.join(@server_cert_dir, "cert.pem")
1129
- private_key_path = File.join(@certs_dir, "server.key.pem")
1130
- create_server_pair_chained_with_root_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
1131
-
1132
- tls_options = {
1133
- protocol: :tls,
1134
- version: :'TLSv1_2',
1135
- ciphers: 'ALL:!aNULL:!eNULL:!SSLv2',
1136
- insecure: false,
1137
- cert_path: cert_path,
1138
- private_key_path: private_key_path,
1139
- }
1140
- tls_options[:private_key_passphrase] = private_key_passphrase if private_key_passphrase
1141
- received = ""
1142
- @d.server_create_tls(:s, @port, tls_options: tls_options) do |data, conn|
1143
- received << data
1144
- end
1145
- open_tls_session('127.0.0.1', @port, cert_path: ca_cert_path) do |sock|
1146
- sock.puts "yay"
1147
- sock.puts "foo"
1148
- end
1149
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1150
- assert_equal "yay\nfoo\n", received
1151
- end
1152
- end
1153
-
1154
- sub_test_case 'using configurations to specify cert options' do
1155
- test 'create dynamic self-signed cert/key pair (without any verification from clients)' do
1156
- # insecure
1157
- transport_opts = {
1158
- 'insecure' => 'true',
1159
- }
1160
- transport_conf = config_element('transport', 'tls', transport_opts)
1161
- conf = config_element('match', 'tag.*', {}, [transport_conf])
1162
-
1163
- @d.configure(conf); @d.start; @d.after_start
1164
-
1165
- received = ""
1166
- @d.server_create_tls(:s, @port) do |data, conn|
1167
- received << data
1168
- end
1169
- assert_raise "" do
1170
- open_tls_session('127.0.0.1', @port) do |sock|
1171
- sock.post_connection_check('myserver.testing.fluentd.org')
1172
- # cannot connect ....
1173
- end
1174
- end
1175
- open_tls_session('127.0.0.1', @port, verify: false) do |sock|
1176
- sock.puts "yay"
1177
- sock.puts "foo"
1178
- end
1179
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1180
- assert_equal "yay\nfoo\n", received
1181
- end
1182
-
1183
- data('with passphrase' => "yaaaaaaaaaaaaaaaaaaay",
1184
- 'without passphrase' => nil)
1185
- test 'load self-signed cert/key pair (files), verified from clients using cert files' do |private_key_passphrase|
1186
- cert_path = File.join(@server_cert_dir, "cert.pem")
1187
- private_key_path = File.join(@certs_dir, "server.key.pem")
1188
- create_server_pair_signed_by_self(cert_path, private_key_path, private_key_passphrase)
1189
-
1190
- transport_opts = {
1191
- 'cert_path' => cert_path,
1192
- 'private_key_path' => private_key_path,
1193
- }
1194
- transport_opts['private_key_passphrase'] = private_key_passphrase if private_key_passphrase
1195
- transport_conf = config_element('transport', 'tls', transport_opts)
1196
- conf = config_element('match', 'tag.*', {}, [transport_conf])
1197
-
1198
- @d.configure(conf); @d.start; @d.after_start
1199
-
1200
- received = ""
1201
- @d.server_create_tls(:s, @port) do |data, conn|
1202
- received << data
1203
- end
1204
- assert_raise "" do
1205
- open_tls_session('127.0.0.1', @port) do |sock|
1206
- sock.post_connection_check('server.testing.fluentd.org')
1207
- # cannot connect by failing verification without server cert
1208
- end
1209
- end
1210
- open_tls_session('127.0.0.1', @port, cert_path: cert_path) do |sock|
1211
- sock.puts "yay"
1212
- sock.puts "foo"
1213
- end
1214
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1215
- assert_equal "yay\nfoo\n", received
1216
- end
1217
-
1218
- data('with passphrase' => "fooooooooooooooooooooooooo",
1219
- 'without passphrase' => nil)
1220
- test 'create dynamic server cert by private CA cert file, verified from clients using CA cert file' do |ca_key_passphrase|
1221
- ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
1222
- ca_key_path = File.join(@certs_dir, "ca.key.pem")
1223
- create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
1224
-
1225
- transport_opts = {
1226
- 'ca_cert_path' => ca_cert_path,
1227
- 'ca_private_key_path' => ca_key_path,
1228
- }
1229
- transport_opts['ca_private_key_passphrase'] = ca_key_passphrase if ca_key_passphrase
1230
- transport_conf = config_element('transport', 'tls', transport_opts)
1231
- conf = config_element('match', 'tag.*', {}, [transport_conf])
1232
-
1233
- @d.configure(conf); @d.start; @d.after_start
1234
-
1235
- received = ""
1236
- @d.server_create_tls(:s, @port) do |data, conn|
1237
- received << data
1238
- end
1239
- open_tls_session('127.0.0.1', @port, cert_path: ca_cert_path) do |sock|
1240
- sock.puts "yay"
1241
- sock.puts "foo"
1242
- end
1243
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1244
- assert_equal "yay\nfoo\n", received
1245
- end
1246
-
1247
- data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
1248
- 'without passphrase' => [nil, nil])
1249
- test 'load static server cert by private CA cert file, verified from clients using CA cert file' do |(ca_key_passphrase, private_key_passphrase)|
1250
- ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
1251
- ca_key_path = File.join(@certs_dir, "ca.key.pem")
1252
- create_ca_pair_signed_by_self(ca_cert_path, ca_key_path, ca_key_passphrase)
1253
-
1254
- cert_path = File.join(@server_cert_dir, "cert.pem")
1255
- private_key_path = File.join(@certs_dir, "server.key.pem")
1256
- create_server_pair_signed_by_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
1257
-
1258
- transport_opts = {
1259
- 'cert_path' => cert_path,
1260
- 'private_key_path' => private_key_path,
1261
- }
1262
- transport_opts['private_key_passphrase'] = private_key_passphrase if private_key_passphrase
1263
- transport_conf = config_element('transport', 'tls', transport_opts)
1264
- conf = config_element('match', 'tag.*', {}, [transport_conf])
1265
-
1266
- @d.configure(conf); @d.start; @d.after_start
1267
-
1268
- received = ""
1269
- @d.server_create_tls(:s, @port) do |data, conn|
1270
- received << data
1271
- end
1272
- open_tls_session('127.0.0.1', @port, cert_path: ca_cert_path) do |sock|
1273
- sock.puts "yay"
1274
- sock.puts "foo"
1275
- end
1276
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1277
- assert_equal "yay\nfoo\n", received
1278
- end
1279
-
1280
- data('with passphrase' => ["foooooooo", "yaaaaaaaaaaaaaaaaaaay"],
1281
- 'without passphrase' => [nil, nil])
1282
- test 'load chained server cert by private CA cert file, verified from clients using CA cert file as root' do |(ca_key_passphrase, private_key_passphrase)|
1283
- ca_cert_path = File.join(@certs_dir, "ca_cert.pem")
1284
- ca_key_path = File.join(@certs_dir, "ca.key.pem")
1285
- cert_path = File.join(@server_cert_dir, "cert.pem")
1286
- private_key_path = File.join(@certs_dir, "server.key.pem")
1287
- create_server_pair_chained_with_root_ca(ca_cert_path, ca_key_path, ca_key_passphrase, cert_path, private_key_path, private_key_passphrase)
1288
-
1289
- transport_opts = {
1290
- 'cert_path' => cert_path,
1291
- 'private_key_path' => private_key_path,
1292
- }
1293
- transport_opts['private_key_passphrase'] = private_key_passphrase if private_key_passphrase
1294
- transport_conf = config_element('transport', 'tls', transport_opts)
1295
- conf = config_element('match', 'tag.*', {}, [transport_conf])
1296
-
1297
- @d.configure(conf); @d.start; @d.after_start
1298
-
1299
- received = ""
1300
- @d.server_create_tls(:s, @port) do |data, conn|
1301
- received << data
1302
- end
1303
- open_tls_session('127.0.0.1', @port, cert_path: ca_cert_path) do |sock|
1304
- sock.puts "yay"
1305
- sock.puts "foo"
1306
- end
1307
- waiting(10){ sleep 0.1 until received.bytesize == 8 }
1308
- assert_equal "yay\nfoo\n", received
1309
- end
1310
-
1311
- test 'set ciphers' do
1312
- cert_path = File.join(@server_cert_dir, "cert.pem")
1313
- private_key_path = File.join(@certs_dir, "server.key.pem")
1314
- create_server_pair_signed_by_self(cert_path, private_key_path, nil)
1315
- tls_options = {
1316
- protocol: :tls,
1317
- version: :TLSv1_2,
1318
- ciphers: 'SHA256',
1319
- insecure: false,
1320
- cert_path: cert_path,
1321
- private_key_path: private_key_path,
1322
- }
1323
- conf = @d.server_create_transport_section_object(tls_options)
1324
- ctx = @d.cert_option_create_context(conf.version, conf.insecure, conf.ciphers, conf)
1325
- matched = false
1326
- ctx.ciphers.each do |cipher|
1327
- cipher_name, tls_version = cipher
1328
- # OpenSSL 1.0.2: "TLSv1/SSLv3"
1329
- # OpenSSL 1.1.1: "TLSv1.2"
1330
- if tls_version == "TLSv1/SSLv3" || tls_version == "TLSv1.2"
1331
- matched = true
1332
- unless cipher_name.match?(/#{conf.ciphers}/)
1333
- matched = false
1334
- break
1335
- end
1336
- end
1337
- end
1338
-
1339
- error_msg = build_message("Unexpected ciphers for #{conf.version}",
1340
- "<?>\nwas expected to include only <?> ciphers for #{conf.version}",
1341
- ctx.ciphers, conf.ciphers)
1342
- assert(matched, error_msg)
1343
- end
1344
- end
1345
- end
1346
-
1347
- sub_test_case '#server_create_tls' do
1348
- setup do
1349
- @certs_dir = File.join(TMP_DIR, "tls_certs")
1350
- FileUtils.rm_rf @certs_dir
1351
- FileUtils.mkdir_p @certs_dir
1352
-
1353
- @server_cert_dir = File.join(@certs_dir, "server")
1354
- FileUtils.mkdir_p @server_cert_dir
1355
-
1356
- @cert_path = File.join(@server_cert_dir, "cert.pem")
1357
- private_key_path = File.join(@certs_dir, "server.key.pem")
1358
- private_key_passphrase = "yaaaaaaaaaaaaaaaaaaay"
1359
- create_server_pair_signed_by_self(@cert_path, private_key_path, private_key_passphrase)
1360
-
1361
- @default_hostname = ::Socket.gethostname
1362
-
1363
- @tls_options = {
1364
- protocol: :tls,
1365
- version: :'TLSv1_2',
1366
- ciphers: 'ALL:!aNULL:!eNULL:!SSLv2',
1367
- insecure: false,
1368
- cert_path: @cert_path,
1369
- private_key_path: private_key_path,
1370
- private_key_passphrase: private_key_passphrase,
1371
- }
1372
- end
1373
-
1374
- test 'can accept all keyword arguments valid for tcp/tls server' do
1375
- assert_nothing_raised do
1376
- @d.server_create_tls(:s, @port, bind: '127.0.0.1', shared: false, resolve_name: true, linger_timeout: 10, backlog: 500, tls_options: @tls_options, send_keepalive_packet: true) do |data, conn|
1377
- # ...
1378
- end
1379
- end
1380
- end
1381
-
1382
- test 'creates a tls server just to read data' do
1383
- received = ""
1384
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1385
- received << data
1386
- end
1387
- 3.times do
1388
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1389
- sock.puts "yay"
1390
- sock.puts "foo"
1391
- end
1392
- end
1393
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
1394
- assert_equal 3, received.scan("yay\n").size
1395
- assert_equal 3, received.scan("foo\n").size
1396
- end
1397
-
1398
- test 'creates a tls server to read and write data' do
1399
- received = ""
1400
- responses = []
1401
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1402
- received << data
1403
- conn.write "ack\n"
1404
- end
1405
- 3.times do
1406
- # open_tls_session('127.0.0.1', @port, cert_path: @cert_path, hostname: @default_hostname) do |sock|
1407
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1408
- sock.puts "yay"
1409
- sock.puts "foo"
1410
- responses << sock.readline
1411
- end
1412
- end
1413
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
1414
- assert_equal 3, received.scan("yay\n").size
1415
- assert_equal 3, received.scan("foo\n").size
1416
- assert_equal ["ack\n","ack\n","ack\n"], responses
1417
- end
1418
-
1419
- test 'creates a tls server to read and write data using IPv6' do
1420
- omit "IPv6 unavailable here" unless ipv6_enabled?
1421
-
1422
- received = ""
1423
- responses = []
1424
- @d.server_create_tls(:s, @port, bind: "::1", tls_options: @tls_options) do |data, conn|
1425
- received << data
1426
- conn.write "ack\n"
1427
- end
1428
- 3.times do
1429
- # open_tls_session('::1', @port, cert_path: @cert_path, hostname: @default_hostname) do |sock|
1430
- open_tls_session('::1', @port, cert_path: @cert_path) do |sock|
1431
- sock.puts "yay"
1432
- sock.puts "foo"
1433
- responses << sock.readline
1434
- end
1435
- end
1436
- waiting(10){ sleep 0.1 until received.bytesize == 24 }
1437
- assert_equal 3, received.scan("yay\n").size
1438
- assert_equal 3, received.scan("foo\n").size
1439
- assert_equal ["ack\n","ack\n","ack\n"], responses
1440
- end
1441
-
1442
- test 'does not resolve name of client address in default' do
1443
- received = ""
1444
- sources = []
1445
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1446
- received << data
1447
- sources << conn.remote_host
1448
- end
1449
- 3.times do
1450
- # open_tls_session('127.0.0.1', @port, cert_path: @cert_path, hostname: @default_hostname) do |sock|
1451
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1452
- sock.puts "yay"
1453
- end
1454
- end
1455
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
1456
- assert_equal 3, received.scan("yay\n").size
1457
- assert{ sources.all?{|s| s == "127.0.0.1" } }
1458
- end
1459
-
1460
- test 'does resolve name of client address if resolve_name is true' do
1461
- hostname = Socket.getnameinfo([nil, nil, nil, "127.0.0.1"])[0]
1462
-
1463
- received = ""
1464
- sources = []
1465
- @d.server_create_tls(:s, @port, resolve_name: true, tls_options: @tls_options) do |data, conn|
1466
- received << data
1467
- sources << conn.remote_host
1468
- end
1469
- 3.times do
1470
- # open_tls_session('127.0.0.1', @port, cert_path: @cert_path, hostname: @default_hostname) do |sock|
1471
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1472
- sock.puts "yay"
1473
- end
1474
- end
1475
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
1476
- assert_equal 3, received.scan("yay\n").size
1477
- assert{ sources.all?{|s| s == hostname } }
1478
- end
1479
-
1480
- test 'can keep connections alive for tls if keepalive specified' do
1481
- # pend "not implemented yet"
1482
- end
1483
-
1484
- test 'raises error if plugin registers data callback for connection object from #server_create' do
1485
- received = ""
1486
- errors = []
1487
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1488
- received << data
1489
- begin
1490
- conn.data{|d| received << d.upcase }
1491
- rescue => e
1492
- errors << e
1493
- end
1494
- end
1495
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1496
- sock.puts "foo"
1497
- end
1498
- waiting(10){ sleep 0.1 until received.bytesize == 4 || errors.size == 1 }
1499
- assert_equal "foo\n", received
1500
- assert_equal 1, errors.size
1501
- assert_equal "data callback can be registered just once, but registered twice", errors.first.message
1502
- end
1503
-
1504
- test 'can call write_complete callback if registered' do
1505
- buffer = ""
1506
- lines = []
1507
- responses = []
1508
- response_completes = []
1509
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1510
- conn.on(:write_complete){|c| response_completes << true }
1511
- buffer << data
1512
- if idx = buffer.index("\n")
1513
- lines << buffer.slice!(0,idx+1)
1514
- conn.write "ack\n"
1515
- end
1516
- end
1517
- 3.times do
1518
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1519
- sock.write "yay"
1520
- sock.write "foo\n"
1521
- begin
1522
- responses << sock.readline
1523
- rescue EOFError, IOError, Errno::ECONNRESET
1524
- # ignore
1525
- end
1526
- sock.close
1527
- end
1528
- end
1529
- waiting(10){ sleep 0.1 until lines.size == 3 && response_completes.size == 3 }
1530
- assert_equal ["yayfoo\n", "yayfoo\n", "yayfoo\n"], lines
1531
- assert_equal ["ack\n","ack\n","ack\n"], responses
1532
- assert_equal [true, true, true], response_completes
1533
- end
1534
-
1535
- test 'can call close callback if registered' do
1536
- buffer = ""
1537
- lines = []
1538
- callback_results = []
1539
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1540
- conn.on(:close){|c| callback_results << "closed" }
1541
- buffer << data
1542
- if idx = buffer.index("\n")
1543
- lines << buffer.slice!(0,idx+1)
1544
- conn.write "ack\n"
1545
- end
1546
- end
1547
- 3.times do
1548
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path) do |sock|
1549
- sock.write "yay"
1550
- sock.write "foo\n"
1551
- begin
1552
- while line = sock.readline
1553
- if line == "ack\n"
1554
- sock.close
1555
- end
1556
- end
1557
- rescue EOFError, IOError, Errno::ECONNRESET
1558
- # ignore
1559
- end
1560
- end
1561
- end
1562
- waiting(10){ sleep 0.1 until lines.size == 3 && callback_results.size == 3 }
1563
- assert_equal ["yayfoo\n", "yayfoo\n", "yayfoo\n"], lines
1564
- assert_equal ["closed", "closed", "closed"], callback_results
1565
- end
1566
-
1567
- sub_test_case 'TLS version connection check' do
1568
- test "can't connect with different TLS version" do
1569
- @d.server_create_tls(:s, @port, tls_options: @tls_options) do |data, conn|
1570
- end
1571
- if defined?(OpenSSL::SSL::TLS1_3_VERSION)
1572
- version = :'TLS1_3'
1573
- else
1574
- version = :'TLS1_1'
1575
- end
1576
- assert_raise(OpenSSL::SSL::SSLError, Errno::ECONNRESET) {
1577
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path, version: version) do |sock|
1578
- end
1579
- }
1580
- end
1581
-
1582
- test "can specify multiple TLS versions by min_version/max_version" do
1583
- omit "min_version=/max_version= is not supported" unless Fluent::TLS::MIN_MAX_AVAILABLE
1584
-
1585
- min_version = :'TLS1_2'
1586
- if defined?(OpenSSL::SSL::TLS1_3_VERSION)
1587
- max_version = :'TLS1_3'
1588
- else
1589
- max_version = :'TLS1_2'
1590
- end
1591
-
1592
- opts = @tls_options.merge(min_version: min_version, max_version: max_version)
1593
- @d.server_create_tls(:s, @port, tls_options: opts) do |data, conn|
1594
- end
1595
- assert_raise(OpenSSL::SSL::SSLError, Errno::ECONNRESET) {
1596
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path, version: :'TLS1') do |sock|
1597
- end
1598
- }
1599
- [min_version, max_version].each { |ver|
1600
- assert_nothing_raised {
1601
- open_tls_session('127.0.0.1', @port, cert_path: @cert_path, version: ver) do |sock|
1602
- end
1603
- }
1604
- }
1605
- end
1606
- end
1607
- end
1608
-
1609
- sub_test_case '#server_create_unix' do
1610
- # not implemented yet
1611
-
1612
- # test 'can accept all keyword arguments valid for unix server'
1613
- # test 'creates a unix server just to read data'
1614
- # test 'creates a unix server to read and write data'
1615
-
1616
- # test 'raises error if plugin registers data callback for connection object from #server_create'
1617
- # test 'can call write_complete callback if registered'
1618
- # test 'can call close callback if registered'
1619
- end
1620
-
1621
- def open_client(proto, addr, port)
1622
- client = case proto
1623
- when :udp
1624
- c = UDPSocket.open
1625
- c.connect(addr, port)
1626
- c
1627
- when :tcp
1628
- TCPSocket.open(addr, port)
1629
- when :tls
1630
- c = OpenSSL::SSL::SSLSocket.new(TCPSocket.open(addr, port))
1631
- c.sync_close = true
1632
- c.connect
1633
- else
1634
- raise ArgumentError, "unknown proto:#{proto}"
1635
- end
1636
- yield client
1637
- ensure
1638
- client.close rescue nil
1639
- end
1640
-
1641
- # run tests for tcp, tls and unix
1642
- sub_test_case '#server_create_connection' do
1643
- test 'raise error if udp is specified in proto' do
1644
- assert_raise(ArgumentError.new("BUG: cannot create connection for UDP")) do
1645
- @d.server_create_connection(:myserver, @port, proto: :udp){|c| c }
1646
- end
1647
- end
1648
-
1649
- # def server_create_connection(title, port, proto: :tcp, bind: '0.0.0.0', shared: true, tls_options: nil, resolve_name: false, linger_timeout: 0, backlog: nil, &block)
1650
- protocols = {
1651
- 'tcp' => [:tcp, {}],
1652
- 'tls' => [:tls, {tls_options: {insecure: true}}],
1653
- # 'unix' => [:unix, {path: ""}],
1654
- }
1655
-
1656
- data(protocols)
1657
- test 'raise error if block argument is not specified or too many' do |(proto, kwargs)|
1658
- empty_block = ->(){}
1659
- assert_raise(ArgumentError.new("BUG: block must have just one argument")) do
1660
- @d.server_create_connection(:myserver, @port, proto: proto, **kwargs, &empty_block)
1661
- end
1662
- assert_raise(ArgumentError.new("BUG: block must have just one argument")) do
1663
- @d.server_create_connection(:myserver, @port, proto: proto, **kwargs){|conn, what_is_this| [conn, what_is_this] }
1664
- end
1665
- end
1666
-
1667
- data(protocols)
1668
- test 'does not resolve name of client address in default' do |(proto, kwargs)|
1669
- received = ""
1670
- sources = []
1671
- @d.server_create_connection(:s, @port, proto: proto, **kwargs) do |conn|
1672
- sources << conn.remote_host
1673
- conn.data do |d|
1674
- received << d
1675
- end
1676
- end
1677
- 3.times do
1678
- open_client(proto, "127.0.0.1", @port) do |sock|
1679
- sock.puts "yay"
1680
- end
1681
- end
1682
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
1683
- assert_equal "yay\nyay\nyay\n", received
1684
- assert{ sources.all?{|s| s == "127.0.0.1" } }
1685
- end
1686
-
1687
- data(protocols)
1688
- test 'does resolve name of client address if resolve_name is true' do |(proto, kwargs)|
1689
- hostname = Socket.getnameinfo([nil, nil, nil, "127.0.0.1"])[0]
1690
-
1691
- received = ""
1692
- sources = []
1693
- @d.server_create_connection(:s, @port, proto: proto, resolve_name: true, **kwargs) do |conn|
1694
- sources << conn.remote_host
1695
- conn.data do |d|
1696
- received << d
1697
- end
1698
- end
1699
- 3.times do
1700
- open_client(proto, "127.0.0.1", @port) do |sock|
1701
- sock.puts "yay"
1702
- end
1703
- end
1704
- waiting(10){ sleep 0.1 until received.bytesize == 12 }
1705
- assert_equal "yay\nyay\nyay\n", received
1706
- assert{ sources.all?{|s| s == hostname } }
1707
- end
1708
-
1709
- data(protocols)
1710
- test 'creates a server to provide connection, which can read, write and close' do |(proto, kwargs)|
1711
- lines = []
1712
- buffer = ""
1713
- @d.server_create_connection(:s, @port, proto: proto, **kwargs) do |conn|
1714
- conn.data do |d|
1715
- buffer << d
1716
- if buffer == "x"
1717
- buffer.slice!(0, 1)
1718
- conn.close
1719
- end
1720
- if idx = buffer.index("\n")
1721
- lines << buffer.slice!(0, idx + 1)
1722
- conn.write "foo!\n"
1723
- end
1724
- end
1725
- end
1726
- replied = []
1727
- disconnecteds = []
1728
- 3.times do |i|
1729
- open_client(proto, "127.0.0.1", @port) do |sock|
1730
- sock.puts "yay"
1731
- while line = sock.readline
1732
- replied << line
1733
- break
1734
- end
1735
- sock.write "x"
1736
- connection_closed = false
1737
- begin
1738
- data = sock.read
1739
- if data.empty?
1740
- connection_closed = true
1741
- end
1742
- rescue => e
1743
- if e.is_a?(Errno::ECONNRESET)
1744
- connection_closed = true
1745
- end
1746
- ensure
1747
- disconnecteds << connection_closed
1748
- end
1749
- end
1750
- end
1751
- waiting(10){ sleep 0.1 until lines.size == 3 }
1752
- waiting(10){ sleep 0.1 until replied.size == 3 }
1753
- waiting(10){ sleep 0.1 until disconnecteds.size == 3 }
1754
- assert_equal ["yay\n", "yay\n", "yay\n"], lines
1755
- assert_equal ["foo!\n", "foo!\n", "foo!\n"], replied
1756
- assert_equal [true, true, true], disconnecteds
1757
- end
1758
-
1759
- data(protocols)
1760
- test 'creates a server to provide connection, which accepts callbacks for data, write_complete, and close' do |(proto, kwargs)|
1761
- lines = []
1762
- buffer = ""
1763
- written = 0
1764
- closed = 0
1765
- @d.server_create_connection(:s, @port, proto: proto, **kwargs) do |conn|
1766
- conn.on(:write_complete){|_conn| written += 1 }
1767
- conn.on(:close){|_conn| closed += 1 }
1768
- conn.on(:data) do |d|
1769
- buffer << d
1770
- if idx = buffer.index("\n")
1771
- lines << buffer.slice!(0, idx + 1)
1772
- conn.write "foo!\n"
1773
- end
1774
- end
1775
- end
1776
- replied = []
1777
- 3.times do
1778
- open_client(proto, "127.0.0.1", @port) do |sock|
1779
- sock.puts "yay"
1780
- while line = sock.readline
1781
- replied << line
1782
- break
1783
- end
1784
- end # TCP socket is closed here
1785
- end
1786
- waiting(10){ sleep 0.1 until lines.size == 3 }
1787
- waiting(10){ sleep 0.1 until replied.size == 3 }
1788
- waiting(10){ sleep 0.1 until closed == 3 }
1789
- assert_equal ["yay\n", "yay\n", "yay\n"], lines
1790
- assert_equal 3, written
1791
- assert_equal 3, closed
1792
- assert_equal ["foo!\n", "foo!\n", "foo!\n"], replied
1793
- end
1794
-
1795
- data(protocols)
1796
- test 'creates a server, and does not leak connections' do |(proto, kwargs)|
1797
- buffer = ""
1798
- closed = 0
1799
- @d.server_create_connection(:s, @port, proto: proto, **kwargs) do |conn|
1800
- conn.on(:close){|_c| closed += 1 }
1801
- conn.on(:data) do |d|
1802
- buffer << d
1803
- end
1804
- end
1805
- 3.times do
1806
- open_client(proto, "127.0.0.1", @port) do |sock|
1807
- sock.puts "yay"
1808
- end
1809
- end
1810
- waiting(10){ sleep 0.1 until buffer.bytesize == 12 }
1811
- waiting(10){ sleep 0.1 until closed == 3 }
1812
- assert_equal 0, @d.instance_eval{ @_server_connections.size }
1813
- end
1814
-
1815
- data(protocols)
1816
- test 'will refuse more connect requests after stop, but read data from sockets already connected, in non-shared server' do |(proto, kwargs)|
1817
- connected = false
1818
- begin
1819
- open_client(proto, "127.0.0.1", @port) do |sock|
1820
- # expected behavior is connection refused...
1821
- connected = true
1822
- end
1823
- rescue
1824
- end
1825
-
1826
- assert_false connected
1827
-
1828
- received = ""
1829
- @d.server_create_connection(:s, @port, proto: proto, shared: false, **kwargs) do |conn|
1830
- conn.on(:data) do |data|
1831
- received << data
1832
- conn.write "ack\n"
1833
- end
1834
- end
1835
-
1836
- th0 = Thread.new do
1837
- open_client(proto, "127.0.0.1", @port) do |sock|
1838
- sock.puts "yay"
1839
- sock.readline
1840
- end
1841
- end
1842
-
1843
- value0 = waiting(5){ th0.value }
1844
- assert_equal "ack\n", value0
1845
-
1846
- stopped = false
1847
- sleeping = false
1848
- ending = false
1849
-
1850
- th1 = Thread.new do
1851
- open_client(proto, "127.0.0.1", @port) do |sock|
1852
- sleeping = true
1853
- sleep 0.1 until stopped
1854
- sock.puts "yay"
1855
- res = sock.readline
1856
- ending = true
1857
- res
1858
- end
1859
- end
1860
-
1861
- sleep 0.1 until sleeping
1862
-
1863
- @d.stop
1864
- assert @d.stopped?
1865
- stopped = true
1866
-
1867
- sleep 0.1 until ending
1868
-
1869
- @d.before_shutdown
1870
- @d.shutdown
1871
-
1872
- th2 = Thread.new do
1873
- begin
1874
- open_client(proto, "127.0.0.1", @port) do |sock|
1875
- sock.puts "foo"
1876
- end
1877
- false # failed
1878
- rescue
1879
- true # success
1880
- end
1881
- end
1882
-
1883
- value1 = waiting(5){ th1.value }
1884
- value2 = waiting(5){ th2.value }
1885
-
1886
- assert_equal "yay\nyay\n", received
1887
- assert_equal "ack\n", value1
1888
- assert value2, "should be truthy value to show connection was correctly refused"
1889
- end
1890
-
1891
- test 'can keep connections alive for tcp/tls if keepalive specified' do
1892
- # pend "not implemented yet"
1893
- end
1894
- end
1895
- end