RubyGems - logstash-input-http - Versions diffs - 3.4.5-java → 3.6.0-java - Mend

logstash-input-http 3.4.5-java → 3.6.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +9 -0
data/VERSION +1 -1
data/docs/index.asciidoc +47 -14
data/lib/logstash/inputs/http/tls.rb +2 -1
data/lib/logstash/inputs/http.rb +62 -29
data/lib/logstash-input-http_jars.rb +1 -1
data/logstash-input-http.gemspec +1 -1
data/spec/fixtures/certs/generate.sh +40 -0
data/spec/fixtures/certs/generated/README.txt +2 -0
data/spec/fixtures/certs/generated/client_from_root.crt +35 -0
data/spec/fixtures/certs/generated/client_from_root.jks +0 -0
data/spec/fixtures/certs/generated/client_from_root.key +51 -0
data/spec/fixtures/certs/generated/client_from_root.key.pkcs8 +52 -0
data/spec/fixtures/certs/generated/client_from_root.p12 +0 -0
data/spec/fixtures/certs/generated/root.crt +32 -0
data/spec/fixtures/certs/generated/root.key +51 -0
data/spec/fixtures/certs/generated/root.key.pkcs8 +52 -0
data/spec/fixtures/certs/generated/server_from_root.crt +37 -0
data/spec/fixtures/certs/generated/server_from_root.key +51 -0
data/spec/fixtures/certs/generated/server_from_root.key.pkcs8 +52 -0
data/spec/fixtures/certs/openssl.cnf +47 -0
data/spec/inputs/http_spec.rb +243 -29
data/vendor/jar-dependencies/org/logstash/plugins/input/http/logstash-input-http/{3.4.5/logstash-input-http-3.4.5.jar → 3.6.0/logstash-input-http-3.6.0.jar} +0 -0
metadata +31 -3

data/spec/fixtures/certs/generated/root.key.pkcs8 ADDED Viewed

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCwVfl113eqoUSL
+cw0Xrp1H0UoRLrQoo4h88HtspnJwuTok2PiEIbhUebufzK0nF2ZybVJYiC0ZJJuS
+qicMCm9VpznJVRNNT/a7gMcF4j0lYdT2Yuxw2yaCZcvCffVIRU0LIUjj2bXa83ib
+uuphfwcm+C3bJ5xWN65F0Txe7mCh8PQ+X0v0peNjkdGHt1LFP3qFV67ssNtxjeVB
+35rmKL/OD8gr9fNHFF5B5A8DXniLpohJZLrVFLw455Fyhx+GS+ZQpaHxfneIhMff
+tflfabXZNO/pzbSHJShKhIboAfM/bXX5cnilIeLBwko/WPtO81M13rX+e3VFUFxt
+Xor2z1MhoV01+PfVtTem0iinkYJUtulfrGvolgaQhV+UhgoOuvmYQkj7pmd/41pR
+arhxKp5jRjz3TEfY6PZjGV7vF2Q9IAk2yAUvAhY8qER+eGZe5krUKBV1gLwwzOpl
+QMerG3+Jrm1Fk6sDGw0wJIQUCu3P3nhQTqyqx8z5Sk5dWPMQBkbJMtUIdFOD/JxJ
+Wb171xkH1VNH9zXJfAzHVpk1cgVruF1VtepceQh0rW6E7Lc+Avbg23Zr06fjkklK
+NaKabScl7uE7LiGhSpV6N2MJURtJB9jI9oRdYDCBhLihDbn33MrdseOzuWgduWZt
+vUzPKWuzTLpFnnF3krwgUm8TZW81MQIDAQABAoICAQCE+qEg1DgDbpCxlTcHaABm
+W5e+s3jbuM/CYNzDSBa/mYAWr6Vih8dptU/gJ8tg0o3It1bFOxS/hFLqXPULaIcj
+kfPLOCRRRn9sUaZFcqLoIQooMNvcE/jLl5b8+l5SfSinvxcn9VPmZXvL/T6p/dDX
++4shXZLRljYPosYjVSN8nKikrNssCTodKadY8NAzvjZYfpKFHq6uyPJeJhG7hnl3
+HYG4XUd0kBCxIhqMUN8ZeaIHrzYSYQu84i1WsD3+2hg7M12YL+ZXBsNwmtwPrzmb
+LwfKSv3ceRIUeDMAng/iAltYnZIL/izyL+IsOZ9zn55d3rFi05nRhtPdCtJDZIBs
+eJYpu0LEIV5LDIyAzTc1neBwUKh+arscqdJjQwi8luliatoZXvKLM1nMyTWoSf0I
+IQyUHIS1zbm0qD74xSHS7cPC0A6ULGP1I8hMy9EqMOvMCpOPsZK6gX8V2uD1BmY4
+J7Tb3Q+48ScICHQ9yD8WMieZ+JjhhjLcU7Gy6Pgp9tqggowzzhBE5iMd6qZ7VEFo
+8dicpmQGk+3sTWTpdwPhPPdHtj3HtPq/ONxjwYNS5c39eGyM9Iv01iGX+8LHyLUI
+IK/B/apFXVxt2/X218YD0qOnwlEdYWgbNcVtLJuEPsKicUoej1JJG89Ss84OqwLa
+f1J2dmpVpe2Af8zPUHTWAQKCAQEA2zgtF7egetTIM3nEnH9ZPgSgo/4Kxsn5xnN8
+TmCljjMcOi9UODIl+TTMsHII/brdsWB0hWufMRS7QMwm/3oCbSA/MASDpnjv+ZgA
+gLMW9RIJ2DySSxEQ5/UQmZEpoCi7fLCxMNKX/0XDH9pb7WFfFusgN5A30xtOVijn
+PIoC3ipfTfkc2Pht19CCRI8+gsa++T1iDshcQNm7LAfMNNOX2Iz8F2cI+/Un+cTe
+iFuU7KKviptGL0/GvDg603Cf0/2TnFsJH1KI2h4LpufGcPlpW+xRfT4rUFBh9BZH
+OFt0y+6hOwoIGRkns2YODBJmC8Eii1Dv7BAx6KlyEGudqXC9kQKCAQEAzevhIMsw
+iihgn2Z4s1z2ByE+uBOJNQQ5xjxezM7mGOvgJnjDjnKgj+eOquYvUvAOZk6cLt79
+Yx9HBqDwF1JGbZHrBfzoXDhFPYZHIkXo+H03HcbBxgQndfqE3IzOd4kuWhznqrzU
+tY+8tN9O1CwuuHgUYfRXZ3nPwiAHo3Jax9t7uMvUg5iGJNZdZqgKxV29wWrMFOB0
+QATo+npV/x5RvQi/xvWU9P1wntJAQ0403N7GrXxgPC3r4GNAjaeefoNuYE2RFXQI
+7YSJG9QlrbFB1IE3p2Pwe73kZFFi2e3SUfXYDK7FtZJ8zk0VZz8nIA0rkVU/qvgA
+1Db/wpLsbB2toQKCAQEAv/Dx2oBXLPU9zYRil7wRQXH/zVbTzLZv0kivoFiS3Gz3
+3CIwlXujMA4A4sUWBkMldPdFTsSqf+jtA5E83BfSJAZGDR8Gvi3JwDpMxmMISM/g
+esqeNMfei5pRTISDc832SvjSTDM4DrTgYfVo4/GLtp9sd/n4RwjzkBEEVkdot2lW
+RQlHLtpmIr5YMPtS+mJWOBh80QCxdb6uWaECNYbGvz7CQyNeBG3k8JZlWfMF9COF
+m9DUpPwuwAJjz1ofNxghtJco55n2ZTRFc4Agii53B5tkxko21n1rJrKS7U92dlCc
+Lvtbl84kqrlCt2MsokIaouzdBU4wxMwIKURwqTkjYQKCAQBPtgRipmT2xiSI76i/
+fbe7ENJvfRh6zlTy+MGVtG17risJmWvRw2uF6RPf8dTV3Rkl3z40IpuheCUNWtU1
+oeKjXX3Fxp3HvPyIkWcNzFQfhJEGVL8DwO3pjH1LxrHRseegeFnxTMFmOurIdTzV
+gvje7ZSuSmBfLNcQhUePrJ+Zh8u/wB9WhX8/2T80ks4AkoX2zjmLx0sY0Q3CkAKk
+C/+GFlHuWXg80bJ7uFWp+CccbJwp4eB6yyfop2MAsqb2wDfEzaHg1Rbzon9Up22i
+a+BYu2BoypX3wI0djCegxp/InEryteDQpZDsZwhm/BpQHOkFjCNmMjRX8aZVknw0
+adShAoIBADUNkzKzD7xW2dtFI/9dPKEuQ5TxUYlDwejx1G/p4+ig/UVvumj4bDcW
+rPEL2ZRh9IStsgE9ul1Dj9JWBXjUrWhvzO0IlMw74MRVLyVS2TwuFNZqVX/FDzJL
+BZuCbZ6m4uCldqZ6FtmPX9EwRYqCxbGptySyJsH+D6rHv5LHYIYXNFBFisYIvkkr
+NPlngDexX5ER4PTviRDMyqwIjW5IQy1/NZMECBnmy8Za6b3GnqpamqsHt1LHSEgm
+YXw13sZKFw+rXf8ilBzkhCo57MZJy5X5/SpTElDK5ORcU5Vw7IhlHugBN/YZMNVE
+4FPPlZqhsT/dPOtTFHF4qPXJbLuz6Jk=
+-----END PRIVATE KEY-----

data/spec/fixtures/certs/generated/server_from_root.crt ADDED Viewed

@@ -0,0 +1,37 @@
+-----BEGIN CERTIFICATE-----
+MIIGaTCCBFGgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJMUzEL
+MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
+YXNoMQ0wCwYDVQQDDARyb290MB4XDTIxMTEyNDEwMjEzMFoXDTI0MTEyNDEwMjEz
+MFowUzELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
+cHV0MREwDwYDVQQKDAhMb2dzdGFzaDEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvP8dBScDm6kfPpG5Rnel24D79UNGQqKx
+4ztSwd4r5VeZzi7odPDC8F8qA5GtNtCpla0uIXSHIZdN2d+RO9XjAKn4qFsmdmFU
+twbN4nyFvJ2XaUH2dHqHBW5RwIC/x3V9d+kxopB7XVN3qq5lguwWheECdpQJqfo5
+gJi7bfkUdheDSzEJm1J350b4dmSIOM2LneXeTtBI9Rcq6nqYgG2tSERj8q4PyZ3R
+nCMHzXnnyykiEJcGCd1CqERwi24CaNjMdetOqZ/7D2z7AvHv1qAflG+NwbKdkCap
+UY2SxKCnDzLvMlSzohVLnAU8If30QrnQP1eo/BbcYZrhhJ6tvMX1svP47LeMkcjw
+UU1JrzTWCBRQaOcv8on6YEAzmOinrQK/NolXgJKYtZgoReYO9umHwoDVmtgy5iR3
+gXfgCFRhD4pf06YvlxllTuVjtVLwgWtSdiP+yummnxrFIvuqDifgXd6oWjZfb110
+MK7BmD6pNkHJRTx08dvo3TDlNZIeCzZcU7HJbneenFfBroheZTMvHQH6nFD47Rt9
+3P46ytkDBhyXsBJ6Ajy7Ms27MZnRpXTKItBSPJnoDpd5gl9804hJyG/VSCxZEmas
+hZa2db52TENYfvTzQ7eUVR5d8Gwn/aDmiCu3ojbBlhu0KfEiJilE9+6T8HM4Zz/A
+kCeEl8N7yF0CAwEAAaOCAUgwggFEMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQD
+AgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2Vy
+dGlmaWNhdGUwHQYDVR0OBBYEFI51atlPwneMhcrthVuKNkH9AbJJMIGOBgNVHSME
+gYYwgYOAFKfXx2/e7RH878sM8LuH7AeVykWooVWkUzBRMQswCQYDVQQGEwJMUzEL
+MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
+YXNoMQ0wCwYDVQQDDARyb290ghRrFonFtN0ltjwuBAMMS6vufjCqhTAOBgNVHQ8B
+Af8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGgYDVR0RBBMwEYIJbG9jYWxo
+b3N0hwR/AAABMA0GCSqGSIb3DQEBCwUAA4ICAQCBmOWRRWKcpIbJdIhUfNj8FRSC
+CWKnChHFw+PW/8+QGBdaSPPJJG3QC79oBJyAZaqifRa3qQEGB2Vo7Di1HRNFdtrG
+2f83s3lLULtrZgTUSxqq0kOmw+NuaOgjb43C84n5im3sJm0GbzgiPfvRPWLZYEZc
+up3ncMFSmKSE3UGpUF65ijOlxoeyZaCAqwmz54ri4GGCsDurY2Nh67yvArgNCsqm
+og39AFgRUT+qYwTUl3GUI8wiQkAPb16yTDgPBroq3zC2KDsy5h154R/CJXMkLK/F
+Oa/wJkFT+vpIj5ttIN12//axCX9HEBG2m7dBD5bNIbVbgqLMoWwDQeeUpYl5J4Z/
+ZMo2Gkm5XEY/cyQhGCUDaLvs3XZlB6vZMO91IzurmO6ho25FKaO8kmUwm2IAiiW7
+aW5dS2uC7unpH17IiF9lb6AYff4wbVPxaqa/ydQgz5jdcidZEzD83dtUH/pSVnP3
+r/Hf3TJIrH2yw8qN/2zHJD5Uxwi+RE426B8cfTQqOieFF7SqsSGZtuh9GYMEiErC
+L3oWsszTviCKS5k6tyh9zZeXl8ABQSUSbHfSYIDdG+zrletrEPM34JuNOUTEZY6Y
+tf7FpJjXZ3V7s6BtikvFiR6fmb+qlluvifUnPn62IF9nI8QNfl2XBXg5x5odTQCt
+PgAX97A6xJeB4AFhXw==
+-----END CERTIFICATE-----

data/spec/fixtures/certs/generated/server_from_root.key ADDED Viewed

@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKAIBAAKCAgEAvP8dBScDm6kfPpG5Rnel24D79UNGQqKx4ztSwd4r5VeZzi7o
+dPDC8F8qA5GtNtCpla0uIXSHIZdN2d+RO9XjAKn4qFsmdmFUtwbN4nyFvJ2XaUH2
+dHqHBW5RwIC/x3V9d+kxopB7XVN3qq5lguwWheECdpQJqfo5gJi7bfkUdheDSzEJ
+m1J350b4dmSIOM2LneXeTtBI9Rcq6nqYgG2tSERj8q4PyZ3RnCMHzXnnyykiEJcG
+Cd1CqERwi24CaNjMdetOqZ/7D2z7AvHv1qAflG+NwbKdkCapUY2SxKCnDzLvMlSz
+ohVLnAU8If30QrnQP1eo/BbcYZrhhJ6tvMX1svP47LeMkcjwUU1JrzTWCBRQaOcv
+8on6YEAzmOinrQK/NolXgJKYtZgoReYO9umHwoDVmtgy5iR3gXfgCFRhD4pf06Yv
+lxllTuVjtVLwgWtSdiP+yummnxrFIvuqDifgXd6oWjZfb110MK7BmD6pNkHJRTx0
+8dvo3TDlNZIeCzZcU7HJbneenFfBroheZTMvHQH6nFD47Rt93P46ytkDBhyXsBJ6
+Ajy7Ms27MZnRpXTKItBSPJnoDpd5gl9804hJyG/VSCxZEmashZa2db52TENYfvTz
+Q7eUVR5d8Gwn/aDmiCu3ojbBlhu0KfEiJilE9+6T8HM4Zz/AkCeEl8N7yF0CAwEA
+AQKCAgA9Bj6vkDZZB5WgFVt2hmGWa6JvQgaos3GuxlPlZ0BTMCLocTr7r1WyWXfu
+aRY90chAHQf9I2wSi5FGnSp+4IQIjdlNOwlDRhAdfOPzknN4QIZIJVVXrMx2E3Xw
+K2JBHA2kLzaon/BFZRMJmIAMcwCev9WUxh4MtU/l1usGClvx+YuaNr48Wbd/hOnr
+CHD3rl67YCKU3ioAgTeJOIaPSVqfL/35uPw+BGhO+vyk+wy+C40FQE5h1wCT5m1U
+h/PdOMtj89OVb6OYCn9OJyJi8Zbgzdg+x9aaWfFn9MeEF795Z9/WJ4VM+4VLXmFZ
+NG+vL+Iu4bYdl6AXH/RbZwUAJAc97vwjJHY3oGHwaUnNUopMIUyPdLxogoaEDyyi
+x2Q4wdPOSFNfmIX4t4HSvvkw9tnOvYCnxupY+xltmUv6I2oFlg6K7M2fQth23I9T
+3LFgIOGagZ/Pvc1r/G3cbe3GCWNpidmrq37ww3e8RG+X9LHxPdiD/Zd8NJwWOc/J
+OAmtdvYKUmdEdOB5fuGQI6vLPg8W9szPfSiXiMYWWO8Ehyl0mXdAE7ihL4/+7h+t
+uC5DrZAKanBxN9OGUUKp4Ya1VJKGUgTpBR5RUxLshJV52WyICPnk8z32peL2L6Ng
+ZhGJQW3LWENx68DLVVwd5KMPewLQ1wRV96fRlOehaOqxw99D/QKCAQEA984Ob0Xs
+fKjJayDp8kRWI2AscP+hpgm+sb5U+dWW00M1DALA7wLHEja2Qy4PQ//rao6EK+WK
+PuejQAYxHyByp8DL0TBsT+aUllGMsFLF+5VfM2kMTJskLO1Q6Y7pEoP/d0d4TkX0
+2r12kFYYpY4l0+q4kAgq5G899BWDbMYqYELzejqDAv7Rytf/Kc+/o3omUKNe+uc+
+2GIc+CoT072kuYxTyvkeAqBkeWX5ZAtKvj8JMkujnWewCmzV11Oz1MHSZinI6PK1
+BBoMIzOs17hxAroRFhJ9RqXRSimWogvcsbf7Ea75B4RdTVHq0kcU9L9hCZBi2SfC
+6g/aKJYm7rSR1wKCAQEAwz8tyAYK8qoqgqtYlP7bW0f75HxAHJTKR/r7azWf/Xcw
+iTou1JlKwCCLq6+6dgmnW5SuFNAcyiGpUXFY6kTMc9pVeJZyzJhqL3H3tjYqavzK
+ovx8dKYH/YkgZ/L05W+wkYMmJdz2bDS6YgYQ/CzcVsP/OcHEJZNz4Wmv/p6k1gIh
++AanE9TDPTZZHBfWA7hWsIVXLWVBahqch1lqq275rI1OxDj1pTc95Knbby3BXUcT
+JrtXf4LGaZ2RFHBSGNbW7Y1QFPDE/1HEw/kSM+JcoafUe1z4xP3OPBrljJTldllh
+PyoPewK6dKZE3rO5Vqh09mVshtgkhozo8eBveChY6wKCAQA1syeZoXOACCut1XId
+GAX6oIrA6gSjsJTse6x6f3ixy2yhb69TnCx7m/OfV0njmH/xlXS69oEg5J2R8EWQ
+0z1FcRg5+t5d6j/k20M7qpRQ0qvQvkD2EOCkA8F2+4sygfxIYuqFO8+13zzkRmQM
+7GLyK3lXbQ2udxTb4hWa6s6gEaIlqKxfZ80awff/nY+P45aN/vlEMfyCc7CHbsbh
+KcWal/hIkfeY5h0f2aNTtMa7t3lMtut73s5dU/x7Lx5XSrFHhmKNaJslimd68WXR
+UZzb1GqDd/pB5wkVozGLaDqpII9944b/xAVcDhZu/wxhhV+H7QwetukcQ9co2HET
+ZXn9AoIBAEcc9dHK0aX88KrTOdpa0Q54M3jPAJLoZpy8/2HXEETDarwwounwQ1ej
+Avwvbxya+4fRqW4PNs0wYXk2bYo2MLlppoPbWEjIorRRMEX/iIebNzsR90qNRo/D
+qDf0N9pxScBWIkjcKCzVL6WQTBNtS3uWu5kPyB9fi29ojR+SLLt93111HtmMPuhG
+qUIgNGT6eSimCFCSdrbspmJt4Po721hLx4qUrHPWoQZuD2x5H9qXjpQm3AGnYhkJ
+uNPW7S/64CF5vNdDspzD7YTrbQPUyKRgenXMMRee0cT2jvEbMlBe0Zqt+SF2pu7h
+uGfc0f6MML2lx1d91h/jptyiQDdliq0CggEBAO1FyfNJMR+dg5MS14GtuMdJHhct
+0xuV3AuvB0qYbHYaZnbLf1AZFQ7o3f5ov/LDXgYoLMaAkHEybg+4B/meykUbJYBH
+qM82WMmbawgc+CYLRDBrcJbqfb7uBvf/k8YR0KkGK/XInS2x0xloPYmDFKeT3mpU
+1ir4MOQu2VNO461NxHazv1Fcb/RjZeewC3q8CslwBze0f5PyqwGYlVvrRp5GzYmH
+ueLqB6Pz2501czE1QpcJJ8fcmFqTwlfpQJ5rKOB9CD7qRTOrVNdDBQfLUuyxApeB
+NCm6BN4TH9B/G+3MD7qxN0FK96aQw9qL5HjIdOXLHol32nhGl4L6AAQ68KI=
+-----END RSA PRIVATE KEY-----

data/spec/fixtures/certs/generated/server_from_root.key.pkcs8 ADDED Viewed

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC8/x0FJwObqR8+
+kblGd6XbgPv1Q0ZCorHjO1LB3ivlV5nOLuh08MLwXyoDka020KmVrS4hdIchl03Z
+35E71eMAqfioWyZ2YVS3Bs3ifIW8nZdpQfZ0eocFblHAgL/HdX136TGikHtdU3eq
+rmWC7BaF4QJ2lAmp+jmAmLtt+RR2F4NLMQmbUnfnRvh2ZIg4zYud5d5O0Ej1Fyrq
+epiAba1IRGPyrg/JndGcIwfNeefLKSIQlwYJ3UKoRHCLbgJo2Mx1606pn/sPbPsC
+8e/WoB+Ub43Bsp2QJqlRjZLEoKcPMu8yVLOiFUucBTwh/fRCudA/V6j8FtxhmuGE
+nq28xfWy8/jst4yRyPBRTUmvNNYIFFBo5y/yifpgQDOY6KetAr82iVeAkpi1mChF
+5g726YfCgNWa2DLmJHeBd+AIVGEPil/Tpi+XGWVO5WO1UvCBa1J2I/7K6aafGsUi
++6oOJ+Bd3qhaNl9vXXQwrsGYPqk2QclFPHTx2+jdMOU1kh4LNlxTsclud56cV8Gu
+iF5lMy8dAfqcUPjtG33c/jrK2QMGHJewEnoCPLsyzbsxmdGldMoi0FI8megOl3mC
+X3zTiEnIb9VILFkSZqyFlrZ1vnZMQ1h+9PNDt5RVHl3wbCf9oOaIK7eiNsGWG7Qp
+8SImKUT37pPwczhnP8CQJ4SXw3vIXQIDAQABAoICAD0GPq+QNlkHlaAVW3aGYZZr
+om9CBqizca7GU+VnQFMwIuhxOvuvVbJZd+5pFj3RyEAdB/0jbBKLkUadKn7ghAiN
+2U07CUNGEB184/OSc3hAhkglVVeszHYTdfArYkEcDaQvNqif8EVlEwmYgAxzAJ6/
+1ZTGHgy1T+XW6wYKW/H5i5o2vjxZt3+E6esIcPeuXrtgIpTeKgCBN4k4ho9JWp8v
+/fm4/D4EaE76/KT7DL4LjQVATmHXAJPmbVSH8904y2Pz05Vvo5gKf04nImLxluDN
+2D7H1ppZ8Wf0x4QXv3ln39YnhUz7hUteYVk0b68v4i7hth2XoBcf9FtnBQAkBz3u
+/CMkdjegYfBpSc1SikwhTI90vGiChoQPLKLHZDjB085IU1+Yhfi3gdK++TD22c69
+gKfG6lj7GW2ZS/ojagWWDorszZ9C2Hbcj1PcsWAg4ZqBn8+9zWv8bdxt7cYJY2mJ
+2aurfvDDd7xEb5f0sfE92IP9l3w0nBY5z8k4Ca129gpSZ0R04Hl+4ZAjq8s+Dxb2
+zM99KJeIxhZY7wSHKXSZd0ATuKEvj/7uH624LkOtkApqcHE304ZRQqnhhrVUkoZS
+BOkFHlFTEuyElXnZbIgI+eTzPfal4vYvo2BmEYlBbctYQ3HrwMtVXB3kow97AtDX
+BFX3p9GU56Fo6rHD30P9AoIBAQD3zg5vRex8qMlrIOnyRFYjYCxw/6GmCb6xvlT5
+1ZbTQzUMAsDvAscSNrZDLg9D/+tqjoQr5Yo+56NABjEfIHKnwMvRMGxP5pSWUYyw
+UsX7lV8zaQxMmyQs7VDpjukSg/93R3hORfTavXaQVhiljiXT6riQCCrkbz30FYNs
+xipgQvN6OoMC/tHK1/8pz7+jeiZQo1765z7YYhz4KhPTvaS5jFPK+R4CoGR5Zflk
+C0q+PwkyS6OdZ7AKbNXXU7PUwdJmKcjo8rUEGgwjM6zXuHECuhEWEn1GpdFKKZai
+C9yxt/sRrvkHhF1NUerSRxT0v2EJkGLZJ8LqD9oolibutJHXAoIBAQDDPy3IBgry
+qiqCq1iU/ttbR/vkfEAclMpH+vtrNZ/9dzCJOi7UmUrAIIurr7p2CadblK4U0BzK
+IalRcVjqRMxz2lV4lnLMmGovcfe2Nipq/Mqi/Hx0pgf9iSBn8vTlb7CRgyYl3PZs
+NLpiBhD8LNxWw/85wcQlk3Phaa/+nqTWAiH4BqcT1MM9NlkcF9YDuFawhVctZUFq
+GpyHWWqrbvmsjU7EOPWlNz3kqdtvLcFdRxMmu1d/gsZpnZEUcFIY1tbtjVAU8MT/
+UcTD+RIz4lyhp9R7XPjE/c48GuWMlOV2WWE/Kg97Arp0pkTes7lWqHT2ZWyG2CSG
+jOjx4G94KFjrAoIBADWzJ5mhc4AIK63Vch0YBfqgisDqBKOwlOx7rHp/eLHLbKFv
+r1OcLHub859XSeOYf/GVdLr2gSDknZHwRZDTPUVxGDn63l3qP+TbQzuqlFDSq9C+
+QPYQ4KQDwXb7izKB/Ehi6oU7z7XfPORGZAzsYvIreVdtDa53FNviFZrqzqARoiWo
+rF9nzRrB9/+dj4/jlo3++UQx/IJzsIduxuEpxZqX+EiR95jmHR/Zo1O0xru3eUy2
+63vezl1T/HsvHldKsUeGYo1omyWKZ3rxZdFRnNvUaoN3+kHnCRWjMYtoOqkgj33j
+hv/EBVwOFm7/DGGFX4ftDB626RxD1yjYcRNlef0CggEARxz10crRpfzwqtM52lrR
+DngzeM8AkuhmnLz/YdcQRMNqvDCi6fBDV6MC/C9vHJr7h9Gpbg82zTBheTZtijYw
+uWmmg9tYSMiitFEwRf+Ih5s3OxH3So1Gj8OoN/Q32nFJwFYiSNwoLNUvpZBME21L
+e5a7mQ/IH1+Lb2iNH5Isu33fXXUe2Yw+6EapQiA0ZPp5KKYIUJJ2tuymYm3g+jvb
+WEvHipSsc9ahBm4PbHkf2peOlCbcAadiGQm409btL/rgIXm810OynMPthOttA9TI
+pGB6dcwxF57RxPaO8RsyUF7Rmq35IXam7uG4Z9zR/owwvaXHV33WH+Om3KJAN2WK
+rQKCAQEA7UXJ80kxH52DkxLXga24x0keFy3TG5XcC68HSphsdhpmdst/UBkVDujd
+/mi/8sNeBigsxoCQcTJuD7gH+Z7KRRslgEeozzZYyZtrCBz4JgtEMGtwlup9vu4G
+9/+TxhHQqQYr9cidLbHTGWg9iYMUp5PealTWKvgw5C7ZU07jrU3EdrO/UVxv9GNl
+57ALerwKyXAHN7R/k/KrAZiVW+tGnkbNiYe54uoHo/PbnTVzMTVClwknx9yYWpPC
+V+lAnmso4H0IPupFM6tU10MFB8tS7LECl4E0KboE3hMf0H8b7cwPurE3QUr3ppDD
+2ovkeMh05cseiXfaeEaXgvoABDrwog==
+-----END PRIVATE KEY-----

data/spec/fixtures/certs/openssl.cnf ADDED Viewed

@@ -0,0 +1,47 @@
+[ req ]
+distinguished_name= req_distinguished_name
+attributes= req_attributes
+[ req_distinguished_name ]
+countryName= Country Name (2 letter code)
+countryName_min= 2
+countryName_max= 2
+stateOrProvinceName= State or Province Name (full name)
+localityName= Locality Name (eg, city)
+0.organizationName= Organization Name (eg, company)
+organizationalUnitName= Organizational Unit Name (eg, section)
+commonName= Common Name (eg, fully qualified host name)
+commonName_max= 64
+emailAddress= Email Address
+emailAddress_max= 64
+[ req_attributes ]
+challengePassword= A challenge password
+challengePassword_min= 4
+challengePassword_max= 20
+[ ca ]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer
+basicConstraints = critical, CA:true
+keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+[ client_cert ]
+basicConstraints = CA:FALSE
+nsCertType = client, email
+nsComment = "OpenSSL Generated Client Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer
+keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+extendedKeyUsage = clientAuth, emailProtection
+subjectAltName = "DNS:localhost, IP:127.0.0.1"
+[ server_cert ]
+basicConstraints = CA:FALSE
+nsCertType = server
+nsComment = "OpenSSL Generated Server Certificate"
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer:always
+keyUsage = critical, digitalSignature, keyEncipherment
+extendedKeyUsage = serverAuth
+subjectAltName = "DNS:localhost, IP:127.0.0.1"

data/spec/inputs/http_spec.rb CHANGED Viewed

@@ -20,6 +20,11 @@ describe LogStash::Inputs::Http do
   let(:client_options) { { } }
   let(:logstash_queue) { Queue.new }
   let(:port) { rand(5000) + 1025 }
+  let(:url) { "http://127.0.0.1:#{port}" }
+  let(:config) { { "port" => port } }
+  subject { described_class.new(config) }
   it_behaves_like "an interruptible input plugin" do
     let(:config) { { "port" => port } }
@@ -32,7 +37,6 @@ describe LogStash::Inputs::Http do
   end
   describe "request handling" do
-    subject { LogStash::Inputs::Http.new("port" => port) }
     before :each do
       setup_server_client
@@ -49,7 +53,7 @@ describe LogStash::Inputs::Http do
         "socket_timeout" => 0.1
       } }
-      subject { described_class.new("port" => port, "threads" => threads, "max_pending_requests" => max_pending_requests) }
+      let(:config) { { "port" => port, "threads" => threads, "max_pending_requests" => max_pending_requests } }
       context "when sending more requests than queue slots" do
         it "should block when the queue is full" do
@@ -74,7 +78,7 @@ describe LogStash::Inputs::Http do
     end
     context "with default codec" do
-      subject { LogStash::Inputs::Http.new("port" => port) }
       context "when receiving a text/plain request" do
         it "should process the request normally" do
           client.post("http://127.0.0.1:#{port}/meh.json",
@@ -84,6 +88,7 @@ describe LogStash::Inputs::Http do
           expect(event.get("message")).to eq("hello")
         end
       end
       context "when receiving a deflate compressed text/plain request" do
         it "should process the request normally" do
           client.post("http://127.0.0.1:#{port}/meh.json",
@@ -93,16 +98,18 @@ describe LogStash::Inputs::Http do
           expect(event.get("message")).to eq("hello")
         end
       end
       context "when receiving a deflate text/plain request that cannot be decompressed" do
         let(:response) do
-          response = client.post("http://127.0.0.1:#{port}/meh.json",
-                                 :headers => { "content-type" => "text/plain", "content-encoding" => "deflate" },
-                                   :body => "hello").call
+          client.post("http://127.0.0.1:#{port}/meh.json",
+                      :headers => { "content-type" => "text/plain", "content-encoding" => "deflate" },
+                      :body => "hello").call
         end
         it "should respond with 400" do
           expect(response.code).to eq(400)
         end
       end
       context "when receiving a gzip compressed text/plain request" do
         it "should process the request normally" do
           wio = StringIO.new("w")
@@ -118,6 +125,7 @@ describe LogStash::Inputs::Http do
           expect(event.get("message")).to eq("hello")
         end
       end
       context "when receiving a gzip text/plain request that cannot be decompressed" do
         let(:response) do
           client.post("http://127.0.0.1:#{port}",
@@ -128,6 +136,7 @@ describe LogStash::Inputs::Http do
           expect(response.code).to eq(400)
         end
       end
       context "when receiving an application/json request" do
         it "should parse the json body" do
           client.post("http://127.0.0.1:#{port}/meh.json",
@@ -140,16 +149,108 @@ describe LogStash::Inputs::Http do
     end
     context "with json codec" do
-      subject { LogStash::Inputs::Http.new("port" => port, "codec" => "json") }
+      let(:config) { super().merge("codec" => "json") }
+      let(:url) { "http://127.0.0.1:#{port}/meh.json" }
+      let(:response) do
+        client.post(url, :body => { "message" => "Hello" }.to_json).call
+      end
       it "should parse the json body" do
-        response = client.post("http://127.0.0.1:#{port}/meh.json", :body => { "message" => "Hello" }.to_json).call
+        expect(response.code).to eq(200)
         event = logstash_queue.pop
         expect(event.get("message")).to eq("Hello")
       end
+      context 'with ssl' do
+        let(:url) { super().sub('http://', 'https://') }
+        certs_dir = File.expand_path('../fixtures/certs/generated', File.dirname(__FILE__))
+        let(:config) do
+          super().merge 'ssl' => true,
+                        'ssl_certificate_authorities' => [ File.join(certs_dir, 'root.crt') ],
+                        'ssl_certificate' => File.join(certs_dir, 'server_from_root.crt'),
+                        'ssl_key' => File.join(certs_dir, 'server_from_root.key.pkcs8'),
+                        'ssl_verify_mode' => 'peer'
+        end
+        let(:client_options) do
+          super().merge ssl: {
+              verify: false,
+              ca_file: File.join(certs_dir, 'root.crt'),
+              client_cert: File.join(certs_dir, 'client_from_root.crt'),
+              client_key: File.join(certs_dir, 'client_from_root.key.pkcs8'),
+          }
+        end
+        it "should parse the json body" do
+          # [DEBUG][io.netty.handler.ssl.SslHandler] [id: 0xcaf869ff, L:/127.0.0.1:5610 - R:/127.0.0.1:32890] HANDSHAKEN: protocol:TLSv1.2 cipher suite:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+          # [DEBUG][org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
+          # [DEBUG][org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated protocol: TLSv1.2
+          # [DEBUG][org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+          expect(response.code).to eq(200)
+          event = logstash_queue.pop
+          expect(event.get("message")).to eq("Hello")
+        end
+        TLS13_ENABLED_BY_DEFAULT = begin
+                                     context = javax.net.ssl.SSLContext.getInstance('TLS')
+                                     context.init nil, nil, nil
+                                     context.getDefaultSSLParameters.getProtocols.include? 'TLSv1.3'
+                                   rescue => e
+                                     warn "failed to detect TLSv1.3 support: #{e.inspect}"
+                                     nil
+                                   end
+        context 'with TLSv1.3 client' do
+          let(:client_options) do
+            super().tap do |opts|
+              opts.fetch(:ssl).merge! protocols: ['TLSv1.3']
+            end
+          end
+          it "should parse the json body" do
+            expect(response.code).to eq(200)
+            event = logstash_queue.pop
+            expect(event.get("message")).to eq("Hello")
+          end
+          context 'enforced TLSv1.3 in plugin' do
+            let(:config) { super().merge 'ssl_supported_protocols' => ['TLSv1.3'],
+                                         'ssl_cipher_suites' => [ 'TLS_AES_128_GCM_SHA256' ] }
+            it "should parse the json body" do
+              expect(response.code).to eq(200)
+              event = logstash_queue.pop
+              expect(event.get("message")).to eq("Hello")
+            end
+          end
+          context 'enforced TLSv1.3 (deprecated options)' do
+            let(:config) { super().merge 'tls_min_version' => 1.3,
+                                         'cipher_suites' => [ 'TLS_AES_128_GCM_SHA256' ] }
+            it "should parse the json body" do
+              expect(response.code).to eq(200)
+              event = logstash_queue.pop
+              expect(event.get("message")).to eq("Hello")
+            end
+          end
+        end if TLS13_ENABLED_BY_DEFAULT
+      end
     end
     context "with json_lines codec without final delimiter" do
-      subject { LogStash::Inputs::Http.new("port" => port, "codec" => "json_lines") }
+      let(:config) { super().merge("codec" => "json_lines") }
       let(:line1) { '{"foo": 1}' }
       let(:line2) { '{"foo": 2}' }
       it "should parse all json_lines in body including last one" do
@@ -169,7 +270,7 @@ describe LogStash::Inputs::Http do
         body = { "message" => "Hello" }.to_json
         client.post("http://127.0.0.1:#{port}/meh.json",
                     :headers => { "content-type" => "application/json" },
-                      :body => body).call
+                    :body => body).call
         event = logstash_queue.pop
         expect(event.get("message")).to eq(body)
       end
@@ -388,15 +489,18 @@ describe LogStash::Inputs::Http do
   end
   # wait until server is ready
-  def setup_server_client
+  def setup_server_client(url = self.url)
     subject.register
-    t = Thread.new { subject.run(logstash_queue) }
+    t = Thread.start { subject.run(logstash_queue) }
     ok = false
     until ok
       begin
-        client.post("http://127.0.0.1:#{port}", :body => '{}').call
-      rescue => e
-        # retry
+        client.post(url, :body => '{}').call
+      rescue Manticore::SocketException => e
+        puts "retry client.post due #{e}" if $VERBOSE
+      rescue Manticore::ManticoreException => e
+        warn e.inspect
+        raise e.cause ? e.cause : e
       else
         ok = true
       end
@@ -447,6 +551,12 @@ describe LogStash::Inputs::Http do
         expect { subject.register }.to raise_exception(LogStash::ConfigurationError)
       end
     end
+    context "with invalid cipher suites" do
+      it "should raise a configuration error" do
+        invalid_config = config.merge("ssl_cipher_suites" => "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38")
+        expect { LogStash::Inputs::Http.new(invalid_config) }.to raise_error(LogStash::ConfigurationError)
+      end
+    end
     context "with :ssl_certificate" do
       let(:ssc) { SelfSignedCertificate.new }
       let(:ssl_certificate) { ssc.certificate }
@@ -505,18 +615,6 @@ describe LogStash::Inputs::Http do
         end
       end
-      context "with invalid cipher_suites" do
-        let(:config) { super().merge("cipher_suites" => "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38") }
-        it "should raise a configuration error" do
-          expect( subject.logger ).to receive(:error) do |msg, opts|
-            expect( msg ).to match /.*?configuration invalid/
-            expect( opts[:message] ).to match /TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38.*? not available/
-          end
-          expect { subject.register }.to raise_error(LogStash::ConfigurationError)
-        end
-      end
       context "with invalid ssl certificate" do
         before do
           cert = File.readlines path = config["ssl_certificate"]
@@ -548,8 +646,7 @@ describe LogStash::Inputs::Http do
       context "with invalid ssl certificate_authorities" do
         let(:config) do
-          super().merge("ssl_verify_mode" => "peer",
-                      "ssl_certificate_authorities" => [ ssc.certificate.path, ssc.private_key.path ])
+          super().merge("ssl_verify_mode" => "peer", "ssl_certificate_authorities" => [ ssc.certificate.path, ssc.private_key.path ])
         end
         it "should raise a cert error" do
@@ -565,6 +662,123 @@ describe LogStash::Inputs::Http do
         end
       end
+      context "with both verify_mode options set" do
+        let(:config) do
+          super().merge('ssl_verify_mode' => 'peer', 'verify_mode' => 'none')
+        end
+        it "should raise a configuration error" do
+          expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_verify_mode.?/i
+        end
+      end
+      context "with ssl_cipher_suites and cipher_suites set" do
+        let(:config) do
+          super().merge('ssl_cipher_suites' => ['TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'],
+                        'cipher_suites' => ['TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'])
+        end
+        it "should raise a configuration error" do
+          expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_cipher_suites.?/i
+        end
+      end
+      context "with ssl_supported_protocols and tls_min_version set" do
+        let(:config) do
+          super().merge('ssl_supported_protocols' => ['TLSv1.2'], 'tls_min_version' => 1.0)
+        end
+        it "should raise a configuration error" do
+          expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_supported_protocols.?/i
+        end
+      end
+      context "with ssl_supported_protocols and tls_max_version set" do
+        let(:config) do
+          super().merge('ssl_supported_protocols' => ['TLSv1.2'], 'tls_max_version' => 1.2)
+        end
+        it "should raise a configuration error" do
+          expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_supported_protocols.?/i
+        end
+      end
+    end
+  end
+end
+# If we have a setting called `pipeline.ecs_compatibility`, we need to
+# ensure that our additional_codecs are instantiated with the proper
+# execution context in order to ensure that the pipeline setting is
+# respected.
+if LogStash::SETTINGS.registered?('pipeline.ecs_compatibility')
+  def setting_value_supported?(name, value)
+    setting = ::LogStash::SETTINGS.clone.get_setting(name)
+    setting.set(value)
+    setting.validate_value
+    true
+  rescue
+    false
+  end
+  describe LogStash::Inputs::Http do
+    context 'additional_codecs' do
+      let(:port) { rand(1025...5000) }
+      %w(disabled v1 v8).each do |spec|
+        if setting_value_supported?('pipeline.ecs_compatibility', spec)
+          context "with `pipeline.ecs_compatibility: #{spec}`" do
+            # Override DevUtils's `new_pipeline` default to inject pipeline settings that
+            # are different than our global settings, so that we can validate the condition
+            # where pipeline settings override global settings.
+            def new_pipeline(config_parts, pipeline_id = :main, settings = pipeline_settings)
+              super(config_parts, pipeline_id, settings)
+            end
+            let(:pipeline_settings) do
+              ::LogStash::SETTINGS.clone.tap do |s|
+                s.set('pipeline.ecs_compatibility', spec)
+              end
+            end
+            it 'propagates the ecs_compatibility pipeline setting to the additional_codecs' do
+              # Ensure plugins pick up pipeline-level setting over the global default.
+              aggregate_failures('precondition') do
+                expect(::LogStash::SETTINGS).to_not be_set('pipeline.ecs_compatibility')
+                expect(pipeline_settings).to be_set('pipeline.ecs_compatibility')
+              end
+              input("input { http { port => #{port} additional_codecs => { 'application/json' => 'json' 'text/plain' => 'plain' } } }") do |pipeline, queue|
+                http_input = pipeline.inputs.first
+                aggregate_failures('initialization precondition') do
+                  expect(http_input).to be_a_kind_of(described_class)
+                  expect(http_input.execution_context&.pipeline&.settings&.to_hash).to eq(pipeline_settings.to_hash)
+                end
+                http_input.codecs.each do |key, value|
+                  aggregate_failures("Codec for `#{key}`") do
+                    expect(value.ecs_compatibility).to eq(spec.to_sym)
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+      it 'propagates the execution context from the input to the codecs' do
+        input("input { http { port => #{port} } }") do |pipeline, queue|
+          http_input = pipeline.inputs.first
+          expect(http_input).to be_a_kind_of(described_class) # precondition
+          http_input.codecs.each do |key, value|
+            aggregate_failures("Codec for `#{key}`") do
+              expect(value.execution_context).to be http_input.execution_context
+            end
+          end
+        end
+      end
     end
   end
 end

data/vendor/jar-dependencies/org/logstash/plugins/input/http/logstash-input-http/{3.4.5/logstash-input-http-3.4.5.jar → 3.6.0/logstash-input-http-3.6.0.jar} RENAMED Viewed

Binary file