logstash-input-http 3.4.5-java → 3.6.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/VERSION +1 -1
- data/docs/index.asciidoc +47 -14
- data/lib/logstash/inputs/http/tls.rb +2 -1
- data/lib/logstash/inputs/http.rb +62 -29
- data/lib/logstash-input-http_jars.rb +1 -1
- data/logstash-input-http.gemspec +1 -1
- data/spec/fixtures/certs/generate.sh +40 -0
- data/spec/fixtures/certs/generated/README.txt +2 -0
- data/spec/fixtures/certs/generated/client_from_root.crt +35 -0
- data/spec/fixtures/certs/generated/client_from_root.jks +0 -0
- data/spec/fixtures/certs/generated/client_from_root.key +51 -0
- data/spec/fixtures/certs/generated/client_from_root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/generated/client_from_root.p12 +0 -0
- data/spec/fixtures/certs/generated/root.crt +32 -0
- data/spec/fixtures/certs/generated/root.key +51 -0
- data/spec/fixtures/certs/generated/root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/generated/server_from_root.crt +37 -0
- data/spec/fixtures/certs/generated/server_from_root.key +51 -0
- data/spec/fixtures/certs/generated/server_from_root.key.pkcs8 +52 -0
- data/spec/fixtures/certs/openssl.cnf +47 -0
- data/spec/inputs/http_spec.rb +243 -29
- data/vendor/jar-dependencies/org/logstash/plugins/input/http/logstash-input-http/{3.4.5/logstash-input-http-3.4.5.jar → 3.6.0/logstash-input-http-3.6.0.jar} +0 -0
- metadata +31 -3
@@ -0,0 +1,52 @@
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
2
|
+
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCwVfl113eqoUSL
|
3
|
+
cw0Xrp1H0UoRLrQoo4h88HtspnJwuTok2PiEIbhUebufzK0nF2ZybVJYiC0ZJJuS
|
4
|
+
qicMCm9VpznJVRNNT/a7gMcF4j0lYdT2Yuxw2yaCZcvCffVIRU0LIUjj2bXa83ib
|
5
|
+
uuphfwcm+C3bJ5xWN65F0Txe7mCh8PQ+X0v0peNjkdGHt1LFP3qFV67ssNtxjeVB
|
6
|
+
35rmKL/OD8gr9fNHFF5B5A8DXniLpohJZLrVFLw455Fyhx+GS+ZQpaHxfneIhMff
|
7
|
+
tflfabXZNO/pzbSHJShKhIboAfM/bXX5cnilIeLBwko/WPtO81M13rX+e3VFUFxt
|
8
|
+
Xor2z1MhoV01+PfVtTem0iinkYJUtulfrGvolgaQhV+UhgoOuvmYQkj7pmd/41pR
|
9
|
+
arhxKp5jRjz3TEfY6PZjGV7vF2Q9IAk2yAUvAhY8qER+eGZe5krUKBV1gLwwzOpl
|
10
|
+
QMerG3+Jrm1Fk6sDGw0wJIQUCu3P3nhQTqyqx8z5Sk5dWPMQBkbJMtUIdFOD/JxJ
|
11
|
+
Wb171xkH1VNH9zXJfAzHVpk1cgVruF1VtepceQh0rW6E7Lc+Avbg23Zr06fjkklK
|
12
|
+
NaKabScl7uE7LiGhSpV6N2MJURtJB9jI9oRdYDCBhLihDbn33MrdseOzuWgduWZt
|
13
|
+
vUzPKWuzTLpFnnF3krwgUm8TZW81MQIDAQABAoICAQCE+qEg1DgDbpCxlTcHaABm
|
14
|
+
W5e+s3jbuM/CYNzDSBa/mYAWr6Vih8dptU/gJ8tg0o3It1bFOxS/hFLqXPULaIcj
|
15
|
+
kfPLOCRRRn9sUaZFcqLoIQooMNvcE/jLl5b8+l5SfSinvxcn9VPmZXvL/T6p/dDX
|
16
|
+
+4shXZLRljYPosYjVSN8nKikrNssCTodKadY8NAzvjZYfpKFHq6uyPJeJhG7hnl3
|
17
|
+
HYG4XUd0kBCxIhqMUN8ZeaIHrzYSYQu84i1WsD3+2hg7M12YL+ZXBsNwmtwPrzmb
|
18
|
+
LwfKSv3ceRIUeDMAng/iAltYnZIL/izyL+IsOZ9zn55d3rFi05nRhtPdCtJDZIBs
|
19
|
+
eJYpu0LEIV5LDIyAzTc1neBwUKh+arscqdJjQwi8luliatoZXvKLM1nMyTWoSf0I
|
20
|
+
IQyUHIS1zbm0qD74xSHS7cPC0A6ULGP1I8hMy9EqMOvMCpOPsZK6gX8V2uD1BmY4
|
21
|
+
J7Tb3Q+48ScICHQ9yD8WMieZ+JjhhjLcU7Gy6Pgp9tqggowzzhBE5iMd6qZ7VEFo
|
22
|
+
8dicpmQGk+3sTWTpdwPhPPdHtj3HtPq/ONxjwYNS5c39eGyM9Iv01iGX+8LHyLUI
|
23
|
+
IK/B/apFXVxt2/X218YD0qOnwlEdYWgbNcVtLJuEPsKicUoej1JJG89Ss84OqwLa
|
24
|
+
f1J2dmpVpe2Af8zPUHTWAQKCAQEA2zgtF7egetTIM3nEnH9ZPgSgo/4Kxsn5xnN8
|
25
|
+
TmCljjMcOi9UODIl+TTMsHII/brdsWB0hWufMRS7QMwm/3oCbSA/MASDpnjv+ZgA
|
26
|
+
gLMW9RIJ2DySSxEQ5/UQmZEpoCi7fLCxMNKX/0XDH9pb7WFfFusgN5A30xtOVijn
|
27
|
+
PIoC3ipfTfkc2Pht19CCRI8+gsa++T1iDshcQNm7LAfMNNOX2Iz8F2cI+/Un+cTe
|
28
|
+
iFuU7KKviptGL0/GvDg603Cf0/2TnFsJH1KI2h4LpufGcPlpW+xRfT4rUFBh9BZH
|
29
|
+
OFt0y+6hOwoIGRkns2YODBJmC8Eii1Dv7BAx6KlyEGudqXC9kQKCAQEAzevhIMsw
|
30
|
+
iihgn2Z4s1z2ByE+uBOJNQQ5xjxezM7mGOvgJnjDjnKgj+eOquYvUvAOZk6cLt79
|
31
|
+
Yx9HBqDwF1JGbZHrBfzoXDhFPYZHIkXo+H03HcbBxgQndfqE3IzOd4kuWhznqrzU
|
32
|
+
tY+8tN9O1CwuuHgUYfRXZ3nPwiAHo3Jax9t7uMvUg5iGJNZdZqgKxV29wWrMFOB0
|
33
|
+
QATo+npV/x5RvQi/xvWU9P1wntJAQ0403N7GrXxgPC3r4GNAjaeefoNuYE2RFXQI
|
34
|
+
7YSJG9QlrbFB1IE3p2Pwe73kZFFi2e3SUfXYDK7FtZJ8zk0VZz8nIA0rkVU/qvgA
|
35
|
+
1Db/wpLsbB2toQKCAQEAv/Dx2oBXLPU9zYRil7wRQXH/zVbTzLZv0kivoFiS3Gz3
|
36
|
+
3CIwlXujMA4A4sUWBkMldPdFTsSqf+jtA5E83BfSJAZGDR8Gvi3JwDpMxmMISM/g
|
37
|
+
esqeNMfei5pRTISDc832SvjSTDM4DrTgYfVo4/GLtp9sd/n4RwjzkBEEVkdot2lW
|
38
|
+
RQlHLtpmIr5YMPtS+mJWOBh80QCxdb6uWaECNYbGvz7CQyNeBG3k8JZlWfMF9COF
|
39
|
+
m9DUpPwuwAJjz1ofNxghtJco55n2ZTRFc4Agii53B5tkxko21n1rJrKS7U92dlCc
|
40
|
+
Lvtbl84kqrlCt2MsokIaouzdBU4wxMwIKURwqTkjYQKCAQBPtgRipmT2xiSI76i/
|
41
|
+
fbe7ENJvfRh6zlTy+MGVtG17risJmWvRw2uF6RPf8dTV3Rkl3z40IpuheCUNWtU1
|
42
|
+
oeKjXX3Fxp3HvPyIkWcNzFQfhJEGVL8DwO3pjH1LxrHRseegeFnxTMFmOurIdTzV
|
43
|
+
gvje7ZSuSmBfLNcQhUePrJ+Zh8u/wB9WhX8/2T80ks4AkoX2zjmLx0sY0Q3CkAKk
|
44
|
+
C/+GFlHuWXg80bJ7uFWp+CccbJwp4eB6yyfop2MAsqb2wDfEzaHg1Rbzon9Up22i
|
45
|
+
a+BYu2BoypX3wI0djCegxp/InEryteDQpZDsZwhm/BpQHOkFjCNmMjRX8aZVknw0
|
46
|
+
adShAoIBADUNkzKzD7xW2dtFI/9dPKEuQ5TxUYlDwejx1G/p4+ig/UVvumj4bDcW
|
47
|
+
rPEL2ZRh9IStsgE9ul1Dj9JWBXjUrWhvzO0IlMw74MRVLyVS2TwuFNZqVX/FDzJL
|
48
|
+
BZuCbZ6m4uCldqZ6FtmPX9EwRYqCxbGptySyJsH+D6rHv5LHYIYXNFBFisYIvkkr
|
49
|
+
NPlngDexX5ER4PTviRDMyqwIjW5IQy1/NZMECBnmy8Za6b3GnqpamqsHt1LHSEgm
|
50
|
+
YXw13sZKFw+rXf8ilBzkhCo57MZJy5X5/SpTElDK5ORcU5Vw7IhlHugBN/YZMNVE
|
51
|
+
4FPPlZqhsT/dPOtTFHF4qPXJbLuz6Jk=
|
52
|
+
-----END PRIVATE KEY-----
|
@@ -0,0 +1,37 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIGaTCCBFGgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBRMQswCQYDVQQGEwJMUzEL
|
3
|
+
MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
|
4
|
+
YXNoMQ0wCwYDVQQDDARyb290MB4XDTIxMTEyNDEwMjEzMFoXDTI0MTEyNDEwMjEz
|
5
|
+
MFowUzELMAkGA1UEBhMCTFMxCzAJBgNVBAgMAk5BMRMwEQYDVQQHDApIdHRwIElu
|
6
|
+
cHV0MREwDwYDVQQKDAhMb2dzdGFzaDEPMA0GA1UEAwwGc2VydmVyMIICIjANBgkq
|
7
|
+
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvP8dBScDm6kfPpG5Rnel24D79UNGQqKx
|
8
|
+
4ztSwd4r5VeZzi7odPDC8F8qA5GtNtCpla0uIXSHIZdN2d+RO9XjAKn4qFsmdmFU
|
9
|
+
twbN4nyFvJ2XaUH2dHqHBW5RwIC/x3V9d+kxopB7XVN3qq5lguwWheECdpQJqfo5
|
10
|
+
gJi7bfkUdheDSzEJm1J350b4dmSIOM2LneXeTtBI9Rcq6nqYgG2tSERj8q4PyZ3R
|
11
|
+
nCMHzXnnyykiEJcGCd1CqERwi24CaNjMdetOqZ/7D2z7AvHv1qAflG+NwbKdkCap
|
12
|
+
UY2SxKCnDzLvMlSzohVLnAU8If30QrnQP1eo/BbcYZrhhJ6tvMX1svP47LeMkcjw
|
13
|
+
UU1JrzTWCBRQaOcv8on6YEAzmOinrQK/NolXgJKYtZgoReYO9umHwoDVmtgy5iR3
|
14
|
+
gXfgCFRhD4pf06YvlxllTuVjtVLwgWtSdiP+yummnxrFIvuqDifgXd6oWjZfb110
|
15
|
+
MK7BmD6pNkHJRTx08dvo3TDlNZIeCzZcU7HJbneenFfBroheZTMvHQH6nFD47Rt9
|
16
|
+
3P46ytkDBhyXsBJ6Ajy7Ms27MZnRpXTKItBSPJnoDpd5gl9804hJyG/VSCxZEmas
|
17
|
+
hZa2db52TENYfvTzQ7eUVR5d8Gwn/aDmiCu3ojbBlhu0KfEiJilE9+6T8HM4Zz/A
|
18
|
+
kCeEl8N7yF0CAwEAAaOCAUgwggFEMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQD
|
19
|
+
AgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2Vy
|
20
|
+
dGlmaWNhdGUwHQYDVR0OBBYEFI51atlPwneMhcrthVuKNkH9AbJJMIGOBgNVHSME
|
21
|
+
gYYwgYOAFKfXx2/e7RH878sM8LuH7AeVykWooVWkUzBRMQswCQYDVQQGEwJMUzEL
|
22
|
+
MAkGA1UECAwCTkExEzARBgNVBAcMCkh0dHAgSW5wdXQxETAPBgNVBAoMCExvZ3N0
|
23
|
+
YXNoMQ0wCwYDVQQDDARyb290ghRrFonFtN0ltjwuBAMMS6vufjCqhTAOBgNVHQ8B
|
24
|
+
Af8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGgYDVR0RBBMwEYIJbG9jYWxo
|
25
|
+
b3N0hwR/AAABMA0GCSqGSIb3DQEBCwUAA4ICAQCBmOWRRWKcpIbJdIhUfNj8FRSC
|
26
|
+
CWKnChHFw+PW/8+QGBdaSPPJJG3QC79oBJyAZaqifRa3qQEGB2Vo7Di1HRNFdtrG
|
27
|
+
2f83s3lLULtrZgTUSxqq0kOmw+NuaOgjb43C84n5im3sJm0GbzgiPfvRPWLZYEZc
|
28
|
+
up3ncMFSmKSE3UGpUF65ijOlxoeyZaCAqwmz54ri4GGCsDurY2Nh67yvArgNCsqm
|
29
|
+
og39AFgRUT+qYwTUl3GUI8wiQkAPb16yTDgPBroq3zC2KDsy5h154R/CJXMkLK/F
|
30
|
+
Oa/wJkFT+vpIj5ttIN12//axCX9HEBG2m7dBD5bNIbVbgqLMoWwDQeeUpYl5J4Z/
|
31
|
+
ZMo2Gkm5XEY/cyQhGCUDaLvs3XZlB6vZMO91IzurmO6ho25FKaO8kmUwm2IAiiW7
|
32
|
+
aW5dS2uC7unpH17IiF9lb6AYff4wbVPxaqa/ydQgz5jdcidZEzD83dtUH/pSVnP3
|
33
|
+
r/Hf3TJIrH2yw8qN/2zHJD5Uxwi+RE426B8cfTQqOieFF7SqsSGZtuh9GYMEiErC
|
34
|
+
L3oWsszTviCKS5k6tyh9zZeXl8ABQSUSbHfSYIDdG+zrletrEPM34JuNOUTEZY6Y
|
35
|
+
tf7FpJjXZ3V7s6BtikvFiR6fmb+qlluvifUnPn62IF9nI8QNfl2XBXg5x5odTQCt
|
36
|
+
PgAX97A6xJeB4AFhXw==
|
37
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,51 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIJKAIBAAKCAgEAvP8dBScDm6kfPpG5Rnel24D79UNGQqKx4ztSwd4r5VeZzi7o
|
3
|
+
dPDC8F8qA5GtNtCpla0uIXSHIZdN2d+RO9XjAKn4qFsmdmFUtwbN4nyFvJ2XaUH2
|
4
|
+
dHqHBW5RwIC/x3V9d+kxopB7XVN3qq5lguwWheECdpQJqfo5gJi7bfkUdheDSzEJ
|
5
|
+
m1J350b4dmSIOM2LneXeTtBI9Rcq6nqYgG2tSERj8q4PyZ3RnCMHzXnnyykiEJcG
|
6
|
+
Cd1CqERwi24CaNjMdetOqZ/7D2z7AvHv1qAflG+NwbKdkCapUY2SxKCnDzLvMlSz
|
7
|
+
ohVLnAU8If30QrnQP1eo/BbcYZrhhJ6tvMX1svP47LeMkcjwUU1JrzTWCBRQaOcv
|
8
|
+
8on6YEAzmOinrQK/NolXgJKYtZgoReYO9umHwoDVmtgy5iR3gXfgCFRhD4pf06Yv
|
9
|
+
lxllTuVjtVLwgWtSdiP+yummnxrFIvuqDifgXd6oWjZfb110MK7BmD6pNkHJRTx0
|
10
|
+
8dvo3TDlNZIeCzZcU7HJbneenFfBroheZTMvHQH6nFD47Rt93P46ytkDBhyXsBJ6
|
11
|
+
Ajy7Ms27MZnRpXTKItBSPJnoDpd5gl9804hJyG/VSCxZEmashZa2db52TENYfvTz
|
12
|
+
Q7eUVR5d8Gwn/aDmiCu3ojbBlhu0KfEiJilE9+6T8HM4Zz/AkCeEl8N7yF0CAwEA
|
13
|
+
AQKCAgA9Bj6vkDZZB5WgFVt2hmGWa6JvQgaos3GuxlPlZ0BTMCLocTr7r1WyWXfu
|
14
|
+
aRY90chAHQf9I2wSi5FGnSp+4IQIjdlNOwlDRhAdfOPzknN4QIZIJVVXrMx2E3Xw
|
15
|
+
K2JBHA2kLzaon/BFZRMJmIAMcwCev9WUxh4MtU/l1usGClvx+YuaNr48Wbd/hOnr
|
16
|
+
CHD3rl67YCKU3ioAgTeJOIaPSVqfL/35uPw+BGhO+vyk+wy+C40FQE5h1wCT5m1U
|
17
|
+
h/PdOMtj89OVb6OYCn9OJyJi8Zbgzdg+x9aaWfFn9MeEF795Z9/WJ4VM+4VLXmFZ
|
18
|
+
NG+vL+Iu4bYdl6AXH/RbZwUAJAc97vwjJHY3oGHwaUnNUopMIUyPdLxogoaEDyyi
|
19
|
+
x2Q4wdPOSFNfmIX4t4HSvvkw9tnOvYCnxupY+xltmUv6I2oFlg6K7M2fQth23I9T
|
20
|
+
3LFgIOGagZ/Pvc1r/G3cbe3GCWNpidmrq37ww3e8RG+X9LHxPdiD/Zd8NJwWOc/J
|
21
|
+
OAmtdvYKUmdEdOB5fuGQI6vLPg8W9szPfSiXiMYWWO8Ehyl0mXdAE7ihL4/+7h+t
|
22
|
+
uC5DrZAKanBxN9OGUUKp4Ya1VJKGUgTpBR5RUxLshJV52WyICPnk8z32peL2L6Ng
|
23
|
+
ZhGJQW3LWENx68DLVVwd5KMPewLQ1wRV96fRlOehaOqxw99D/QKCAQEA984Ob0Xs
|
24
|
+
fKjJayDp8kRWI2AscP+hpgm+sb5U+dWW00M1DALA7wLHEja2Qy4PQ//rao6EK+WK
|
25
|
+
PuejQAYxHyByp8DL0TBsT+aUllGMsFLF+5VfM2kMTJskLO1Q6Y7pEoP/d0d4TkX0
|
26
|
+
2r12kFYYpY4l0+q4kAgq5G899BWDbMYqYELzejqDAv7Rytf/Kc+/o3omUKNe+uc+
|
27
|
+
2GIc+CoT072kuYxTyvkeAqBkeWX5ZAtKvj8JMkujnWewCmzV11Oz1MHSZinI6PK1
|
28
|
+
BBoMIzOs17hxAroRFhJ9RqXRSimWogvcsbf7Ea75B4RdTVHq0kcU9L9hCZBi2SfC
|
29
|
+
6g/aKJYm7rSR1wKCAQEAwz8tyAYK8qoqgqtYlP7bW0f75HxAHJTKR/r7azWf/Xcw
|
30
|
+
iTou1JlKwCCLq6+6dgmnW5SuFNAcyiGpUXFY6kTMc9pVeJZyzJhqL3H3tjYqavzK
|
31
|
+
ovx8dKYH/YkgZ/L05W+wkYMmJdz2bDS6YgYQ/CzcVsP/OcHEJZNz4Wmv/p6k1gIh
|
32
|
+
+AanE9TDPTZZHBfWA7hWsIVXLWVBahqch1lqq275rI1OxDj1pTc95Knbby3BXUcT
|
33
|
+
JrtXf4LGaZ2RFHBSGNbW7Y1QFPDE/1HEw/kSM+JcoafUe1z4xP3OPBrljJTldllh
|
34
|
+
PyoPewK6dKZE3rO5Vqh09mVshtgkhozo8eBveChY6wKCAQA1syeZoXOACCut1XId
|
35
|
+
GAX6oIrA6gSjsJTse6x6f3ixy2yhb69TnCx7m/OfV0njmH/xlXS69oEg5J2R8EWQ
|
36
|
+
0z1FcRg5+t5d6j/k20M7qpRQ0qvQvkD2EOCkA8F2+4sygfxIYuqFO8+13zzkRmQM
|
37
|
+
7GLyK3lXbQ2udxTb4hWa6s6gEaIlqKxfZ80awff/nY+P45aN/vlEMfyCc7CHbsbh
|
38
|
+
KcWal/hIkfeY5h0f2aNTtMa7t3lMtut73s5dU/x7Lx5XSrFHhmKNaJslimd68WXR
|
39
|
+
UZzb1GqDd/pB5wkVozGLaDqpII9944b/xAVcDhZu/wxhhV+H7QwetukcQ9co2HET
|
40
|
+
ZXn9AoIBAEcc9dHK0aX88KrTOdpa0Q54M3jPAJLoZpy8/2HXEETDarwwounwQ1ej
|
41
|
+
Avwvbxya+4fRqW4PNs0wYXk2bYo2MLlppoPbWEjIorRRMEX/iIebNzsR90qNRo/D
|
42
|
+
qDf0N9pxScBWIkjcKCzVL6WQTBNtS3uWu5kPyB9fi29ojR+SLLt93111HtmMPuhG
|
43
|
+
qUIgNGT6eSimCFCSdrbspmJt4Po721hLx4qUrHPWoQZuD2x5H9qXjpQm3AGnYhkJ
|
44
|
+
uNPW7S/64CF5vNdDspzD7YTrbQPUyKRgenXMMRee0cT2jvEbMlBe0Zqt+SF2pu7h
|
45
|
+
uGfc0f6MML2lx1d91h/jptyiQDdliq0CggEBAO1FyfNJMR+dg5MS14GtuMdJHhct
|
46
|
+
0xuV3AuvB0qYbHYaZnbLf1AZFQ7o3f5ov/LDXgYoLMaAkHEybg+4B/meykUbJYBH
|
47
|
+
qM82WMmbawgc+CYLRDBrcJbqfb7uBvf/k8YR0KkGK/XInS2x0xloPYmDFKeT3mpU
|
48
|
+
1ir4MOQu2VNO461NxHazv1Fcb/RjZeewC3q8CslwBze0f5PyqwGYlVvrRp5GzYmH
|
49
|
+
ueLqB6Pz2501czE1QpcJJ8fcmFqTwlfpQJ5rKOB9CD7qRTOrVNdDBQfLUuyxApeB
|
50
|
+
NCm6BN4TH9B/G+3MD7qxN0FK96aQw9qL5HjIdOXLHol32nhGl4L6AAQ68KI=
|
51
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,52 @@
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
2
|
+
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC8/x0FJwObqR8+
|
3
|
+
kblGd6XbgPv1Q0ZCorHjO1LB3ivlV5nOLuh08MLwXyoDka020KmVrS4hdIchl03Z
|
4
|
+
35E71eMAqfioWyZ2YVS3Bs3ifIW8nZdpQfZ0eocFblHAgL/HdX136TGikHtdU3eq
|
5
|
+
rmWC7BaF4QJ2lAmp+jmAmLtt+RR2F4NLMQmbUnfnRvh2ZIg4zYud5d5O0Ej1Fyrq
|
6
|
+
epiAba1IRGPyrg/JndGcIwfNeefLKSIQlwYJ3UKoRHCLbgJo2Mx1606pn/sPbPsC
|
7
|
+
8e/WoB+Ub43Bsp2QJqlRjZLEoKcPMu8yVLOiFUucBTwh/fRCudA/V6j8FtxhmuGE
|
8
|
+
nq28xfWy8/jst4yRyPBRTUmvNNYIFFBo5y/yifpgQDOY6KetAr82iVeAkpi1mChF
|
9
|
+
5g726YfCgNWa2DLmJHeBd+AIVGEPil/Tpi+XGWVO5WO1UvCBa1J2I/7K6aafGsUi
|
10
|
+
+6oOJ+Bd3qhaNl9vXXQwrsGYPqk2QclFPHTx2+jdMOU1kh4LNlxTsclud56cV8Gu
|
11
|
+
iF5lMy8dAfqcUPjtG33c/jrK2QMGHJewEnoCPLsyzbsxmdGldMoi0FI8megOl3mC
|
12
|
+
X3zTiEnIb9VILFkSZqyFlrZ1vnZMQ1h+9PNDt5RVHl3wbCf9oOaIK7eiNsGWG7Qp
|
13
|
+
8SImKUT37pPwczhnP8CQJ4SXw3vIXQIDAQABAoICAD0GPq+QNlkHlaAVW3aGYZZr
|
14
|
+
om9CBqizca7GU+VnQFMwIuhxOvuvVbJZd+5pFj3RyEAdB/0jbBKLkUadKn7ghAiN
|
15
|
+
2U07CUNGEB184/OSc3hAhkglVVeszHYTdfArYkEcDaQvNqif8EVlEwmYgAxzAJ6/
|
16
|
+
1ZTGHgy1T+XW6wYKW/H5i5o2vjxZt3+E6esIcPeuXrtgIpTeKgCBN4k4ho9JWp8v
|
17
|
+
/fm4/D4EaE76/KT7DL4LjQVATmHXAJPmbVSH8904y2Pz05Vvo5gKf04nImLxluDN
|
18
|
+
2D7H1ppZ8Wf0x4QXv3ln39YnhUz7hUteYVk0b68v4i7hth2XoBcf9FtnBQAkBz3u
|
19
|
+
/CMkdjegYfBpSc1SikwhTI90vGiChoQPLKLHZDjB085IU1+Yhfi3gdK++TD22c69
|
20
|
+
gKfG6lj7GW2ZS/ojagWWDorszZ9C2Hbcj1PcsWAg4ZqBn8+9zWv8bdxt7cYJY2mJ
|
21
|
+
2aurfvDDd7xEb5f0sfE92IP9l3w0nBY5z8k4Ca129gpSZ0R04Hl+4ZAjq8s+Dxb2
|
22
|
+
zM99KJeIxhZY7wSHKXSZd0ATuKEvj/7uH624LkOtkApqcHE304ZRQqnhhrVUkoZS
|
23
|
+
BOkFHlFTEuyElXnZbIgI+eTzPfal4vYvo2BmEYlBbctYQ3HrwMtVXB3kow97AtDX
|
24
|
+
BFX3p9GU56Fo6rHD30P9AoIBAQD3zg5vRex8qMlrIOnyRFYjYCxw/6GmCb6xvlT5
|
25
|
+
1ZbTQzUMAsDvAscSNrZDLg9D/+tqjoQr5Yo+56NABjEfIHKnwMvRMGxP5pSWUYyw
|
26
|
+
UsX7lV8zaQxMmyQs7VDpjukSg/93R3hORfTavXaQVhiljiXT6riQCCrkbz30FYNs
|
27
|
+
xipgQvN6OoMC/tHK1/8pz7+jeiZQo1765z7YYhz4KhPTvaS5jFPK+R4CoGR5Zflk
|
28
|
+
C0q+PwkyS6OdZ7AKbNXXU7PUwdJmKcjo8rUEGgwjM6zXuHECuhEWEn1GpdFKKZai
|
29
|
+
C9yxt/sRrvkHhF1NUerSRxT0v2EJkGLZJ8LqD9oolibutJHXAoIBAQDDPy3IBgry
|
30
|
+
qiqCq1iU/ttbR/vkfEAclMpH+vtrNZ/9dzCJOi7UmUrAIIurr7p2CadblK4U0BzK
|
31
|
+
IalRcVjqRMxz2lV4lnLMmGovcfe2Nipq/Mqi/Hx0pgf9iSBn8vTlb7CRgyYl3PZs
|
32
|
+
NLpiBhD8LNxWw/85wcQlk3Phaa/+nqTWAiH4BqcT1MM9NlkcF9YDuFawhVctZUFq
|
33
|
+
GpyHWWqrbvmsjU7EOPWlNz3kqdtvLcFdRxMmu1d/gsZpnZEUcFIY1tbtjVAU8MT/
|
34
|
+
UcTD+RIz4lyhp9R7XPjE/c48GuWMlOV2WWE/Kg97Arp0pkTes7lWqHT2ZWyG2CSG
|
35
|
+
jOjx4G94KFjrAoIBADWzJ5mhc4AIK63Vch0YBfqgisDqBKOwlOx7rHp/eLHLbKFv
|
36
|
+
r1OcLHub859XSeOYf/GVdLr2gSDknZHwRZDTPUVxGDn63l3qP+TbQzuqlFDSq9C+
|
37
|
+
QPYQ4KQDwXb7izKB/Ehi6oU7z7XfPORGZAzsYvIreVdtDa53FNviFZrqzqARoiWo
|
38
|
+
rF9nzRrB9/+dj4/jlo3++UQx/IJzsIduxuEpxZqX+EiR95jmHR/Zo1O0xru3eUy2
|
39
|
+
63vezl1T/HsvHldKsUeGYo1omyWKZ3rxZdFRnNvUaoN3+kHnCRWjMYtoOqkgj33j
|
40
|
+
hv/EBVwOFm7/DGGFX4ftDB626RxD1yjYcRNlef0CggEARxz10crRpfzwqtM52lrR
|
41
|
+
DngzeM8AkuhmnLz/YdcQRMNqvDCi6fBDV6MC/C9vHJr7h9Gpbg82zTBheTZtijYw
|
42
|
+
uWmmg9tYSMiitFEwRf+Ih5s3OxH3So1Gj8OoN/Q32nFJwFYiSNwoLNUvpZBME21L
|
43
|
+
e5a7mQ/IH1+Lb2iNH5Isu33fXXUe2Yw+6EapQiA0ZPp5KKYIUJJ2tuymYm3g+jvb
|
44
|
+
WEvHipSsc9ahBm4PbHkf2peOlCbcAadiGQm409btL/rgIXm810OynMPthOttA9TI
|
45
|
+
pGB6dcwxF57RxPaO8RsyUF7Rmq35IXam7uG4Z9zR/owwvaXHV33WH+Om3KJAN2WK
|
46
|
+
rQKCAQEA7UXJ80kxH52DkxLXga24x0keFy3TG5XcC68HSphsdhpmdst/UBkVDujd
|
47
|
+
/mi/8sNeBigsxoCQcTJuD7gH+Z7KRRslgEeozzZYyZtrCBz4JgtEMGtwlup9vu4G
|
48
|
+
9/+TxhHQqQYr9cidLbHTGWg9iYMUp5PealTWKvgw5C7ZU07jrU3EdrO/UVxv9GNl
|
49
|
+
57ALerwKyXAHN7R/k/KrAZiVW+tGnkbNiYe54uoHo/PbnTVzMTVClwknx9yYWpPC
|
50
|
+
V+lAnmso4H0IPupFM6tU10MFB8tS7LECl4E0KboE3hMf0H8b7cwPurE3QUr3ppDD
|
51
|
+
2ovkeMh05cseiXfaeEaXgvoABDrwog==
|
52
|
+
-----END PRIVATE KEY-----
|
@@ -0,0 +1,47 @@
|
|
1
|
+
[ req ]
|
2
|
+
distinguished_name= req_distinguished_name
|
3
|
+
attributes= req_attributes
|
4
|
+
|
5
|
+
[ req_distinguished_name ]
|
6
|
+
countryName= Country Name (2 letter code)
|
7
|
+
countryName_min= 2
|
8
|
+
countryName_max= 2
|
9
|
+
stateOrProvinceName= State or Province Name (full name)
|
10
|
+
localityName= Locality Name (eg, city)
|
11
|
+
0.organizationName= Organization Name (eg, company)
|
12
|
+
organizationalUnitName= Organizational Unit Name (eg, section)
|
13
|
+
commonName= Common Name (eg, fully qualified host name)
|
14
|
+
commonName_max= 64
|
15
|
+
emailAddress= Email Address
|
16
|
+
emailAddress_max= 64
|
17
|
+
|
18
|
+
[ req_attributes ]
|
19
|
+
challengePassword= A challenge password
|
20
|
+
challengePassword_min= 4
|
21
|
+
challengePassword_max= 20
|
22
|
+
|
23
|
+
[ ca ]
|
24
|
+
subjectKeyIdentifier = hash
|
25
|
+
authorityKeyIdentifier = keyid:always,issuer
|
26
|
+
basicConstraints = critical, CA:true
|
27
|
+
keyUsage = critical, digitalSignature, cRLSign, keyCertSign
|
28
|
+
|
29
|
+
[ client_cert ]
|
30
|
+
basicConstraints = CA:FALSE
|
31
|
+
nsCertType = client, email
|
32
|
+
nsComment = "OpenSSL Generated Client Certificate"
|
33
|
+
subjectKeyIdentifier = hash
|
34
|
+
authorityKeyIdentifier = keyid,issuer
|
35
|
+
keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
|
36
|
+
extendedKeyUsage = clientAuth, emailProtection
|
37
|
+
subjectAltName = "DNS:localhost, IP:127.0.0.1"
|
38
|
+
|
39
|
+
[ server_cert ]
|
40
|
+
basicConstraints = CA:FALSE
|
41
|
+
nsCertType = server
|
42
|
+
nsComment = "OpenSSL Generated Server Certificate"
|
43
|
+
subjectKeyIdentifier = hash
|
44
|
+
authorityKeyIdentifier = keyid,issuer:always
|
45
|
+
keyUsage = critical, digitalSignature, keyEncipherment
|
46
|
+
extendedKeyUsage = serverAuth
|
47
|
+
subjectAltName = "DNS:localhost, IP:127.0.0.1"
|
data/spec/inputs/http_spec.rb
CHANGED
@@ -20,6 +20,11 @@ describe LogStash::Inputs::Http do
|
|
20
20
|
let(:client_options) { { } }
|
21
21
|
let(:logstash_queue) { Queue.new }
|
22
22
|
let(:port) { rand(5000) + 1025 }
|
23
|
+
let(:url) { "http://127.0.0.1:#{port}" }
|
24
|
+
|
25
|
+
let(:config) { { "port" => port } }
|
26
|
+
|
27
|
+
subject { described_class.new(config) }
|
23
28
|
|
24
29
|
it_behaves_like "an interruptible input plugin" do
|
25
30
|
let(:config) { { "port" => port } }
|
@@ -32,7 +37,6 @@ describe LogStash::Inputs::Http do
|
|
32
37
|
end
|
33
38
|
|
34
39
|
describe "request handling" do
|
35
|
-
subject { LogStash::Inputs::Http.new("port" => port) }
|
36
40
|
|
37
41
|
before :each do
|
38
42
|
setup_server_client
|
@@ -49,7 +53,7 @@ describe LogStash::Inputs::Http do
|
|
49
53
|
"socket_timeout" => 0.1
|
50
54
|
} }
|
51
55
|
|
52
|
-
|
56
|
+
let(:config) { { "port" => port, "threads" => threads, "max_pending_requests" => max_pending_requests } }
|
53
57
|
|
54
58
|
context "when sending more requests than queue slots" do
|
55
59
|
it "should block when the queue is full" do
|
@@ -74,7 +78,7 @@ describe LogStash::Inputs::Http do
|
|
74
78
|
end
|
75
79
|
|
76
80
|
context "with default codec" do
|
77
|
-
|
81
|
+
|
78
82
|
context "when receiving a text/plain request" do
|
79
83
|
it "should process the request normally" do
|
80
84
|
client.post("http://127.0.0.1:#{port}/meh.json",
|
@@ -84,6 +88,7 @@ describe LogStash::Inputs::Http do
|
|
84
88
|
expect(event.get("message")).to eq("hello")
|
85
89
|
end
|
86
90
|
end
|
91
|
+
|
87
92
|
context "when receiving a deflate compressed text/plain request" do
|
88
93
|
it "should process the request normally" do
|
89
94
|
client.post("http://127.0.0.1:#{port}/meh.json",
|
@@ -93,16 +98,18 @@ describe LogStash::Inputs::Http do
|
|
93
98
|
expect(event.get("message")).to eq("hello")
|
94
99
|
end
|
95
100
|
end
|
101
|
+
|
96
102
|
context "when receiving a deflate text/plain request that cannot be decompressed" do
|
97
103
|
let(:response) do
|
98
|
-
|
99
|
-
|
100
|
-
|
104
|
+
client.post("http://127.0.0.1:#{port}/meh.json",
|
105
|
+
:headers => { "content-type" => "text/plain", "content-encoding" => "deflate" },
|
106
|
+
:body => "hello").call
|
101
107
|
end
|
102
108
|
it "should respond with 400" do
|
103
109
|
expect(response.code).to eq(400)
|
104
110
|
end
|
105
111
|
end
|
112
|
+
|
106
113
|
context "when receiving a gzip compressed text/plain request" do
|
107
114
|
it "should process the request normally" do
|
108
115
|
wio = StringIO.new("w")
|
@@ -118,6 +125,7 @@ describe LogStash::Inputs::Http do
|
|
118
125
|
expect(event.get("message")).to eq("hello")
|
119
126
|
end
|
120
127
|
end
|
128
|
+
|
121
129
|
context "when receiving a gzip text/plain request that cannot be decompressed" do
|
122
130
|
let(:response) do
|
123
131
|
client.post("http://127.0.0.1:#{port}",
|
@@ -128,6 +136,7 @@ describe LogStash::Inputs::Http do
|
|
128
136
|
expect(response.code).to eq(400)
|
129
137
|
end
|
130
138
|
end
|
139
|
+
|
131
140
|
context "when receiving an application/json request" do
|
132
141
|
it "should parse the json body" do
|
133
142
|
client.post("http://127.0.0.1:#{port}/meh.json",
|
@@ -140,16 +149,108 @@ describe LogStash::Inputs::Http do
|
|
140
149
|
end
|
141
150
|
|
142
151
|
context "with json codec" do
|
143
|
-
|
152
|
+
let(:config) { super().merge("codec" => "json") }
|
153
|
+
let(:url) { "http://127.0.0.1:#{port}/meh.json" }
|
154
|
+
let(:response) do
|
155
|
+
client.post(url, :body => { "message" => "Hello" }.to_json).call
|
156
|
+
end
|
157
|
+
|
144
158
|
it "should parse the json body" do
|
145
|
-
response
|
159
|
+
expect(response.code).to eq(200)
|
146
160
|
event = logstash_queue.pop
|
147
161
|
expect(event.get("message")).to eq("Hello")
|
148
162
|
end
|
163
|
+
|
164
|
+
context 'with ssl' do
|
165
|
+
|
166
|
+
let(:url) { super().sub('http://', 'https://') }
|
167
|
+
|
168
|
+
certs_dir = File.expand_path('../fixtures/certs/generated', File.dirname(__FILE__))
|
169
|
+
|
170
|
+
let(:config) do
|
171
|
+
super().merge 'ssl' => true,
|
172
|
+
'ssl_certificate_authorities' => [ File.join(certs_dir, 'root.crt') ],
|
173
|
+
'ssl_certificate' => File.join(certs_dir, 'server_from_root.crt'),
|
174
|
+
'ssl_key' => File.join(certs_dir, 'server_from_root.key.pkcs8'),
|
175
|
+
'ssl_verify_mode' => 'peer'
|
176
|
+
end
|
177
|
+
|
178
|
+
let(:client_options) do
|
179
|
+
super().merge ssl: {
|
180
|
+
verify: false,
|
181
|
+
ca_file: File.join(certs_dir, 'root.crt'),
|
182
|
+
client_cert: File.join(certs_dir, 'client_from_root.crt'),
|
183
|
+
client_key: File.join(certs_dir, 'client_from_root.key.pkcs8'),
|
184
|
+
}
|
185
|
+
end
|
186
|
+
|
187
|
+
it "should parse the json body" do
|
188
|
+
# [DEBUG][io.netty.handler.ssl.SslHandler] [id: 0xcaf869ff, L:/127.0.0.1:5610 - R:/127.0.0.1:32890] HANDSHAKEN: protocol:TLSv1.2 cipher suite:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
189
|
+
# [DEBUG][org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
|
190
|
+
# [DEBUG][org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated protocol: TLSv1.2
|
191
|
+
# [DEBUG][org.apache.http.conn.ssl.SSLConnectionSocketFactory] negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
192
|
+
expect(response.code).to eq(200)
|
193
|
+
event = logstash_queue.pop
|
194
|
+
expect(event.get("message")).to eq("Hello")
|
195
|
+
end
|
196
|
+
|
197
|
+
TLS13_ENABLED_BY_DEFAULT = begin
|
198
|
+
context = javax.net.ssl.SSLContext.getInstance('TLS')
|
199
|
+
context.init nil, nil, nil
|
200
|
+
context.getDefaultSSLParameters.getProtocols.include? 'TLSv1.3'
|
201
|
+
rescue => e
|
202
|
+
warn "failed to detect TLSv1.3 support: #{e.inspect}"
|
203
|
+
nil
|
204
|
+
end
|
205
|
+
|
206
|
+
context 'with TLSv1.3 client' do
|
207
|
+
|
208
|
+
let(:client_options) do
|
209
|
+
super().tap do |opts|
|
210
|
+
opts.fetch(:ssl).merge! protocols: ['TLSv1.3']
|
211
|
+
end
|
212
|
+
end
|
213
|
+
|
214
|
+
it "should parse the json body" do
|
215
|
+
expect(response.code).to eq(200)
|
216
|
+
event = logstash_queue.pop
|
217
|
+
expect(event.get("message")).to eq("Hello")
|
218
|
+
end
|
219
|
+
|
220
|
+
context 'enforced TLSv1.3 in plugin' do
|
221
|
+
|
222
|
+
let(:config) { super().merge 'ssl_supported_protocols' => ['TLSv1.3'],
|
223
|
+
'ssl_cipher_suites' => [ 'TLS_AES_128_GCM_SHA256' ] }
|
224
|
+
|
225
|
+
it "should parse the json body" do
|
226
|
+
expect(response.code).to eq(200)
|
227
|
+
event = logstash_queue.pop
|
228
|
+
expect(event.get("message")).to eq("Hello")
|
229
|
+
end
|
230
|
+
|
231
|
+
end
|
232
|
+
|
233
|
+
context 'enforced TLSv1.3 (deprecated options)' do
|
234
|
+
|
235
|
+
let(:config) { super().merge 'tls_min_version' => 1.3,
|
236
|
+
'cipher_suites' => [ 'TLS_AES_128_GCM_SHA256' ] }
|
237
|
+
|
238
|
+
it "should parse the json body" do
|
239
|
+
expect(response.code).to eq(200)
|
240
|
+
event = logstash_queue.pop
|
241
|
+
expect(event.get("message")).to eq("Hello")
|
242
|
+
end
|
243
|
+
|
244
|
+
end
|
245
|
+
|
246
|
+
end if TLS13_ENABLED_BY_DEFAULT
|
247
|
+
|
248
|
+
end
|
249
|
+
|
149
250
|
end
|
150
251
|
|
151
252
|
context "with json_lines codec without final delimiter" do
|
152
|
-
|
253
|
+
let(:config) { super().merge("codec" => "json_lines") }
|
153
254
|
let(:line1) { '{"foo": 1}' }
|
154
255
|
let(:line2) { '{"foo": 2}' }
|
155
256
|
it "should parse all json_lines in body including last one" do
|
@@ -169,7 +270,7 @@ describe LogStash::Inputs::Http do
|
|
169
270
|
body = { "message" => "Hello" }.to_json
|
170
271
|
client.post("http://127.0.0.1:#{port}/meh.json",
|
171
272
|
:headers => { "content-type" => "application/json" },
|
172
|
-
|
273
|
+
:body => body).call
|
173
274
|
event = logstash_queue.pop
|
174
275
|
expect(event.get("message")).to eq(body)
|
175
276
|
end
|
@@ -388,15 +489,18 @@ describe LogStash::Inputs::Http do
|
|
388
489
|
end
|
389
490
|
|
390
491
|
# wait until server is ready
|
391
|
-
def setup_server_client
|
492
|
+
def setup_server_client(url = self.url)
|
392
493
|
subject.register
|
393
|
-
t = Thread.
|
494
|
+
t = Thread.start { subject.run(logstash_queue) }
|
394
495
|
ok = false
|
395
496
|
until ok
|
396
497
|
begin
|
397
|
-
client.post(
|
398
|
-
rescue => e
|
399
|
-
#
|
498
|
+
client.post(url, :body => '{}').call
|
499
|
+
rescue Manticore::SocketException => e
|
500
|
+
puts "retry client.post due #{e}" if $VERBOSE
|
501
|
+
rescue Manticore::ManticoreException => e
|
502
|
+
warn e.inspect
|
503
|
+
raise e.cause ? e.cause : e
|
400
504
|
else
|
401
505
|
ok = true
|
402
506
|
end
|
@@ -447,6 +551,12 @@ describe LogStash::Inputs::Http do
|
|
447
551
|
expect { subject.register }.to raise_exception(LogStash::ConfigurationError)
|
448
552
|
end
|
449
553
|
end
|
554
|
+
context "with invalid cipher suites" do
|
555
|
+
it "should raise a configuration error" do
|
556
|
+
invalid_config = config.merge("ssl_cipher_suites" => "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38")
|
557
|
+
expect { LogStash::Inputs::Http.new(invalid_config) }.to raise_error(LogStash::ConfigurationError)
|
558
|
+
end
|
559
|
+
end
|
450
560
|
context "with :ssl_certificate" do
|
451
561
|
let(:ssc) { SelfSignedCertificate.new }
|
452
562
|
let(:ssl_certificate) { ssc.certificate }
|
@@ -505,18 +615,6 @@ describe LogStash::Inputs::Http do
|
|
505
615
|
end
|
506
616
|
end
|
507
617
|
|
508
|
-
context "with invalid cipher_suites" do
|
509
|
-
let(:config) { super().merge("cipher_suites" => "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38") }
|
510
|
-
|
511
|
-
it "should raise a configuration error" do
|
512
|
-
expect( subject.logger ).to receive(:error) do |msg, opts|
|
513
|
-
expect( msg ).to match /.*?configuration invalid/
|
514
|
-
expect( opts[:message] ).to match /TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38.*? not available/
|
515
|
-
end
|
516
|
-
expect { subject.register }.to raise_error(LogStash::ConfigurationError)
|
517
|
-
end
|
518
|
-
end
|
519
|
-
|
520
618
|
context "with invalid ssl certificate" do
|
521
619
|
before do
|
522
620
|
cert = File.readlines path = config["ssl_certificate"]
|
@@ -548,8 +646,7 @@ describe LogStash::Inputs::Http do
|
|
548
646
|
|
549
647
|
context "with invalid ssl certificate_authorities" do
|
550
648
|
let(:config) do
|
551
|
-
super().merge("ssl_verify_mode" => "peer",
|
552
|
-
"ssl_certificate_authorities" => [ ssc.certificate.path, ssc.private_key.path ])
|
649
|
+
super().merge("ssl_verify_mode" => "peer", "ssl_certificate_authorities" => [ ssc.certificate.path, ssc.private_key.path ])
|
553
650
|
end
|
554
651
|
|
555
652
|
it "should raise a cert error" do
|
@@ -565,6 +662,123 @@ describe LogStash::Inputs::Http do
|
|
565
662
|
end
|
566
663
|
end
|
567
664
|
|
665
|
+
context "with both verify_mode options set" do
|
666
|
+
let(:config) do
|
667
|
+
super().merge('ssl_verify_mode' => 'peer', 'verify_mode' => 'none')
|
668
|
+
end
|
669
|
+
|
670
|
+
it "should raise a configuration error" do
|
671
|
+
expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_verify_mode.?/i
|
672
|
+
end
|
673
|
+
end
|
674
|
+
|
675
|
+
context "with ssl_cipher_suites and cipher_suites set" do
|
676
|
+
let(:config) do
|
677
|
+
super().merge('ssl_cipher_suites' => ['TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'],
|
678
|
+
'cipher_suites' => ['TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'])
|
679
|
+
end
|
680
|
+
|
681
|
+
it "should raise a configuration error" do
|
682
|
+
expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_cipher_suites.?/i
|
683
|
+
end
|
684
|
+
end
|
685
|
+
|
686
|
+
context "with ssl_supported_protocols and tls_min_version set" do
|
687
|
+
let(:config) do
|
688
|
+
super().merge('ssl_supported_protocols' => ['TLSv1.2'], 'tls_min_version' => 1.0)
|
689
|
+
end
|
690
|
+
|
691
|
+
it "should raise a configuration error" do
|
692
|
+
expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_supported_protocols.?/i
|
693
|
+
end
|
694
|
+
end
|
695
|
+
|
696
|
+
context "with ssl_supported_protocols and tls_max_version set" do
|
697
|
+
let(:config) do
|
698
|
+
super().merge('ssl_supported_protocols' => ['TLSv1.2'], 'tls_max_version' => 1.2)
|
699
|
+
end
|
700
|
+
|
701
|
+
it "should raise a configuration error" do
|
702
|
+
expect { subject.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_supported_protocols.?/i
|
703
|
+
end
|
704
|
+
end
|
705
|
+
|
706
|
+
end
|
707
|
+
end
|
708
|
+
end
|
709
|
+
|
710
|
+
# If we have a setting called `pipeline.ecs_compatibility`, we need to
|
711
|
+
# ensure that our additional_codecs are instantiated with the proper
|
712
|
+
# execution context in order to ensure that the pipeline setting is
|
713
|
+
# respected.
|
714
|
+
if LogStash::SETTINGS.registered?('pipeline.ecs_compatibility')
|
715
|
+
|
716
|
+
def setting_value_supported?(name, value)
|
717
|
+
setting = ::LogStash::SETTINGS.clone.get_setting(name)
|
718
|
+
setting.set(value)
|
719
|
+
setting.validate_value
|
720
|
+
true
|
721
|
+
rescue
|
722
|
+
false
|
723
|
+
end
|
724
|
+
|
725
|
+
describe LogStash::Inputs::Http do
|
726
|
+
context 'additional_codecs' do
|
727
|
+
let(:port) { rand(1025...5000) }
|
728
|
+
|
729
|
+
%w(disabled v1 v8).each do |spec|
|
730
|
+
if setting_value_supported?('pipeline.ecs_compatibility', spec)
|
731
|
+
context "with `pipeline.ecs_compatibility: #{spec}`" do
|
732
|
+
# Override DevUtils's `new_pipeline` default to inject pipeline settings that
|
733
|
+
# are different than our global settings, so that we can validate the condition
|
734
|
+
# where pipeline settings override global settings.
|
735
|
+
def new_pipeline(config_parts, pipeline_id = :main, settings = pipeline_settings)
|
736
|
+
super(config_parts, pipeline_id, settings)
|
737
|
+
end
|
738
|
+
|
739
|
+
let(:pipeline_settings) do
|
740
|
+
::LogStash::SETTINGS.clone.tap do |s|
|
741
|
+
s.set('pipeline.ecs_compatibility', spec)
|
742
|
+
end
|
743
|
+
end
|
744
|
+
|
745
|
+
it 'propagates the ecs_compatibility pipeline setting to the additional_codecs' do
|
746
|
+
# Ensure plugins pick up pipeline-level setting over the global default.
|
747
|
+
aggregate_failures('precondition') do
|
748
|
+
expect(::LogStash::SETTINGS).to_not be_set('pipeline.ecs_compatibility')
|
749
|
+
expect(pipeline_settings).to be_set('pipeline.ecs_compatibility')
|
750
|
+
end
|
751
|
+
|
752
|
+
input("input { http { port => #{port} additional_codecs => { 'application/json' => 'json' 'text/plain' => 'plain' } } }") do |pipeline, queue|
|
753
|
+
http_input = pipeline.inputs.first
|
754
|
+
aggregate_failures('initialization precondition') do
|
755
|
+
expect(http_input).to be_a_kind_of(described_class)
|
756
|
+
expect(http_input.execution_context&.pipeline&.settings&.to_hash).to eq(pipeline_settings.to_hash)
|
757
|
+
end
|
758
|
+
|
759
|
+
http_input.codecs.each do |key, value|
|
760
|
+
aggregate_failures("Codec for `#{key}`") do
|
761
|
+
expect(value.ecs_compatibility).to eq(spec.to_sym)
|
762
|
+
end
|
763
|
+
end
|
764
|
+
end
|
765
|
+
end
|
766
|
+
end
|
767
|
+
end
|
768
|
+
end
|
769
|
+
|
770
|
+
it 'propagates the execution context from the input to the codecs' do
|
771
|
+
input("input { http { port => #{port} } }") do |pipeline, queue|
|
772
|
+
http_input = pipeline.inputs.first
|
773
|
+
expect(http_input).to be_a_kind_of(described_class) # precondition
|
774
|
+
|
775
|
+
http_input.codecs.each do |key, value|
|
776
|
+
aggregate_failures("Codec for `#{key}`") do
|
777
|
+
expect(value.execution_context).to be http_input.execution_context
|
778
|
+
end
|
779
|
+
end
|
780
|
+
end
|
781
|
+
end
|
568
782
|
end
|
569
783
|
end
|
570
784
|
end
|