logstash-input-tcp 3.0.0 → 3.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -1
- data/lib/logstash/inputs/tcp.rb +3 -3
- data/logstash-input-tcp.gemspec +9 -11
- data/spec/inputs/tcp_spec.rb +66 -24
- metadata +3 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d560100efd4b27bcef8c8865626a628de300b871
|
|
4
|
+
data.tar.gz: 4f22528b91f54d136f838ae5ea7878c7df493462
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 28bd63a130f1fa48f9470800baea3bc2ea14c9541dd754886ed21428a184ffa2c060b2e12089172acf77297e3136ce471fb3337ce0664e276c7a41fdbf230192
|
|
7
|
+
data.tar.gz: e03a18054310108f46336a10375d68dddfdcaba824102de882335aaa824634a05e4ae78357798f469a861e2ca79b144e9dfb642b88264480ee34b6036c84c300
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
|
+
## 3.0.1
|
|
2
|
+
- properly convert sslsubject to string before assigning to event field, added specs, see https://github.com/logstash-plugins/logstash-input-tcp/pull/38
|
|
3
|
+
|
|
1
4
|
## 3.0.0
|
|
2
|
-
- Deprecate ssl_cacert as it's confusing, does it job but when willing to add a chain of certificated the name and behaviour is a bit confusing.
|
|
5
|
+
- Deprecate ssl_cacert as it's confusing, does it job but when willing to add a chain of certificated the name and behaviour is a bit confusing.
|
|
3
6
|
- Add ssl_extra_chain_certs that allows you to specify a list of certificates path that will be added to the CAStore.
|
|
4
7
|
- Make ssl_verify=true as a default value, if using ssl and performing validation is not reasonable as security might be compromised.
|
|
5
8
|
- Add tests to verify behaviour under different SSL connection circumstances.
|
data/lib/logstash/inputs/tcp.rb
CHANGED
|
@@ -38,7 +38,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
|
38
38
|
config :ssl_verify, :validate => :boolean, :default => true
|
|
39
39
|
|
|
40
40
|
# The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
|
|
41
|
-
config :ssl_cacert, :validate => :path, :deprecated => "This setting is deprecated in favor of
|
|
41
|
+
config :ssl_cacert, :validate => :path, :deprecated => "This setting is deprecated in favor of ssl_extra_chain_certs as it sets a more clear expectation to add more X509 certificates to the store"
|
|
42
42
|
|
|
43
43
|
# SSL certificate path
|
|
44
44
|
config :ssl_cert, :validate => :path
|
|
@@ -153,7 +153,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
|
153
153
|
codec.decode(read(socket)) do |event|
|
|
154
154
|
event["host"] ||= client_address
|
|
155
155
|
event["port"] ||= client_port
|
|
156
|
-
event["sslsubject"] ||= socket.peer_cert.subject if @ssl_enable && @ssl_verify
|
|
156
|
+
event["sslsubject"] ||= socket.peer_cert.subject.to_s if @ssl_enable && @ssl_verify
|
|
157
157
|
decorate(event)
|
|
158
158
|
output_queue << event
|
|
159
159
|
end
|
|
@@ -176,7 +176,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
|
176
176
|
codec.respond_to?(:flush) && codec.flush do |event|
|
|
177
177
|
event["host"] ||= client_address
|
|
178
178
|
event["port"] ||= client_port
|
|
179
|
-
event["sslsubject"] ||= socket.peer_cert.subject if @ssl_enable && @ssl_verify
|
|
179
|
+
event["sslsubject"] ||= socket.peer_cert.subject.to_s if @ssl_enable && @ssl_verify
|
|
180
180
|
decorate(event)
|
|
181
181
|
output_queue << event
|
|
182
182
|
end
|
data/logstash-input-tcp.gemspec
CHANGED
|
@@ -1,17 +1,16 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
|
-
|
|
3
|
-
s.
|
|
4
|
-
s.
|
|
5
|
-
s.
|
|
6
|
-
s.
|
|
7
|
-
s.
|
|
8
|
-
s.
|
|
9
|
-
s.
|
|
10
|
-
s.homepage = "http://www.elastic.co/guide/en/logstash/current/index.html"
|
|
2
|
+
s.name = 'logstash-input-tcp'
|
|
3
|
+
s.version = '3.0.1'
|
|
4
|
+
s.licenses = ['Apache License (2.0)']
|
|
5
|
+
s.summary = "Read events over a TCP socket."
|
|
6
|
+
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|
|
7
|
+
s.authors = ["Elastic"]
|
|
8
|
+
s.email = 'info@elastic.co'
|
|
9
|
+
s.homepage = "http://www.elastic.co/guide/en/logstash/current/index.html"
|
|
11
10
|
s.require_paths = ["lib"]
|
|
12
11
|
|
|
13
12
|
# Files
|
|
14
|
-
s.files = Dir['lib/**/*','spec/**/*','
|
|
13
|
+
s.files = Dir['lib/**/*', 'spec/**/*', '*.gemspec', '*.md', 'CONTRIBUTORS', 'Gemfile', 'LICENSE', 'NOTICE.TXT', 'CHANGELOG.md', 'README.md']
|
|
15
14
|
|
|
16
15
|
# Tests
|
|
17
16
|
s.test_files = s.files.grep(%r{^(test|spec|features)/})
|
|
@@ -31,4 +30,3 @@ Gem::Specification.new do |s|
|
|
|
31
30
|
s.add_development_dependency 'flores', '~> 0.0.6'
|
|
32
31
|
s.add_development_dependency 'stud', '~> 0.0.22'
|
|
33
32
|
end
|
|
34
|
-
|
data/spec/inputs/tcp_spec.rb
CHANGED
|
@@ -33,7 +33,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
33
33
|
|
|
34
34
|
it "should read plain with unicode" do
|
|
35
35
|
event_count = 10
|
|
36
|
-
port =
|
|
36
|
+
port = rand(1024..65535)
|
|
37
37
|
conf = <<-CONFIG
|
|
38
38
|
input {
|
|
39
39
|
tcp {
|
|
@@ -61,7 +61,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
it "should read events with plain codec and ISO-8859-1 charset" do
|
|
64
|
-
port =
|
|
64
|
+
port = rand(1024..65535)
|
|
65
65
|
charset = "ISO-8859-1"
|
|
66
66
|
conf = <<-CONFIG
|
|
67
67
|
input {
|
|
@@ -89,7 +89,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
89
89
|
end
|
|
90
90
|
|
|
91
91
|
it "should read events with json codec" do
|
|
92
|
-
port =
|
|
92
|
+
port = rand(1024..65535)
|
|
93
93
|
conf = <<-CONFIG
|
|
94
94
|
input {
|
|
95
95
|
tcp {
|
|
@@ -124,7 +124,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
124
124
|
end
|
|
125
125
|
|
|
126
126
|
it "should read events with json codec (testing 'host' handling)" do
|
|
127
|
-
port =
|
|
127
|
+
port = rand(1024..65535)
|
|
128
128
|
conf = <<-CONFIG
|
|
129
129
|
input {
|
|
130
130
|
tcp {
|
|
@@ -151,7 +151,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
151
151
|
end
|
|
152
152
|
|
|
153
153
|
it "should read events with json_lines codec" do
|
|
154
|
-
port =
|
|
154
|
+
port = rand(1024..65535)
|
|
155
155
|
conf = <<-CONFIG
|
|
156
156
|
input {
|
|
157
157
|
tcp {
|
|
@@ -167,16 +167,17 @@ describe LogStash::Inputs::Tcp do
|
|
|
167
167
|
"baz" => { "1" => "2" },
|
|
168
168
|
"idx" => 0
|
|
169
169
|
}
|
|
170
|
+
event_count = 5
|
|
170
171
|
|
|
171
172
|
events = input(conf) do |pipeline, queue|
|
|
172
173
|
socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
|
|
173
|
-
(1..
|
|
174
|
+
(1..event_count).each do |idx|
|
|
174
175
|
data["idx"] = idx
|
|
175
176
|
socket.puts(LogStash::Json.dump(data) + "\n")
|
|
176
177
|
end
|
|
177
178
|
socket.close
|
|
178
179
|
|
|
179
|
-
(1..
|
|
180
|
+
(1..event_count).map{queue.pop}
|
|
180
181
|
end
|
|
181
182
|
|
|
182
183
|
events.each_with_index do |event, idx|
|
|
@@ -189,7 +190,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
189
190
|
|
|
190
191
|
it "should one message per connection" do
|
|
191
192
|
event_count = 10
|
|
192
|
-
port =
|
|
193
|
+
port = rand(1024..65535)
|
|
193
194
|
conf = <<-CONFIG
|
|
194
195
|
input {
|
|
195
196
|
tcp {
|
|
@@ -285,12 +286,17 @@ describe LogStash::Inputs::Tcp do
|
|
|
285
286
|
subject(:input) { LogStash::Plugin.lookup("input", "tcp").new(config) }
|
|
286
287
|
|
|
287
288
|
let(:config) do
|
|
288
|
-
{
|
|
289
|
-
"
|
|
289
|
+
{
|
|
290
|
+
"host" => "0.0.0.0",
|
|
291
|
+
"port" => port,
|
|
292
|
+
"ssl_verify" => false,
|
|
293
|
+
"ssl_enable" => true,
|
|
294
|
+
"ssl_cert" => certificate[0].path,
|
|
295
|
+
"ssl_key" => certificate[1].path
|
|
296
|
+
}
|
|
290
297
|
end
|
|
291
298
|
|
|
292
299
|
let(:events) do
|
|
293
|
-
|
|
294
300
|
socket = Stud::try(5.times) do
|
|
295
301
|
ssl_context = OpenSSL::SSL::SSLContext.new
|
|
296
302
|
socket = TCPSocket.new("127.0.0.1", port)
|
|
@@ -313,6 +319,12 @@ describe LogStash::Inputs::Tcp do
|
|
|
313
319
|
expect(events.size).to be(nevents)
|
|
314
320
|
end
|
|
315
321
|
|
|
322
|
+
it "should not contain sslsubject" do
|
|
323
|
+
events.each do |event|
|
|
324
|
+
expect(event["sslsubject"]).to be_nil
|
|
325
|
+
end
|
|
326
|
+
end
|
|
327
|
+
|
|
316
328
|
describe "when ssl_verify is on" do
|
|
317
329
|
|
|
318
330
|
let(:chain_of_certificates) { helper.chain_of_certificates }
|
|
@@ -327,9 +339,14 @@ describe LogStash::Inputs::Tcp do
|
|
|
327
339
|
context "and the verification fails" do
|
|
328
340
|
|
|
329
341
|
let(:config) do
|
|
330
|
-
{
|
|
331
|
-
"
|
|
332
|
-
"
|
|
342
|
+
{
|
|
343
|
+
"host" => "0.0.0.0",
|
|
344
|
+
"port" => port,
|
|
345
|
+
"ssl_enable" => true,
|
|
346
|
+
"ssl_verify" => true,
|
|
347
|
+
"ssl_cert" => chain_of_certificates[:a_cert].path,
|
|
348
|
+
"ssl_key" => chain_of_certificates[:a_key].path
|
|
349
|
+
}
|
|
333
350
|
end
|
|
334
351
|
|
|
335
352
|
let(:client_certificate) { File.read(chain_of_certificates[:b_cert].path) }
|
|
@@ -347,13 +364,19 @@ describe LogStash::Inputs::Tcp do
|
|
|
347
364
|
end
|
|
348
365
|
end
|
|
349
366
|
end
|
|
367
|
+
|
|
350
368
|
context "and using the root CA" do
|
|
351
369
|
|
|
352
370
|
let(:config) do
|
|
353
|
-
{
|
|
354
|
-
"
|
|
355
|
-
"
|
|
356
|
-
"
|
|
371
|
+
{
|
|
372
|
+
"host" => "0.0.0.0",
|
|
373
|
+
"port" => port,
|
|
374
|
+
"ssl_enable" => true,
|
|
375
|
+
"ssl_verify" => true,
|
|
376
|
+
"ssl_cert" => chain_of_certificates[:a_cert].path,
|
|
377
|
+
"ssl_key" => chain_of_certificates[:a_key].path,
|
|
378
|
+
"ssl_cacert" => chain_of_certificates[:root_ca].path
|
|
379
|
+
}
|
|
357
380
|
end
|
|
358
381
|
|
|
359
382
|
let(:client_certificate) { File.read(chain_of_certificates[:aa_cert].path) }
|
|
@@ -364,6 +387,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
364
387
|
socket = TCPSocket.new("127.0.0.1", port)
|
|
365
388
|
OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
|
|
366
389
|
end
|
|
390
|
+
|
|
367
391
|
result = helper.pipelineless_input(subject, nevents) do
|
|
368
392
|
socket.connect
|
|
369
393
|
nevents.times do |i|
|
|
@@ -371,6 +395,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
371
395
|
socket.flush
|
|
372
396
|
end
|
|
373
397
|
end
|
|
398
|
+
|
|
374
399
|
socket.close rescue nil
|
|
375
400
|
|
|
376
401
|
result
|
|
@@ -380,15 +405,25 @@ describe LogStash::Inputs::Tcp do
|
|
|
380
405
|
expect(events.size).to be(nevents)
|
|
381
406
|
end
|
|
382
407
|
|
|
408
|
+
it "should contain sslsubject" do
|
|
409
|
+
events.each do |event|
|
|
410
|
+
expect(event["sslsubject"]).to eq("/DC=org/DC=ruby-lang/CN=RubyAA_Cert")
|
|
411
|
+
end
|
|
412
|
+
end
|
|
383
413
|
end
|
|
384
414
|
|
|
385
415
|
context "using an extra chain of certificates" do
|
|
386
416
|
|
|
387
417
|
let(:config) do
|
|
388
|
-
{
|
|
389
|
-
"
|
|
390
|
-
"
|
|
391
|
-
"
|
|
418
|
+
{
|
|
419
|
+
"host" => "0.0.0.0",
|
|
420
|
+
"port" => port,
|
|
421
|
+
"ssl_enable" => true,
|
|
422
|
+
"ssl_verify" => true,
|
|
423
|
+
"ssl_cert" => chain_of_certificates[:b_cert].path,
|
|
424
|
+
"ssl_key" => chain_of_certificates[:b_key].path,
|
|
425
|
+
"ssl_extra_chain_certs" => [ chain_of_certificates[:root_ca].path, chain_of_certificates[:a_cert].path, chain_of_certificates[:b_cert].path ]
|
|
426
|
+
}
|
|
392
427
|
end
|
|
393
428
|
|
|
394
429
|
let(:client_certificate) { File.read(chain_of_certificates[:c_cert].path) }
|
|
@@ -399,6 +434,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
399
434
|
socket = TCPSocket.new("127.0.0.1", port)
|
|
400
435
|
OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
|
|
401
436
|
end
|
|
437
|
+
|
|
402
438
|
result = helper.pipelineless_input(subject, nevents) do
|
|
403
439
|
socket.connect
|
|
404
440
|
nevents.times do |i|
|
|
@@ -406,6 +442,7 @@ describe LogStash::Inputs::Tcp do
|
|
|
406
442
|
socket.flush
|
|
407
443
|
end
|
|
408
444
|
end
|
|
445
|
+
|
|
409
446
|
socket.close rescue nil
|
|
410
447
|
|
|
411
448
|
result
|
|
@@ -414,14 +451,19 @@ describe LogStash::Inputs::Tcp do
|
|
|
414
451
|
it "should receive events" do
|
|
415
452
|
expect(events.size).to be(nevents)
|
|
416
453
|
end
|
|
454
|
+
|
|
455
|
+
it "should contain sslsubject" do
|
|
456
|
+
events.each do |event|
|
|
457
|
+
expect(event["sslsubject"]).to eq("/DC=org/DC=ruby-lang/CN=RubyC_Cert")
|
|
458
|
+
end
|
|
459
|
+
end
|
|
417
460
|
end
|
|
418
461
|
end
|
|
419
|
-
|
|
420
462
|
end
|
|
421
463
|
end
|
|
464
|
+
|
|
422
465
|
it_behaves_like "an interruptible input plugin" do
|
|
423
466
|
let(:config) { { "port" => port } }
|
|
424
467
|
end
|
|
425
468
|
end
|
|
426
|
-
|
|
427
469
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-input-tcp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-01-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core
|
|
@@ -166,11 +166,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
166
166
|
version: '0'
|
|
167
167
|
requirements: []
|
|
168
168
|
rubyforge_project:
|
|
169
|
-
rubygems_version: 2.4.
|
|
169
|
+
rubygems_version: 2.4.8
|
|
170
170
|
signing_key:
|
|
171
171
|
specification_version: 4
|
|
172
172
|
summary: Read events over a TCP socket.
|
|
173
173
|
test_files:
|
|
174
174
|
- spec/inputs/tcp_spec.rb
|
|
175
175
|
- spec/spec_helper.rb
|
|
176
|
-
has_rdoc:
|