logstash-input-tcp 3.0.1 → 3.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d560100efd4b27bcef8c8865626a628de300b871
-  data.tar.gz: 4f22528b91f54d136f838ae5ea7878c7df493462
+  metadata.gz: dfdbc6394d0429fde14caccd283662320d239396
+  data.tar.gz: 943b1ce9cb23f6b4d6ba0af1b72d935e7bf24b0e
 SHA512:
-  metadata.gz: 28bd63a130f1fa48f9470800baea3bc2ea14c9541dd754886ed21428a184ffa2c060b2e12089172acf77297e3136ce471fb3337ce0664e276c7a41fdbf230192
-  data.tar.gz: e03a18054310108f46336a10375d68dddfdcaba824102de882335aaa824634a05e4ae78357798f469a861e2ca79b144e9dfb642b88264480ee34b6036c84c300
+  metadata.gz: 2e72fff4e6bc2b5e0d4929d8e9ab3552112cec606fba3040d08e12955b82a7b07c272a51d9b902be1cf5f8a1d84df74739994242703ee782eb0ca60f4b18e8d9
+  data.tar.gz: e49359fda655b9868540a91655e467f10d3e8c39383d3ef4c2ec8e95a2362b5ca5f26e2ee0f0c351ba0ae15378da246eb9d092da0a46aeceb44ad062bf8a16c5

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 3.0.2
+- Fixed a bug where previous connection would accidentally be closed when accepting new socket connection
+- Fixed an issue with log message which used a closed socket's peer address 
+
 ## 3.0.1
  - properly convert sslsubject to string before assigning to event field, added specs, see https://github.com/logstash-plugins/logstash-input-tcp/pull/38
 

data/lib/logstash/inputs/tcp.rb

@@ -115,7 +115,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
       rescue OpenSSL::SSL::SSLError => e
         # log error, close socket, accept next connection
         @logger.error("SSL Error", :exception => e, :backtrace => e.backtrace)
-        socket.close rescue nil
       rescue => e
         # if this exception occured while the plugin is stopping
         # just ignore and exit
@@ -149,6 +148,7 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   end
 
   def handle_socket(socket, client_address, client_port, output_queue, codec)
+    peer = "#{client_address}:#{client_port}"
     while !stop?
       codec.decode(read(socket)) do |event|
         event["host"] ||= client_address
@@ -159,16 +159,16 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
       end
     end
   rescue EOFError
-    @logger.debug? && @logger.debug("Connection closed", :client => socket.peer)
+    @logger.debug? && @logger.debug("Connection closed", :client => peer)
   rescue Errno::ECONNRESET
-    @logger.debug? && @logger.debug("Connection reset by peer", :client => socket.peer)
+    @logger.debug? && @logger.debug("Connection reset by peer", :client => peer)
   rescue OpenSSL::SSL::SSLError => e
     # Fixes issue #23
     @logger.error("SSL Error", :exception => e, :backtrace => e.backtrace)
     socket.close rescue nil
   rescue => e
     # if plugin is stopping, don't bother logging it as an error
-    !stop? && @logger.error("An error occurred. Closing connection", :client => socket.peer, :exception => e, :backtrace => e.backtrace)
+    !stop? && @logger.error("An error occurred. Closing connection", :client => peer, :exception => e, :backtrace => e.backtrace)
   ensure
     # catch all rescue nil on close to discard any close errors or invalid socket
     socket.close rescue nil

data/logstash-input-tcp.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-input-tcp'
-  s.version       = '3.0.1'
+  s.version       = '3.0.2'
   s.licenses      = ['Apache License (2.0)']
   s.summary       = "Read events over a TCP socket."
   s.description   = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"

data/spec/inputs/tcp_spec.rb

@@ -5,11 +5,14 @@ require "timeout"
 require "logstash/json"
 require "logstash/inputs/tcp"
 require "stud/try"
+require "stud/task"
 require "flores/pki"
 require "openssl"
 
 require_relative "../spec_helper"
 
+#Cabin::Channel.get(LogStash).subscribe(STDOUT)
+#Cabin::Channel.get(LogStash).level = :debug
 describe LogStash::Inputs::Tcp do
 
   context "codec (PR #1372)" do
@@ -236,229 +239,139 @@ describe LogStash::Inputs::Tcp do
       subject.close rescue nil
     end
 
-    describe "register" do
+    describe "#register" do
       it "should register without errors" do
         expect { subject.register }.to_not raise_error
       end
     end
 
-    describe "receive" do
-
-      let(:nevents) { 10 }
-
-      let(:events) do
-        socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
-
-        result = helper.pipelineless_input(subject, nevents) do
-          nevents.times do |i|
-            socket.puts("msg #{i}")
-            socket.flush
-          end
-        end
-        socket.close rescue nil
-
-        result
-      end
-
-      before(:each) do
-        subject.register
-      end
-
-      it "should receive events been generated" do
-        expect(events.size).to be(nevents)
-        messages = events.map { |event| event["message"]}
-        messages.each do |message|
-          expect(message).to match(/msg \d+/)
-        end
-      end
-
-      it "should add the host and port to the generated event" do
-        events.each do |event|
-          expect(event["host"]).to eq("127.0.0.1")
-          expect(event["port"]).to be_an(Fixnum)
-        end
+    describe "#receive" do
+      shared_examples "receiving events" do
+        # TODO(sissel): Implement normal event-receipt tests as as a shared example
       end
 
-      describe "ssl" do
-
-        let(:certificate) { helper.certificate }
-
-        subject(:input) { LogStash::Plugin.lookup("input", "tcp").new(config) }
+      context "when ssl_enable is true" do
+        let(:pki) { Flores::PKI.generate }
+        let(:certificate) { pki[0] } 
+        let(:key) { pki[1] } 
+        let(:certificate_file) { Stud::Temporary.file }
+        let(:key_file) { Stud::Temporary.file }
+        let(:queue) { Queue.new }
 
         let(:config) do
           {
-            "host" => "0.0.0.0",
+            "host" => "127.0.0.1",
             "port" => port,
-            "ssl_verify" => false,
             "ssl_enable" => true,
-            "ssl_cert" => certificate[0].path,
-            "ssl_key" => certificate[1].path
+            "ssl_cert" => certificate_file.path,
+            "ssl_key" => key_file.path,
+
+            # Trust our self-signed cert.
+            # TODO(sissel): Make this a separate certificate for the client
+            "ssl_extra_chain_certs" => certificate_file.path
           }
         end
 
-        let(:events) do
-          socket = Stud::try(5.times) do
-            ssl_context = OpenSSL::SSL::SSLContext.new
-            socket = TCPSocket.new("127.0.0.1", port)
-            OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
-          end
-
-          result = helper.pipelineless_input(subject, nevents) do
-            socket.connect
-            nevents.times do |i|
-              socket.puts("msg #{i}")
-              socket.flush
-            end
-          end
-          socket.close rescue nil
+        subject(:input) { LogStash::Plugin.lookup("input", "tcp").new(config) }
 
-          result
-        end
+        before do
+          certificate_file.write(certificate)
+          key_file.write(key)
 
-        it "should receive events" do
-          expect(events.size).to be(nevents)
+          # Close to flush the file writes.
+          certificate_file.close
+          key_file.close
+          subject.register
         end
 
-        it "should not contain sslsubject" do
-          events.each do |event|
-            expect(event["sslsubject"]).to be_nil
-          end
+        after do
+          File.unlink(certificate_file.path)
+          File.unlink(key_file.path)
         end
 
-        describe "when ssl_verify is on" do
+        context "with a poorly-behaving client" do
+          let!(:input_task) { Stud::Task.new { input.run(queue) } }
 
-          let(:chain_of_certificates) { helper.chain_of_certificates }
+          after { input.close }
 
-          let(:ssl_context) do
-            ssl_context      = OpenSSL::SSL::SSLContext.new
-            ssl_context.cert = OpenSSL::X509::Certificate.new(client_certificate)
-            ssl_context.key  = OpenSSL::PKey::RSA.new(client_key)
-            ssl_context
-          end
-
-          context "and the verification fails" do
-
-            let(:config) do
-              {
-                "host" => "0.0.0.0",
-                "port" => port,
-                "ssl_enable" => true,
-                "ssl_verify" => true,
-                "ssl_cert" => chain_of_certificates[:a_cert].path,
-                "ssl_key" => chain_of_certificates[:a_key].path
-              }
-            end
-
-            let(:client_certificate) { File.read(chain_of_certificates[:b_cert].path) }
-            let(:client_key) { File.read(chain_of_certificates[:b_key].path) }
-
-            let(:socket) do
+          context "that disconnects before doing TLS handshake" do
+            before do
               client = TCPSocket.new("127.0.0.1", port)
-              OpenSSL::SSL::SSLSocket.new(client, ssl_context)
+              client.close
             end
 
-            it "should raise an exception when connecting" do
-              helper.pipelineless_input(subject, 0) do
-                expect { socket.connect }.to raise_error
-                socket.close rescue nil
-              end
+            it "should not negatively impact the plugin" do
+              # TODO(sissel): Look for a better way to detect this failure
+              # besides a sleep/wait.
+              result = input_task.thread.join(0.5)
+              expect(result).to be_nil
             end
           end
 
-          context "and using the root CA" do
-
-            let(:config) do
-              {
-                "host" => "0.0.0.0",
-                "port" => port,
-                "ssl_enable" => true,
-                "ssl_verify" => true,
-                "ssl_cert" => chain_of_certificates[:a_cert].path,
-                "ssl_key" => chain_of_certificates[:a_key].path,
-                "ssl_cacert" => chain_of_certificates[:root_ca].path
-              }
-            end
-
-            let(:client_certificate) { File.read(chain_of_certificates[:aa_cert].path) }
-            let(:client_key) { File.read(chain_of_certificates[:aa_key].path) }
+          context "that sends garbage instead of TLS handshake" do
+            let!(:input_task) { Stud::Task.new { input.run(queue) } }
+            let(:max_length) { 1000 }
+            let(:garbage) { Flores::Random.iterations(max_length).collect { Flores::Random.integer(1...255) }.pack("C*") }
+            before do
+              # Assertion to verify this test is actually sending something.
+              expect(garbage.length).to be > 0
 
-            let(:events) do
-              socket = Stud::try(5.times) do
-                socket = TCPSocket.new("127.0.0.1", port)
-                OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
-              end
-
-              result = helper.pipelineless_input(subject, nevents) do
-                socket.connect
-                nevents.times do |i|
-                  socket.puts("msg #{i}")
-                  socket.flush
-                end
-              end
-
-              socket.close rescue nil
-
-              result
-            end
-
-            it "should receive events" do
-              expect(events.size).to be(nevents)
+              client = TCPSocket.new("127.0.0.1", port)
+              client.write(garbage)
+              client.flush
+              Thread.new { sleep(1); client.close }
             end
-
-            it "should contain sslsubject" do
-              events.each do |event|
-                expect(event["sslsubject"]).to eq("/DC=org/DC=ruby-lang/CN=RubyAA_Cert")
-              end
+            it "should not negatively impact the plugin" do
+              # TODO(sissel): Look for a better way to detect this failure besides a sleep/wait.
+              result = input_task.thread.join(0.5)
+              expect(result).to be_nil
             end
           end
 
-          context "using an extra chain of certificates" do
-
-            let(:config) do
-              {
-                "host" => "0.0.0.0",
-                "port" => port,
-                "ssl_enable" => true,
-                "ssl_verify" => true,
-                "ssl_cert" => chain_of_certificates[:b_cert].path,
-                "ssl_key" => chain_of_certificates[:b_key].path,
-                "ssl_extra_chain_certs" => [ chain_of_certificates[:root_ca].path, chain_of_certificates[:a_cert].path, chain_of_certificates[:b_cert].path ]
-              }
+          context "connection was healthy but now has garbage or corruption" do
+            let!(:input_task) { Stud::Task.new { input.run(queue) } }
+            let(:tcp) { TCPSocket.new("127.0.0.1", port) }
+            let(:sslcontext) { OpenSSL::SSL::SSLContext.new }
+            let(:sslsocket) { OpenSSL::SSL::SSLSocket.new(tcp, sslcontext) }
+            let(:max_length) { 1000 }
+            let(:garbage) { Flores::Random.iterations(max_length).collect { Flores::Random.integer(1...255) }.pack("C*") }
+
+            before do
+              sslcontext.cert = certificate
+              sslcontext.key = key
+              sslcontext.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+              sslsocket.connect
+              sslsocket.write("Hello world\n")
+
+              # Assertion to verify this test is actually sending something.
+              expect(garbage.length).to be > 0
+              tcp.write(garbage)
+              tcp.flush
+              sslsocket.close
+              tcp.close
             end
 
-            let(:client_certificate) { File.read(chain_of_certificates[:c_cert].path) }
-            let(:client_key) { File.read(chain_of_certificates[:c_key].path) }
-
-            let(:events) do
-              socket = Stud::try(5.times) do
-                socket = TCPSocket.new("127.0.0.1", port)
-                OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
-              end
-
-              result = helper.pipelineless_input(subject, nevents) do
-                socket.connect
-                nevents.times do |i|
-                  socket.puts("msg #{i}")
-                  socket.flush
-                end
-              end
-
-              socket.close rescue nil
-
-              result
+            it "should not negatively impact the plugin" do
+              # TODO(sissel): Look for a better way to detect this failure besides a sleep/wait.
+              result = input_task.thread.join(0.5)
+              expect(result).to be_nil
             end
+          end
+        end
 
-            it "should receive events" do
-              expect(events.size).to be(nevents)
-            end
+        # TODO(sissel): Spec multiple clients where only one is bad.
 
-            it "should contain sslsubject" do
-              events.each do |event|
-                expect(event["sslsubject"]).to eq("/DC=org/DC=ruby-lang/CN=RubyC_Cert")
-              end
-            end
-          end
+        context "with client certificate problems" do
+          context "using an expired certificate"
+          context "using an untrusted certificate"
         end
+
+        context "with a good connection" do
+          # TODO(sissel): use shared example
+          include_examples "receiving events"
+        end
+
       end
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-tcp
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-01-12 00:00:00.000000000 Z
+date: 2016-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstash-core