logstash-input-tcp 5.2.3-java → 6.0.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -12
- data/lib/logstash/inputs/tcp.rb +5 -5
- data/lib/logstash/inputs/tcp/compat_ssl_options.rb +5 -31
- data/spec/inputs/tcp_spec.rb +15 -33
- data/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/{5.2.3/logstash-input-tcp-5.2.3.jar → 6.0.0/logstash-input-tcp-6.0.0.jar} +0 -0
- data/version +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8f95c4b965fd69c58c8ea30cebdfbd74838e07051b3491e9c88da3a6029b7bdf
|
4
|
+
data.tar.gz: a21e7f3a68395d29f40d083f77933191d702e553f14903d3062a163c0f550aa6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a928baf3ca1703fb850d09bc587299809b78b387b41c2a920f525d28d7ae335224b9d1f2dfa9f74ea91a88d1c45e4005c001bfe90fa5f6fa46ca476fe83ebc63
|
7
|
+
data.tar.gz: dd835f99eefdcdb04602beb68bb3c2f03a9fea58468f3c90dfb4461710740e9d0e56b992b9528ffc608872af4fc3d032286d4af7abd99d11b847483d4be657eb
|
data/CHANGELOG.md
CHANGED
@@ -1,15 +1,5 @@
|
|
1
|
-
##
|
2
|
-
-
|
3
|
-
|
4
|
-
## 5.2.2
|
5
|
-
- Fixed race condition where data would be accepted before queue was configured [#142](https://github.com/logstash-plugins/logstash-input-tcp/pull/142)
|
6
|
-
|
7
|
-
## 5.2.1
|
8
|
-
- Support multiple certificates per file [#140](https://github.com/logstash-plugins/logstash-input-tcp/pull/140)
|
9
|
-
- Fixed support for encrypted pkcs8 private keys [#133](https://github.com/logstash-plugins/logstash-input-tcp/pull/133)
|
10
|
-
- Added support for encrypted pem pkcs1 private keys [#131](https://github.com/logstash-plugins/logstash-input-tcp/pull/131)
|
11
|
-
- Changed testing to docker [#128](https://github.com/logstash-plugins/logstash-input-tcp/pull/128)
|
12
|
-
- Fixed heading for `ssl_certificate_authorities` docs [#130](https://github.com/logstash-plugins/logstash-input-tcp/pull/130)
|
1
|
+
## 6.0.0
|
2
|
+
- Removed obsolete `data_timeout` and `ssl_cacert` options
|
13
3
|
|
14
4
|
## 5.2.0
|
15
5
|
- Added support for pkcs1 and pkcs8 key formats [#122](https://github.com/logstash-plugins/logstash-input-tcp/issues/122)
|
data/lib/logstash/inputs/tcp.rb
CHANGED
@@ -74,8 +74,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
74
74
|
# When mode is `client`, the port to connect to.
|
75
75
|
config :port, :validate => :number, :required => true
|
76
76
|
|
77
|
-
config :data_timeout, :validate => :number, :obsolete => "This setting is not used any more."
|
78
|
-
|
79
77
|
# Mode to operate in. `server` listens for client connections,
|
80
78
|
# `client` connects to a server.
|
81
79
|
config :mode, :validate => ["server", "client"], :default => "server"
|
@@ -91,8 +89,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
91
89
|
# For input, sets the field `sslsubject` to that of the client certificate.
|
92
90
|
config :ssl_verify, :validate => :boolean, :default => true
|
93
91
|
|
94
|
-
config :ssl_cacert, :validate => :path, :obsolete => "This setting is obsolete. Use ssl_extra_chain_certs instead"
|
95
|
-
|
96
92
|
# SSL certificate path
|
97
93
|
config :ssl_cert, :validate => :path
|
98
94
|
|
@@ -141,6 +137,11 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
141
137
|
def register
|
142
138
|
fix_streaming_codecs
|
143
139
|
|
140
|
+
# note that since we are opening a socket in register, we must also make sure we close it
|
141
|
+
# in the close method even if we also close it in the stop method since we could have
|
142
|
+
# a situation where register is called but not run & stop.
|
143
|
+
|
144
|
+
@logger.info("Starting tcp input listener", :address => "#{@host}:#{@port}", :ssl_enable => "#{@ssl_enable}")
|
144
145
|
if server?
|
145
146
|
ssl_context = get_ssl_context(SslOptions)
|
146
147
|
|
@@ -152,7 +153,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
152
153
|
def run(output_queue)
|
153
154
|
@output_queue = output_queue
|
154
155
|
if server?
|
155
|
-
@logger.info("Starting tcp input listener", :address => "#{@host}:#{@port}", :ssl_enable => "#{@ssl_enable}")
|
156
156
|
@loop.run
|
157
157
|
else
|
158
158
|
run_client()
|
@@ -76,9 +76,7 @@ class SslOptions
|
|
76
76
|
# create certificate object
|
77
77
|
cf = CertificateFactory.getInstance("X.509")
|
78
78
|
cert_chain = []
|
79
|
-
|
80
|
-
cert_chain << cert
|
81
|
-
end
|
79
|
+
cert_chain << cf.generateCertificate(FileInputStream.new(@ssl_cert_path))
|
82
80
|
|
83
81
|
# convert key from pkcs1 to pkcs8 and get PrivateKey object
|
84
82
|
pem_parser = PEMParser.new(FileReader.new(@ssl_key_path))
|
@@ -102,19 +100,13 @@ class SslOptions
|
|
102
100
|
raise "Could not recognize 'ssl_key' format. Class: #{obj.class}"
|
103
101
|
end
|
104
102
|
|
105
|
-
@ssl_extra_chain_certs.each do |
|
106
|
-
|
107
|
-
cert_chain << cert
|
108
|
-
end
|
103
|
+
@ssl_extra_chain_certs.each do |cert|
|
104
|
+
cert_chain << cf.generateCertificate(FileInputStream.new(cert))
|
109
105
|
end
|
110
106
|
sslContextBuilder = SslContextBuilder.forServer(private_key, @ssl_key_passphrase, cert_chain.to_java(X509Certificate))
|
111
107
|
|
112
|
-
trust_certs =
|
113
|
-
|
114
|
-
@ssl_certificate_authorities.each do |file|
|
115
|
-
fetch_certificates_from_file(file, cf) do |cert|
|
116
|
-
trust_certs << cert
|
117
|
-
end
|
108
|
+
trust_certs = @ssl_certificate_authorities.map do |cert|
|
109
|
+
cf.generateCertificate(FileInputStream.new(cert))
|
118
110
|
end
|
119
111
|
|
120
112
|
if trust_certs.any?
|
@@ -124,22 +116,4 @@ class SslOptions
|
|
124
116
|
sslContextBuilder.clientAuth(@ssl_verify ? ClientAuth::REQUIRE : ClientAuth::NONE)
|
125
117
|
sslContextBuilder.build()
|
126
118
|
end
|
127
|
-
|
128
|
-
private
|
129
|
-
def fetch_certificates_from_file(file, cf)
|
130
|
-
fis = java.io.FileInputStream.new(file)
|
131
|
-
|
132
|
-
while (fis.available > 0) do
|
133
|
-
cert = generate_certificate(cf, fis)
|
134
|
-
yield cert if cert
|
135
|
-
end
|
136
|
-
ensure
|
137
|
-
fis.close if fis
|
138
|
-
end
|
139
|
-
|
140
|
-
def generate_certificate(cf, fis)
|
141
|
-
cf.generateCertificate(fis)
|
142
|
-
rescue Java::JavaSecurityCert::CertificateException => e
|
143
|
-
raise e unless e.cause.message == "Empty input"
|
144
|
-
end
|
145
119
|
end
|
data/spec/inputs/tcp_spec.rb
CHANGED
@@ -382,35 +382,6 @@ describe LogStash::Inputs::Tcp do
|
|
382
382
|
ssc.delete
|
383
383
|
end
|
384
384
|
end
|
385
|
-
|
386
|
-
context "with multiple certificates with empty spaces in them" do
|
387
|
-
let(:ssc) { SelfSignedCertificate.new }
|
388
|
-
let(:certificate_file) { ssc.certificate }
|
389
|
-
let(:key_file) { ssc.private_key}
|
390
|
-
let(:ssc_2) { SelfSignedCertificate.new }
|
391
|
-
let(:certificate_file_2) { ssc.certificate }
|
392
|
-
let(:config) do
|
393
|
-
{
|
394
|
-
"host" => "127.0.0.1",
|
395
|
-
"port" => port,
|
396
|
-
"ssl_enable" => true,
|
397
|
-
"ssl_cert" => certificate_file.path,
|
398
|
-
"ssl_key" => key_file.path
|
399
|
-
}
|
400
|
-
end
|
401
|
-
before(:each) do
|
402
|
-
File.open(certificate_file.path, "a") do |file|
|
403
|
-
path = ssc_2.certificate.path
|
404
|
-
file.puts("\n")
|
405
|
-
file.puts(IO.read(path))
|
406
|
-
file.puts("\n")
|
407
|
-
end
|
408
|
-
end
|
409
|
-
|
410
|
-
it "should register without errors" do
|
411
|
-
expect { subject.register }.to_not raise_error
|
412
|
-
end
|
413
|
-
end
|
414
385
|
end
|
415
386
|
end
|
416
387
|
|
@@ -428,7 +399,12 @@ describe LogStash::Inputs::Tcp do
|
|
428
399
|
chain_of_certificates = TcpHelpers.new.chain_of_certificates
|
429
400
|
|
430
401
|
let(:tcp) do
|
431
|
-
|
402
|
+
begin
|
403
|
+
socket = TCPSocket.new("127.0.0.1", port)
|
404
|
+
rescue Errno::ECONNREFUSED
|
405
|
+
sleep 1
|
406
|
+
socket = TCPSocket.new("127.0.0.1", port)
|
407
|
+
end
|
432
408
|
end
|
433
409
|
let(:sslcontext) do
|
434
410
|
sslcontext = OpenSSL::SSL::SSLContext.new
|
@@ -526,8 +502,14 @@ describe LogStash::Inputs::Tcp do
|
|
526
502
|
|
527
503
|
context "that disconnects before doing TLS handshake" do
|
528
504
|
before do
|
529
|
-
|
530
|
-
|
505
|
+
begin
|
506
|
+
client = TCPSocket.new("127.0.0.1", port)
|
507
|
+
client.close
|
508
|
+
rescue Errno::ECONNREFUSED
|
509
|
+
sleep 1
|
510
|
+
client = TCPSocket.new("127.0.0.1", port)
|
511
|
+
client.close
|
512
|
+
end
|
531
513
|
end
|
532
514
|
|
533
515
|
it "should not negatively impact the plugin" do
|
@@ -558,7 +540,7 @@ describe LogStash::Inputs::Tcp do
|
|
558
540
|
# Assertion to verify this test is actually sending something.
|
559
541
|
expect(garbage.length).to be > 0
|
560
542
|
|
561
|
-
client =
|
543
|
+
client = TCPSocket.new("127.0.0.1", port)
|
562
544
|
client.write(garbage)
|
563
545
|
client.flush
|
564
546
|
Thread.new { sleep(1); client.close }
|
Binary file
|
data/version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
6.0.0
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-input-tcp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 6.0.0
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-01-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -164,7 +164,7 @@ files:
|
|
164
164
|
- logstash-input-tcp.gemspec
|
165
165
|
- spec/inputs/tcp_spec.rb
|
166
166
|
- spec/spec_helper.rb
|
167
|
-
- vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/
|
167
|
+
- vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.0.0/logstash-input-tcp-6.0.0.jar
|
168
168
|
- version
|
169
169
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
170
170
|
licenses:
|