logstash-input-tcp 5.2.3-java → 6.0.0-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4e3fbae31c34a11ab25dfd0134c2851f7a84c4d186b32c2b282ac60116be031b
-  data.tar.gz: 9f72b2cbe4d3703719012bd897d70b92d9bf0e95a961240e7c73a7ee7235577a
+  metadata.gz: 8f95c4b965fd69c58c8ea30cebdfbd74838e07051b3491e9c88da3a6029b7bdf
+  data.tar.gz: a21e7f3a68395d29f40d083f77933191d702e553f14903d3062a163c0f550aa6
 SHA512:
-  metadata.gz: cabaaa5d5b41294f0a70dc62a63a1a820b20d7a2243f73532465da33ac975f7ae5c5168365652f94fb8dc897e10e2aebcb49816f61b1f7e7c4f0704b99b46abb
-  data.tar.gz: 84ce8e542f13d9945ae0c9d08506b8b512068026d4290246f6a1fde541b50423777870cdc2aea5dd97d469b3ee7123194efaaf6b0aa77d001de5b12ff95ab1a8
+  metadata.gz: a928baf3ca1703fb850d09bc587299809b78b387b41c2a920f525d28d7ae335224b9d1f2dfa9f74ea91a88d1c45e4005c001bfe90fa5f6fa46ca476fe83ebc63
+  data.tar.gz: dd835f99eefdcdb04602beb68bb3c2f03a9fea58468f3c90dfb4461710740e9d0e56b992b9528ffc608872af4fc3d032286d4af7abd99d11b847483d4be657eb

data/CHANGELOG.md

@@ -1,15 +1,5 @@
-## 5.2.3
-  - Skip empty lines while reading certificate files [#144](https://github.com/logstash-plugins/logstash-input-tcp/issues/144)
-
-## 5.2.2
-  - Fixed race condition where data would be accepted before queue was configured [#142](https://github.com/logstash-plugins/logstash-input-tcp/pull/142)
-
-## 5.2.1
-  - Support multiple certificates per file [#140](https://github.com/logstash-plugins/logstash-input-tcp/pull/140)
-  - Fixed support for encrypted pkcs8 private keys [#133](https://github.com/logstash-plugins/logstash-input-tcp/pull/133)
-  - Added support for encrypted pem pkcs1 private keys [#131](https://github.com/logstash-plugins/logstash-input-tcp/pull/131)
-  - Changed testing to docker [#128](https://github.com/logstash-plugins/logstash-input-tcp/pull/128)
-  - Fixed heading for `ssl_certificate_authorities` docs [#130](https://github.com/logstash-plugins/logstash-input-tcp/pull/130)
+## 6.0.0
+  - Removed obsolete `data_timeout` and `ssl_cacert` options
 
 ## 5.2.0
   - Added support for pkcs1 and pkcs8 key formats [#122](https://github.com/logstash-plugins/logstash-input-tcp/issues/122)

data/lib/logstash/inputs/tcp.rb

@@ -74,8 +74,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   # When mode is `client`, the port to connect to.
   config :port, :validate => :number, :required => true
 
-  config :data_timeout, :validate => :number, :obsolete => "This setting is not used any more."
-
   # Mode to operate in. `server` listens for client connections,
   # `client` connects to a server.
   config :mode, :validate => ["server", "client"], :default => "server"
@@ -91,8 +89,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   # For input, sets the field `sslsubject` to that of the client certificate.
   config :ssl_verify, :validate => :boolean, :default => true
 
-  config :ssl_cacert, :validate => :path, :obsolete => "This setting is obsolete. Use ssl_extra_chain_certs instead"
-
   # SSL certificate path
   config :ssl_cert, :validate => :path
 
@@ -141,6 +137,11 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   def register
     fix_streaming_codecs
 
+    # note that since we are opening a socket in register, we must also make sure we close it
+    # in the close method even if we also close it in the stop method since we could have
+    # a situation where register is called but not run & stop.
+
+    @logger.info("Starting tcp input listener", :address => "#{@host}:#{@port}", :ssl_enable => "#{@ssl_enable}")
     if server?
       ssl_context = get_ssl_context(SslOptions)
 
@@ -152,7 +153,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   def run(output_queue)
     @output_queue = output_queue
     if server?
-      @logger.info("Starting tcp input listener", :address => "#{@host}:#{@port}", :ssl_enable => "#{@ssl_enable}")
       @loop.run
     else
       run_client()

data/lib/logstash/inputs/tcp/compat_ssl_options.rb

@@ -76,9 +76,7 @@ class SslOptions
     # create certificate object
     cf = CertificateFactory.getInstance("X.509")
     cert_chain = []
-    fetch_certificates_from_file(@ssl_cert_path, cf) do |cert|
-      cert_chain << cert
-    end
+    cert_chain << cf.generateCertificate(FileInputStream.new(@ssl_cert_path))
 
     # convert key from pkcs1 to pkcs8 and get PrivateKey object
     pem_parser = PEMParser.new(FileReader.new(@ssl_key_path))
@@ -102,19 +100,13 @@ class SslOptions
       raise "Could not recognize 'ssl_key' format. Class: #{obj.class}"
     end
 
-    @ssl_extra_chain_certs.each do |file|
-      fetch_certificates_from_file(file, cf) do |cert|
-        cert_chain << cert
-      end
+    @ssl_extra_chain_certs.each do |cert|
+      cert_chain << cf.generateCertificate(FileInputStream.new(cert))
     end
     sslContextBuilder = SslContextBuilder.forServer(private_key, @ssl_key_passphrase, cert_chain.to_java(X509Certificate))
 
-    trust_certs = []
-
-    @ssl_certificate_authorities.each do |file|
-      fetch_certificates_from_file(file, cf) do |cert|
-        trust_certs << cert
-      end
+    trust_certs = @ssl_certificate_authorities.map do |cert|
+      cf.generateCertificate(FileInputStream.new(cert))
     end
 
     if trust_certs.any?
@@ -124,22 +116,4 @@ class SslOptions
     sslContextBuilder.clientAuth(@ssl_verify ? ClientAuth::REQUIRE : ClientAuth::NONE)
     sslContextBuilder.build()
   end
-
-  private
-  def fetch_certificates_from_file(file, cf)
-    fis = java.io.FileInputStream.new(file)
-
-    while (fis.available > 0) do
-      cert = generate_certificate(cf, fis)
-      yield cert if cert
-    end
-  ensure
-    fis.close if fis
-  end
-
-  def generate_certificate(cf, fis)
-    cf.generateCertificate(fis)
-  rescue Java::JavaSecurityCert::CertificateException => e
-    raise e unless e.cause.message == "Empty input"
-  end
 end

data/spec/inputs/tcp_spec.rb

@@ -382,35 +382,6 @@ describe LogStash::Inputs::Tcp do
             ssc.delete
           end
         end
-
-        context "with multiple certificates with empty spaces in them" do
-          let(:ssc) { SelfSignedCertificate.new }
-          let(:certificate_file) { ssc.certificate }
-          let(:key_file) { ssc.private_key}
-          let(:ssc_2) { SelfSignedCertificate.new }
-          let(:certificate_file_2) { ssc.certificate }
-          let(:config) do
-            {
-              "host" => "127.0.0.1",
-              "port" => port,
-              "ssl_enable" => true,
-              "ssl_cert" => certificate_file.path,
-              "ssl_key" => key_file.path
-            }
-          end
-          before(:each) do
-            File.open(certificate_file.path, "a") do |file|
-              path = ssc_2.certificate.path
-              file.puts("\n")
-              file.puts(IO.read(path))
-              file.puts("\n")
-            end
-          end
-
-          it "should register without errors" do
-            expect { subject.register }.to_not raise_error
-          end
-        end
       end
     end
 
@@ -428,7 +399,12 @@ describe LogStash::Inputs::Tcp do
           chain_of_certificates = TcpHelpers.new.chain_of_certificates
 
           let(:tcp) do
-            Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
+            begin
+              socket = TCPSocket.new("127.0.0.1", port)
+            rescue Errno::ECONNREFUSED
+              sleep 1
+              socket = TCPSocket.new("127.0.0.1", port)
+            end
           end
           let(:sslcontext) do
             sslcontext = OpenSSL::SSL::SSLContext.new
@@ -526,8 +502,14 @@ describe LogStash::Inputs::Tcp do
 
           context "that disconnects before doing TLS handshake" do
             before do
-              client = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
-              client.close
+              begin
+                client = TCPSocket.new("127.0.0.1", port)
+                client.close
+              rescue Errno::ECONNREFUSED
+                sleep 1
+                client = TCPSocket.new("127.0.0.1", port)
+                client.close
+              end
             end
 
             it "should not negatively impact the plugin" do
@@ -558,7 +540,7 @@ describe LogStash::Inputs::Tcp do
               # Assertion to verify this test is actually sending something.
               expect(garbage.length).to be > 0
 
-              client = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
+              client = TCPSocket.new("127.0.0.1", port)
               client.write(garbage)
               client.flush
               Thread.new { sleep(1); client.close }

data/version

@@ -1 +1 @@
-5.2.3
+6.0.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-tcp
 version: !ruby/object:Gem::Version
-  version: 5.2.3
+  version: 6.0.0
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-05 00:00:00.000000000 Z
+date: 2019-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -164,7 +164,7 @@ files:
 - logstash-input-tcp.gemspec
 - spec/inputs/tcp_spec.rb
 - spec/spec_helper.rb
-- vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/5.2.3/logstash-input-tcp-5.2.3.jar
+- vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.0.0/logstash-input-tcp-6.0.0.jar
 - version
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses: