logstash-mixin-rabbitmq_connection 4.0.1-java → 4.1.0-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 275267fcd43113d2150b6147e88679964faf76f2
-  data.tar.gz: a71ae1923e4d5dc23272b4c60207a7c85d0696a4
+  metadata.gz: 3180b6f7141951d8dfdc855f0e9f084042a72384
+  data.tar.gz: c4c34412be5a2d029c46626321aa2ce561ed8284
 SHA512:
-  metadata.gz: 549ac3610dcc939978664a813158ae8e77ab2f08d450e5ee9889a5797db7ebe28bd8408c69f07a2410dbccc1423caa8af2aaf13d86a0972f60372d032fe2dab4
-  data.tar.gz: ebd5bc447a6ee7d616d6fb6e07e2774b5342c64982673948965e1e09bae151f64662f3631cbd4a2b7f60c7af523de4513c4aa0b952afb3c4e7fd3b218bdff6e3
+  metadata.gz: b7719c3c4f1d6cb5493c6b5ce0ded6a30471100f45924d1f1c39272683e60985d42a6ce9d194154241a2d92c6d87d4ebeeec75ca07b0c7735ffb31d08e0dd688
+  data.tar.gz: eaa10a409af9933e2232a93a7347ef23de8a1ea7f73c1e27fd2d3ccba52e055d478c880c08011c376396811c1113c67fa21811ff9ddaa0a05b0492e9ba78976b

data/CHANGELOG

@@ -1,3 +1,8 @@
+* 4.1.0
+  - Fix SSL option to be boolean once again
+  - Add separate ssl_version parameter
+  - Mark verify_ssl parameter as obsolete since it never worked
+  - Better checks for SSL argument consistency
 * 2.4.0
   - Add SSL/TLS Support
   - Add support for "x-consistent-hash" and "x-modulus-hash" exchanges

data/lib/logstash/plugin_mixins/rabbitmq_connection.rb

@@ -36,12 +36,24 @@ module LogStash
         # slash.
         config :vhost, :validate => :string, :default => "/"
 
-        # Enable or disable SSL
-        # Specify TLS version if using TLS e.g "TLSv1.2"
-        config :ssl, :validate => :string
+        # Enable or disable SSL.
+        # Note that by default remote certificate verification is off.
+        # Specify ssl_certificate_path and ssl_certificate_password if you need
+        # certificate verification
+        config :ssl, :validate => :boolean
 
-        # Validate SSL certificate
-        config :verify_ssl, :validate => :boolean, :default => false
+        # Version of the SSL protocol to use.
+        config :ssl_version, :validate => :string, :default => "TLSv1.2"
+
+        config :verify_ssl, :validate => :boolean, :default => false,
+          :obsolete => "This function did not actually function correctly and was removed." +
+                       "If you wish to validate SSL certs use the ssl_certificate_path and ssl_certificate_password options."
+
+        # Path to an SSL certificate in PKCS12 (.p12) format used for verifying the remote host
+        config :ssl_certificate_path, :validate => :path
+
+        # Password for the encrypted PKCS12 (.p12) certificate file specified in ssl_certificate_path
+        config :ssl_certificate_password, :validate => :string
 
         # Enable or disable logging
         config :debug, :validate => :boolean, :default => false, :deprecated => "Use the logstash --debug flag for this instead."
@@ -62,10 +74,10 @@ module LogStash
         config :passive, :validate => :boolean, :default => false
 
         # TLS certifcate path
-        config :tls_certificate_path, :validate => :path
+        config :tls_certificate_path, :validate => :path, :deprecated => true
 
         # TLS certificate password
-        config :tls_certificate_password, :validate => :string
+        config :tls_certificate_password, :validate => :string, :deprecated => true
 
         # Extra queue arguments as an array.
         # To make a RabbitMQ queue mirrored, use: `{"x-ha-policy" => "all"}`
@@ -96,9 +108,22 @@ module LogStash
 
         s[:timeout] = @connection_timeout || 0
         s[:heartbeat] = @heartbeat || 0
-        s[:tls] = @ssl if @ssl
-        s[:tls_certificate_path] = @tls_certificate_path || ""
-        s[:tls_certificate_password] = @tls_certificate_password || ""
+
+        if @ssl
+          s[:tls] = @ssl_version
+
+          cert_path = @ssl_certificate_path || @tls_certificate_path
+          cert_pass = @ssl_certificate_password || @tls_certificate_password
+
+          if !!cert_path ^ !!cert_pass
+            raise LogStash::ConfigurationError, "RabbitMQ requires both ssl_certificate_path AND ssl_certificate_password to be set!"
+          end
+
+          s[:tls_certificate_path] = cert_path
+          s[:tls_certificate_password] = cert_pass
+        end
+
+
         @rabbitmq_settings = s
       end
 
@@ -147,6 +172,8 @@ module LogStash
         @logger.debug? && @logger.debug("Connecting to RabbitMQ. Settings: #{rabbitmq_settings.inspect}")
 
         connection = MarchHare.connect(rabbitmq_settings)
+
+
         connection.on_blocked { @logger.warn("RabbitMQ output blocked! Check your RabbitMQ instance!") }
         connection.on_unblocked { @logger.warn("RabbitMQ output unblocked!") }
 

data/logstash-mixin-rabbitmq_connection.gemspec

@@ -1,6 +1,7 @@
+
 Gem::Specification.new do |s|
   s.name            = 'logstash-mixin-rabbitmq_connection'
-  s.version         = '4.0.1'
+  s.version         = '4.1.0'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Common functionality for RabbitMQ plugins"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/fixtures/client/cert.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC4jCCAcqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhNeVRl
+c3RDQTAeFw0xNjA1MTAxNzAwMDFaFw0xNzA1MTAxNzAwMDFaMCUxEjAQBgNVBAMT
+CWxvY2FsaG9zdDEPMA0GA1UEChMGY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAo9dLuAbDY5jBAlx1UqsOQf480ni4BVbxOjEAL4PVBfIU4xmn
+F3Z+tAvmcd3oNc9JYYxXVq5sKA/HE5eWhVdXdQWX0IrTHraJAXvRlHuu1TSuTvuq
+7QgQVFbZdWzRfvukLoKPDm1DtI5BFJ7L83j8RJy6tyvek4KzsHtG3JKoVzoz5+Hz
+7fL7gE76Dr82uH1t9WouZ5oXS2HgBR0l9CTYxARa6OMrr/+r4w1RoYDXnrlit5Ft
+81mQAVibnei9dN3EXoECUflclQ1nip12XVuoH9GXF6AetzDsbhInYvRoxm1Q9pNz
+g/L1QswPkF5MCuSIkkwgtHazZkIWlUKqPMVtIQIDAQABoy8wLTAJBgNVHRMEAjAA
+MAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsF
+AAOCAQEAuJ1ruPLP2WdRZz5bb/qgaBqADUVKJu3Ny9TsEK/oZzUwgWVc4hvsiFms
+gj/JVmXy4f36s6VLfOiDNHI6jIb31wvfduYV58Z+IUXMyj9OV4ZxqpQBqS9YK1Gq
+2AChr1wYUs+WmnNATwa4Q51ytTU4DcLdJTusZIfo5BAvnnz35QnQPsB11EEHRovA
+1bnzvG6uKAG0MjxNvXpWRUImNXrIKrbRXnvu5FDXAVMPg674g1QMhaa6SlPO5bFP
+meg4+1jH2tUMKR8qCS4KfOfbccNF/u09pRYcMJwiTXu++gCAu1il9jn0C5zxX3Ni
+GKm0/sj2BpZf9D4Kl8LppAIxcphBUg==
+-----END CERTIFICATE-----

data/spec/fixtures/client/key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAo9dLuAbDY5jBAlx1UqsOQf480ni4BVbxOjEAL4PVBfIU4xmn
+F3Z+tAvmcd3oNc9JYYxXVq5sKA/HE5eWhVdXdQWX0IrTHraJAXvRlHuu1TSuTvuq
+7QgQVFbZdWzRfvukLoKPDm1DtI5BFJ7L83j8RJy6tyvek4KzsHtG3JKoVzoz5+Hz
+7fL7gE76Dr82uH1t9WouZ5oXS2HgBR0l9CTYxARa6OMrr/+r4w1RoYDXnrlit5Ft
+81mQAVibnei9dN3EXoECUflclQ1nip12XVuoH9GXF6AetzDsbhInYvRoxm1Q9pNz
+g/L1QswPkF5MCuSIkkwgtHazZkIWlUKqPMVtIQIDAQABAoIBAEFgfJdfI4JPhtzR
+VgN5vEO7FjwJ7aw7yCAnQ2KyYUNxGMKSDum+38oqYXcYTDuEjkx9erBdA01tFkwM
+FgT5GC3a4HxXmOzNe5f692Mfg2ESF2fu5oKU0CdHTJidpm7cLOReNoVUNksK5I88
+2jc6FLewLpU+zR7hbaBDYMBNSR0cufli3/tEBC3UkDJUQhqBB99ZSF2qsvY4ayy+
+SWWspwltPQFmTcrvcWdcfx3DCHgMRexjiFMF9ITxmsAIpwB8JHtqeDQNLyzXH3s5
+Q5FQhMdzK0O5iKkukLALMlN6+VvZH92mvtN/216TbaKuFnDXwwUsHwBDfErAnyfc
+KFmidwECgYEAz8/mYg/mnqvKiUDjqM28Bpiw8WEilXMlUPBnDWCh4uOn/EemFQIY
+zF8isrrNjXmTLGO3Jidesr39VWVhMSdE8rABTj2JNyQyvgNc72E9+QRl4pp7lM6d
+H9D56MGd3r20gGffjIlsWLCIHb43eAkfwJOyoW+kr+TNUSR3RMlYBNECgYEAydUx
+GBZMMb04qVGd/rixEk8dbMSnGLzcqLet151jc5b/QmaqjPiK/0iTIQmginXERUJx
+XI3xQXUkykCuFpNdJ1KgcU1KYH1aJ6j6i62TVzgVlOFWk+z9d1zKOGXJaw/9m11U
+ThjCHz6WpH6BOy1RvRwGXLz6sU13TDwL9GVzN1ECgYBqIWUpY7GGC3pOioM6LIgA
+Xm7Pd6ov5TSDl6Mpo9ZJh7a9EuJxDDcZ+ORBn0FnJVXSb8KTi7vDUWBWAoaWkdWW
+k+i2ypqPPL9lZ1ZJMsJxsJtQFVFT+AkqvJFFG8zCeuP6SBJVNcHNsapydjjh5tb+
+hO/PnrLe2d05uYPn72QyYQKBgC41HNRC5pbMl1hMUzup1QA4FKh+LTNAqdQGmUov
+wkEIZNAy6QD1Nf1UBDsgFR0d8R1aJNHnvUAbLZ0QScrpWf5SsGDALTMB/83spc+s
+oXrqYCaBoGylaTIWkEVxKDfWpV0YdOCcUnUMwzhNrhB6Q6hj7iD1Mv+8mH9fj+0X
+/NTBAoGAcJoIVPUVI8/0WoaSyzJSS5PRYRyqBh7mMtWRJ9dn3yszaBLyzoItAwWF
+MKjwvJJJ0E1fGx2gFsHoDEek69ZvwhjoVtzciy/BOkWbetNSXDoNFtj8fZmrDurY
+6qZGKlG9NI2WN7SU1ZfWIIIV7dNkboKlSwLTwhdmZdr0dSosemc=
+-----END RSA PRIVATE KEY-----

data/spec/fixtures/client/req.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICajCCAVICAQAwJTESMBAGA1UEAxMJbG9jYWxob3N0MQ8wDQYDVQQKEwZjbGll
+bnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj10u4BsNjmMECXHVS
+qw5B/jzSeLgFVvE6MQAvg9UF8hTjGacXdn60C+Zx3eg1z0lhjFdWrmwoD8cTl5aF
+V1d1BZfQitMetokBe9GUe67VNK5O+6rtCBBUVtl1bNF++6Qugo8ObUO0jkEUnsvz
+ePxEnLq3K96TgrOwe0bckqhXOjPn4fPt8vuATvoOvza4fW31ai5nmhdLYeAFHSX0
+JNjEBFro4yuv/6vjDVGhgNeeuWK3kW3zWZABWJud6L103cRegQJR+VyVDWeKnXZd
+W6gf0ZcXoB63MOxuEidi9GjGbVD2k3OD8vVCzA+QXkwK5IiSTCC0drNmQhaVQqo8
+xW0hAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAb2KtxPDC4D8KJywEVWGUw6Y9
+wrlZGFLO1qkIjjQLfs4SBEhtTiRIlAUHT8hZWigBIBSmpEjRHzsc+EqM3OOjLtX4
+n4eUmQHnKiGIOD7D7iLdvtNAm6eWpo7+ndgTpx+JRlBiT5/lTZf5W4Hgss3ijn6P
+hT7sXajSeLlMeklG152lEdXgAtoSuhZbD9dQfm8DVS1W/Z6gJSlPY6URIENqlxK3
+63yjDcPa4RG22RDr2YHFne9UBduSzhqvupdtaz9Hwq1yHObTAB0h9gupfasppgoP
+fvxqepvJlg7Pbc5qci+bNUGfDkwkplqGab+jDOsFbpHLVM6tB8ZbaxumlJkBag==
+-----END CERTIFICATE REQUEST-----

data/spec/fixtures/password_for_files

@@ -0,0 +1 @@
+MySecretPassword

data/spec/fixtures/server/cert.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC4jCCAcqgAwIBAgIBATANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhNeVRl
+c3RDQTAeFw0xNjA1MTAxNjU3NTlaFw0xNzA1MTAxNjU3NTlaMCUxEjAQBgNVBAMT
+CWxvY2FsaG9zdDEPMA0GA1UEChMGc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAuey95MXuzVtVQlOtQ083r9fZjuJ2D6kMmu/KBAYf95dzLKa/
+OhtUVWtyQOt9kvKFEhOjKrqEifhN/635zXNkHPGAwkAj0+wQVPbrR9QcjP/7Ifrm
+GycYQ3fs7klsftcg9yplZ3haBosUoDrJ+5B3MOUjN+2XjUCdJygLRVFCz80C0ePU
+pGKiq1Uh8jLpCho3HwXq8k6VQPGREq5avRrcTjTXSA5EuBZM8sdzPYix7+zyv3Qd
+o5bHcHHfZg1FLmgH+pKThuudiq18ywCEeZpI6CqYrNbzNgmSmu1fUKq97VZFJjRQ
+Tx7TQexLK8LG3H4Oqzb9NOlwRqOgjHp9BSwvCQIDAQABoy8wLTAJBgNVHRMEAjAA
+MAsGA1UdDwQEAwIFIDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
+AAOCAQEAiN+aGl2gLGwnn9ja5aJ6es3zM7GuRkIhP0+UpUjt9j027KzXM88X5/pS
+n1rDS/yp0sWwGKU+CfPO/9zrFihZ+V5fQKNJpMo4xBr6g9lhyK3U9iRv1CB+88kD
+ad9C8HvPzftQgu+q6fv+8RfU9NbWjq/I0hW6izzOdcwK4zCN9segjfRGy6M+E9Oo
+1QTfUHHqHCDowlRSR5iFJP1RopyfBILz8dAZ98jqneYFulkrKFc8MjNP+GoLJ3Je
+2iVycYbOST4WjKurjaf7huXtYaqmFwY/dBaSDG8qrLVCGjYtf98PIFP2E+Tv8Yvw
+8TIAsXtglo5qh1hnTntnZZ3yaFgrXg==
+-----END CERTIFICATE-----

data/spec/fixtures/server/key.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAuey95MXuzVtVQlOtQ083r9fZjuJ2D6kMmu/KBAYf95dzLKa/
+OhtUVWtyQOt9kvKFEhOjKrqEifhN/635zXNkHPGAwkAj0+wQVPbrR9QcjP/7Ifrm
+GycYQ3fs7klsftcg9yplZ3haBosUoDrJ+5B3MOUjN+2XjUCdJygLRVFCz80C0ePU
+pGKiq1Uh8jLpCho3HwXq8k6VQPGREq5avRrcTjTXSA5EuBZM8sdzPYix7+zyv3Qd
+o5bHcHHfZg1FLmgH+pKThuudiq18ywCEeZpI6CqYrNbzNgmSmu1fUKq97VZFJjRQ
+Tx7TQexLK8LG3H4Oqzb9NOlwRqOgjHp9BSwvCQIDAQABAoIBAQCZTYGOXz52iXaV
+iBV3SJxsG5jB3izm4McKAeoaw0ochv5qtNs8eEhjXoMI0KPsRJhAvXxuwPiEIv99
+cOBm7VyBGQjIIsbn+N/GjwqVYWphQLi73ftaLDQvfXUZTeVt+MivxH90f6ILfyZ0
+r8TX7ti4slcFyJyL1dk+7h/M+iIS4FkYAkXUQdf8cYmF9vdUONQQ4owRshqmjB8+
+CndHrz70DqfCMuwee7NXWt99DzlqpHqYr0s36SB+euepFrqWzPcfuajEjq42tz6l
+d1VeRLCbyMKVOvGnUhEvQQo6JRebz55l7EYWA/gg9eh4n6qHuCfHf1gB1KZDBSjm
+mvgdc4PZAoGBAOyop18aMwiUU9eSR6onePfGl3PPLIlYE1dNamtUzY6qcNQ/Cz2R
+QiDYC9RuGVWDUyBL+tM/5+vDMD/PK2YWaYVm8PSHAkC8BnD6mMOo1SGPVH/1HshC
+2nyUPSOqlrZ5gCTQy+jNgYQqg6Bbl/x9uWZcFAXXSNqDiFzoJwxys2nbAoGBAMke
+owjEM6fuY4aKx9ngzOzK8PKwCqbNAiolVPby2/GOqsgDNcOZXHfjckMpJg1ZGil7
+L9LGDIYyZjbm9isEhB1h5PJggonHDmjwTC/fJxJeFp5Ivj8VKXSipvqDZOhEP4N/
+y4LGAOEL6m1xOCnZzgyju1yNGjtRLx+yEKX6zPnrAoGBANx5VswbvVWN0fov9gHI
+GkNDSQ+D/6rIWeRoY+8wJvx1Pv4M6azm6aNtgr/Z/lITMVsSTc+GZsrWodmgaH8H
+/DBisbItIOUsBhg07iLB5CUKwZ8fvhi1Z5TOCZNztkqzMLWbq4vsAHAfp1a6XgLF
+IfcBa0nxwZaJGX3sbYyEQy8nAoGAY3may/g3UIVRhrdX2AUfdrN975tw+UWHH49t
+ceN3NAgLongr/H37RXUjC+LrZki+7ut2IPtCMJH3Coq8EVTff6Tu148yobDqCK9q
+D3eBXM1axJlYN91grsbQbjHVFCjFfWYVI66JusXpAo6wZ8rJ5miJgGJuKg6ijzvE
+jkP5ZFcCgYEAxZFA5htznu0XDqhnlylo4N+V4ERfC86AjL3x0DDcFEYtzKKvI0AO
+i7n9UQgT1YisFhG5nPJ+iMxliqACbHm00k5pua6ediBVWCUWEwVi9Uu4geQU7C6G
+wLGiHPqLCzHGMFGWj1TSqg/Fd08meF0R/L36KlPI1na+EAbEvrefhXk=
+-----END RSA PRIVATE KEY-----

data/spec/fixtures/server/key_password

@@ -0,0 +1 @@
+MySecretPassword

data/spec/fixtures/server/rabbitmq.config

@@ -0,0 +1,10 @@
+[
+  {rabbit, [
+     {ssl_listeners, [5671]},
+     {ssl_options, [{cacertfile,"../testca/cacert.pem"},
+                    {certfile,"./cert.pem"},
+                    {keyfile,"./key.pem"},
+                    {verify,verify_peer},
+                    {fail_if_no_peer_cert,false}]}
+   ]}
+].

data/spec/fixtures/server/req.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICajCCAVICAQAwJTESMBAGA1UEAxMJbG9jYWxob3N0MQ8wDQYDVQQKEwZzZXJ2
+ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC57L3kxe7NW1VCU61D
+Tzev19mO4nYPqQya78oEBh/3l3Mspr86G1RVa3JA632S8oUSE6MquoSJ+E3/rfnN
+c2Qc8YDCQCPT7BBU9utH1ByM//sh+uYbJxhDd+zuSWx+1yD3KmVneFoGixSgOsn7
+kHcw5SM37ZeNQJ0nKAtFUULPzQLR49SkYqKrVSHyMukKGjcfBeryTpVA8ZESrlq9
+GtxONNdIDkS4Fkzyx3M9iLHv7PK/dB2jlsdwcd9mDUUuaAf6kpOG652KrXzLAIR5
+mkjoKpis1vM2CZKa7V9Qqr3tVkUmNFBPHtNB7Esrwsbcfg6rNv006XBGo6CMen0F
+LC8JAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAFKV3mbWhNsvwi1h+Hhqt1Yyu
+MPL+eXhcNSg4xev8Wf0TVRxNRXwlrXOqMWb75Q3ik0vvjR6LQSEEp20obwjuynQF
+DnIoBza4M9QI8aanA5vlF8h9tNROER2PPsc7CHiCuh7Nga1IrCza286tPtaSHICJ
+Rbis9EnVaAqF/haofqWzYoodz5RRU6tS4HXpkqtHGDMGA/dCIzZmTSOo+cSp+w5N
+Nyx+DnI6w60VQDQJcwwMa+oIPvGdgAOEJ2tosiyJfVpbLNW5kaDun7kwqJ8eELV6
+l/BxgRJAbg+SOq3BdY1c0v1kpym3IaaIc7hUHnEGsZw+8pinC2hiJDUo1sK7RA==
+-----END CERTIFICATE REQUEST-----

data/spec/fixtures/testca/cacert.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAbCgAwIBAgIJALRwatuOz4bfMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNV
+BAMMCE15VGVzdENBMCAXDTE2MDUxMDE2NTY0MFoYDzMwMTUwOTExMTY1NjQwWjAT
+MREwDwYDVQQDDAhNeVRlc3RDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALj98fWtjaForBa3XSrHjiYq+Mb7yzz+uW1lB+ZfCpM7xuXPjTyn3MZM5R5n
+vQd1lnRgd5cdW7sMrp2wHo5/VLsMHNUEANZMwRBmYMe7YL5lNAUbIBC9acHd7/UX
+NnGcZja0AqsphljVKqOAX2jVZcaAh0ttxXJI8FCUX3JOeHN1qrLp04xOgqFbW2Ii
+s7aeHwN/HiUci4MNW2SzrTSMko9X0SssKwrsaxo3Qe83fnP0nLAfGBBV8GBMdmvX
+C96rZwa2yBIeldPRNnJyL7K3SC885OjrTbPTZ0gNFxnDDKwVhx7PojznT1/OdYp6
+90BU56z1bZ+G5RjhnWXUekMDaNsCAwEAAaMdMBswDAYDVR0TBAUwAwEB/zALBgNV
+HQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBACNRYKlkptU7WdhS7jfquHkHGAl2
+ix53E3ifHWRLYqWqlcwSyIh8iqD094iUUK9awTWUTQu4ccL+XT3UhpaEOi4BiyUQ
+4RN4OT15vmEl5pW9nzfsfvkgJtqfomnIgsWeV8qiCUeL1IbPW6LsAz8RQJFuOf+e
+bt8O1JFGJNy+II/QdBouZwjlijQO6FHWeckAshI/n+snntkOqTsOF+7WPfaC4Grn
+8pCP66XzN0/qPLnR3ZeHq7jhS0SZFfXSPC0iUMAIZq98MdPy2VJ4ayKv3QL3/T6S
+/+fkS4KiPeQP2+tOGz757cdDHooFbdV2nYwSpuY/GzjL2Sh5Qc/+Ew6RVUw=
+-----END CERTIFICATE-----

data/spec/fixtures/testca/certs/01.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC4jCCAcqgAwIBAgIBATANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhNeVRl
+c3RDQTAeFw0xNjA1MTAxNjU3NTlaFw0xNzA1MTAxNjU3NTlaMCUxEjAQBgNVBAMT
+CWxvY2FsaG9zdDEPMA0GA1UEChMGc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAuey95MXuzVtVQlOtQ083r9fZjuJ2D6kMmu/KBAYf95dzLKa/
+OhtUVWtyQOt9kvKFEhOjKrqEifhN/635zXNkHPGAwkAj0+wQVPbrR9QcjP/7Ifrm
+GycYQ3fs7klsftcg9yplZ3haBosUoDrJ+5B3MOUjN+2XjUCdJygLRVFCz80C0ePU
+pGKiq1Uh8jLpCho3HwXq8k6VQPGREq5avRrcTjTXSA5EuBZM8sdzPYix7+zyv3Qd
+o5bHcHHfZg1FLmgH+pKThuudiq18ywCEeZpI6CqYrNbzNgmSmu1fUKq97VZFJjRQ
+Tx7TQexLK8LG3H4Oqzb9NOlwRqOgjHp9BSwvCQIDAQABoy8wLTAJBgNVHRMEAjAA
+MAsGA1UdDwQEAwIFIDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
+AAOCAQEAiN+aGl2gLGwnn9ja5aJ6es3zM7GuRkIhP0+UpUjt9j027KzXM88X5/pS
+n1rDS/yp0sWwGKU+CfPO/9zrFihZ+V5fQKNJpMo4xBr6g9lhyK3U9iRv1CB+88kD
+ad9C8HvPzftQgu+q6fv+8RfU9NbWjq/I0hW6izzOdcwK4zCN9segjfRGy6M+E9Oo
+1QTfUHHqHCDowlRSR5iFJP1RopyfBILz8dAZ98jqneYFulkrKFc8MjNP+GoLJ3Je
+2iVycYbOST4WjKurjaf7huXtYaqmFwY/dBaSDG8qrLVCGjYtf98PIFP2E+Tv8Yvw
+8TIAsXtglo5qh1hnTntnZZ3yaFgrXg==
+-----END CERTIFICATE-----

data/spec/fixtures/testca/certs/02.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC4jCCAcqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhNeVRl
+c3RDQTAeFw0xNjA1MTAxNzAwMDFaFw0xNzA1MTAxNzAwMDFaMCUxEjAQBgNVBAMT
+CWxvY2FsaG9zdDEPMA0GA1UEChMGY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAo9dLuAbDY5jBAlx1UqsOQf480ni4BVbxOjEAL4PVBfIU4xmn
+F3Z+tAvmcd3oNc9JYYxXVq5sKA/HE5eWhVdXdQWX0IrTHraJAXvRlHuu1TSuTvuq
+7QgQVFbZdWzRfvukLoKPDm1DtI5BFJ7L83j8RJy6tyvek4KzsHtG3JKoVzoz5+Hz
+7fL7gE76Dr82uH1t9WouZ5oXS2HgBR0l9CTYxARa6OMrr/+r4w1RoYDXnrlit5Ft
+81mQAVibnei9dN3EXoECUflclQ1nip12XVuoH9GXF6AetzDsbhInYvRoxm1Q9pNz
+g/L1QswPkF5MCuSIkkwgtHazZkIWlUKqPMVtIQIDAQABoy8wLTAJBgNVHRMEAjAA
+MAsGA1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsF
+AAOCAQEAuJ1ruPLP2WdRZz5bb/qgaBqADUVKJu3Ny9TsEK/oZzUwgWVc4hvsiFms
+gj/JVmXy4f36s6VLfOiDNHI6jIb31wvfduYV58Z+IUXMyj9OV4ZxqpQBqS9YK1Gq
+2AChr1wYUs+WmnNATwa4Q51ytTU4DcLdJTusZIfo5BAvnnz35QnQPsB11EEHRovA
+1bnzvG6uKAG0MjxNvXpWRUImNXrIKrbRXnvu5FDXAVMPg674g1QMhaa6SlPO5bFP
+meg4+1jH2tUMKR8qCS4KfOfbccNF/u09pRYcMJwiTXu++gCAu1il9jn0C5zxX3Ni
+GKm0/sj2BpZf9D4Kl8LppAIxcphBUg==
+-----END CERTIFICATE-----

data/spec/fixtures/testca/index.txt

@@ -0,0 +1,2 @@
+V	170510165759Z		01	unknown	/CN=localhost/O=server
+V	170510170001Z		02	unknown	/CN=localhost/O=client

data/spec/fixtures/testca/index.txt.attr

@@ -0,0 +1 @@
+unique_subject = yes

data/spec/fixtures/testca/index.txt.attr.old

@@ -0,0 +1 @@
+unique_subject = yes

data/spec/fixtures/testca/index.txt.old

@@ -0,0 +1 @@
+V	170510165759Z		01	unknown	/CN=localhost/O=server

data/spec/fixtures/testca/openssl.cnf

@@ -0,0 +1,53 @@
+[ ca ]
+default_ca = testca
+
+[ testca ]
+dir = .
+certificate = $dir/cacert.pem
+database = $dir/index.txt
+new_certs_dir = $dir/certs
+private_key = $dir/private/cakey.pem
+serial = $dir/serial
+
+default_crl_days = 7
+default_days = 365
+default_md = sha256
+
+policy = testca_policy
+x509_extensions = certificate_extensions
+
+[ testca_policy ]
+commonName = supplied
+stateOrProvinceName = optional
+countryName = optional
+emailAddress = optional
+organizationName = optional
+organizationalUnitName = optional
+
+[ certificate_extensions ]
+basicConstraints = CA:false
+
+[ req ]
+default_bits = 2048
+default_keyfile = ./private/cakey.pem
+default_md = sha256
+prompt = yes
+distinguished_name = root_ca_distinguished_name
+x509_extensions = root_ca_extensions
+
+[ root_ca_distinguished_name ]
+commonName = hostname
+
+[ root_ca_extensions ]
+basicConstraints = CA:true
+keyUsage = keyCertSign, cRLSign
+
+[ client_ca_extensions ]
+basicConstraints = CA:false
+keyUsage = digitalSignature
+extendedKeyUsage = 1.3.6.1.5.5.7.3.2
+
+[ server_ca_extensions ]
+basicConstraints = CA:false
+keyUsage = keyEncipherment
+extendedKeyUsage = 1.3.6.1.5.5.7.3.1

data/spec/fixtures/testca/private/cakey.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAuP3x9a2NoWisFrddKseOJir4xvvLPP65bWUH5l8KkzvG5c+N
+PKfcxkzlHme9B3WWdGB3lx1buwyunbAejn9Uuwwc1QQA1kzBEGZgx7tgvmU0BRsg
+EL1pwd3v9Rc2cZxmNrQCqymGWNUqo4BfaNVlxoCHS23FckjwUJRfck54c3WqsunT
+jE6CoVtbYiKztp4fA38eJRyLgw1bZLOtNIySj1fRKywrCuxrGjdB7zd+c/ScsB8Y
+EFXwYEx2a9cL3qtnBrbIEh6V09E2cnIvsrdILzzk6OtNs9NnSA0XGcMMrBWHHs+i
+POdPX851inr3QFTnrPVtn4blGOGdZdR6QwNo2wIDAQABAoIBADoXZLflfChHmmK3
+ygX5DGZn8B9sSnIo+0mjBEwPZF6/0sGv34ZAoE+VLg3SPcXt4wVAlc1aZsfiP6M8
+/xt4WL80Gom57BlfmPDxdUrDSKoBVciUsAkRsfgzHXs1gt9CYcaj2IKvU4Tpy630
+TgG5oXAoRFQncG1nAjALp71ZbvGyZDOK2+/Vjs0NITyC+4srnafiF8pwLXmgm0Zj
+FVyCy8H/dwt7/pJKKkDX8Mq6kdvvROg8QDqTyCsTn3qAfDQUjO1BJje7x31E+lXW
+/FgUqs43ATU2HVczP0fbBZeGeFFTRycypmmSXYb9eZ05mDf8cm93V8KMPkTVh4Pu
+6/kF8AECgYEA8VpoTggar66f/0rfxX263q+L5YD8fwfuqcjLx/Bnuzpp1POhsTLD
+Gv0W5FcAf4i1jfnBevrk9q9WFnnUpUvX7Y+e1cvK9M5BuVRs77C4mE5IQ7hcHN6I
+vNgYihIK/PTVXYrT2j1EFLBwD2QWwO7BcV5aAiShlce7qC8fJeAhRtsCgYEAxDft
+QIUHm2MIzZD25q6fkki1Rx0ifOjO7AlK0NIyxQ+gsxZQrrUsSqcgC/W3XJSONeCY
+UjbHRQmhzkexA6ZFjgrL39qHL9x0kzle1dZ+oFGVQKiIMWn1WfEL0baDxMjFKDQt
+xF0SWRHZsIDPUjZzPTyfaPf8I148pIoSILB7BgECgYEA3679ioxiRz5dlNqM59ku
+DuK9klfoK8drPzoU+1nomZJ6sV2XFsZIIsQ7qiakFI7cTRgTZGoRODuqWqxRE11m
+Ywq/l8AHermKGjyPtdmgS7AJs5Gy9SKdsf/JRnWQb35uHQLkc5hid5ZKVUla+TaO
+XAao/uF6THnPhwEdKho+XQ8CgYEAiyQBiJQM/eIvVt4qRxCjNS975M7DKwJH4VcB
+h6zWtajMUtJLKmhs3Q9ACVsXyH3LjmcSfJI9ojYfWFC8NJNOlVgQlE+5N3ZD8DZp
+ioeMyZCwnuYjla7Gfh4RPIgJTpz0OfsuTSWWojSnQqNE4M6dz1nSzLO1RztHE4KZ
+MjcTNgECgYEAmeEA8KJzfsSgjjbhOmzxEJwRxzq0HTknTmWyEIamQBgFhaQ3AqZ+
+cZWkqS34foKxjLLXp3AMukpS50yRB98Wzaa7eoA/H0zXlRjA6id9qFuCXt+E9e/5
+sjPhQphj8473SsviSndT29JadTHgY8nSmXtxx+whO29D9Ods0laGb8A=
+-----END RSA PRIVATE KEY-----

data/spec/fixtures/testca/serial

@@ -0,0 +1 @@
+03

data/spec/fixtures/testca/serial.old

@@ -0,0 +1 @@
+02

data/spec/plugin_mixins/rabbitmq_connection_spec.rb

@@ -34,9 +34,10 @@ describe LogStash::PluginMixins::RabbitMQConnection do
 
     let(:rabbitmq_settings) { super.merge({"connection_timeout" => 123,
                                            "heartbeat" => 456,
-                                           "ssl" => "TLS1.2",
-                                           "tls_certificate_path" => path,
-                                           "tls_certificate_password" => "123"}) }
+                                           "ssl" => true,
+                                           "ssl_version" => "TLSv1.1",
+                                           "ssl_certificate_path" => path,
+                                           "ssl_certificate_password" => "123"}) }
 
     it "should set the timeout to the expected value" do
       expect(instance.rabbitmq_settings[:timeout]).to eql(rabbitmq_settings["connection_timeout"])
@@ -47,15 +48,15 @@ describe LogStash::PluginMixins::RabbitMQConnection do
     end
 
     it "should set tls to the expected value" do
-      expect(instance.rabbitmq_settings[:tls]).to eql(rabbitmq_settings["ssl"])
+      expect(instance.rabbitmq_settings[:tls]).to eql("TLSv1.1")
     end
 
     it "should set tls_certificate_path to the expected value" do
-      expect(instance.rabbitmq_settings[:tls_certificate_path]).to eql(rabbitmq_settings["tls_certificate_path"])
+      expect(instance.rabbitmq_settings[:tls_certificate_path]).to eql(rabbitmq_settings["ssl_certificate_path"])
     end
 
     it "should set tls_certificate_password to the expected value" do
-      expect(instance.rabbitmq_settings[:tls_certificate_password]).to eql(rabbitmq_settings["tls_certificate_password"])
+      expect(instance.rabbitmq_settings[:tls_certificate_password]).to eql(rabbitmq_settings["ssl_certificate_password"])
     end
   end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-mixin-rabbitmq_connection
 version: !ruby/object:Gem::Version
-  version: 4.0.1
+  version: 4.1.0
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-05-09 00:00:00.000000000 Z
+date: 2016-05-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstash-core-plugin-api
@@ -111,6 +111,29 @@ files:
 - Rakefile
 - lib/logstash/plugin_mixins/rabbitmq_connection.rb
 - logstash-mixin-rabbitmq_connection.gemspec
+- spec/fixtures/client/cert.pem
+- spec/fixtures/client/key.pem
+- spec/fixtures/client/keycert.p12
+- spec/fixtures/client/req.pem
+- spec/fixtures/password_for_files
+- spec/fixtures/server/cert.pem
+- spec/fixtures/server/key.pem
+- spec/fixtures/server/key_password
+- spec/fixtures/server/keycert.p12
+- spec/fixtures/server/rabbitmq.config
+- spec/fixtures/server/req.pem
+- spec/fixtures/testca/cacert.cer
+- spec/fixtures/testca/cacert.pem
+- spec/fixtures/testca/certs/01.pem
+- spec/fixtures/testca/certs/02.pem
+- spec/fixtures/testca/index.txt
+- spec/fixtures/testca/index.txt.attr
+- spec/fixtures/testca/index.txt.attr.old
+- spec/fixtures/testca/index.txt.old
+- spec/fixtures/testca/openssl.cnf
+- spec/fixtures/testca/private/cakey.pem
+- spec/fixtures/testca/serial
+- spec/fixtures/testca/serial.old
 - spec/plugin_mixins/rabbitmq_connection_spec.rb
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses:
@@ -137,4 +160,27 @@ signing_key:
 specification_version: 4
 summary: Common functionality for RabbitMQ plugins
 test_files:
+- spec/fixtures/client/cert.pem
+- spec/fixtures/client/key.pem
+- spec/fixtures/client/keycert.p12
+- spec/fixtures/client/req.pem
+- spec/fixtures/password_for_files
+- spec/fixtures/server/cert.pem
+- spec/fixtures/server/key.pem
+- spec/fixtures/server/key_password
+- spec/fixtures/server/keycert.p12
+- spec/fixtures/server/rabbitmq.config
+- spec/fixtures/server/req.pem
+- spec/fixtures/testca/cacert.cer
+- spec/fixtures/testca/cacert.pem
+- spec/fixtures/testca/certs/01.pem
+- spec/fixtures/testca/certs/02.pem
+- spec/fixtures/testca/index.txt
+- spec/fixtures/testca/index.txt.attr
+- spec/fixtures/testca/index.txt.attr.old
+- spec/fixtures/testca/index.txt.old
+- spec/fixtures/testca/openssl.cnf
+- spec/fixtures/testca/private/cakey.pem
+- spec/fixtures/testca/serial
+- spec/fixtures/testca/serial.old
 - spec/plugin_mixins/rabbitmq_connection_spec.rb