RubyGems - logstash-output-elasticsearch - Versions diffs - 11.15.6-java → 11.15.7-java - Mend

logstash-output-elasticsearch 11.15.6-java → 11.15.7-java

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3 -0
data/lib/logstash/outputs/elasticsearch/http_client_builder.rb +8 -6
data/logstash-output-elasticsearch.gemspec +1 -1
data/spec/unit/outputs/elasticsearch_ssl_spec.rb +3 -3
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6765698cd332b5580c1b49535a5547a145547bf10fc3d16441f5a0188607f432
-  data.tar.gz: bff7bc6c7003596a85d06e4fb2217d807c6d842b03a270de140022afcd1afe01
+  metadata.gz: af8e8cfe5c9fa5cf8f363ab815476c526a7933735eb857e2d3976136c9c0193c
+  data.tar.gz: 8a15434d71177085ed47a7ee9664d3f0e26d4b57f89f4108342a04634c2b3fa1
 SHA512:
-  metadata.gz: acd145b600d7985750baf4a3d0304c41a713400e22d5f09180497fbb4df624d32910bb475f7660f1a34c1a5ac9eee7ba43a40c1404f054644628ffc16fcf30b8
-  data.tar.gz: ee3c3bc4a56296229af8a7b776e205900584705d9daaf1f3c1cc5d1061f2e87e70cc8ffd7298d6442b630ac7ca5d453ab27b33de7b287e34ac5be23772343b0a
+  metadata.gz: 6cf6cff9c48ed0a7ea9e6662b4cd02c370a9f6ece098754cb23f3e40aa4e52c33b678acd53594a48bdb47835623bfd8d5d357f20c99abf9b20e5b20cab1818bf
+  data.tar.gz: 62cd5bd83d381bd89d17bdbb9542b27285e60a09de6dfa09ac9e937b32e594e28833b8faa252b41b8ed4dd4a0dc91c91729ad31a56c25318704cb58d0e978bf1

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,6 @@
+## 11.15.7
+  - Fixes a regression introduced in 11.14.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations [#1138](https://github.com/logstash-plugins/logstash-output-elasticsearch/issues/1138)
 ## 11.15.6
   - Fix: avoid to reject a batch when the Elasticsearch connection is alive and the processing should continue [#1132](https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1132).

data/lib/logstash/outputs/elasticsearch/http_client_builder.rb CHANGED Viewed

@@ -144,12 +144,14 @@ module LogStash; module Outputs; class ElasticSearch;
       ssl_verification_mode = params["ssl_verification_mode"]
       unless ssl_verification_mode.nil?
         case ssl_verification_mode
-          when 'none'
-            logger.warn "You have enabled encryption but DISABLED certificate verification, " +
-                          "to make sure your data is secure set `ssl_verification_mode => full`"
-            ssl_options[:verify] = :disable
-          else
-            ssl_options[:verify] = :strict
+        when 'none'
+          logger.warn "You have enabled encryption but DISABLED certificate verification, " +
+                        "to make sure your data is secure set `ssl_verification_mode => full`"
+          ssl_options[:verify] = :disable
+        else
+          # Manticore's :default maps to Apache HTTP Client's DefaultHostnameVerifier,
+          # which is the modern STRICT verifier that replaces the deprecated StrictHostnameVerifier
+          ssl_options[:verify] = :default
         end
       end

data/logstash-output-elasticsearch.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-output-elasticsearch'
-  s.version         = '11.15.6'
+  s.version         = '11.15.7'
   s.licenses        = ['apache-2.0']
   s.summary         = "Stores logs in Elasticsearch"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/unit/outputs/elasticsearch_ssl_spec.rb CHANGED Viewed

@@ -55,7 +55,7 @@ describe "SSL options" do
       it "should pass the flag to the ES client" do
         expect(::Manticore::Client).to receive(:new) do |args|
-          expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :strict)
+          expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :default)
         end.and_return(manticore_double)
         subject.register
@@ -132,7 +132,7 @@ describe "SSL options" do
                                       :truststore => ssl_truststore_path,
                                       :truststore_type => "jks",
                                       :truststore_password => "foo",
-                                      :verify => :strict,
+                                      :verify => :default,
                                       :cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
                                       :protocols => ["TLSv1.3"],
                                     )
@@ -168,7 +168,7 @@ describe "SSL options" do
                                       :ca_file => ssl_certificate_authorities_path,
                                       :client_cert => ssl_certificate_path,
                                       :client_key => ssl_key_path,
-                                      :verify => :strict,
+                                      :verify => :default,
                                       :cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
                                       :protocols => ["TLSv1.3"],
                                     )

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-elasticsearch
 version: !ruby/object:Gem::Version
-  version: 11.15.6
+  version: 11.15.7
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-31 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement