RubyGems - logstash-output-elasticsearch - Versions diffs - 11.15.6-java → 11.15.7-java - Mend

logstash-output-elasticsearch 11.15.6-java → 11.15.7-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3 -0
data/lib/logstash/outputs/elasticsearch/http_client_builder.rb +8 -6
data/logstash-output-elasticsearch.gemspec +1 -1
data/spec/unit/outputs/elasticsearch_ssl_spec.rb +3 -3
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6765698cd332b5580c1b49535a5547a145547bf10fc3d16441f5a0188607f432
-  data.tar.gz: bff7bc6c7003596a85d06e4fb2217d807c6d842b03a270de140022afcd1afe01
+  metadata.gz: af8e8cfe5c9fa5cf8f363ab815476c526a7933735eb857e2d3976136c9c0193c
+  data.tar.gz: 8a15434d71177085ed47a7ee9664d3f0e26d4b57f89f4108342a04634c2b3fa1
 SHA512:
-  metadata.gz: acd145b600d7985750baf4a3d0304c41a713400e22d5f09180497fbb4df624d32910bb475f7660f1a34c1a5ac9eee7ba43a40c1404f054644628ffc16fcf30b8
-  data.tar.gz: ee3c3bc4a56296229af8a7b776e205900584705d9daaf1f3c1cc5d1061f2e87e70cc8ffd7298d6442b630ac7ca5d453ab27b33de7b287e34ac5be23772343b0a
+  metadata.gz: 6cf6cff9c48ed0a7ea9e6662b4cd02c370a9f6ece098754cb23f3e40aa4e52c33b678acd53594a48bdb47835623bfd8d5d357f20c99abf9b20e5b20cab1818bf
+  data.tar.gz: 62cd5bd83d381bd89d17bdbb9542b27285e60a09de6dfa09ac9e937b32e594e28833b8faa252b41b8ed4dd4a0dc91c91729ad31a56c25318704cb58d0e978bf1

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,6 @@
+## 11.15.7
+  - Fixes a regression introduced in 11.14.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations [#1138](https://github.com/logstash-plugins/logstash-output-elasticsearch/issues/1138)
 ## 11.15.6
   - Fix: avoid to reject a batch when the Elasticsearch connection is alive and the processing should continue [#1132](https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1132).

data/lib/logstash/outputs/elasticsearch/http_client_builder.rb CHANGED Viewed

@@ -144,12 +144,14 @@ module LogStash; module Outputs; class ElasticSearch;
       ssl_verification_mode = params["ssl_verification_mode"]
       unless ssl_verification_mode.nil?
         case ssl_verification_mode
-          when 'none'
-            logger.warn "You have enabled encryption but DISABLED certificate verification, " +
-                          "to make sure your data is secure set `ssl_verification_mode => full`"
-            ssl_options[:verify] = :disable
-          else
-            ssl_options[:verify] = :strict
+        when 'none'
+          logger.warn "You have enabled encryption but DISABLED certificate verification, " +
+                        "to make sure your data is secure set `ssl_verification_mode => full`"
+          ssl_options[:verify] = :disable
+        else
+          # Manticore's :default maps to Apache HTTP Client's DefaultHostnameVerifier,
+          # which is the modern STRICT verifier that replaces the deprecated StrictHostnameVerifier
+          ssl_options[:verify] = :default
         end
       end

data/logstash-output-elasticsearch.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-output-elasticsearch'
-  s.version         = '11.15.6'
+  s.version         = '11.15.7'
   s.licenses        = ['apache-2.0']
   s.summary         = "Stores logs in Elasticsearch"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/unit/outputs/elasticsearch_ssl_spec.rb CHANGED Viewed

@@ -55,7 +55,7 @@ describe "SSL options" do
       it "should pass the flag to the ES client" do
         expect(::Manticore::Client).to receive(:new) do |args|
-          expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :strict)
+          expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :default)
         end.and_return(manticore_double)
         subject.register
@@ -132,7 +132,7 @@ describe "SSL options" do
                                       :truststore => ssl_truststore_path,
                                       :truststore_type => "jks",
                                       :truststore_password => "foo",
-                                      :verify => :strict,
+                                      :verify => :default,
                                       :cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
                                       :protocols => ["TLSv1.3"],
                                     )
@@ -168,7 +168,7 @@ describe "SSL options" do
                                       :ca_file => ssl_certificate_authorities_path,
                                       :client_cert => ssl_certificate_path,
                                       :client_key => ssl_key_path,
-                                      :verify => :strict,
+                                      :verify => :default,
                                       :cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
                                       :protocols => ["TLSv1.3"],
                                     )

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-elasticsearch
 version: !ruby/object:Gem::Version
-  version: 11.15.6
+  version: 11.15.7
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-31 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement