logstash-output-elasticsearch 5.3.2-java → 5.3.3-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: dcf12a3d7775459fee8072e9ed5eaf77f9db915c
-  data.tar.gz: 45c8df302d9e94e23e635307bfccf27ef601a2c9
+  metadata.gz: c7215cdc391fa36759ad34115ee7bc86675154ef
+  data.tar.gz: 17afbe84a16a218fd28163f68f3a023e1dbb12c4
 SHA512:
-  metadata.gz: 143d8ea73ebe28155500c47fd1f583b3535e0283c4b9b92ba81a318c7bd9caceda4a872d7c46ce29122e366e5406cf355cc4dd85bd46d9b38a43c95aae5f87c6
-  data.tar.gz: b39d159adcdeb10dc2d21ee62490c16b199015f429028c7cf7b3223063cd3a677903f3d267401d8503b0985788c5d8ddfe8fb985102427dfd39e77ed8bbae6e2
+  metadata.gz: 1dce858308979f22de3bcf8573ba06afb7b981dda3dc13d3ef0f6f12174bc3110f3d3b8a97b2daf334eafc4bf615e92a679da28d44087d379a51f2da43f7cd5c
+  data.tar.gz: e6ed3b5b4f45651965ea1cc4270869610cfe2c645b821a46cd6beb22eebd5c3093ab57b1a301274607eff7bf935626c5bf6fae2f97daaf4c87335383158f0865

data/CHANGELOG.md

@@ -1,3 +1,6 @@
+## 5.3.3
+- Hide user/password in connection pool
+
 ## 5.3.2
 - Use byte size, not char count for bulk operation size checks
 

data/lib/logstash/outputs/elasticsearch/http_client/pool.rb

@@ -261,7 +261,7 @@ module LogStash; module Outputs; class ElasticSearch; class HttpClient;
         new_urls.each do |url|
           # URI objects don't have real hash equality! So, since this isn't perf sensitive we do a linear scan
           unless @url_info.keys.include?(url)
-            state_changes[:added] << url.to_s
+            state_changes[:added] << url
             add_url(url)
           end
         end
@@ -269,14 +269,24 @@ module LogStash; module Outputs; class ElasticSearch; class HttpClient;
         # Delete connections not in the new list
         @url_info.each do |url,_|
           unless new_urls.include?(url)
-            state_changes[:removed] << url.to_s
+            state_changes[:removed] << url
             remove_url(url)
           end
         end
       end
 
       if state_changes[:removed].size > 0 || state_changes[:added].size > 0
-        logger.info("Elasticsearch pool URLs updated", :changes => state_changes)
+        if logger.info?
+          logger.info("Elasticsearch pool URLs updated", :changes => safe_state_changes(state_changes))
+        end
+      end
+    end
+    
+    def safe_state_changes(state_changes)
+      state_changes.reduce({}) do |acc, kv|
+        k,v = kv
+        acc[k] = v.map(&LogStash::Outputs::ElasticSearch::SafeURL.method(:without_credentials)).map(&:to_s)
+        acc
       end
     end
 

data/logstash-output-elasticsearch.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
 
   s.name            = 'logstash-output-elasticsearch'
-  s.version         = '5.3.2'
+  s.version         = '5.3.3'
   s.licenses        = ['apache-2.0']
   s.summary         = "Logstash Output to Elasticsearch"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/unit/outputs/elasticsearch/http_client/pool_spec.rb

@@ -93,6 +93,21 @@ describe LogStash::Outputs::ElasticSearch::HttpClient::Pool do
       expect(subject).to have_received(:in_use_connections).twice
     end
   end
+  
+  describe "safe_state_changes" do
+    let(:state_changes) do 
+      {
+        :added => [URI.parse("http://sekretu:sekretp@foo1")],
+        :removed => [URI.parse("http://sekretu:sekretp@foo2")]
+      }
+    end
+    let(:processed) { subject.safe_state_changes(state_changes)}
+    
+    it "should hide passwords" do
+      expect(processed[:added].any? {|p| p =~ /sekretp/ }).to be false
+      expect(processed[:removed].any? {|p| p =~ /sekretp/ }).to be false
+    end
+  end
 
   describe "connection management" do
     context "with only one URL in the list" do

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-elasticsearch
 version: !ruby/object:Gem::Version
-  version: 5.3.2
+  version: 5.3.3
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-11-10 00:00:00.000000000 Z
+date: 2016-11-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement