logstash-output-elasticsearch 6.2.1-java → 6.2.2-java
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e928c352ff9142db2275179850ffc1d83429bad1
|
4
|
+
data.tar.gz: eddc0f4e40153c9a04eee2fd962dd2a8cc16a762
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c4f28bda7b2a2a1d7abcb3e6c490be2e934ca09212bf8fbe73221f755be7fdb3a52977e219acf1cf79d09c59f8d63c0619b3653580fec3107b5725ded6279cbc
|
7
|
+
data.tar.gz: 71b74147d53ed2a662ceff0bbec1e1896c34ef984f92bed18096eec4c057eed9d05f111b4dca12346d6129fab022389ae6b384e85733f0d23ec12a1232d15f5e
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,10 @@
|
|
1
|
+
## 6.2.2
|
2
|
+
- Fixed a bug that forced users to URL encode the `password` option.
|
3
|
+
If you are currently manually escaping your passwords upgrading to this version
|
4
|
+
will break authentication. You should unescape your password if you have implemented
|
5
|
+
this workaround as it will otherwise be doubly encoded.
|
6
|
+
URL escaping is STILL required for passwords inline with URLs in the `hosts` option.
|
7
|
+
|
1
8
|
## 6.2.1
|
2
9
|
- When an HTTP error is encountered, log the response body instead of the request.
|
3
10
|
The request body will still be logged at debug level.
|
@@ -87,6 +87,8 @@ module LogStash; module Outputs; class ElasticSearch
|
|
87
87
|
# `["https://127.0.0.1:9200/mypath"]` (If using a proxy on a subpath)
|
88
88
|
# It is important to exclude http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html[dedicated master nodes] from the `hosts` list
|
89
89
|
# to prevent LS from sending bulk requests to the master nodes. So this parameter should only reference either data or client nodes in Elasticsearch.
|
90
|
+
#
|
91
|
+
# Any special characters present in the URLs here MUST be URL escaped! This means `#` should be put in as `%23` for instance.
|
90
92
|
mod.config :hosts, :validate => :uri, :default => [::LogStash::Util::SafeURI.new("//127.0.0.1")], :list => true
|
91
93
|
|
92
94
|
# This plugin uses the bulk index API for improved indexing performance.
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'cgi'
|
2
|
+
|
1
3
|
module LogStash; module Outputs; class ElasticSearch;
|
2
4
|
module HttpClientBuilder
|
3
5
|
def self.build(logger, hosts, params)
|
@@ -119,11 +121,28 @@ module LogStash; module Outputs; class ElasticSearch;
|
|
119
121
|
|
120
122
|
def self.setup_basic_auth(logger, params)
|
121
123
|
user, password = params["user"], params["password"]
|
122
|
-
|
124
|
+
unsafe_password = password && password.value
|
125
|
+
unsafe_escaped_password = unsafe_password ? CGI.escape(unsafe_password) : nil
|
126
|
+
|
127
|
+
# TODO: Remove this when we release LS6.0.0
|
128
|
+
if unsafe_password =~ /%[0-9A-Fa-f]{2}/
|
129
|
+
m <<-EOM
|
130
|
+
The Elasticsearch output was provided a password that looks like it includes URL encoded characters.
|
131
|
+
Previous versions of this plugin had a bug that required a workaround where users needed to manually
|
132
|
+
URL encode special characters in the password field. Given this, URL encoded strings will
|
133
|
+
be doubly escaped making authentication fail. This may not apply to you.
|
134
|
+
If your password just happens to include string parts that simply look
|
135
|
+
like URL encoded strings like '%2F' but are in fact just a part of your
|
136
|
+
password then you can safely ignore this message.
|
137
|
+
EOM
|
138
|
+
@logger.warn(m)
|
139
|
+
end
|
140
|
+
|
141
|
+
return {} unless user && unsafe_escaped_password
|
123
142
|
|
124
143
|
{
|
125
144
|
:user => user,
|
126
|
-
:password =>
|
145
|
+
:password => unsafe_escaped_password
|
127
146
|
}
|
128
147
|
end
|
129
148
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-output-elasticsearch'
|
4
|
-
s.version = '6.2.
|
4
|
+
s.version = '6.2.2'
|
5
5
|
s.licenses = ['apache-2.0']
|
6
6
|
s.summary = "Logstash Output to Elasticsearch"
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
@@ -6,7 +6,7 @@ describe LogStash::Outputs::ElasticSearch::HttpClientBuilder do
|
|
6
6
|
describe "auth setup with url encodable passwords" do
|
7
7
|
let(:klass) { LogStash::Outputs::ElasticSearch::HttpClientBuilder }
|
8
8
|
let(:user) { "foo@bar"}
|
9
|
-
let(:password) {"
|
9
|
+
let(:password) {"bazblah" }
|
10
10
|
let(:password_secured) do
|
11
11
|
secured = double("password")
|
12
12
|
allow(secured).to receive(:value).and_return(password)
|
@@ -23,5 +23,13 @@ describe LogStash::Outputs::ElasticSearch::HttpClientBuilder do
|
|
23
23
|
it "should return the password verbatim" do
|
24
24
|
expect(auth_setup[:password]).to eql(password)
|
25
25
|
end
|
26
|
+
|
27
|
+
context "passwords that need escaping" do
|
28
|
+
let(:password) { "foo@bar#" }
|
29
|
+
|
30
|
+
it "should escape the password" do
|
31
|
+
expect(auth_setup[:password]).to eql("foo%40bar%23")
|
32
|
+
end
|
33
|
+
end
|
26
34
|
end
|
27
|
-
end
|
35
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-output-elasticsearch
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.2.
|
4
|
+
version: 6.2.2
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-01-
|
11
|
+
date: 2017-01-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|