logstash-output-elasticsearch 5.1.0-java → 5.1.1-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8e747b0ecd3b13e55c194f3baec4991095a6fe35
4
- data.tar.gz: dce871709afbdaf6d303a273d7743dc92b964212
3
+ metadata.gz: 7460d82e37205595de8bb7fb7f4a7a9cfdeb6817
4
+ data.tar.gz: 361096568a9c9c0a5fa58d9b495b761f19312b29
5
5
  SHA512:
6
- metadata.gz: 8ec8d71aea257c1bdb59122e45ac0472681dd91efd074b360678e273c7bdd15ef7211e2984a2bac84b3ebb4b2b6277c456451abf300f222e632680f40d3f2a6a
7
- data.tar.gz: f315ec0e2e6f5ed3b9fc91ec30082a9bc2cf5910def149539ba4bf62def32f45b084fd26c0e948f47f142a5ca6d86496bd2cba7d9d41aa717c6af66b6396f11e
6
+ metadata.gz: ab9ddc3ff94a908c473e79869a3fd2b41682c7facbab54183c40294119b5c23907156a16f677c3181b5f8519670843cc380cd08528b13366f4ce8db3e5837104
7
+ data.tar.gz: 4eb8391a5fb0df0666a30afabb67ba27e913dfb996e03e0a24edb9e8c73cb8214bfd1e686373385bed0d636034d812207e8930f036d6ff57b001a7c18d3378d7
data/CHANGELOG.md CHANGED
@@ -1,3 +1,6 @@
1
+ ## 5.1.1
2
+ - Hide user and password from the URL logged during sniffing process.
3
+
1
4
  ## 5.1.0
2
5
  - Add check_connection_timeout parameter (default 10m)
3
6
  - Set default timeout to 60s
@@ -1,4 +1,5 @@
1
1
  require 'manticore'
2
+ require "logstash/outputs/elasticsearch/safe_url"
2
3
 
3
4
  module LogStash; module Outputs; class ElasticSearch; class HttpClient;
4
5
  class ManticoreAdapter
@@ -28,13 +29,10 @@ module LogStash; module Outputs; class ElasticSearch; class HttpClient;
28
29
  # @see Transport::Base#perform_request
29
30
  #
30
31
  def perform_request(url, method, path, params={}, body=nil)
31
-
32
-
33
32
  params = (params || {}).merge @request_options
34
33
  params[:body] = body if body
35
34
  url_and_path = (url + path).to_s # Convert URI object to string
36
35
 
37
-
38
36
  resp = @manticore.send(method.downcase, url_and_path, params)
39
37
 
40
38
  # Manticore returns lazy responses by default
@@ -46,7 +44,8 @@ module LogStash; module Outputs; class ElasticSearch; class HttpClient;
46
44
  # template installation. We might need a better story around this later
47
45
  # but for our current purposes this is correct
48
46
  if resp.code < 200 || resp.code > 299 && resp.code != 404
49
- raise ::LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError.new(resp.code, url_and_path, body)
47
+ safe_url = ::LogStash::Outputs::ElasticSearch::SafeURL.without_credentials(url)
48
+ raise ::LogStash::Outputs::ElasticSearch::HttpClient::Pool::BadResponseCodeError.new(resp.code, safe_url + path, body)
50
49
  end
51
50
 
52
51
  resp
@@ -6,12 +6,12 @@ module LogStash; module Outputs; class ElasticSearch; class HttpClient;
6
6
 
7
7
  def initialize(response_code, url, body)
8
8
  @response_code = response_code
9
- @url = url
9
+ @url = ::LogStash::Outputs::ElasticSearch::SafeURL.without_credentials(url)
10
10
  @body = body
11
11
  end
12
12
 
13
13
  def message
14
- "Got response code '#{response_code}' contact Elasticsrearch at URL '#{@url}'"
14
+ "Got response code '#{response_code}' contact Elasticsearch at URL '#{@url}'"
15
15
  end
16
16
  end
17
17
  class HostUnreachableError < Error;
@@ -19,7 +19,7 @@ module LogStash; module Outputs; class ElasticSearch; class HttpClient;
19
19
 
20
20
  def initialize(original_error, url)
21
21
  @original_error = original_error
22
- @url = url
22
+ @url = ::LogStash::Outputs::ElasticSearch::SafeURL.without_credentials(url)
23
23
  end
24
24
 
25
25
  def message
@@ -0,0 +1,16 @@
1
+ module LogStash; module Outputs; class ElasticSearch;
2
+ module SafeURL
3
+ PLACEHOLDER = "~hidden~".freeze
4
+
5
+ module_function
6
+
7
+ # Takes a URI object and returns a copy of it with any user or password
8
+ # information replaced with a placeholder `~hidden~`.
9
+ def without_credentials(url)
10
+ url.dup.tap do |u|
11
+ u.user = PLACEHOLDER if u.user
12
+ u.password = PLACEHOLDER if u.password
13
+ end
14
+ end
15
+ end
16
+ end end end
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-output-elasticsearch'
4
- s.version = '5.1.0'
4
+ s.version = '5.1.1'
5
5
  s.licenses = ['apache-2.0']
6
6
  s.summary = "Logstash Output to Elasticsearch"
7
7
  s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
@@ -0,0 +1,46 @@
1
+ require "logstash/outputs/elasticsearch/safe_url"
2
+ require "uri"
3
+
4
+ describe ::LogStash::Outputs::ElasticSearch::SafeURL do
5
+ let(:placeholder) { ::LogStash::Outputs::ElasticSearch::SafeURL::PLACEHOLDER }
6
+
7
+ context "#without_credentials" do
8
+ subject { described_class.without_credentials(url) }
9
+
10
+ shared_examples_for "returning a new object" do
11
+ it "should return a new url object" do
12
+ expect(subject.object_id).not_to be == url.object_id
13
+ end
14
+ end
15
+
16
+ context "when given a url without credentials" do
17
+ let(:url) { URI.parse("https://example.com/") }
18
+
19
+ it_behaves_like "returning a new object"
20
+
21
+ it "should return the same url" do
22
+ expect(subject).to be == url
23
+ end
24
+ end
25
+
26
+ context "when url contains credentials" do
27
+ let(:url) { URI.parse("https://user:pass@example.com/") }
28
+
29
+ it_behaves_like "returning a new object"
30
+
31
+ it "should hide the user" do
32
+ expect(subject.user).to be == placeholder
33
+ end
34
+
35
+ it "should hide the password" do
36
+ expect(subject.user).to be == placeholder
37
+ end
38
+
39
+ context "#to_s" do
40
+ it "should not contain credentials" do
41
+ expect(subject.to_s).to be == "https://#{placeholder}:#{placeholder}@example.com/"
42
+ end
43
+ end
44
+ end
45
+ end
46
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-output-elasticsearch
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.1.0
4
+ version: 5.1.1
5
5
  platform: java
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-08-31 00:00:00.000000000 Z
11
+ date: 2016-09-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -189,6 +189,7 @@ files:
189
189
  - lib/logstash/outputs/elasticsearch/http_client/manticore_adapter.rb
190
190
  - lib/logstash/outputs/elasticsearch/http_client/pool.rb
191
191
  - lib/logstash/outputs/elasticsearch/http_client_builder.rb
192
+ - lib/logstash/outputs/elasticsearch/safe_url.rb
192
193
  - lib/logstash/outputs/elasticsearch/template_manager.rb
193
194
  - logstash-output-elasticsearch.gemspec
194
195
  - spec/es_spec_helper.rb
@@ -215,6 +216,7 @@ files:
215
216
  - spec/unit/outputs/elasticsearch_spec.rb
216
217
  - spec/unit/outputs/elasticsearch_ssl_spec.rb
217
218
  - spec/unit/outputs/error_whitelist_spec.rb
219
+ - spec/unit/safe_url_spec.rb
218
220
  homepage: http://logstash.net/
219
221
  licenses:
220
222
  - apache-2.0
@@ -266,3 +268,4 @@ test_files:
266
268
  - spec/unit/outputs/elasticsearch_spec.rb
267
269
  - spec/unit/outputs/elasticsearch_ssl_spec.rb
268
270
  - spec/unit/outputs/error_whitelist_spec.rb
271
+ - spec/unit/safe_url_spec.rb