logstash-output-http 5.2.3 → 5.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4296b53881ec5d3e420667e9aa554a25781397858a38cbbd9a1d41b6ff49f91b
-  data.tar.gz: 07c7e8e0b029d23c18855f86147bef1848f6eac1625afe86344e7d24b6dc4a6f
+  metadata.gz: dd850256e5336762a98ed5cc4ae699ddcc1c3c3bcb9e5382b033aa21aebd5fea
+  data.tar.gz: '08b1450d6eadd6ea8e7a9451d781c4fd78c3d7b199751616c1e74cabc75e3899'
 SHA512:
-  metadata.gz: cccd68833da4cb41c5699541a7c67065e4b6c0d476f1076dbf59f103912050689756a20bb3d4b53468a08bf84e2c088a3fdf5586c5f19b6032504d3ba3cc698d
-  data.tar.gz: bcc121d030f1f2bcaa5de4f7a498610338b35a8df01d2262a7d28cc46472780896d56551aa058cfec5dbd8f12e132bd1ac67321a36c6cb1bb474faaf1b604f34
+  metadata.gz: 11dce3822d80720abedca11fe586cb8d4c8384e44cb793da13bba509c571c48bf8b617a0545297fb49a8cd254d5374e5b4702dddf607e4bad04eaaf07b24e0d0
+  data.tar.gz: 62546e31fc1386c48a0b77c25f5e13093fc63bfc371ea1924ebc8737ec26b4855c4c0bd40cebbd5a2eac82288315da436c46772793c2fc86adcf848d79cfadd9

data/CHANGELOG.md

@@ -1,3 +1,15 @@
+## 5.4.0
+  - Introduce retryable unknown exceptions for "connection reset by peer" and "timeout" [#127](https://github.com/logstash-plugins/logstash-output-http/pull/127)
+
+## 5.3.0
+  - Feat: support ssl_verification_mode option [#126](https://github.com/logstash-plugins/logstash-output-http/pull/126)
+
+## 5.2.5
+  - Reduce amount of default logging on a failed request [#122](https://github.com/logstash-plugins/logstash-output-http/pull/122)
+
+## 5.2.4
+  - Relax dependency on http_client mixin since current major works on both
+
 ## 5.2.3
   - Fixed handling of empty `retryable_codes` [#99](https://github.com/logstash-plugins/logstash-output-http/pull/99)
 

data/LICENSE

@@ -1,13 +1,202 @@
-Copyright (c) 2012-2018 Elasticsearch <http://www.elastic.co>
 
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
 
-    http://www.apache.org/licenses/LICENSE-2.0
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2020 Elastic and contributors
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/README.md

@@ -1,6 +1,6 @@
 # Logstash Plugin
 
-[![Travis Build Status](https://travis-ci.org/logstash-plugins/logstash-output-http.svg)](https://travis-ci.org/logstash-plugins/logstash-output-http)
+[![Travis Build Status](https://travis-ci.com/logstash-plugins/logstash-output-http.svg)](https://travis-ci.com/logstash-plugins/logstash-output-http)
 
 This is a plugin for [Logstash](https://github.com/elastic/logstash).
 

data/docs/index.asciidoc

@@ -66,6 +66,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-retry_non_idempotent>> |<<boolean,boolean>>|No
 | <<plugins-{type}s-{plugin}-retryable_codes>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-socket_timeout>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-ssl_verification_mode>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-truststore>> |a valid filesystem path|No
 | <<plugins-{type}s-{plugin}-truststore_password>> |<<password,password>>|No
 | <<plugins-{type}s-{plugin}-truststore_type>> |<<string,string>>|No
@@ -86,7 +87,10 @@ output plugins.
 
 How many times should the client retry a failing URL. We highly recommend NOT setting this value
 to zero if keepalive is enabled. Some servers incorrectly end keepalives early requiring a retry!
-Note: if `retry_non_idempotent` is set only GET, HEAD, PUT, DELETE, OPTIONS, and TRACE requests will be retried.
+Only IO related failures will be retried, such as connection timeouts and unreachable hosts.
+Valid but non 2xx HTTP responses will always be retried, regardless of the value of this setting,
+unless `retry_failed` is set.
+Note: if `retry_non_idempotent` is NOT set only GET, HEAD, PUT, DELETE, OPTIONS, and TRACE requests will be retried.
 
 [id="plugins-{type}s-{plugin}-cacert"]
 ===== `cacert` 
@@ -316,6 +320,7 @@ Set this to false if you don't want this output to retry failed requests
   * Default value is `false`
 
 If `automatic_retries` is enabled this will cause non-idempotent HTTP verbs (such as POST) to be retried.
+This only affects connectivity related errors (see related `automatic_retries` setting).
 
 [id="plugins-{type}s-{plugin}-retryable_codes"]
 ===== `retryable_codes` 
@@ -333,6 +338,22 @@ If encountered as response codes this plugin will retry these requests
 
 Timeout (in seconds) to wait for data on the socket. Default is `10s`
 
+[id="plugins-{type}s-{plugin}-ssl_verification_mode"]
+===== `ssl_verification_mode`
+
+  * Value type is <<string,string>>
+  * Supported values are: `full`, `none`
+  * Default value is `full`
+
+Controls the verification of server certificates.
+The `full` option verifies that the provided certificate is signed by a trusted authority (CA)
+and also that the server’s hostname (or IP address) matches the names identified within the certificate.
+
+The `none` setting performs no verification of the server’s certificate.
+This mode disables many of the security benefits of SSL/TLS and should only be used after cautious consideration.
+It is primarily intended as a temporary diagnostic mechanism when attempting to resolve TLS errors.
+Using `none`  in production environments is strongly discouraged.
+
 [id="plugins-{type}s-{plugin}-truststore"]
 ===== `truststore` 
 
@@ -384,4 +405,4 @@ See https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache
 [id="plugins-{type}s-{plugin}-common-options"]
 include::{include_path}/{type}.asciidoc[]
 
-:default_codec!:
+:default_codec!:

data/lib/logstash/outputs/http.rb

@@ -23,6 +23,12 @@ class LogStash::Outputs::Http < LogStash::Outputs::Base
     ::Manticore::SocketTimeout
   ]
 
+  RETRYABLE_UNKNOWN_EXCEPTION_STRINGS = [
+    /Connection reset by peer/i,
+    /Read Timed out/i
+  ]
+
+
   # This output lets you send events to a
   # generic HTTP(S) endpoint
   #
@@ -138,10 +144,11 @@ class LogStash::Outputs::Http < LogStash::Outputs::Base
   end
 
   def log_retryable_response(response)
+    retry_msg = @retry_failed ? 'will retry' : "won't retry"
     if (response.code == 429)
-      @logger.debug? && @logger.debug("Encountered a 429 response, will retry. This is not serious, just flow control via HTTP")
+      @logger.debug? && @logger.debug("Encountered a 429 response, #{retry_msg}. This is not serious, just flow control via HTTP")
     else
-      @logger.warn("Encountered a retryable HTTP request in HTTP output, will retry", :code => response.code, :body => response.body)
+      @logger.warn("Encountered a retryable HTTP request in HTTP output, #{retry_msg}", :code => response.code, :body => response.body)
     end
   end
 
@@ -252,16 +259,22 @@ class LogStash::Outputs::Http < LogStash::Outputs::Base
 
   rescue => exception
     will_retry = retryable_exception?(exception)
-    log_failure("Could not fetch URL",
-                :url => url,
-                :method => @http_method,
-                :body => body,
-                :headers => headers,
-                :message => exception.message,
-                :class => exception.class.name,
-                :backtrace => exception.backtrace,
-                :will_retry => will_retry
-    )
+    log_params = {
+      :url => url,
+      :method => @http_method,
+      :message => exception.message,
+      :class => exception.class.name,
+      :will_retry => will_retry
+    }
+    if @logger.debug?
+      # backtraces are big
+      log_params[:backtrace] = exception.backtrace
+      # headers can have sensitive data
+      log_params[:headers] = headers
+      # body can be big and may have sensitive data
+      log_params[:body] = body
+    end
+    log_failure("Could not fetch URL", log_params)
 
     if will_retry
       return :retry, event, attempt
@@ -288,12 +301,21 @@ class LogStash::Outputs::Http < LogStash::Outputs::Base
   end
 
   def retryable_exception?(exception)
-    RETRYABLE_MANTICORE_EXCEPTIONS.any? {|me| exception.is_a?(me) }
+    retryable_manticore_exception?(exception) || retryable_unknown_exception?(exception)
+  end
+
+  def retryable_manticore_exception?(exception)
+    RETRYABLE_MANTICORE_EXCEPTIONS.any? {|me| exception.is_a?(me)}
+  end
+
+  def retryable_unknown_exception?(exception)
+    exception.is_a?(::Manticore::UnknownException) &&
+        RETRYABLE_UNKNOWN_EXCEPTION_STRINGS.any? { |snippet| exception.message =~ snippet }
   end
 
   # This is split into a separate method mostly to help testing
   def log_failure(message, opts)
-    @logger.error("[HTTP Output Failure] #{message}", opts)
+    @logger.error(message, opts)
   end
 
   # Format the HTTP body

data/logstash-output-http.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-output-http'
-  s.version         = '5.2.3'
+  s.version         = '5.4.0'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Sends events to a generic HTTP or HTTPS endpoint"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
 
   # Gem dependencies
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
-  s.add_runtime_dependency "logstash-mixin-http_client", ">= 6.0.0", "< 7.0.0"
+  s.add_runtime_dependency "logstash-mixin-http_client", ">= 7.1.0", "< 8.0.0"
 
   s.add_development_dependency 'logstash-devutils'
   s.add_development_dependency 'sinatra'

data/spec/outputs/http_spec.rb

@@ -3,6 +3,9 @@ require "logstash/outputs/http"
 require "logstash/codecs/plain"
 require "thread"
 require "sinatra"
+require "webrick"
+require "webrick/https"
+require 'openssl'
 require_relative "../supports/compressed_requests"
 
 PORT = rand(65535-1024) + 1025
@@ -22,9 +25,20 @@ class TestApp < Sinatra::Base
   # on the fly uncompress gzip content
   use CompressedRequests
 
-  # disable WEBrick logging
+  set :environment, :production
+  set :sessions, false
+
+  @@server_settings = {
+      :AccessLog => [], # disable WEBrick logging
+      :Logger => WEBrick::BasicLog::new(nil, WEBrick::BasicLog::FATAL)
+  }
+
   def self.server_settings
-    { :AccessLog => [], :Logger => WEBrick::BasicLog::new(nil, WEBrick::BasicLog::FATAL) }
+    @@server_settings
+  end
+
+  def self.server_settings=(settings)
+    @@server_settings = settings
   end
 
   def self.multiroute(methods, path, &block)
@@ -72,31 +86,22 @@ class TestApp < Sinatra::Base
   end
 end
 
-RSpec.configure do |config|
+RSpec.configure do
   #http://stackoverflow.com/questions/6557079/start-and-call-ruby-http-server-in-the-same-script
-  def sinatra_run_wait(app, opts)
+  def start_app_and_wait(app, opts = {})
     queue = Queue.new
 
-    t = java.lang.Thread.new(
-      proc do
-        begin
-          app.run!(opts) do |server|
-            queue.push("started")
-          end
-        rescue => e
-          puts "Error in webserver thread #{e}"
-          # ignore
+    Thread.start do
+      begin
+        app.start!({ server: 'WEBrick', port: PORT }.merge opts) do |server|
+          queue.push(server)
         end
+      rescue => e
+        warn "Error starting app: #{e.inspect}" # ignore
       end
-    )
-    t.daemon = true
-    t.start
-    queue.pop # blocks until the run! callback runs
-  end
+    end
 
-  config.before(:suite) do
-    sinatra_run_wait(TestApp, :port => PORT, :server => 'webrick')
-    puts "Test webserver on port #{PORT}"
+    queue.pop # blocks until the start! callback runs
   end
 end
 
@@ -104,6 +109,15 @@ describe LogStash::Outputs::Http do
   # Wait for the async request to finish in this spinlock
   # Requires pool_max to be 1
 
+  before(:all) do
+    @server = start_app_and_wait(TestApp)
+  end
+
+  after(:all) do
+    @server.shutdown # WEBrick::HTTPServer
+    TestApp.stop! rescue nil
+  end
+
   let(:port) { PORT }
   let(:event) {
     LogStash::Event.new({"message" => "hi"})
@@ -112,6 +126,44 @@ describe LogStash::Outputs::Http do
   let(:method) { "post" }
 
   shared_examples("verb behavior") do |method|
+
+    shared_examples("failure log behaviour") do
+      it "logs failure" do
+        expect(subject).to have_received(:log_failure).with(any_args)
+      end
+
+      it "does not log headers" do
+        expect(subject).to have_received(:log_failure).with(anything, hash_not_including(:headers))
+      end
+
+      it "does not log the message body" do
+        expect(subject).to have_received(:log_failure).with(anything, hash_not_including(:body))
+      end
+
+      context "with debug log level" do
+        before :all do
+          @current_log_level = LogStash::Logging::Logger.get_logging_context.get_root_logger.get_level.to_s.downcase
+          LogStash::Logging::Logger.configure_logging "debug"
+        end
+        after :all do
+          LogStash::Logging::Logger.configure_logging @current_log_level
+        end
+
+        it "logs a failure" do
+          expect(subject).to have_received(:log_failure).with(any_args)
+        end
+
+        it "logs headers" do
+          expect(subject).to have_received(:log_failure).with(anything, hash_including(:headers))
+        end
+
+        it "logs the body" do
+          expect(subject).to have_received(:log_failure).with(anything, hash_including(:body))
+        end
+      end
+
+    end
+
     let(:verb_behavior_config) { {"url" => url, "http_method" => method, "pool_max" => 1} }
     subject { LogStash::Outputs::Http.new(verb_behavior_config) }
 
@@ -169,7 +221,7 @@ describe LogStash::Outputs::Http do
 
       context "with ignorable failing requests" do
         let(:url) { "http://localhost:#{port}/bad"}
-        let(:verb_behavior_config) { super.merge("ignorable_codes" => [400]) }
+        let(:verb_behavior_config) { super().merge("ignorable_codes" => [400]) }
 
         before do
           subject.multi_receive([event])
@@ -197,10 +249,98 @@ describe LogStash::Outputs::Http do
           expect(subject).to have_received(:send_event).exactly(3).times
         end
       end
+    end
+
+    context "on retryable unknown exception" do
+      before :each do
+        raised = false
+        original_method = subject.client.method(:send)
+        allow(subject).to receive(:send_event).and_call_original
+        expect(subject.client).to receive(:send) do |*args|
+          unless raised
+            raised = true
+            raise ::Manticore::UnknownException.new("Read timed out")
+          end
+          original_method.call(args)
+        end
+        subject.multi_receive([event])
+      end
+
+      include_examples("failure log behaviour")
+
+      it "retries" do
+        expect(subject).to have_received(:send_event).exactly(2).times
+      end
+    end
+
+    context "on non-retryable unknown exception" do
+      before :each do
+        raised = false
+        original_method = subject.client.method(:send)
+        allow(subject).to receive(:send_event).and_call_original
+        expect(subject.client).to receive(:send) do |*args|
+          unless raised
+            raised = true
+            raise ::Manticore::UnknownException.new("broken")
+          end
+          original_method.call(args)
+        end
+        subject.multi_receive([event])
+      end
+
+      include_examples("failure log behaviour")
+
+      it "does not retry" do
+        expect(subject).to have_received(:send_event).exactly(1).times
+      end
+    end
+
+    context "on non-retryable exception" do
+      before :each do
+        raised = false
+        original_method = subject.client.method(:send)
+        allow(subject).to receive(:send_event).and_call_original
+        expect(subject.client).to receive(:send) do |*args|
+          unless raised
+            raised = true
+            raise RuntimeError.new("broken")
+          end
+          original_method.call(args)
+        end
+        subject.multi_receive([event])
+      end
+
+      include_examples("failure log behaviour")
+
+      it "does not retry" do
+        expect(subject).to have_received(:send_event).exactly(1).times
+      end
+    end
+
+    context "on retryable exception" do
+      before :each do
+        raised = false
+        original_method = subject.client.method(:send)
+        allow(subject).to receive(:send_event).and_call_original
+        expect(subject.client).to receive(:send) do |*args|
+          unless raised
+            raised = true
+            raise ::Manticore::Timeout.new("broken")
+          end
+          original_method.call(args)
+        end
+        subject.multi_receive([event])
+      end
+
+      it "retries" do
+        expect(subject).to have_received(:send_event).exactly(2).times
+      end
 
+      include_examples("failure log behaviour")
     end
   end
 
+
   LogStash::Outputs::Http::VALID_METHODS.each do |method|
     context "when using '#{method}'" do
       include_examples("verb behavior", method)
@@ -362,3 +502,75 @@ describe LogStash::Outputs::Http do
     end
   end
 end
+
+describe LogStash::Outputs::Http do # different block as we're starting web server with TLS
+
+  @@default_server_settings = TestApp.server_settings.dup
+
+  before do
+    cert, key = WEBrick::Utils.create_self_signed_cert 2048, [["CN", ssl_cert_host]], "Logstash testing"
+    TestApp.server_settings = @@default_server_settings.merge({
+       :SSLEnable       => true,
+       :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
+       :SSLCertificate  => cert,
+       :SSLPrivateKey   => key
+    })
+
+    TestApp.last_request = nil
+
+    @server = start_app_and_wait(TestApp)
+  end
+
+  after do
+    @server.shutdown # WEBrick::HTTPServer
+
+    TestApp.stop! rescue nil
+    TestApp.server_settings = @@default_server_settings
+  end
+
+  let(:ssl_cert_host) { 'localhost' }
+
+  let(:port) { PORT }
+  let(:url) { "https://localhost:#{port}/good" }
+  let(:method) { "post" }
+
+  let(:config) { { "url" => url, "http_method" => method } }
+
+  subject { LogStash::Outputs::Http.new(config) }
+
+  before { subject.register }
+  after  { subject.close }
+
+  let(:last_request) { TestApp.last_request }
+  let(:last_request_body) { last_request.body.read }
+
+  let(:event) { LogStash::Event.new("message" => "hello!") }
+
+  context 'with default (full) verification' do
+
+    let(:config) { super() } # 'ssl_verification_mode' => 'full'
+
+    it "does NOT process the request (due client protocol exception)" do
+      # Manticore's default verification does not accept self-signed certificates!
+      Thread.start do
+        subject.multi_receive [ event ]
+      end
+      sleep 1.5
+
+      expect(last_request).to be nil
+    end
+
+  end
+
+  context 'with verification disabled' do
+
+    let(:config) { super().merge 'ssl_verification_mode' => 'none' }
+
+    it "should process the request" do
+      subject.multi_receive [ event ]
+      expect(last_request_body).to include '"message":"hello!"'
+    end
+
+  end
+
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-http
 version: !ruby/object:Gem::Version
-  version: 5.2.3
+  version: 5.4.0
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-11-27 00:00:00.000000000 Z
+date: 2022-02-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -35,10 +35,10 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 7.1.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: 8.0.0
   name: logstash-mixin-http_client
   prerelease: false
   type: :runtime
@@ -46,10 +46,10 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 7.1.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 7.0.0
+        version: 8.0.0
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
@@ -132,8 +132,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.6.13
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Sends events to a generic HTTP or HTTPS endpoint