logstash-output-scalyr 0.2.5.beta → 0.2.7.beta
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +21 -0
- data/README.md +48 -8
- data/lib/logstash/outputs/scalyr.rb +14 -7
- data/lib/scalyr/certs/aaa_cert_services_ca_root.pem +25 -0
- data/lib/scalyr/certs/ca_certs.crt +126 -0
- data/lib/scalyr/certs/letsencrypt_isrg_root_x1_selfsigned_root.pem +31 -0
- data/lib/scalyr/certs/letsencrypt_isrg_root_x2_selfsigned_root.pem +31 -0
- data/lib/scalyr/certs/scalyr_agent_ca_root.pem +39 -0
- data/lib/scalyr/common/client.rb +8 -55
- data/lib/scalyr/constants.rb +10 -1
- data/logstash-output-scalyr.gemspec +1 -1
- data/spec/logstash/outputs/fixtures/example_com.pem +41 -0
- data/spec/logstash/outputs/scalyr_integration_spec.rb +46 -63
- metadata +9 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '098686f8c748dbe1d02cec87e92aa49df5db05049ff0d87ccd6fbb6271ccd797'
|
4
|
+
data.tar.gz: '0073297594f936703190252584559ae60cd81a7b3807f1b2685b6966fece5610'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 507ddc7c825ae4612907c4ad451597bf516732b389b5a628598f8eec12e8cdc1f7c4b5b71533803665d1fd18b3fce43a0aa3989729192eea26b2948273f9d267
|
7
|
+
data.tar.gz: 310a452e0df0b74081a061030322b3f2a013bad233ba99b424fcea428af336f86370cb76bda62c06c5edcbee81731e5a498e137daf4f7d42a843ef988a8664df
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,26 @@
|
|
1
1
|
# Beta
|
2
2
|
|
3
|
+
## 0.2.7.beta
|
4
|
+
|
5
|
+
* SSL cert validation code has been simplified. Now ``ssl_ca_bundle_path`` config option
|
6
|
+
defaults to the CA bundle path which is vendored / bundled with the RubyGem and includes CA
|
7
|
+
certs of the authorities which are used for DataSet API endpoint certificates.
|
8
|
+
|
9
|
+
In addition to that, ``append_builtin_cert`` config option has been removed and the code now
|
10
|
+
throws error in case invalid / inexistent path is specified for the ``ssl_ca_bundle_path``
|
11
|
+
config option - this represents a fatal config error.
|
12
|
+
|
13
|
+
## 0.2.6.beta, 0.2.6
|
14
|
+
|
15
|
+
* Update default value of ``ssl_ca_bundle_path`` config option to
|
16
|
+
``/etc/ssl/certs/ca-certificates.crt``. This way it works out of the box with the default
|
17
|
+
upstream logstash OSS Docker Image.
|
18
|
+
* Update default bundled root CA certs to contain all the root CA certs used by the DataSet API
|
19
|
+
endpoints.
|
20
|
+
|
21
|
+
In case you are encountering connectivity issues and SSL / TLS errors in the logstash log with
|
22
|
+
previous versions of the client you should upgrade to this release.
|
23
|
+
|
3
24
|
## 0.2.5.beta
|
4
25
|
|
5
26
|
* Allow user to specify value for the DataSet event severity (``sev``) field. "sev" field is a
|
data/README.md
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
[![
|
1
|
+
[![Unit Tests & Lint](https://github.com/scalyr/logstash-output-scalyr/actions/workflows/unit_tests.yml/badge.svg)](https://github.com/scalyr/logstash-output-scalyr/actions/workflows/unit_tests.yml) [![Smoke Tests](https://github.com/scalyr/logstash-output-scalyr/actions/workflows/smoke_tests.yml/badge.svg)](https://github.com/scalyr/logstash-output-scalyr/actions/workflows/smoke_tests.yml) [![Micro Benchmarks](https://github.com/scalyr/logstash-output-scalyr/actions/workflows/microbenchmarks.yml/badge.svg)](https://github.com/scalyr/logstash-output-scalyr/actions/workflows/microbenchmarks.yml) [![Gem Version](https://badge.fury.io/rb/logstash-output-scalyr.svg)](https://badge.fury.io/rb/logstash-output-scalyr)
|
2
2
|
|
3
3
|
# [Scalyr output plugin for Logstash]
|
4
4
|
|
@@ -6,12 +6,22 @@ This plugin implements a Logstash output plugin that uploads data to [Scalyr](ht
|
|
6
6
|
|
7
7
|
You can view documentation for this plugin [on the Scalyr website](https://app.scalyr.com/solutions/logstash).
|
8
8
|
|
9
|
+
NOTE: If you are encountering connectivity issues and see SSL / TLS erros such as an example below,
|
10
|
+
you should upgrade to version 0.2.6 or higher.
|
11
|
+
|
12
|
+
```javascript
|
13
|
+
{"message":"Error uploading to Scalyr (will backoff-retry)",
|
14
|
+
"error_class":"Manticore::ClientProtocolException","url":"https://agent.scalyr.com/addEvents",
|
15
|
+
"message":"PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed"
|
16
|
+
}
|
17
|
+
```
|
18
|
+
|
9
19
|
# Quick start
|
10
20
|
|
11
21
|
1. Build the gem, run `gem build logstash-output-scalyr.gemspec`
|
12
|
-
2. Install the gem into a Logstash installation, run `/usr/share/logstash/bin/logstash-plugin install logstash-output-scalyr-0.2.
|
22
|
+
2. Install the gem into a Logstash installation, run `/usr/share/logstash/bin/logstash-plugin install logstash-output-scalyr-0.2.6.gem`
|
13
23
|
or follow the latest official instructions on working with plugins from Logstash. As an alternative, you can directly install latest
|
14
|
-
stable version from RubyGems - ``/usr/share/logstash/bin/logstash-plugin --version 0.2.
|
24
|
+
stable version from RubyGems - ``/usr/share/logstash/bin/logstash-plugin --version 0.2.6 logstash-output-scalyr``
|
15
25
|
3. Configure the output plugin (e.g. add it to a pipeline .conf)
|
16
26
|
4. Restart Logstash
|
17
27
|
|
@@ -98,7 +108,7 @@ different severity / log levels on DataSet server side as shown below:
|
|
98
108
|
|
99
109
|
- 0 -> finest
|
100
110
|
- 1 -> trace
|
101
|
-
- 2 ->
|
111
|
+
- 2 -> debug
|
102
112
|
- 3 -> info
|
103
113
|
- 4 -> warning
|
104
114
|
- 5 -> error
|
@@ -109,7 +119,7 @@ output {
|
|
109
119
|
scalyr {
|
110
120
|
api_write_token => 'SCALYR_API_KEY'
|
111
121
|
...
|
112
|
-
severity_field => 'severity'
|
122
|
+
severity_field => 'severity'
|
113
123
|
}
|
114
124
|
}
|
115
125
|
```
|
@@ -120,6 +130,26 @@ Logstash event field.
|
|
120
130
|
In case the field value doesn't contain a valid severity number (0 - 6), ``sev`` field won't be
|
121
131
|
set on the event object to prevent API from rejecting an invalid request.
|
122
132
|
|
133
|
+
## Note On Server SSL Certificate Validation
|
134
|
+
|
135
|
+
By default when validating DataSet endpoint server SSL certificate, logstash uses CA certificate
|
136
|
+
bundles which is vendored / bundled with the RubyGem / plugin. This bundle includes CA certificate
|
137
|
+
files of authoried which are used to issue DataSet API endpoint certificates.
|
138
|
+
|
139
|
+
If you want to use system CA bundle, you should update ``ssl_ca_bundle_path`` to system CA bundle
|
140
|
+
path (e.g. ``/etc/ssl/certs/ca-certificates.crt``), as shown in the example below:
|
141
|
+
|
142
|
+
```
|
143
|
+
output {
|
144
|
+
scalyr {
|
145
|
+
api_write_token => 'SCALYR_API_KEY'
|
146
|
+
...
|
147
|
+
ssl_ca_bundle_path => "/etc/ssl/certs/ca-certificates.crt"
|
148
|
+
}
|
149
|
+
}
|
150
|
+
```
|
151
|
+
|
152
|
+
|
123
153
|
## Options
|
124
154
|
|
125
155
|
- The Scalyr API write token, these are available at https://www.scalyr.com/keys. This is the only compulsory configuration field required for proper upload
|
@@ -134,9 +164,13 @@ set on the event object to prevent API from rejecting an invalid request.
|
|
134
164
|
|
135
165
|
---
|
136
166
|
|
137
|
-
- Path to SSL bundle file.
|
167
|
+
- Path to SSL CA bundle file which is used to verify the server certificate.
|
138
168
|
|
139
|
-
`config :ssl_ca_bundle_path, :validate => :string, :default =>
|
169
|
+
`config :ssl_ca_bundle_path, :validate => :string, :default => CA_CERTS_PATH`
|
170
|
+
|
171
|
+
If for some reason you need to disable server cert validation (you are strongly recommended to
|
172
|
+
not disable it unless specifically instructed to do so or have a valid reason for it), you can do
|
173
|
+
that by setting ``ssl_verify_peer`` config option to false.
|
140
174
|
|
141
175
|
---
|
142
176
|
|
@@ -407,6 +441,12 @@ Or to run a single test function defined on line XXX
|
|
407
441
|
bundle exec rspec spec/scalyr/common/util_spec.rb:XXX
|
408
442
|
```
|
409
443
|
|
444
|
+
Or using more verbose output mode:
|
445
|
+
|
446
|
+
```bash
|
447
|
+
bundle exec rspec -fd spec/scalyr/common/util_spec.rb
|
448
|
+
```
|
449
|
+
|
410
450
|
## Instrumentation and metrics
|
411
451
|
|
412
452
|
By default, plugin logs a special line with metrics to Scalyr every 5 minutes. This line contains
|
@@ -511,7 +551,7 @@ git clone https://github.com/Kami/logstash-config-tester ~/
|
|
511
551
|
gem build logstash-output-scalyr.gemspec
|
512
552
|
|
513
553
|
# 2. Copy it to the config test repo
|
514
|
-
cp logstash-output-scalyr-0.2.
|
554
|
+
cp logstash-output-scalyr-0.2.6.gem ~/logstash-config-test/logstash-output-scalyr.gem
|
515
555
|
|
516
556
|
# 3. Build docker image with the latest dev version of the plugin (may take a while)
|
517
557
|
docker-compose build
|
@@ -67,7 +67,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
67
67
|
#
|
68
68
|
# - 0 -> finest
|
69
69
|
# - 1 -> trace
|
70
|
-
# - 2 ->
|
70
|
+
# - 2 -> debug
|
71
71
|
# - 3 -> info
|
72
72
|
# - 4 -> warning
|
73
73
|
# - 5 -> error
|
@@ -133,11 +133,14 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
133
133
|
# Whether or not to verify the connection to Scalyr, only set to false for debugging.
|
134
134
|
config :ssl_verify_peer, :validate => :boolean, :default => true
|
135
135
|
|
136
|
-
# Path to SSL bundle file.
|
137
|
-
|
136
|
+
# Path to SSL bundle file used to validate remote / server SSL certificate. By default, path to
|
137
|
+
# the CA bundled which is vendored / bundled with the RubyGem is used.
|
138
|
+
# If user has a specific reason to change this value (e.g. to a system ca bundle such as
|
139
|
+
# /etc/ssl/certs/ca-certificates.crt, they can update this option).
|
140
|
+
config :ssl_ca_bundle_path, :validate => :string, :default => CA_CERTS_PATH
|
138
141
|
|
139
|
-
#
|
140
|
-
config :append_builtin_cert, :validate => :boolean, :default =>
|
142
|
+
# Unused since v0.2.7, left here for backward compatibility reasons
|
143
|
+
config :append_builtin_cert, :validate => :boolean, :default => false
|
141
144
|
|
142
145
|
config :max_request_buffer, :validate => :number, :default => 5500000 # echee TODO: eliminate?
|
143
146
|
config :force_message_encoding, :validate => :string, :default => nil
|
@@ -259,6 +262,10 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
259
262
|
end
|
260
263
|
end
|
261
264
|
|
265
|
+
if not @append_builtin_cert.nil?
|
266
|
+
@logger.warn "append_builtin_cert config option has been deprecated and is unused in versions 0.2.7 and above"
|
267
|
+
end
|
268
|
+
|
262
269
|
@dlq_writer = dlq_enabled? ? execution_context.dlq_writer : nil
|
263
270
|
|
264
271
|
@message_encoding = nil
|
@@ -350,7 +357,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
350
357
|
@running = true
|
351
358
|
@client_session = Scalyr::Common::Client::ClientSession.new(
|
352
359
|
@logger, @add_events_uri,
|
353
|
-
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
360
|
+
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
354
361
|
@record_stats_for_status, @flush_quantile_estimates_on_status_send,
|
355
362
|
@http_connect_timeout, @http_socket_timeout, @http_request_timeout, @http_pool_max, @http_pool_max_per_route
|
356
363
|
)
|
@@ -376,7 +383,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
376
383
|
# This way we don't need to keep idle long running connection open.
|
377
384
|
initial_send_status_client_session = Scalyr::Common::Client::ClientSession.new(
|
378
385
|
@logger, @add_events_uri,
|
379
|
-
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
386
|
+
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
380
387
|
@record_stats_for_status, @flush_quantile_estimates_on_status_send,
|
381
388
|
@http_connect_timeout, @http_socket_timeout, @http_request_timeout, @http_pool_max, @http_pool_max_per_route
|
382
389
|
)
|
@@ -0,0 +1,25 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
|
3
|
+
MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
|
4
|
+
GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
|
5
|
+
YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
|
6
|
+
MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
|
7
|
+
BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
|
8
|
+
GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
9
|
+
ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
|
10
|
+
BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
|
11
|
+
3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
|
12
|
+
YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
|
13
|
+
rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
|
14
|
+
ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
|
15
|
+
oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
|
16
|
+
MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
|
17
|
+
QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
|
18
|
+
b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
|
19
|
+
AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
|
20
|
+
GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
|
21
|
+
Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
|
22
|
+
G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
|
23
|
+
l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
|
24
|
+
smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
|
25
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,126 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
|
3
|
+
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
4
|
+
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
|
5
|
+
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
|
6
|
+
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
|
7
|
+
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
|
8
|
+
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
|
9
|
+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
|
10
|
+
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
|
11
|
+
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
|
12
|
+
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
|
13
|
+
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
|
14
|
+
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
|
15
|
+
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
|
16
|
+
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
|
17
|
+
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
|
18
|
+
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
|
19
|
+
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
|
20
|
+
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
|
21
|
+
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
|
22
|
+
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
|
23
|
+
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
|
24
|
+
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
|
25
|
+
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
|
26
|
+
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
|
27
|
+
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
|
28
|
+
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
|
29
|
+
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
|
30
|
+
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
|
31
|
+
-----END CERTIFICATE-----
|
32
|
+
-----BEGIN CERTIFICATE-----
|
33
|
+
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
|
34
|
+
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
35
|
+
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
|
36
|
+
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
|
37
|
+
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
|
38
|
+
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
|
39
|
+
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
|
40
|
+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
|
41
|
+
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
|
42
|
+
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
|
43
|
+
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
|
44
|
+
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
|
45
|
+
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
|
46
|
+
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
|
47
|
+
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
|
48
|
+
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
|
49
|
+
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
|
50
|
+
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
|
51
|
+
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
|
52
|
+
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
|
53
|
+
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
|
54
|
+
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
|
55
|
+
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
|
56
|
+
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
|
57
|
+
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
|
58
|
+
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
|
59
|
+
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
|
60
|
+
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
|
61
|
+
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
|
62
|
+
-----END CERTIFICATE-----
|
63
|
+
-----BEGIN CERTIFICATE-----
|
64
|
+
MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
|
65
|
+
MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
|
66
|
+
GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
|
67
|
+
YXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4MTIzMTIzNTk1OVowezEL
|
68
|
+
MAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
|
69
|
+
BwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNVBAMM
|
70
|
+
GEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
71
|
+
ADCCAQoCggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQua
|
72
|
+
BtDFcCLNSS1UY8y2bmhGC1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe
|
73
|
+
3M/vg4aijJRPn2jymJBGhCfHdr/jzDUsi14HZGWCwEiwqJH5YZ92IFCokcdmtet4
|
74
|
+
YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszWY19zjNoFmag4qMsXeDZR
|
75
|
+
rOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjHYpy+g8cm
|
76
|
+
ez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQU
|
77
|
+
oBEKIz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF
|
78
|
+
MAMBAf8wewYDVR0fBHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
|
79
|
+
QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29t
|
80
|
+
b2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDANBgkqhkiG9w0BAQUF
|
81
|
+
AAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm7l3sAg9g1o1Q
|
82
|
+
GE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz
|
83
|
+
Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2
|
84
|
+
G9w84FoVxp7Z8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsi
|
85
|
+
l2D4kF501KKaU73yqWjgom7C12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3
|
86
|
+
smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg==
|
87
|
+
-----END CERTIFICATE-----
|
88
|
+
-----BEGIN CERTIFICATE-----
|
89
|
+
MIIG6zCCBNOgAwIBAgIJAM5aknNWtN6oMA0GCSqGSIb3DQEBCwUAMIGpMQswCQYD
|
90
|
+
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxMOUG9ydG9sYSBW
|
91
|
+
YWxsZXkxEzARBgNVBAoTClNjYWx5ciBJbmMxFTATBgNVBAsTDFNjYWx5ciBBZ2Vu
|
92
|
+
dDEdMBsGA1UEAxMUU2NhbHlyIEFnZW50IENBIFJvb3QxITAfBgkqhkiG9w0BCQEW
|
93
|
+
EmNvbnRhY3RAc2NhbHlyLmNvbTAeFw0xNDA5MDkyMTUyMDVaFw0yNDA5MDYyMTUy
|
94
|
+
MDVaMIGpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UE
|
95
|
+
BxMOUG9ydG9sYSBWYWxsZXkxEzARBgNVBAoTClNjYWx5ciBJbmMxFTATBgNVBAsT
|
96
|
+
DFNjYWx5ciBBZ2VudDEdMBsGA1UEAxMUU2NhbHlyIEFnZW50IENBIFJvb3QxITAf
|
97
|
+
BgkqhkiG9w0BCQEWEmNvbnRhY3RAc2NhbHlyLmNvbTCCAiIwDQYJKoZIhvcNAQEB
|
98
|
+
BQADggIPADCCAgoCggIBALdNamcMNVxkIB6qVWmNCi1jeyeqOX00rYAWDlyBHff7
|
99
|
+
vU833Evuixgrf0HxrOQNiPsOK66ehG6LfJd2UIBDEHBCXRo+aeFQLrCLIVXiqJ2W
|
100
|
+
Tvl7dUU9d7zfw/XXif3lMQTiyQAWYTyjfugDczEScEUk93EWFfW47j9PTGh96yKm
|
101
|
+
nVbfOxD4XbN0ykdo85cs7M/NOHQj4q34l77XGXrit+nb1cL3wS9ZzJG8s40J2+Dp
|
102
|
+
LUA8KBQuvim6hfqrjaDX0bXVvc52a7TSh/zb58gkLbiqvBuPo5P8PBLHCx8bJtZu
|
103
|
+
fjWRdjaftgw7CcsdIuMhbm3823WI/A+/p4s1B5KOPqOYRkgG8FBqFIRTecKAV5wC
|
104
|
+
Z2ruTytoOUBWItrheyJhm+99X1I2y/6mdecBdk7j3+8U+nCsGHkH5Jwjl2BH9tfT
|
105
|
+
RUhVTCQs25XLNm41kZo7xK464xZsJKHXj9jr5gLIdF6CgzU2uYsQHKcw1pAVITLe
|
106
|
+
bfGEob8AcL0E7+1hurRjyYxtxZpsZeGMwI0/BStT+fLEAOJ1byGUgSUbhi9lJ8Hc
|
107
|
+
+NZDfaCaCZKRxjePCqeWjZUUdVoH3fNSi2GuNLqtOFzxlkP5tBErnXufE6XZAtEQ
|
108
|
+
lv/9qxa4ZLsvhbt+6qQryIAHL4aReh/VReER438ARdwG2QDK+vRfhNpke69em5Kb
|
109
|
+
AgMBAAGjggESMIIBDjAdBgNVHQ4EFgQUENX6MjnzqTJdTQMAEakSdXV/I80wgd4G
|
110
|
+
A1UdIwSB1jCB04AUENX6MjnzqTJdTQMAEakSdXV/I82hga+kgawwgakxCzAJBgNV
|
111
|
+
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQHEw5Qb3J0b2xhIFZh
|
112
|
+
bGxleTETMBEGA1UEChMKU2NhbHlyIEluYzEVMBMGA1UECxMMU2NhbHlyIEFnZW50
|
113
|
+
MR0wGwYDVQQDExRTY2FseXIgQWdlbnQgQ0EgUm9vdDEhMB8GCSqGSIb3DQEJARYS
|
114
|
+
Y29udGFjdEBzY2FseXIuY29tggkAzlqSc1a03qgwDAYDVR0TBAUwAwEB/zANBgkq
|
115
|
+
hkiG9w0BAQsFAAOCAgEAmmgm1AeO7wfuR36HHgpZCKZxboRFwc2FzKaHNSg2FQ0G
|
116
|
+
MuOP6HZUQWsaXLe0Kc8emJKrIwrn6x2jMm19Bjbps2bPW6ao6UE/6fb5Z7CX82IX
|
117
|
+
pKlDDH6OfYjDplBzoqf5PkPgxZNyiZ7nyNUWz+P2vesLFVynmej2MvLIZVnEJ2Wp
|
118
|
+
xzyHMKQo92DP8yNEudoK8QQpoLcuNcAli9blt8+NIV9RSDrI9CvArLNpZJMlS1Vx
|
119
|
+
gdzEU3wEQYWc36j3XCsp7ZDvgTm6FpyHS5ccMpXR1E62tVINGX9r+97ZHyxjqurb
|
120
|
+
606y1FzV/5Mf/aihPYSSreq63UVqdsaQfyS77Q4tpJofq875w8nd2Vs3guDs2T0h
|
121
|
+
1bOlV3e2HfglWsHKwNguQZo2nfMUp11IYfV/HOKWNQkbrPhuayXMi3i2wCZe9JNt
|
122
|
+
P9uZ2OjzsVu2QFcSlvZF6y02/bjbNATRfj/J/SHNFyCDu6bXhtAu0yZzFLiOZxjD
|
123
|
+
LwzunBMoWcJj+P2Vx3OhbE9FMyMeKdOWdTgiI1GLEkfJi6s7d/tk1ayLmbBTRD/e
|
124
|
+
XkjSeLBss6mA1INuE1+gKVA4MABsUiLqGZ8xCPN16CyPcTqL2TJFo1IOqivMxKDh
|
125
|
+
H4Z/mHoGi5SRnye+Wo+jyiQiWjJQ5LrlQPbHmuO0tLs9lM1t9nhzLifzga5F4+o=
|
126
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,31 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
|
3
|
+
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
4
|
+
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
|
5
|
+
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
|
6
|
+
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
|
7
|
+
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
|
8
|
+
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
|
9
|
+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
|
10
|
+
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
|
11
|
+
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
|
12
|
+
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
|
13
|
+
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
|
14
|
+
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
|
15
|
+
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
|
16
|
+
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
|
17
|
+
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
|
18
|
+
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
|
19
|
+
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
|
20
|
+
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
|
21
|
+
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
|
22
|
+
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
|
23
|
+
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
|
24
|
+
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
|
25
|
+
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
|
26
|
+
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
|
27
|
+
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
|
28
|
+
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
|
29
|
+
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
|
30
|
+
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
|
31
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,31 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
|
3
|
+
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
4
|
+
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
|
5
|
+
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
|
6
|
+
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
|
7
|
+
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
|
8
|
+
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
|
9
|
+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
|
10
|
+
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
|
11
|
+
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
|
12
|
+
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
|
13
|
+
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
|
14
|
+
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
|
15
|
+
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
|
16
|
+
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
|
17
|
+
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
|
18
|
+
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
|
19
|
+
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
|
20
|
+
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
|
21
|
+
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
|
22
|
+
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
|
23
|
+
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
|
24
|
+
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
|
25
|
+
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
|
26
|
+
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
|
27
|
+
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
|
28
|
+
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
|
29
|
+
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
|
30
|
+
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
|
31
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,39 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIG6zCCBNOgAwIBAgIJAM5aknNWtN6oMA0GCSqGSIb3DQEBCwUAMIGpMQswCQYD
|
3
|
+
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxMOUG9ydG9sYSBW
|
4
|
+
YWxsZXkxEzARBgNVBAoTClNjYWx5ciBJbmMxFTATBgNVBAsTDFNjYWx5ciBBZ2Vu
|
5
|
+
dDEdMBsGA1UEAxMUU2NhbHlyIEFnZW50IENBIFJvb3QxITAfBgkqhkiG9w0BCQEW
|
6
|
+
EmNvbnRhY3RAc2NhbHlyLmNvbTAeFw0xNDA5MDkyMTUyMDVaFw0yNDA5MDYyMTUy
|
7
|
+
MDVaMIGpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UE
|
8
|
+
BxMOUG9ydG9sYSBWYWxsZXkxEzARBgNVBAoTClNjYWx5ciBJbmMxFTATBgNVBAsT
|
9
|
+
DFNjYWx5ciBBZ2VudDEdMBsGA1UEAxMUU2NhbHlyIEFnZW50IENBIFJvb3QxITAf
|
10
|
+
BgkqhkiG9w0BCQEWEmNvbnRhY3RAc2NhbHlyLmNvbTCCAiIwDQYJKoZIhvcNAQEB
|
11
|
+
BQADggIPADCCAgoCggIBALdNamcMNVxkIB6qVWmNCi1jeyeqOX00rYAWDlyBHff7
|
12
|
+
vU833Evuixgrf0HxrOQNiPsOK66ehG6LfJd2UIBDEHBCXRo+aeFQLrCLIVXiqJ2W
|
13
|
+
Tvl7dUU9d7zfw/XXif3lMQTiyQAWYTyjfugDczEScEUk93EWFfW47j9PTGh96yKm
|
14
|
+
nVbfOxD4XbN0ykdo85cs7M/NOHQj4q34l77XGXrit+nb1cL3wS9ZzJG8s40J2+Dp
|
15
|
+
LUA8KBQuvim6hfqrjaDX0bXVvc52a7TSh/zb58gkLbiqvBuPo5P8PBLHCx8bJtZu
|
16
|
+
fjWRdjaftgw7CcsdIuMhbm3823WI/A+/p4s1B5KOPqOYRkgG8FBqFIRTecKAV5wC
|
17
|
+
Z2ruTytoOUBWItrheyJhm+99X1I2y/6mdecBdk7j3+8U+nCsGHkH5Jwjl2BH9tfT
|
18
|
+
RUhVTCQs25XLNm41kZo7xK464xZsJKHXj9jr5gLIdF6CgzU2uYsQHKcw1pAVITLe
|
19
|
+
bfGEob8AcL0E7+1hurRjyYxtxZpsZeGMwI0/BStT+fLEAOJ1byGUgSUbhi9lJ8Hc
|
20
|
+
+NZDfaCaCZKRxjePCqeWjZUUdVoH3fNSi2GuNLqtOFzxlkP5tBErnXufE6XZAtEQ
|
21
|
+
lv/9qxa4ZLsvhbt+6qQryIAHL4aReh/VReER438ARdwG2QDK+vRfhNpke69em5Kb
|
22
|
+
AgMBAAGjggESMIIBDjAdBgNVHQ4EFgQUENX6MjnzqTJdTQMAEakSdXV/I80wgd4G
|
23
|
+
A1UdIwSB1jCB04AUENX6MjnzqTJdTQMAEakSdXV/I82hga+kgawwgakxCzAJBgNV
|
24
|
+
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQHEw5Qb3J0b2xhIFZh
|
25
|
+
bGxleTETMBEGA1UEChMKU2NhbHlyIEluYzEVMBMGA1UECxMMU2NhbHlyIEFnZW50
|
26
|
+
MR0wGwYDVQQDExRTY2FseXIgQWdlbnQgQ0EgUm9vdDEhMB8GCSqGSIb3DQEJARYS
|
27
|
+
Y29udGFjdEBzY2FseXIuY29tggkAzlqSc1a03qgwDAYDVR0TBAUwAwEB/zANBgkq
|
28
|
+
hkiG9w0BAQsFAAOCAgEAmmgm1AeO7wfuR36HHgpZCKZxboRFwc2FzKaHNSg2FQ0G
|
29
|
+
MuOP6HZUQWsaXLe0Kc8emJKrIwrn6x2jMm19Bjbps2bPW6ao6UE/6fb5Z7CX82IX
|
30
|
+
pKlDDH6OfYjDplBzoqf5PkPgxZNyiZ7nyNUWz+P2vesLFVynmej2MvLIZVnEJ2Wp
|
31
|
+
xzyHMKQo92DP8yNEudoK8QQpoLcuNcAli9blt8+NIV9RSDrI9CvArLNpZJMlS1Vx
|
32
|
+
gdzEU3wEQYWc36j3XCsp7ZDvgTm6FpyHS5ccMpXR1E62tVINGX9r+97ZHyxjqurb
|
33
|
+
606y1FzV/5Mf/aihPYSSreq63UVqdsaQfyS77Q4tpJofq875w8nd2Vs3guDs2T0h
|
34
|
+
1bOlV3e2HfglWsHKwNguQZo2nfMUp11IYfV/HOKWNQkbrPhuayXMi3i2wCZe9JNt
|
35
|
+
P9uZ2OjzsVu2QFcSlvZF6y02/bjbNATRfj/J/SHNFyCDu6bXhtAu0yZzFLiOZxjD
|
36
|
+
LwzunBMoWcJj+P2Vx3OhbE9FMyMeKdOWdTgiI1GLEkfJi6s7d/tk1ayLmbBTRD/e
|
37
|
+
XkjSeLBss6mA1INuE1+gKVA4MABsUiLqGZ8xCPN16CyPcTqL2TJFo1IOqivMxKDh
|
38
|
+
H4Z/mHoGi5SRnye+Wo+jyiQiWjJQ5LrlQPbHmuO0tLs9lM1t9nhzLifzga5F4+o=
|
39
|
+
-----END CERTIFICATE-----
|
data/lib/scalyr/common/client.rb
CHANGED
@@ -57,7 +57,7 @@ end
|
|
57
57
|
class ClientSession
|
58
58
|
|
59
59
|
def initialize(logger, add_events_uri, compression_type, compression_level,
|
60
|
-
ssl_verify_peer, ssl_ca_bundle_path,
|
60
|
+
ssl_verify_peer, ssl_ca_bundle_path,
|
61
61
|
record_stats_for_status, flush_quantile_estimates_on_status_send,
|
62
62
|
connect_timeout, socket_timeout, request_timeout, pool_max, pool_max_per_route)
|
63
63
|
@logger = logger
|
@@ -66,7 +66,6 @@ class ClientSession
|
|
66
66
|
@compression_level = compression_level
|
67
67
|
@ssl_verify_peer = ssl_verify_peer
|
68
68
|
@ssl_ca_bundle_path = ssl_ca_bundle_path
|
69
|
-
@append_builtin_cert = append_builtin_cert
|
70
69
|
@record_stats_for_status = record_stats_for_status
|
71
70
|
@flush_quantile_estimates_on_status_send = flush_quantile_estimates_on_status_send
|
72
71
|
@connect_timeout = connect_timeout
|
@@ -75,48 +74,6 @@ class ClientSession
|
|
75
74
|
@pool_max = pool_max
|
76
75
|
@pool_max_per_route = pool_max_per_route
|
77
76
|
|
78
|
-
# A cert to use by default to avoid issues caused by the OpenSSL library not validating certs according to standard
|
79
|
-
@cert_string = "" \
|
80
|
-
"-----BEGIN CERTIFICATE-----\n" \
|
81
|
-
"MIIG6zCCBNOgAwIBAgIJAM5aknNWtN6oMA0GCSqGSIb3DQEBCwUAMIGpMQswCQYD\n" \
|
82
|
-
"VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UEBxMOUG9ydG9sYSBW\n" \
|
83
|
-
"YWxsZXkxEzARBgNVBAoTClNjYWx5ciBJbmMxFTATBgNVBAsTDFNjYWx5ciBBZ2Vu\n" \
|
84
|
-
"dDEdMBsGA1UEAxMUU2NhbHlyIEFnZW50IENBIFJvb3QxITAfBgkqhkiG9w0BCQEW\n" \
|
85
|
-
"EmNvbnRhY3RAc2NhbHlyLmNvbTAeFw0xNDA5MDkyMTUyMDVaFw0yNDA5MDYyMTUy\n" \
|
86
|
-
"MDVaMIGpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEXMBUGA1UE\n" \
|
87
|
-
"BxMOUG9ydG9sYSBWYWxsZXkxEzARBgNVBAoTClNjYWx5ciBJbmMxFTATBgNVBAsT\n" \
|
88
|
-
"DFNjYWx5ciBBZ2VudDEdMBsGA1UEAxMUU2NhbHlyIEFnZW50IENBIFJvb3QxITAf\n" \
|
89
|
-
"BgkqhkiG9w0BCQEWEmNvbnRhY3RAc2NhbHlyLmNvbTCCAiIwDQYJKoZIhvcNAQEB\n" \
|
90
|
-
"BQADggIPADCCAgoCggIBALdNamcMNVxkIB6qVWmNCi1jeyeqOX00rYAWDlyBHff7\n" \
|
91
|
-
"vU833Evuixgrf0HxrOQNiPsOK66ehG6LfJd2UIBDEHBCXRo+aeFQLrCLIVXiqJ2W\n" \
|
92
|
-
"Tvl7dUU9d7zfw/XXif3lMQTiyQAWYTyjfugDczEScEUk93EWFfW47j9PTGh96yKm\n" \
|
93
|
-
"nVbfOxD4XbN0ykdo85cs7M/NOHQj4q34l77XGXrit+nb1cL3wS9ZzJG8s40J2+Dp\n" \
|
94
|
-
"LUA8KBQuvim6hfqrjaDX0bXVvc52a7TSh/zb58gkLbiqvBuPo5P8PBLHCx8bJtZu\n" \
|
95
|
-
"fjWRdjaftgw7CcsdIuMhbm3823WI/A+/p4s1B5KOPqOYRkgG8FBqFIRTecKAV5wC\n" \
|
96
|
-
"Z2ruTytoOUBWItrheyJhm+99X1I2y/6mdecBdk7j3+8U+nCsGHkH5Jwjl2BH9tfT\n" \
|
97
|
-
"RUhVTCQs25XLNm41kZo7xK464xZsJKHXj9jr5gLIdF6CgzU2uYsQHKcw1pAVITLe\n" \
|
98
|
-
"bfGEob8AcL0E7+1hurRjyYxtxZpsZeGMwI0/BStT+fLEAOJ1byGUgSUbhi9lJ8Hc\n" \
|
99
|
-
"+NZDfaCaCZKRxjePCqeWjZUUdVoH3fNSi2GuNLqtOFzxlkP5tBErnXufE6XZAtEQ\n" \
|
100
|
-
"lv/9qxa4ZLsvhbt+6qQryIAHL4aReh/VReER438ARdwG2QDK+vRfhNpke69em5Kb\n" \
|
101
|
-
"AgMBAAGjggESMIIBDjAdBgNVHQ4EFgQUENX6MjnzqTJdTQMAEakSdXV/I80wgd4G\n" \
|
102
|
-
"A1UdIwSB1jCB04AUENX6MjnzqTJdTQMAEakSdXV/I82hga+kgawwgakxCzAJBgNV\n" \
|
103
|
-
"BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQHEw5Qb3J0b2xhIFZh\n" \
|
104
|
-
"bGxleTETMBEGA1UEChMKU2NhbHlyIEluYzEVMBMGA1UECxMMU2NhbHlyIEFnZW50\n" \
|
105
|
-
"MR0wGwYDVQQDExRTY2FseXIgQWdlbnQgQ0EgUm9vdDEhMB8GCSqGSIb3DQEJARYS\n" \
|
106
|
-
"Y29udGFjdEBzY2FseXIuY29tggkAzlqSc1a03qgwDAYDVR0TBAUwAwEB/zANBgkq\n" \
|
107
|
-
"hkiG9w0BAQsFAAOCAgEAmmgm1AeO7wfuR36HHgpZCKZxboRFwc2FzKaHNSg2FQ0G\n" \
|
108
|
-
"MuOP6HZUQWsaXLe0Kc8emJKrIwrn6x2jMm19Bjbps2bPW6ao6UE/6fb5Z7CX82IX\n" \
|
109
|
-
"pKlDDH6OfYjDplBzoqf5PkPgxZNyiZ7nyNUWz+P2vesLFVynmej2MvLIZVnEJ2Wp\n" \
|
110
|
-
"xzyHMKQo92DP8yNEudoK8QQpoLcuNcAli9blt8+NIV9RSDrI9CvArLNpZJMlS1Vx\n" \
|
111
|
-
"gdzEU3wEQYWc36j3XCsp7ZDvgTm6FpyHS5ccMpXR1E62tVINGX9r+97ZHyxjqurb\n" \
|
112
|
-
"606y1FzV/5Mf/aihPYSSreq63UVqdsaQfyS77Q4tpJofq875w8nd2Vs3guDs2T0h\n" \
|
113
|
-
"1bOlV3e2HfglWsHKwNguQZo2nfMUp11IYfV/HOKWNQkbrPhuayXMi3i2wCZe9JNt\n" \
|
114
|
-
"P9uZ2OjzsVu2QFcSlvZF6y02/bjbNATRfj/J/SHNFyCDu6bXhtAu0yZzFLiOZxjD\n" \
|
115
|
-
"LwzunBMoWcJj+P2Vx3OhbE9FMyMeKdOWdTgiI1GLEkfJi6s7d/tk1ayLmbBTRD/e\n" \
|
116
|
-
"XkjSeLBss6mA1INuE1+gKVA4MABsUiLqGZ8xCPN16CyPcTqL2TJFo1IOqivMxKDh\n" \
|
117
|
-
"H4Z/mHoGi5SRnye+Wo+jyiQiWjJQ5LrlQPbHmuO0tLs9lM1t9nhzLifzga5F4+o=\n" \
|
118
|
-
"-----END CERTIFICATE-----"
|
119
|
-
|
120
77
|
# Request statistics are accumulated across multiple threads and must be accessed through a mutex
|
121
78
|
@stats_lock = Mutex.new
|
122
79
|
@latency_stats = get_new_latency_stats
|
@@ -159,19 +116,15 @@ class ClientSession
|
|
159
116
|
# verify peers to prevent potential MITM attacks
|
160
117
|
if @ssl_verify_peer
|
161
118
|
c[:ssl][:verify] = :strict
|
162
|
-
@
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
end
|
167
|
-
if @append_builtin_cert
|
168
|
-
open(@ca_cert.path, 'a') do |f|
|
169
|
-
f.puts @cert_string
|
170
|
-
end
|
119
|
+
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} to validate the server side certificate")
|
120
|
+
|
121
|
+
if not File.file?(@ssl_ca_bundle_path)
|
122
|
+
raise Errno::ENOENT.new("Invalid path for ssl_ca_bundle_path config option - file doesn't exist or is not readable")
|
171
123
|
end
|
172
|
-
|
173
|
-
c[:ssl][:ca_file] = @
|
124
|
+
|
125
|
+
c[:ssl][:ca_file] = @ssl_ca_bundle_path
|
174
126
|
else
|
127
|
+
@logger.warn("SSL certificate validation has been disabled. You are strongly encouraged to enable it to prevent possible MITM and similar attacks.")
|
175
128
|
c[:ssl][:verify] = :disable
|
176
129
|
end
|
177
130
|
|
data/lib/scalyr/constants.rb
CHANGED
@@ -1,5 +1,14 @@
|
|
1
1
|
# encoding: utf-8
|
2
|
-
|
2
|
+
|
3
|
+
PLUGIN_VERSION = "v0.2.7.beta"
|
3
4
|
|
4
5
|
# Special event level attribute name which can be used for setting event level serverHost attribute
|
5
6
|
EVENT_LEVEL_SERVER_HOST_ATTRIBUTE_NAME = '__origServerHost'
|
7
|
+
|
8
|
+
# Path to the bundled root CA certs used to sign server cert
|
9
|
+
CA_CERTS_PATH = File.expand_path(File.join(File.dirname(__FILE__), + "/certs/ca_certs.crt"))
|
10
|
+
|
11
|
+
# Additional check on import to catch this issue early (in case of a invalid path or similar)
|
12
|
+
if not File.file?(CA_CERTS_PATH)
|
13
|
+
raise Errno::ENOENT.new("Invalid path specified for CA_CERTS_PATH module constant (likely a developer error).")
|
14
|
+
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = 'logstash-output-scalyr'
|
3
|
-
s.version = '0.2.
|
3
|
+
s.version = '0.2.7.beta'
|
4
4
|
s.licenses = ['Apache-2.0']
|
5
5
|
s.summary = "Scalyr output plugin for Logstash"
|
6
6
|
s.description = "Sends log data collected by Logstash to Scalyr (https://www.scalyr.com)"
|
@@ -0,0 +1,41 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIHQDCCBiigAwIBAgIQD9B43Ujxor1NDyupa2A4/jANBgkqhkiG9w0BAQsFADBN
|
3
|
+
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
|
4
|
+
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI4MDAwMDAwWhcN
|
5
|
+
MjAxMjAyMTIwMDAwWjCBpTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
|
6
|
+
aWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMTwwOgYDVQQKEzNJbnRlcm5ldCBDb3Jw
|
7
|
+
b3JhdGlvbiBmb3IgQXNzaWduZWQgTmFtZXMgYW5kIE51bWJlcnMxEzARBgNVBAsT
|
8
|
+
ClRlY2hub2xvZ3kxGDAWBgNVBAMTD3d3dy5leGFtcGxlLm9yZzCCASIwDQYJKoZI
|
9
|
+
hvcNAQEBBQADggEPADCCAQoCggEBANDwEnSgliByCGUZElpdStA6jGaPoCkrp9vV
|
10
|
+
rAzPpXGSFUIVsAeSdjF11yeOTVBqddF7U14nqu3rpGA68o5FGGtFM1yFEaogEv5g
|
11
|
+
rJ1MRY/d0w4+dw8JwoVlNMci+3QTuUKf9yH28JxEdG3J37Mfj2C3cREGkGNBnY80
|
12
|
+
eyRJRqzy8I0LSPTTkhr3okXuzOXXg38ugr1x3SgZWDNuEaE6oGpyYJIBWZ9jF3pJ
|
13
|
+
QnucP9vTBejMh374qvyd0QVQq3WxHrogy4nUbWw3gihMxT98wRD1oKVma1NTydvt
|
14
|
+
hcNtBfhkp8kO64/hxLHrLWgOFT/l4tz8IWQt7mkrBHjbd2XLVPkCAwEAAaOCA8Ew
|
15
|
+
ggO9MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRm
|
16
|
+
mGIC4AmRp9njNvt2xrC/oW2nvjCBgQYDVR0RBHoweIIPd3d3LmV4YW1wbGUub3Jn
|
17
|
+
ggtleGFtcGxlLmNvbYILZXhhbXBsZS5lZHWCC2V4YW1wbGUubmV0ggtleGFtcGxl
|
18
|
+
Lm9yZ4IPd3d3LmV4YW1wbGUuY29tgg93d3cuZXhhbXBsZS5lZHWCD3d3dy5leGFt
|
19
|
+
cGxlLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
|
20
|
+
AQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
|
21
|
+
bS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5j
|
22
|
+
b20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgG
|
23
|
+
CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAEC
|
24
|
+
AjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj
|
25
|
+
ZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t
|
26
|
+
L0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIB
|
27
|
+
fwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb
|
28
|
+
37jjd80OyA3cEAAAAWdcMZVGAAAEAwBIMEYCIQCEZIG3IR36Gkj1dq5L6EaGVycX
|
29
|
+
sHvpO7dKV0JsooTEbAIhALuTtf4wxGTkFkx8blhTV+7sf6pFT78ORo7+cP39jkJC
|
30
|
+
AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFnXDGWFQAABAMA
|
31
|
+
RzBFAiBvqnfSHKeUwGMtLrOG3UGLQIoaL3+uZsGTX3MfSJNQEQIhANL5nUiGBR6g
|
32
|
+
l0QlCzzqzvorGXyB/yd7nttYttzo8EpOAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkC
|
33
|
+
wQApBo2yCJo32RMAAAFnXDGWnAAABAMARzBFAiEA5Hn7Q4SOyqHkT+kDsHq7ku7z
|
34
|
+
RDuM7P4UDX2ft2Mpny0CIE13WtxJAUr0aASFYZ/XjSAMMfrB0/RxClvWVss9LHKM
|
35
|
+
MA0GCSqGSIb3DQEBCwUAA4IBAQBzcIXvQEGnakPVeJx7VUjmvGuZhrr7DQOLeP4R
|
36
|
+
8CmgDM1pFAvGBHiyzvCH1QGdxFl6cf7wbp7BoLCRLR/qPVXFMwUMzcE1GLBqaGZM
|
37
|
+
v1Yh2lvZSLmMNSGRXdx113pGLCInpm/TOhfrvr0TxRImc8BdozWJavsn1N2qdHQu
|
38
|
+
N+UBO6bQMLCD0KHEdSGFsuX6ZwAworxTg02/1qiDu7zW7RyzHvFYA4IAjpzvkPIa
|
39
|
+
X6KjBtpdvp/aXabmL95YgBjT8WJ7pqOfrqhpcmOBZa6Cg6O1l4qbIFH/Gj9hQB5I
|
40
|
+
0Gs4+eH6F9h3SojmPTYkT+8KuZ9w84Mn+M8qBXUQoYoKgIjN
|
41
|
+
-----END CERTIFICATE-----
|
@@ -10,6 +10,8 @@ require 'webmock/rspec'
|
|
10
10
|
gem 'json', '1.8.6'
|
11
11
|
require 'json'
|
12
12
|
|
13
|
+
EXAMPLE_COME_CA_CERTS_PATH = File.expand_path(File.join(File.dirname(__FILE__), + "/fixtures/example_com.pem"))
|
14
|
+
|
13
15
|
WebMock.allow_net_connect!
|
14
16
|
|
15
17
|
RSpec.configure do |rspec|
|
@@ -64,49 +66,35 @@ describe LogStash::Outputs::Scalyr do
|
|
64
66
|
end
|
65
67
|
end
|
66
68
|
|
67
|
-
context "when pointing at
|
68
|
-
it "throws an
|
69
|
+
context "when pointing at an invalid location (doesnt exist) without any valid certs" do
|
70
|
+
it "throws an Errno::ENOENT error" do
|
69
71
|
plugin = LogStash::Outputs::Scalyr.new({
|
70
72
|
'api_write_token' => '1234',
|
71
73
|
'perform_connectivity_check' => false,
|
72
74
|
'ssl_ca_bundle_path' => '/fakepath/nocerts',
|
73
|
-
'append_builtin_cert' => false,
|
74
75
|
'max_retries' => 2,
|
75
76
|
'retry_max_interval' => 2,
|
76
77
|
'retry_initial_interval' => 0.2,
|
77
78
|
})
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
expect(plugin.instance_variable_get(:@logger)).to have_received(:warn).with("Error uploading to Scalyr (will backoff-retry)",
|
83
|
-
{
|
84
|
-
:error_class=>"Manticore::UnknownException",
|
85
|
-
:batch_num=>1,
|
86
|
-
:message=>"java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
87
|
-
:payload_size=>737,
|
88
|
-
:record_count=>3,
|
89
|
-
:total_batches=>1,
|
90
|
-
:url=>"https://agent.scalyr.com/addEvents",
|
91
|
-
:will_retry_in_seconds=>0.4
|
92
|
-
}
|
93
|
-
)
|
79
|
+
|
80
|
+
expect {
|
81
|
+
plugin.register
|
82
|
+
}.to raise_error(Errno::ENOENT, /Invalid path for ssl_ca_bundle_path config option - file doesn't exist or is not readable/)
|
94
83
|
end
|
95
84
|
end
|
96
85
|
|
97
|
-
context "when
|
86
|
+
context "when pointing to an empty certs file" do
|
98
87
|
it "throws an SSLError" do
|
99
|
-
|
100
|
-
`sudo mv #{OpenSSL::X509::DEFAULT_CERT_DIR} /tmp/system_certs`
|
88
|
+
temp_file = file = Tempfile.new('emot_certs_file')
|
101
89
|
|
102
90
|
begin
|
103
91
|
plugin = LogStash::Outputs::Scalyr.new({
|
104
92
|
'api_write_token' => '1234',
|
105
93
|
'perform_connectivity_check' => false,
|
106
|
-
'append_builtin_cert' => false,
|
107
94
|
'max_retries' => 2,
|
108
95
|
'retry_max_interval' => 2,
|
109
96
|
'retry_initial_interval' => 0.2,
|
97
|
+
'ssl_ca_bundle_path' => temp_file.path
|
110
98
|
})
|
111
99
|
plugin.register
|
112
100
|
plugin.instance_variable_set(:@running, false)
|
@@ -116,7 +104,8 @@ describe LogStash::Outputs::Scalyr do
|
|
116
104
|
{
|
117
105
|
:error_class=>"Manticore::UnknownException",
|
118
106
|
:batch_num=>1,
|
119
|
-
:message=>"
|
107
|
+
:message=>"Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
108
|
+
#:message=>"java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
120
109
|
:payload_size=>737,
|
121
110
|
:record_count=>3,
|
122
111
|
:total_batches=>1,
|
@@ -125,9 +114,8 @@ describe LogStash::Outputs::Scalyr do
|
|
125
114
|
}
|
126
115
|
)
|
127
116
|
end
|
128
|
-
|
129
|
-
|
130
|
-
`sudo mv /tmp/system_cert.pem #{OpenSSL::X509::DEFAULT_CERT_FILE}`
|
117
|
+
ensure
|
118
|
+
temp_file.unlink
|
131
119
|
end
|
132
120
|
end
|
133
121
|
|
@@ -178,23 +166,22 @@ describe LogStash::Outputs::Scalyr do
|
|
178
166
|
end
|
179
167
|
end
|
180
168
|
|
181
|
-
context "when an error occurs with retries at 15" do
|
182
|
-
it "exits after
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
end
|
169
|
+
context "when an error occurs with retries at 15 and invalid example_com cert" do
|
170
|
+
it "exits after 15 retries and emits a log" do
|
171
|
+
plugin = LogStash::Outputs::Scalyr.new({
|
172
|
+
'api_write_token' => '1234',
|
173
|
+
'perform_connectivity_check' => false,
|
174
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
175
|
+
'max_retries' => 15,
|
176
|
+
'retry_max_interval' => 0.2,
|
177
|
+
'retry_initial_interval' => 0.1,
|
178
|
+
})
|
179
|
+
plugin.register
|
180
|
+
allow(plugin.instance_variable_get(:@logger)).to receive(:error)
|
181
|
+
plugin.multi_receive(sample_events)
|
182
|
+
expect(plugin.instance_variable_get(:@logger)).to have_received(:error).with("Failed to send 3 events after 15 tries.", anything
|
183
|
+
)
|
184
|
+
end
|
198
185
|
end
|
199
186
|
end
|
200
187
|
|
@@ -207,11 +194,10 @@ describe LogStash::Outputs::Scalyr do
|
|
207
194
|
plugin = LogStash::Outputs::Scalyr.new({
|
208
195
|
'api_write_token' => '1234',
|
209
196
|
'perform_connectivity_check' => false,
|
210
|
-
'ssl_ca_bundle_path' =>
|
211
|
-
'append_builtin_cert' => false,
|
197
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
212
198
|
'max_retries' => 2,
|
213
|
-
'retry_max_interval' => 2,
|
214
|
-
'retry_initial_interval' => 0.
|
199
|
+
'retry_max_interval' => 0.2,
|
200
|
+
'retry_initial_interval' => 0.1,
|
215
201
|
})
|
216
202
|
plugin.register
|
217
203
|
plugin.instance_variable_set(:@running, false)
|
@@ -228,7 +214,7 @@ describe LogStash::Outputs::Scalyr do
|
|
228
214
|
:record_count=>3,
|
229
215
|
:total_batches=>1,
|
230
216
|
:url=>"https://agent.scalyr.com/addEvents",
|
231
|
-
:will_retry_in_seconds=>0.
|
217
|
+
:will_retry_in_seconds=>0.2,
|
232
218
|
:body=>"stubbed response"
|
233
219
|
}
|
234
220
|
)
|
@@ -243,11 +229,10 @@ describe LogStash::Outputs::Scalyr do
|
|
243
229
|
plugin = LogStash::Outputs::Scalyr.new({
|
244
230
|
'api_write_token' => '1234',
|
245
231
|
'perform_connectivity_check' => false,
|
246
|
-
'ssl_ca_bundle_path' =>
|
247
|
-
'append_builtin_cert' => false,
|
232
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
248
233
|
'max_retries' => 2,
|
249
|
-
'retry_max_interval' => 2,
|
250
|
-
'retry_initial_interval' => 0.
|
234
|
+
'retry_max_interval' => 0.2,
|
235
|
+
'retry_initial_interval' => 0.1,
|
251
236
|
})
|
252
237
|
plugin.register
|
253
238
|
plugin.instance_variable_set(:@running, false)
|
@@ -264,7 +249,7 @@ describe LogStash::Outputs::Scalyr do
|
|
264
249
|
:record_count=>3,
|
265
250
|
:total_batches=>1,
|
266
251
|
:url=>"https://agent.scalyr.com/addEvents",
|
267
|
-
:will_retry_in_seconds=>0.
|
252
|
+
:will_retry_in_seconds=>0.2,
|
268
253
|
:body=>"stubbed response"
|
269
254
|
}
|
270
255
|
)
|
@@ -279,11 +264,10 @@ describe LogStash::Outputs::Scalyr do
|
|
279
264
|
plugin = LogStash::Outputs::Scalyr.new({
|
280
265
|
'api_write_token' => '1234',
|
281
266
|
'perform_connectivity_check' => false,
|
282
|
-
'ssl_ca_bundle_path' =>
|
283
|
-
'append_builtin_cert' => false,
|
267
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
284
268
|
'max_retries' => 2,
|
285
|
-
'retry_max_interval' => 2,
|
286
|
-
'retry_initial_interval' => 0.
|
269
|
+
'retry_max_interval' => 0.2,
|
270
|
+
'retry_initial_interval' => 0.1,
|
287
271
|
})
|
288
272
|
plugin.register
|
289
273
|
plugin.instance_variable_set(:@running, false)
|
@@ -300,7 +284,7 @@ describe LogStash::Outputs::Scalyr do
|
|
300
284
|
:record_count=>3,
|
301
285
|
:total_batches=>1,
|
302
286
|
:url=>"https://agent.scalyr.com/addEvents",
|
303
|
-
:will_retry_in_seconds=>0.
|
287
|
+
:will_retry_in_seconds=>0.2,
|
304
288
|
:body=>("0123456789" * 50) + "012345678..."
|
305
289
|
}
|
306
290
|
)
|
@@ -316,11 +300,10 @@ describe LogStash::Outputs::Scalyr do
|
|
316
300
|
plugin = LogStash::Outputs::Scalyr.new({
|
317
301
|
'api_write_token' => '1234',
|
318
302
|
'perform_connectivity_check' => false,
|
319
|
-
'ssl_ca_bundle_path' =>
|
320
|
-
'append_builtin_cert' => false,
|
303
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
321
304
|
'max_retries' => 2,
|
322
|
-
'retry_max_interval' => 2,
|
323
|
-
'retry_initial_interval' => 0.
|
305
|
+
'retry_max_interval' => 0.2,
|
306
|
+
'retry_initial_interval' => 0.1,
|
324
307
|
})
|
325
308
|
plugin.register
|
326
309
|
plugin.instance_variable_set(:@running, false)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-output-scalyr
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7.beta
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Edward Chee
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-08-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -156,6 +156,11 @@ files:
|
|
156
156
|
- NOTICE.TXT
|
157
157
|
- README.md
|
158
158
|
- lib/logstash/outputs/scalyr.rb
|
159
|
+
- lib/scalyr/certs/aaa_cert_services_ca_root.pem
|
160
|
+
- lib/scalyr/certs/ca_certs.crt
|
161
|
+
- lib/scalyr/certs/letsencrypt_isrg_root_x1_selfsigned_root.pem
|
162
|
+
- lib/scalyr/certs/letsencrypt_isrg_root_x2_selfsigned_root.pem
|
163
|
+
- lib/scalyr/certs/scalyr_agent_ca_root.pem
|
159
164
|
- lib/scalyr/common/client.rb
|
160
165
|
- lib/scalyr/common/util.rb
|
161
166
|
- lib/scalyr/constants.rb
|
@@ -166,6 +171,7 @@ files:
|
|
166
171
|
- spec/benchmarks/metrics_overhead.rb
|
167
172
|
- spec/benchmarks/set_session_level_serverhost_on_events.rb
|
168
173
|
- spec/benchmarks/util.rb
|
174
|
+
- spec/logstash/outputs/fixtures/example_com.pem
|
169
175
|
- spec/logstash/outputs/scalyr_integration_spec.rb
|
170
176
|
- spec/logstash/outputs/scalyr_spec.rb
|
171
177
|
- spec/scalyr/common/util_spec.rb
|
@@ -202,6 +208,7 @@ test_files:
|
|
202
208
|
- spec/benchmarks/metrics_overhead.rb
|
203
209
|
- spec/benchmarks/set_session_level_serverhost_on_events.rb
|
204
210
|
- spec/benchmarks/util.rb
|
211
|
+
- spec/logstash/outputs/fixtures/example_com.pem
|
205
212
|
- spec/logstash/outputs/scalyr_integration_spec.rb
|
206
213
|
- spec/logstash/outputs/scalyr_spec.rb
|
207
214
|
- spec/scalyr/common/util_spec.rb
|