logstash-output-syslog 3.0.4 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/LICENSE +199 -10
- data/README.md +1 -1
- data/docs/index.asciidoc +125 -29
- data/lib/logstash/outputs/syslog.rb +103 -11
- data/logstash-output-syslog.gemspec +2 -2
- data/spec/fixtures/README.txt +1 -0
- data/spec/fixtures/ca-crl.pem +11 -0
- data/spec/fixtures/ca-key.pem +28 -0
- data/spec/fixtures/ca.pem +18 -0
- data/spec/fixtures/certs.yaml +41 -0
- data/spec/fixtures/client-ec-key.pem +5 -0
- data/spec/fixtures/client-ec.pem +13 -0
- data/spec/fixtures/client-key.pem +28 -0
- data/spec/fixtures/client.pem +18 -0
- data/spec/fixtures/invalid.pem +1 -0
- data/spec/fixtures/revoked-server-key.pem +28 -0
- data/spec/fixtures/revoked-server.pem +18 -0
- data/spec/fixtures/untrusted-server-key.pem +28 -0
- data/spec/fixtures/untrusted-server.pem +18 -0
- data/spec/fixtures/valid-server-key.pem +28 -0
- data/spec/fixtures/valid-server.pem +18 -0
- data/spec/outputs/syslog_spec.rb +34 -0
- data/spec/outputs/syslog_tls_spec.rb +276 -0
- metadata +58 -14
|
@@ -3,6 +3,7 @@ require "logstash/outputs/base"
|
|
|
3
3
|
require "logstash/namespace"
|
|
4
4
|
require "date"
|
|
5
5
|
require "logstash/codecs/plain"
|
|
6
|
+
require "logstash/plugin_mixins/normalize_config_support"
|
|
6
7
|
|
|
7
8
|
|
|
8
9
|
# Send events to a syslog server.
|
|
@@ -16,6 +17,8 @@ require "logstash/codecs/plain"
|
|
|
16
17
|
# reason want to change the emitted message, modify the `message`
|
|
17
18
|
# configuration option.
|
|
18
19
|
class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
20
|
+
include LogStash::PluginMixins::NormalizeConfigSupport
|
|
21
|
+
|
|
19
22
|
config_name "syslog"
|
|
20
23
|
|
|
21
24
|
FACILITY_LABELS = [
|
|
@@ -54,6 +57,8 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
54
57
|
"debug",
|
|
55
58
|
]
|
|
56
59
|
|
|
60
|
+
CRL_END_TAG = "\n-----END X509 CRL-----\n"
|
|
61
|
+
|
|
57
62
|
# syslog server address to connect to
|
|
58
63
|
config :host, :validate => :string, :required => true
|
|
59
64
|
|
|
@@ -70,10 +75,16 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
70
75
|
config :ssl_verify, :validate => :boolean, :default => false
|
|
71
76
|
|
|
72
77
|
# The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
|
|
73
|
-
config :ssl_cacert, :validate => :path
|
|
78
|
+
config :ssl_cacert, :validate => :path, :deprecated => "Use 'ssl_certificate_authorities' instead."
|
|
79
|
+
|
|
80
|
+
# The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
|
|
81
|
+
config :ssl_certificate_authorities, :validate => :path, :list => true
|
|
74
82
|
|
|
75
83
|
# SSL certificate path
|
|
76
|
-
config :ssl_cert, :validate => :path
|
|
84
|
+
config :ssl_cert, :validate => :path, :deprecated => "Use 'ssl_certificate' instead."
|
|
85
|
+
|
|
86
|
+
# SSL certificate path
|
|
87
|
+
config :ssl_certificate, :validate => :path
|
|
77
88
|
|
|
78
89
|
# SSL key path
|
|
79
90
|
config :ssl_key, :validate => :path
|
|
@@ -81,6 +92,22 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
81
92
|
# SSL key passphrase
|
|
82
93
|
config :ssl_key_passphrase, :validate => :password, :default => nil
|
|
83
94
|
|
|
95
|
+
# CRL file or bundle of CRLs
|
|
96
|
+
config :ssl_crl_path, :validate => :path
|
|
97
|
+
|
|
98
|
+
# CRL check flags.
|
|
99
|
+
# When `leaf` (default), only the server certificate (first certificate of the certificate chain) will be subject to validation by CRL.
|
|
100
|
+
# Set to `chain` to validate the complete certificate chain against CRLs.
|
|
101
|
+
# For each certificate validated, a CRL from its issuing Certificate Authority must be present in the `ssl_crl_path`.
|
|
102
|
+
config :ssl_crl_check, :validate => ["leaf", "chain"], :list => true, :default => ["leaf"]
|
|
103
|
+
|
|
104
|
+
# The list of cipher suites to use, listed by priorities.
|
|
105
|
+
# Supported cipher suites vary depending on which version of Java is used.
|
|
106
|
+
config :ssl_cipher_suites, :validate => :string, :list => true
|
|
107
|
+
|
|
108
|
+
# NOTE: not setting this param uses Java SSL engine defaults.
|
|
109
|
+
config :ssl_supported_protocols, :validate => ['TLSv1.1', 'TLSv1.2', 'TLSv1.3'], :list => true
|
|
110
|
+
|
|
84
111
|
# use label parsing for severity and facility levels
|
|
85
112
|
# use priority field if set to false
|
|
86
113
|
config :use_labels, :validate => :boolean, :default => true
|
|
@@ -125,14 +152,29 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
125
152
|
# syslog message format: you can choose between rfc3164 or rfc5424
|
|
126
153
|
config :rfc, :validate => ["rfc3164", "rfc5424"], :default => "rfc3164"
|
|
127
154
|
|
|
155
|
+
# RFC5424 structured data.
|
|
156
|
+
config :structured_data, :validate => :string, :default => ""
|
|
157
|
+
|
|
128
158
|
def register
|
|
159
|
+
@ssl_certificate_authorities = normalize_config(:ssl_certificate_authorities) do |normalize|
|
|
160
|
+
normalize.with_deprecated_mapping(:ssl_cacert) do |ssl_cacert|
|
|
161
|
+
[ssl_cacert]
|
|
162
|
+
end
|
|
163
|
+
end
|
|
164
|
+
|
|
165
|
+
@ssl_certificate = normalize_config(:ssl_certificate) do |normalize|
|
|
166
|
+
normalize.with_deprecated_alias(:ssl_cert)
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
validate_options
|
|
170
|
+
|
|
129
171
|
@client_socket = nil
|
|
130
172
|
|
|
131
173
|
if ssl?
|
|
132
174
|
@ssl_context = setup_ssl
|
|
133
175
|
end
|
|
134
|
-
|
|
135
|
-
if @codec.
|
|
176
|
+
|
|
177
|
+
if @codec.class.name == "LogStash::Codecs::Plain"
|
|
136
178
|
if @codec.config["format"].nil?
|
|
137
179
|
@codec = LogStash::Codecs::Plain.new({"format" => @message})
|
|
138
180
|
end
|
|
@@ -141,6 +183,11 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
141
183
|
|
|
142
184
|
# use instance variable to avoid string comparison for each event
|
|
143
185
|
@is_rfc3164 = (@rfc == "rfc3164")
|
|
186
|
+
|
|
187
|
+
if @is_rfc3164 && !@structured_data.empty?
|
|
188
|
+
raise LogStash::ConfigurationError, "Structured data is not supported for RFC3164"
|
|
189
|
+
end
|
|
190
|
+
|
|
144
191
|
end
|
|
145
192
|
|
|
146
193
|
def receive(event)
|
|
@@ -169,8 +216,9 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
169
216
|
syslog_msg = "<#{priority.to_s}>#{timestamp} #{sourcehost} #{appname}[#{procid}]: #{message}"
|
|
170
217
|
else
|
|
171
218
|
msgid = event.sprintf(@msgid)
|
|
219
|
+
sd = @structured_data.empty? ? "-" : event.sprintf(@structured_data)
|
|
172
220
|
timestamp = event.sprintf("%{+YYYY-MM-dd'T'HH:mm:ss.SSSZZ}")
|
|
173
|
-
syslog_msg = "<#{priority.to_s}>1 #{timestamp} #{sourcehost} #{appname} #{procid} #{msgid}
|
|
221
|
+
syslog_msg = "<#{priority.to_s}>1 #{timestamp} #{sourcehost} #{appname} #{procid} #{msgid} #{sd} #{message}"
|
|
174
222
|
end
|
|
175
223
|
|
|
176
224
|
begin
|
|
@@ -209,6 +257,8 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
209
257
|
socket = TCPSocket.new(@host, @port)
|
|
210
258
|
if ssl?
|
|
211
259
|
socket = OpenSSL::SSL::SSLSocket.new(socket, @ssl_context)
|
|
260
|
+
# Use SNI extension
|
|
261
|
+
socket.hostname = @host
|
|
212
262
|
begin
|
|
213
263
|
socket.connect
|
|
214
264
|
rescue OpenSSL::SSL::SSLError => ssle
|
|
@@ -226,20 +276,62 @@ class LogStash::Outputs::Syslog < LogStash::Outputs::Base
|
|
|
226
276
|
def setup_ssl
|
|
227
277
|
require "openssl"
|
|
228
278
|
ssl_context = OpenSSL::SSL::SSLContext.new
|
|
229
|
-
ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(@
|
|
230
|
-
ssl_context.key = OpenSSL::PKey::
|
|
279
|
+
ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(@ssl_certificate))
|
|
280
|
+
ssl_context.key = OpenSSL::PKey::read(File.read(@ssl_key),@ssl_key_passphrase)
|
|
281
|
+
ssl_context.ciphers = @ssl_cipher_suites if @ssl_cipher_suites&.any?
|
|
231
282
|
if @ssl_verify
|
|
232
283
|
cert_store = OpenSSL::X509::Store.new
|
|
233
284
|
# Load the system default certificate path to the store
|
|
234
285
|
cert_store.set_default_paths
|
|
235
|
-
if
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
286
|
+
if @ssl_certificate_authorities
|
|
287
|
+
@ssl_certificate_authorities.each do |ca_path|
|
|
288
|
+
if File.directory?(ca_path)
|
|
289
|
+
cert_store.add_path(ca_path)
|
|
290
|
+
else
|
|
291
|
+
cert_store.add_file(ca_path)
|
|
292
|
+
end
|
|
293
|
+
end
|
|
294
|
+
end
|
|
295
|
+
if @ssl_crl_path
|
|
296
|
+
# copy the behavior of X509_load_crl_file() which supports loading bundles of CRLs.
|
|
297
|
+
File.read(@ssl_crl_path).split(CRL_END_TAG).each do |crl|
|
|
298
|
+
crl << CRL_END_TAG
|
|
299
|
+
cert_store.add_crl(OpenSSL::X509::CRL.new(crl))
|
|
300
|
+
end
|
|
301
|
+
cert_store.flags = @ssl_crl_check.include?("chain") ? OpenSSL::X509::V_FLAG_CRL_CHECK|OpenSSL::X509::V_FLAG_CRL_CHECK_ALL : OpenSSL::X509::V_FLAG_CRL_CHECK
|
|
239
302
|
end
|
|
240
303
|
ssl_context.cert_store = cert_store
|
|
241
304
|
ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
|
|
242
305
|
end
|
|
306
|
+
|
|
307
|
+
ssl_context.min_version = :TLS1_1 # not strictly required - JVM should have disabled TLSv1
|
|
308
|
+
if @ssl_supported_protocols && @ssl_supported_protocols.any?
|
|
309
|
+
disabled_protocols = ['TLSv1.1', 'TLSv1.2', 'TLSv1.3'] - @ssl_supported_protocols
|
|
310
|
+
# mapping 'TLSv1.2' -> OpenSSL::SSL::OP_NO_TLSv1_2
|
|
311
|
+
disabled_protocols.map! { |v| OpenSSL::SSL.const_get "OP_NO_#{v.sub('.', '_')}" }
|
|
312
|
+
ssl_context.options = disabled_protocols.reduce(ssl_context.options, :|)
|
|
313
|
+
end
|
|
314
|
+
|
|
243
315
|
ssl_context
|
|
244
316
|
end
|
|
317
|
+
|
|
318
|
+
def validate_options
|
|
319
|
+
if ssl?
|
|
320
|
+
# Check if ssl_crl_check was provided while ssl_crl_path is not set.
|
|
321
|
+
if original_params.key?("ssl_crl_check") && @ssl_crl_path.nil?
|
|
322
|
+
raise LogStash::ConfigurationError, "ssl_crl_check is set but ssl_crl_path is not set"
|
|
323
|
+
end
|
|
324
|
+
|
|
325
|
+
# "leaf" and "chain" are mutually exclusive.
|
|
326
|
+
if @ssl_crl_check.include?("leaf") && @ssl_crl_check.include?("chain")
|
|
327
|
+
raise LogStash::ConfigurationError, "ssl_crl_check can only contain one of 'leaf' or 'chain'"
|
|
328
|
+
end
|
|
329
|
+
else
|
|
330
|
+
# Check if any SSL settings were provided when not using SSL.
|
|
331
|
+
ssl_config_provided = original_params.select { |k| k.start_with?("ssl_") }
|
|
332
|
+
if ssl_config_provided.any?
|
|
333
|
+
@logger.warn("Configured SSL settings are not used when `protocol` is set to '#{@protocol}': #{ssl_config_provided.keys}")
|
|
334
|
+
end
|
|
335
|
+
end
|
|
336
|
+
end
|
|
245
337
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-output-syslog'
|
|
4
|
-
s.version = '3.0
|
|
4
|
+
s.version = '3.1.0'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "Sends events to a `syslog` server"
|
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -22,8 +22,8 @@ Gem::Specification.new do |s|
|
|
|
22
22
|
# Gem dependencies
|
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
|
24
24
|
s.add_runtime_dependency 'logstash-codec-plain'
|
|
25
|
+
s.add_runtime_dependency 'logstash-mixin-normalize_config_support'
|
|
25
26
|
|
|
26
27
|
s.add_development_dependency 'logstash-devutils'
|
|
27
28
|
s.add_development_dependency 'logstash-codec-json'
|
|
28
29
|
end
|
|
29
|
-
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
To regenerate the test certificates, you can use https://github.com/tsaarni/certyaml.
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
-----BEGIN X509 CRL-----
|
|
2
|
+
MIIBmDCBgQIBATANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJjYRcNMjMwOTEz
|
|
3
|
+
MTEwOTA4WhcNMjMwOTIwMTEwOTA4WjAbMBkCCBeEcMRQn525Fw0yMzA5MTMxMTA5
|
|
4
|
+
MDhaoCMwITAfBgNVHSMEGDAWgBRNukfgtxJMkwu7XMvQ8ETWqi5BVTANBgkqhkiG
|
|
5
|
+
9w0BAQsFAAOCAQEAEMhDOnI3Nh8ggAty32gkGwVd4ypGrVu8dI0CvD+PjnYRAHfK
|
|
6
|
+
Ngs4ByGOM5mKVTN63To6MulytSRR2WtW4JwcfHq1N9lQiL3qLePcU0CNYfcpRK48
|
|
7
|
+
yRVV9qXV2jQAT2halBEhAqlyOH6+enFklCQNUdeCO38jWGPwFOyS4zR+PYWYuymq
|
|
8
|
+
WhtScDaHqk/8DZmY/nblabZ4BIDmActqtfpjR+nF8xhTwThgPpETJkQFh3N4PCy+
|
|
9
|
+
UHp46T5hMlib1Dj1JN/TvSW9XsW40QSJGhqOaaEB0tZKRnGWzpABgcMylrtmuVW/
|
|
10
|
+
du7jT9nrGVczZYoaxF9HVRNHs5d9jUgqfDVETg==
|
|
11
|
+
-----END X509 CRL-----
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC1bRafVn9FLMBV
|
|
3
|
+
sxq49Zv69XJIMPkm7jr6c67jXIw+V7H1xYrwsPhtpnu4naM185T6F4IStFuBu0Kt
|
|
4
|
+
gAw61t3xk0EIwEIN0ESG6g1DUVnk0lamvN/qjgg92sFrsb14L16rO8hEF5x2EGho
|
|
5
|
+
pq4+0irCggUjG2CiJ7PYQhMW8PQU3XSZT3K6H+Csegvt5wjDYLcxtxcptRdBHlvl
|
|
6
|
+
WAQACg1e2qQ36KL+3tRwVFkbv2zwvAu55DzHHoGlOwfyd4iyLnk9Bw1GIp8gJaqi
|
|
7
|
+
odSESvOAxkHLeVUqq8vzr3kRN+pNN6lWADxcOTyATiwzkPKje+5WJn44ROvombtm
|
|
8
|
+
9l++KT+VAgMBAAECggEBALJDD7lb+g10HT+XjigyXCLHzJSWWhkgdx7jT/HiW4Je
|
|
9
|
+
FGPSx+QbXt4OeP47FcTLI5RgSNQsFsVvw+JKMLoXqVfWQk5g6gY8nziY/JMqedNV
|
|
10
|
+
wQJwDuuexwZPzUEOEYbntHM3eF0/feKb2JsLO6ZKRu17Z6TJH7f0nsdclPkzpABi
|
|
11
|
+
uJUChSVmHvcI7lK2aKrrW7NLgO05VDKNp0Z+9f7m3qpsputdc01+S50D9+I6FXOv
|
|
12
|
+
zPBdjNz4LYvKLqdBkJZerBeViTvQ+YcoovxQzy6g5gaWfknVy/vvUG7DXN1yptJ0
|
|
13
|
+
si4ZLT0WbSRX0NU7tAuaaQ2dCVgzYEheYQwDBqFq/4ECgYEA3pRFsyW4doAbY3R7
|
|
14
|
+
598LZjoMGr8LzllOxJEjEPnQiC4sSn2kP2HJ9YQBHt/oZ9Sixx5RmLF05jbWVpEE
|
|
15
|
+
FKxNqPj3B1Ny11lMTUYc8nmu6040u1F30XrG3fRB7bPUSMq7+SfeM9CBMiDlMsJG
|
|
16
|
+
CqJUt6Mf4HiwBIY9cQn8HB5KBbECgYEA0KrusLgxzquF/I7eFEzVdf4u2GlRB8lw
|
|
17
|
+
QDFZNkx4AmHca+dVDUb/QWRGvaHN6Mn9vS1CC1GqO7Vpx6FD6BOm/+ZMHTEFpXmz
|
|
18
|
+
CkDTjXv3oivzfJmec/YCaSSx/xjaYPdz9xesfNhBzraAh1c+KeG4ilYZ/z9H1yAV
|
|
19
|
+
+03o+dxffSUCgYEAra1A3dM3JrA7rtU7wehW+sOcolokmjUxs0wU8rAbucddpBp5
|
|
20
|
+
yUNC1aLVRQQuUqanBXxw6xa9Qs3TXeT2LDNuvcTW7Q5+c+8oDLwC5mlwxgdWOjwN
|
|
21
|
+
pJWLC7IGp7ZElTAskPQ8/G1cAoOMlJjnEnEsbcaJnxxNLJqa4tOJt18jH2ECgYA4
|
|
22
|
+
cgSfSTQv87YK25q3YxFbGacSY2rH8HWs56x6Q7Uy78XwamNXdB0YU0fPhDVvAzTg
|
|
23
|
+
N53l8fFatXgnyDfWT3qdPm7YdqpQWNtVqrOPUjlqZPk4e1WhiKqeRo7fsplgIY/9
|
|
24
|
+
Byphmx4yDKw38CGgsq54vVHK+hM03jkUAb9D15j9AQKBgF+mgmL8teGiKPM6u932
|
|
25
|
+
O5zX/vwvcdxdT/BInliJA2I/gJZ0wYEIMcFlTSl8DI52nBZIssjPpNRp4W3fKWR3
|
|
26
|
+
tnbBzFiFXU88l6QOd3NotINFh/br0LOaJ550zyepcx9z6mN1Z5vv0iYgsZE78nCg
|
|
27
|
+
Z6Tlk4gYoS3xG1q5V1f0JJee
|
|
28
|
+
-----END PRIVATE KEY-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIC4DCCAcigAwIBAgIIF4RwxEiEg+UwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
|
|
3
|
+
AxMCY2EwIBcNNzAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMA0xCzAJBgNV
|
|
4
|
+
BAMTAmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW0Wn1Z/RSzA
|
|
5
|
+
VbMauPWb+vVySDD5Ju46+nOu41yMPlex9cWK8LD4baZ7uJ2jNfOU+heCErRbgbtC
|
|
6
|
+
rYAMOtbd8ZNBCMBCDdBEhuoNQ1FZ5NJWprzf6o4IPdrBa7G9eC9eqzvIRBecdhBo
|
|
7
|
+
aKauPtIqwoIFIxtgoiez2EITFvD0FN10mU9yuh/grHoL7ecIw2C3MbcXKbUXQR5b
|
|
8
|
+
5VgEAAoNXtqkN+ii/t7UcFRZG79s8LwLueQ8xx6BpTsH8neIsi55PQcNRiKfICWq
|
|
9
|
+
oqHUhErzgMZBy3lVKqvL8695ETfqTTepVgA8XDk8gE4sM5Dyo3vuViZ+OETr6Jm7
|
|
10
|
+
ZvZfvik/lQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
|
|
11
|
+
/zAdBgNVHQ4EFgQUTbpH4LcSTJMLu1zL0PBE1qouQVUwDQYJKoZIhvcNAQELBQAD
|
|
12
|
+
ggEBADG3pp79VsvFqR3dAznHtMmprya6gLbh6/oFLGeSaYRZG/eIQQFdnGBxhBu/
|
|
13
|
+
7YfYsZ385ATRvPB5diwpbPZ0u6PVLkXhE2RbYwV3EtPTvRHoTAB1/jdzAp5OoKlx
|
|
14
|
+
DEpN45KiGgkwknkBz0NEPKoOPc++dTnPn1SD3mqdIPSBD+nDrQibCKODAhN+TjfZ
|
|
15
|
+
Fith6yp+RIgst62RrFML56/EhKF4TgCXPKQBvXTXhwyBKeMlXglxhxghXXa+9Pw6
|
|
16
|
+
X6PL238t3iGJm/ClZd+nyifPjR1DUNVJQXDC/ZDsI6qHe5TNZyYBBwC6ymDd/sCU
|
|
17
|
+
L/SfQIFGjFAc2GP3DCiZM5HgvFg=
|
|
18
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
subject: cn=ca
|
|
2
|
+
key_type: RSA
|
|
3
|
+
not_before: 1970-01-01T00:00:00Z
|
|
4
|
+
not_after: 2100-01-01T00:00:00Z
|
|
5
|
+
---
|
|
6
|
+
subject: cn=valid-server
|
|
7
|
+
issuer: cn=ca
|
|
8
|
+
key_type: RSA
|
|
9
|
+
not_before: 1970-01-01T00:00:00Z
|
|
10
|
+
not_after: 2100-01-01T00:00:00Z
|
|
11
|
+
sans:
|
|
12
|
+
- DNS:localhost
|
|
13
|
+
---
|
|
14
|
+
subject: cn=revoked-server
|
|
15
|
+
issuer: cn=ca
|
|
16
|
+
key_type: RSA
|
|
17
|
+
revoked: true
|
|
18
|
+
not_before: 1970-01-01T00:00:00Z
|
|
19
|
+
not_after: 2100-01-01T00:00:00Z
|
|
20
|
+
sans:
|
|
21
|
+
- DNS:localhost
|
|
22
|
+
---
|
|
23
|
+
subject: cn=untrusted-server
|
|
24
|
+
key_type: RSA
|
|
25
|
+
ca: false
|
|
26
|
+
not_before: 1970-01-01T00:00:00Z
|
|
27
|
+
not_after: 2100-01-01T00:00:00Z
|
|
28
|
+
sans:
|
|
29
|
+
- DNS:localhost
|
|
30
|
+
---
|
|
31
|
+
subject: cn=client
|
|
32
|
+
issuer: cn=ca
|
|
33
|
+
key_type: RSA
|
|
34
|
+
not_before: 1970-01-01T00:00:00Z
|
|
35
|
+
not_after: 2100-01-01T00:00:00Z
|
|
36
|
+
---
|
|
37
|
+
subject: cn=client-ec
|
|
38
|
+
issuer: cn=ca
|
|
39
|
+
key_type: EC
|
|
40
|
+
not_before: 1970-01-01T00:00:00Z
|
|
41
|
+
not_after: 2100-01-01T00:00:00Z
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIICCjCB86ADAgECAggXhLgPAPW4dzANBgkqhkiG9w0BAQsFADANMQswCQYDVQQD
|
|
3
|
+
EwJjYTAeFw0yMzA5MTQwODU1MzRaFw0yNDA5MTMwODU1MzRaMBQxEjAQBgNVBAMT
|
|
4
|
+
CWNsaWVudC1lYzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBJfVgYUK5cvt/lS
|
|
5
|
+
2nlfjn6HuLGCHJC+Fh9PiBjozfUMBRp/n0MQ1hRnfqTghitY/qVT8KEEfQyWe2Nv
|
|
6
|
+
VMIP5PCjMzAxMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRNukfgtxJMkwu7
|
|
7
|
+
XMvQ8ETWqi5BVTANBgkqhkiG9w0BAQsFAAOCAQEAP+HsEKYA2d6kCAH/JJSpxMnP
|
|
8
|
+
gwMfjDkmV1bMguYSoOv8fbD17WqpyRojhi+THInP6ggXhJW0Zbz6UNy2GHXtO4+o
|
|
9
|
+
OGLKI2FMUnaLRDMF4NL//FcC1unRQxyw8HQ2oMPNtWVEoo8KURLe0IW2q9/afT89
|
|
10
|
+
59RAZYxizFKSWcoIQGeCoyWzVIa/E+MB4cFKgpTF3zkxr6uWJvXYYwkVtzknsGvW
|
|
11
|
+
v0c2h2Ck//kuQatJSZQpbMaYMEE2480VnwskiOTu1ltxrmcQxz5P0g1zcjEnKQAm
|
|
12
|
+
kB3ENdewzHIq8yaybbf+a/WCsNyyEjKPOsSWeElk77v719B24x1HqkV8FW/eRA==
|
|
13
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDHLmhX4dMBPgXc
|
|
3
|
+
MoBHVH1IRnjAy3uLIQrCNE1HneZPTvLPAcLw1A6PTg3gLnREqz6o4prlGrcnt0OZ
|
|
4
|
+
unqqn3c6lTwG+kNweSip7dDjDNb5aS6Owp6EAmXfkIq7XTb6tAt+au57PnKJQpGV
|
|
5
|
+
vEIMoK4gb/USFm+BrOoHkxLfVCQNlLViQ9DF9o0r9VdJJanJWmPrHKsOuvra1ZZk
|
|
6
|
+
/9nYAO4KhAraeWXhZyWywXpfhxVjh+rk4ucQIVVSeFtcMHbOpfqSPmb3cKY5Er16
|
|
7
|
+
SQiNTlBquHzF7sz3fIw39rDdaF8G5bieI9VK/5FElavjrGuAo6ST+m9vGqyl01gC
|
|
8
|
+
Dx6YYblFAgMBAAECggEAIs4dNZ4kfQcVhxDcEZrV+Zc26pmkEP/JHX5+MpGI+TrW
|
|
9
|
+
ew3XvrWPhcMh8ZasgoNaA7D1WCt+7dW8XlSTstUCxJ3nS2DYAANr86W25rYLqrGS
|
|
10
|
+
jSe9A1xX6OUdGPiE7vIfQAv3eFnFMe8L+ZpYAFTjmI93x51cBtDsZD5zAct2MVkI
|
|
11
|
+
CRB0AdWlvdY4j/FGmDJiDpgFTvBrYDh+fbckFll72Etxt1U7Ssfzw9UTvJWPH1XE
|
|
12
|
+
Pr9Ax/kxCwUy3D/h8dQv5q2jz1lGXCHoo7wq7D0vNRn2i/aA8tPHBdplvf2hN77+
|
|
13
|
+
oUnLGTr+kxI42EkTdG+t/IrPslyG0pFz87TIE8DRAQKBgQDsWJr4dBVdWUUjERN/
|
|
14
|
+
PkpcGHtzu6okxGnXmEcInesKo+E24BdEdrR0+XPtw+JDYhpuWRp4Dta1N2/7Btkk
|
|
15
|
+
MgL3Me3yuz366Q8GIOZqM0+9Sj8qXleb0R66ozIQJECIVEBUYZQN2JyM/wO8hgfL
|
|
16
|
+
oV2S64/fRlAdbqZnjCAFc7yAMQKBgQDXvqDGBxcdU0U1PmDitWydqc8tsNNEDklw
|
|
17
|
+
JyzXAXMZ0OEEYTxta7LP72GWleRm9CyUUcNCC7WLiPcTq77oWLjKzQKx//8JnZ9I
|
|
18
|
+
tDbsfh3LI9h4GG7vIW6tVLbG/CSMRbtVvqdJewNvQeLb6ARlRTpkAXUb5DQiU4O0
|
|
19
|
+
4hydvHR5VQKBgQDazEBTKCwrKhx+FS3mi0UNs0B+aMpflVGi3H9OM9vHEuXJBnWj
|
|
20
|
+
1PzEmba/86rA1M5BP83oPVx5kSPi0XkuL/pc2+U75CnB4gYdl1GYGX6Fb3nAgGw8
|
|
21
|
+
fMEk6TXMibMQQmb3dwo4M0LiqKbN3YrT8cQN4nNjsNU0Gh6FF80BHx7v0QKBgQDH
|
|
22
|
+
b7IhvZYxhrOYh6R6jqnsiXg6zZZO+EINCjnaO73SJJSOPvDkWcW/kJOO59tvDNNU
|
|
23
|
+
/MxadoaJicCVj5N4J+QTnTabo4F4uxvu0qFfNyqFigpm4ndSWX59fq1D/vwuK5wE
|
|
24
|
+
pKzyMWQ4ahiznqTJlRhoMCy47tj+zmMXSFqZugeVzQKBgAcGan9v9Lb7fOVwqcGm
|
|
25
|
+
HBFxzFMljr3NNXUwjAfY64NT8jDLoDj7fHgn+kf779CmHam1vqTRgxWouSlrw1DJ
|
|
26
|
+
qE7qwd6LsOL+WW0XXCWad5NtgFmoMLaCj2u+Fz9xmZX2QmdaZYo3xtlpDK0i2NzK
|
|
27
|
+
SSS5SK+adI5UqxmI0wLlDS4a
|
|
28
|
+
-----END PRIVATE KEY-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIC1TCCAb2gAwIBAgIIGCmaVaybuVEwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
|
|
3
|
+
AxMCY2EwIBcNNzAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBExDzANBgNV
|
|
4
|
+
BAMTBmNsaWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMcuaFfh
|
|
5
|
+
0wE+BdwygEdUfUhGeMDLe4shCsI0TUed5k9O8s8BwvDUDo9ODeAudESrPqjimuUa
|
|
6
|
+
tye3Q5m6eqqfdzqVPAb6Q3B5KKnt0OMM1vlpLo7CnoQCZd+QirtdNvq0C35q7ns+
|
|
7
|
+
colCkZW8QgygriBv9RIWb4Gs6geTEt9UJA2UtWJD0MX2jSv1V0klqclaY+scqw66
|
|
8
|
+
+trVlmT/2dgA7gqECtp5ZeFnJbLBel+HFWOH6uTi5xAhVVJ4W1wwds6l+pI+Zvdw
|
|
9
|
+
pjkSvXpJCI1OUGq4fMXuzPd8jDf2sN1oXwbluJ4j1Ur/kUSVq+Osa4CjpJP6b28a
|
|
10
|
+
rKXTWAIPHphhuUUCAwEAAaMzMDEwDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaA
|
|
11
|
+
FE26R+C3EkyTC7tcy9DwRNaqLkFVMA0GCSqGSIb3DQEBCwUAA4IBAQCqtyU6GOZX
|
|
12
|
+
7uoDQti9KhqNtvQIR2GueBN7A9h+E6xchIReWgWEId5PXzfmwxhlbGeRuB+fxrQ0
|
|
13
|
+
KAsCRP5LxGz4oEU7gsnb6Gffez2urtHwd7Jhf/0pcsVzRdEQ1ZnwGlvc9WjkW37I
|
|
14
|
+
HdT9HVsWSotlnq66VPZLbXtnPN5QMmepuheCNl+I1uWEdtI7i+oF/18cFN1Qq8Q8
|
|
15
|
+
N45qS6svlMTJ/Wt4IQR8gEaQgTGPr31UPF31bPik7H9NUDJvmeiJdE1ZGbzcR/X/
|
|
16
|
+
1vCR71eHMXtYUOEb8G1sytiMhb4hZGbY00bmUX5UQjZY5XxJExpKtgxSN1/rSXpl
|
|
17
|
+
GXkJ7redVKpS
|
|
18
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
not a pem file
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDiN1fa3BcTbvHN
|
|
3
|
+
XN7ulMnYyFrGC+RiOlpa/PlI76NWjoaOmgy7sDzXP3e27ES6k6kRtBf/OriGXJdB
|
|
4
|
+
KQ0z14OCyzTkG7mUjhgRMRtopsWyTKC8TRcjiObIBue89NeiSKZk0YPCNWFZCs2D
|
|
5
|
+
IBSzrK3PoKyMt+cw5nh9MPDe0dypoeDJmiV494LFdOO7FkjLqFH9qcBq30HFdp7Z
|
|
6
|
+
i04OIFnmSEOWWdhIOhXUUKp/aIipsQCp++t1Yn7r2tvHXU7KfT6/q4cKqxA5sWSa
|
|
7
|
+
0KsT/IrcB/fj1DpdLG3apaxETZiaW+6AuCDfNeeKxG0sQLb6U1+1IsSp/p7vG9S2
|
|
8
|
+
2upExnrjAgMBAAECggEAbcyzBfYB9VrKXwWO53qspl5JQQuQpOTx6mwTi4VVYLP5
|
|
9
|
+
N8oqGAeo4ElcEBuKGI2HaKJja2zTF9RlTilg0SLwIFIFsBqM70AxClctmJQqLSro
|
|
10
|
+
cb1xV7whWEGRxbOJ3qkoqpLPQzqpr5CAw/6UTcmo67hvSDYTLzcOkKVqpJx0YJja
|
|
11
|
+
XvQ9m9zeOIOANN2cj3mZPCniDNGzYMF6D2twNEjEwE1OOm8wTkhfdWIimVGmn4US
|
|
12
|
+
mOA4vT78XV2lDvFrroCWKdNFaUZhw0pw3b/uVqagXk2PmDAi0gVg1PzbjwkniwXt
|
|
13
|
+
poTltUpAMyMveMYDK8dbK2wQIJ95F0qQa4KyLIkl4QKBgQD04Bcu6JyUWWAERrm4
|
|
14
|
+
dOxXEGCQeCNp8QmBddSGa8HaWFlmTedCXvCNNOJZYeB+pYdbzVc0nJM3xxDq0o9X
|
|
15
|
+
hXg5iS+I1jEQAuLJCcnaqXdM9nB2EFsy/KRSK6xoxZsiYyUof5DGozbo6GB+bdyl
|
|
16
|
+
NgaPGUkIsOS5GWF+se9whj00WQKBgQDsfj7sMo//bJEPexMsMxTSbq9stAsk9MFe
|
|
17
|
+
WBCYmvD1p7OcwgnICYFOkWo6jcOHYA4ByDIJUyufDgu0Ta4wLyTBZh2dXqHs80jW
|
|
18
|
+
DmeYl4xQzTlEtpVZUX8vMDk9N+9tWHi+Z19MgNpt/QeKBJqaBHgGGqx2CEQzAcjC
|
|
19
|
+
jRAxLPDxmwKBgQDkhGc+IFdW3Z0MAJB6gaq4iREEYQjzabvsM3C0TMUoJQCwxwyE
|
|
20
|
+
VKL5s5tzvDJLHeAWnKa/80ozaDLyYLLiAy0xzEMu2GwKvBa1c8wKodEyYlyK4TKq
|
|
21
|
+
fzg9coI/eAEQ8yMPCxSpOlEYwxqhgZbCGou+aONOF/4qenQQTq7a/HsLaQKBgQDn
|
|
22
|
+
qF7wtjLSDMIn/PJx+HOsElpqzA6im9KTHQbcxeHFcQoDQxubxJvSn6UESHvBLzlp
|
|
23
|
+
S3agJcV0H6kdbH51mqiRffsCfYF2f3XYoPGfysvbFrzDb2rqvGcujTl0m0dAwEo+
|
|
24
|
+
kToL0ail1xc8fngG6Nu9dwF6+Wv83wGOeenjkddPgwKBgD/tIsEPxkiNfi/y1mLT
|
|
25
|
+
cM8i6zZNjoH52lkhJ+zWGwPPLTE2HP5FzY/FEG7qwVAqMTC1Tnw9IXiP0bXPTcxk
|
|
26
|
+
NEaP2GG9g57OtLR4NK+Pw+fiYemoxDf3l9dgoa5T/HBv7Epzaadv0np2TterpE0H
|
|
27
|
+
ul9dMftda0KPvPdGf5xdWCkJ
|
|
28
|
+
-----END PRIVATE KEY-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIC8zCCAdugAwIBAgIIF4RwxFCfnbkwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
|
|
3
|
+
AxMCY2EwIBcNNzAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBkxFzAVBgNV
|
|
4
|
+
BAMTDnJldm9rZWQtc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
|
|
5
|
+
AQEA4jdX2twXE27xzVze7pTJ2MhaxgvkYjpaWvz5SO+jVo6GjpoMu7A81z93tuxE
|
|
6
|
+
upOpEbQX/zq4hlyXQSkNM9eDgss05Bu5lI4YETEbaKbFskygvE0XI4jmyAbnvPTX
|
|
7
|
+
okimZNGDwjVhWQrNgyAUs6ytz6CsjLfnMOZ4fTDw3tHcqaHgyZolePeCxXTjuxZI
|
|
8
|
+
y6hR/anAat9BxXae2YtODiBZ5khDllnYSDoV1FCqf2iIqbEAqfvrdWJ+69rbx11O
|
|
9
|
+
yn0+v6uHCqsQObFkmtCrE/yK3Af349Q6XSxt2qWsRE2YmlvugLgg3zXnisRtLEC2
|
|
10
|
+
+lNftSLEqf6e7xvUttrqRMZ64wIDAQABo0kwRzAOBgNVHQ8BAf8EBAMCBaAwHwYD
|
|
11
|
+
VR0jBBgwFoAUTbpH4LcSTJMLu1zL0PBE1qouQVUwFAYDVR0RBA0wC4IJbG9jYWxo
|
|
12
|
+
b3N0MA0GCSqGSIb3DQEBCwUAA4IBAQBJlXamVwRDqGqbsLCyKef1AXtnsr5h/bih
|
|
13
|
+
lHyO5YChSTiAKb/5rbZx7n1ydIlbFZ1aOCQrqXomQKKSBpW5alHHYSbWeiEit64t
|
|
14
|
+
wDxcqMnz+O+mOvt6NF8ceawUTLRBZLSBV7GJyTBKBAqmLv4UyYti8dEwUScsnxE3
|
|
15
|
+
4nLD9DMCscsoWnG8EADnsiOwXDtZvv7Dt9B/Z8mKUXRH5egeEVNHi7ZSDlCQtadJ
|
|
16
|
+
QO4+Ov/gejknFn8nw4falb94vDYKaZLMHfdtVJ8by+bZ3PNJjSQrvOBC6DC8OStd
|
|
17
|
+
Xh0fNSnDhbKyeSIaMECfYFnCMoph6j9hlU6v1ekml1YNKj0SvAWa
|
|
18
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDIIBZrCyM8Hesb
|
|
3
|
+
ZklBQ4HLfAwtJi2cCR3ZXvRYvVlm+hUtXqlwErS3trx7m7eESB/MyHvWhydnwVEB
|
|
4
|
+
Ioz+cryZoTag1vXW0vtPTD+eUnqyKO24uuXi5upJNgr/+VwEd5OIAblpmZcFyLgL
|
|
5
|
+
5VyES+/kDmDjQD9M1Yman+orIsNgAVLd/bDXMpPzGeH151fQVi+4MNe1dr4DSlx5
|
|
6
|
+
whRU/8e4nkfrgAYJWxGl/vzgLnYmqZVVUPBobEBvA/Zd0tdI2OWAkzcFm+RranCm
|
|
7
|
+
fjxxxZ765MzIrTiPi6PfTMdZenVCbe5HeQYPjxDI0rEdMYS5QgTmrOnG9KXGvCqu
|
|
8
|
+
ud/SxBwzAgMBAAECggEBAIULF/xH5j/EIBYSFSdHKtXNfQbS98VhJi/peYY5M2NL
|
|
9
|
+
ZKLJ6NjyBqSP3pRKfGF71XA95F5FccP/d8vKXXOXcZys2XVqEvujPaGFLlIhwSIK
|
|
10
|
+
JagG0GfdXeoX/I4aB7uMh08G3m2+xvD4dKqr66qkFTJHANBzWOHKoHVkVLgin0KF
|
|
11
|
+
0WoQ+t1xc519Xewi/ghatNifIYKML1prkwIekWUBM7CxONfaAxYg828edgEDDgoy
|
|
12
|
+
Iq7lGyCj5AZfYeW7G7rSxsnMylf5XoA2c68AC0JT6uRLKYQAKzPjntKALktRwROt
|
|
13
|
+
2j1hOq6pw7vSKYCHHXjcB1wrIfGCGegEZISV1890kGECgYEA1xRhB6ezLd7/5yw0
|
|
14
|
+
8w4nYz0YW8/QXcatRDtvvP/kX+RBZLutIivVwCKdDYknuISbcx4uTfgJCfnh9Gju
|
|
15
|
+
6u/EIJWe97k+YLUFeH23lGhnsWTfmJ3XAhs76Jxn/akHypRZ5c4z6tlpydxvHU4X
|
|
16
|
+
c52c6v+yGWuXAP1Wt/fzo9ZAiDECgYEA7jNZct+k/0tqcIdgvkv+bzObDcghyl3d
|
|
17
|
+
aHL1gGCCI4ZT43fp/+7RmAuPK+d+JCzHxDuXIHOZ+gAjfhw6dVjZWCMKXNlI587g
|
|
18
|
+
/rtIgjfZTLUDt+T/5l4hr147xgISyLtaGgvy+BBAF3GpvlhkA1LbNaV2XkUSrzop
|
|
19
|
+
Y5iHocOfdaMCgYEAo2NN2rzg90Xi7UC98K6d6VuuN4EFb1fQpHbqiY9zdA04SEfy
|
|
20
|
+
XHUkalNhL7kzvY6vcKJK1txIMZXsuvlEFqGSQpanLtVAt8KMp14Jqeoua6qP2aZ+
|
|
21
|
+
gZEiz7CRpzdTPee460TcV9pV7Q1SM9bxJdlkLXmVWI5NJmlOCW+JXLsURuECgYAl
|
|
22
|
+
vd0eZnEuQjTLP6gEfuYBmJuow10XQ2ghdJWRkbkNB+uizw00kBKFlM9KlZNXCAFf
|
|
23
|
+
BlIbwjVTd1IoWTCqBznozSSHMaZrlEvyEJqch1zW2peMO6yQQ7nyn2u5I/r18zmD
|
|
24
|
+
hwEobOq6zDepAThXjnlNNrpalXcwbHbCYRicePJ7IQKBgQCt47xW8YWcCyKPksL5
|
|
25
|
+
WHTV40eWOa8ZJotGf0LN1YKUd5f8aIzAY26CV3677T5cmDO80qZ8rFrZ01TDZ4Qj
|
|
26
|
+
HN5lJqVp4vddpkIJ6EXEQ0AbiSbrip6qHm/LNuxFcdcoB8FAmqvMQe8xf90+tLOy
|
|
27
|
+
BTH3fMe4qQzbSa3KCdNzQRM9eg==
|
|
28
|
+
-----END PRIVATE KEY-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIC4jCCAcqgAwIBAgIIF4RwxFmE1F4wDQYJKoZIhvcNAQELBQAwGzEZMBcGA1UE
|
|
3
|
+
AxMQdW50cnVzdGVkLXNlcnZlcjAgFw03MDAxMDEwMDAwMDBaGA8yMTAwMDEwMTAw
|
|
4
|
+
MDAwMFowGzEZMBcGA1UEAxMQdW50cnVzdGVkLXNlcnZlcjCCASIwDQYJKoZIhvcN
|
|
5
|
+
AQEBBQADggEPADCCAQoCggEBAMggFmsLIzwd6xtmSUFDgct8DC0mLZwJHdle9Fi9
|
|
6
|
+
WWb6FS1eqXAStLe2vHubt4RIH8zIe9aHJ2fBUQEijP5yvJmhNqDW9dbS+09MP55S
|
|
7
|
+
erIo7bi65eLm6kk2Cv/5XAR3k4gBuWmZlwXIuAvlXIRL7+QOYONAP0zViZqf6isi
|
|
8
|
+
w2ABUt39sNcyk/MZ4fXnV9BWL7gw17V2vgNKXHnCFFT/x7ieR+uABglbEaX+/OAu
|
|
9
|
+
diaplVVQ8GhsQG8D9l3S10jY5YCTNwWb5GtqcKZ+PHHFnvrkzMitOI+Lo99Mx1l6
|
|
10
|
+
dUJt7kd5Bg+PEMjSsR0xhLlCBOas6cb0pca8Kq6539LEHDMCAwEAAaMoMCYwDgYD
|
|
11
|
+
VR0PAQH/BAQDAgWgMBQGA1UdEQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsF
|
|
12
|
+
AAOCAQEAY3kMdTa4PAFVv218EFw2SoMswIn0IjnSbaP18PGPQJyeAtjInE3Y6Aza
|
|
13
|
+
zkZK2lOcgHF8GTJNldP+7SIMlY3ulJLTBvqgEHshGH3lvZEWCkJzheCUMnvbsz8b
|
|
14
|
+
ByhsHnKtLMTGQab8TxVpx4QGA2KI/7yhnVRwBCfyqJxaj98d9O62AjOJJmcOdc7t
|
|
15
|
+
K9CAXpjXqmU5YZJ+hb3s2KPY8v5QqAYcNCI/OtIQcHQh+8vnu1McILMljUmJHwVX
|
|
16
|
+
ZTmEJizVtZr+UEg2XDw9GgC+OXppFRb1ll0E5Kp+ird7hRDl3VKdh5rEYR5vMTUH
|
|
17
|
+
5tX5tdoGCR5cN8jxlwTgqSfz6XrYfg==
|
|
18
|
+
-----END CERTIFICATE-----
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
-----BEGIN PRIVATE KEY-----
|
|
2
|
+
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDufSZFuYLo/KCO
|
|
3
|
+
UnW56iKNFf9aZ1n6beRm/s6J5A8Yh48MqX+/IwQ5aKiyLjJP4grE1EMZlW4Tq+PD
|
|
4
|
+
0aVcxn4tFwpx1MnQrFSMwTEqOuWl/ZWtdoL6/5jRlrSS4TPEEdfWUhNUJ7XeCeXd
|
|
5
|
+
RJYXGQUFWT9xI0hHMVS9zB8IXaW00qVtIXhL3S58alscNbjSqTGMqWUCZEBNX6iK
|
|
6
|
+
+waZvx7mjbuKbnBQ7tN/ZvxOS1JXVNhtrvacFanvljnfKxw+Ipw5lN6B76AACOrB
|
|
7
|
+
M0Au33UW57kpwekIQfFGDpUgkXQpTS30o38YCjDsKcMB+oSghCer+ELh5eH8CjTN
|
|
8
|
+
nXS9zBY3AgMBAAECggEBAK2FmYc5xypGRXvIO6gd1y3YR4c7k5hGxNy7oQNrUCCE
|
|
9
|
+
4WxRF4W2sKgkojmiqzC8QyGbX4cJ1qGxe3NK4opyUfP0w8C3FnAiMxKGroMPf3Aa
|
|
10
|
+
5gDkLcD6n/I/OPt1p/iNEwH5jd65VfZMNVedQ6diqOiPWz2ycjB6kDHYhuvLV3oM
|
|
11
|
+
Mnj/l5B7Qr6lZoM6a47ECX4d2FSIbxBaS1sAGCN2eckwL/oEMaufyGd7H9Juj4pa
|
|
12
|
+
lEdALrA+AOtn6f6grXQvMwej1mFx4ac7Teidvs+cPJGJBMONMiSFjHiUFQHW3ZSq
|
|
13
|
+
qBhXbCHmfoqdDw5BqgvwxEc4H75BQrFyr63vush1deECgYEA8pePyYjcB4o4j2Ib
|
|
14
|
+
DZFXD5kDuWvA6J1mM2XReww+y/y7nW4jf6XJhcY+dA7JazYDDrwNRziDdbmjuTQ4
|
|
15
|
+
XrDDqJgeklENrEubWsDtPTiH7Tp8/caQH1p0SwIEwXcrr8MAeWdv/Ixcb6+p+QCt
|
|
16
|
+
Wp2eAjwHYLPzEjea+8a6q2M6M8MCgYEA+6uIMBUAUZsoID+AA77+NUR1xL54M7aJ
|
|
17
|
+
1WjKAj7uyHe8jP58I+39GlEYLBd8vQNqUb9v9fPbIDXQXyzQGe6KWzWfSDCUoFsA
|
|
18
|
+
jP66qk6xqLqxb5Qlc8VXXIgcONyYCudRgvNLaKPYW7gslkwziwwCulfNHLpuPj16
|
|
19
|
+
4KI3MyMe8H0CgYBqzHaszuevGhbUaOhoDLg7Ua3mD54ZylGYBxc2CKoMu/MM19Qg
|
|
20
|
+
+ifCEQilp2zdGiY2cmuWEzcsuNFvU6INbdx1eKLc33oZhB+c0Jqg/SY6NimYv7Xr
|
|
21
|
+
V7Mi4nydf41oD31B9VvD3zdCpB88VCP9ZK6PZUYKOK6mMny0o0TC9yhEaQKBgQCc
|
|
22
|
+
IbShr8W82vcv2nU+3bSzsz8kyc2kt3AXV6VLc2OMNsxg5Fh7qd/F/d1zLTcTxBSn
|
|
23
|
+
lo6NFbYx63DUOub3z4dCQqgIjysFuK9EyZtgoOWS+g+uW0hI5HroSwDHPgONcCif
|
|
24
|
+
hvSXfF5zuHTg4XFwqAjhNitn0Tknn9ill72LGhTNuQKBgQClALtYE5se9mU/ehfK
|
|
25
|
+
igu/jqEYiUfHSm8AroCK5IVnqM1tHliN9r7fLnRAfQv2gF/Mbq7/wFIRyko4WIBp
|
|
26
|
+
0CKz7dv4v1zmdxk/k1jaZFLVQXpgDgPEuVxTmOiZCncef/P8gYO+x5PPDoVPsPlf
|
|
27
|
+
zQIF+YRER5vsPJUBOG1QP97zZg==
|
|
28
|
+
-----END PRIVATE KEY-----
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIIC8TCCAdmgAwIBAgIIF4RwxEzf0ogwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
|
|
3
|
+
AxMCY2EwIBcNNzAwMTAxMDAwMDAwWhgPMjEwMDAxMDEwMDAwMDBaMBcxFTATBgNV
|
|
4
|
+
BAMTDHZhbGlkLXNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
|
5
|
+
AO59JkW5guj8oI5SdbnqIo0V/1pnWfpt5Gb+zonkDxiHjwypf78jBDloqLIuMk/i
|
|
6
|
+
CsTUQxmVbhOr48PRpVzGfi0XCnHUydCsVIzBMSo65aX9la12gvr/mNGWtJLhM8QR
|
|
7
|
+
19ZSE1Qntd4J5d1ElhcZBQVZP3EjSEcxVL3MHwhdpbTSpW0heEvdLnxqWxw1uNKp
|
|
8
|
+
MYypZQJkQE1fqIr7Bpm/HuaNu4pucFDu039m/E5LUldU2G2u9pwVqe+WOd8rHD4i
|
|
9
|
+
nDmU3oHvoAAI6sEzQC7fdRbnuSnB6QhB8UYOlSCRdClNLfSjfxgKMOwpwwH6hKCE
|
|
10
|
+
J6v4QuHl4fwKNM2ddL3MFjcCAwEAAaNJMEcwDgYDVR0PAQH/BAQDAgWgMB8GA1Ud
|
|
11
|
+
IwQYMBaAFE26R+C3EkyTC7tcy9DwRNaqLkFVMBQGA1UdEQQNMAuCCWxvY2FsaG9z
|
|
12
|
+
dDANBgkqhkiG9w0BAQsFAAOCAQEAVBgDXf3vh0U+5CK36cBArUCbT/ByQQ/4jByy
|
|
13
|
+
m1VRM4Mbxumpw7LPtSDUqSpyCO4LaHq+Jp76VbtyPPTZnwWnowJwXDLXykHyJ4Mp
|
|
14
|
+
wKVBUoHMxXcnQwE8VfWGiRi101WSx6ts2lXJjqUcjz9rsq+syE0/ZMnoM5BXIL5q
|
|
15
|
+
YPKQ+Apscu6VRP8Ecnz0+ivy365FVhENOrGsACau5aPAaR1jmoWtUCyjA4UmskFd
|
|
16
|
+
c1Ovj8AbB1HR18XGcs+EnVdAjum5kdKfOiGHmy/qqfkflHiFYu02qZ0bNgB0pU3b
|
|
17
|
+
EYR054dXU0Hic/5ZoasBYzFaHebqyT1rosYWENFSKxNjafn71g==
|
|
18
|
+
-----END CERTIFICATE-----
|
data/spec/outputs/syslog_spec.rb
CHANGED
|
@@ -139,4 +139,38 @@ describe LogStash::Outputs::Syslog do
|
|
|
139
139
|
|
|
140
140
|
it_behaves_like "syslog output"
|
|
141
141
|
end
|
|
142
|
+
|
|
143
|
+
context "structured data is not supported for RFC3164" do
|
|
144
|
+
let(:options) { {"host" => "foo", "port" => "123", "rfc" => "rfc3164", "structured_data" => "[foo@12345]" } }
|
|
145
|
+
|
|
146
|
+
it "should raise exception" do
|
|
147
|
+
expect { subject.register }.to raise_error(LogStash::ConfigurationError)
|
|
148
|
+
end
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
context "send with both structured data and message" do
|
|
152
|
+
let(:options) { {"host" => "foo", "port" => "123", "rfc" => "rfc5424", "structured_data" => '[exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"][examplePriority@32473 class="high"]' } }
|
|
153
|
+
let(:output) { /^<13>1 #{RFC3339_DATE_TIME_REGEX} baz LOGSTASH - - \[exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"\]\[examplePriority@32473 class="high"\] bar\n/m }
|
|
154
|
+
|
|
155
|
+
it_behaves_like "syslog output"
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
context "set structured data elements from event" do
|
|
159
|
+
let(:event) { LogStash::Event.new({"message" => "bar", "host" => "baz", "pod" => "mypod" }) }
|
|
160
|
+
let(:options) { {"host" => "foo", "port" => "123", "rfc" => "rfc5424", "structured_data" => '[exampleSDID@32473 pod="%{pod}"]' } }
|
|
161
|
+
let(:output) { /^<13>1 #{RFC3339_DATE_TIME_REGEX} baz LOGSTASH - - \[exampleSDID@32473 pod="mypod"\] bar\n/m }
|
|
162
|
+
|
|
163
|
+
it_behaves_like "syslog output"
|
|
164
|
+
end
|
|
165
|
+
|
|
166
|
+
context "tcp protocol with unused ssl settings" do
|
|
167
|
+
let(:options) { {"protocol" => "tcp", "host" => "foo", "port" => "123", "ssl_cacert" => File.join(File.expand_path("../fixtures", File.dirname(__FILE__)), "ca.pem") } }
|
|
168
|
+
|
|
169
|
+
it "logs a warning about unused ssl settings" do
|
|
170
|
+
plugin = LogStash::Plugin.lookup("output", "syslog").new(options)
|
|
171
|
+
expect(plugin.logger).to receive(:warn).with(a_string_matching(/Configured SSL settings are not used/)).once
|
|
172
|
+
plugin.register
|
|
173
|
+
end
|
|
174
|
+
end
|
|
175
|
+
|
|
142
176
|
end
|