RubyGems - syslog-shipper - Versions diffs - 1.0.20120102102042 → 1.1 - Mend

syslog-shipper 1.0.20120102102042 → 1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

data/HISTORY +8 -0
data/LICENSE +2 -0
data/README +18 -6
data/bin/syslog-shipper +57 -59
data/lib/syslog_shipper/client.rb +25 -16
data/lib/syslog_shipper/tls_wrapper.rb +50 -6
data/spec/client_spec.rb +13 -2
data/spec/tls_wrapper_spec.rb +59 -0
metadata +49 -53

data/HISTORY ADDED

@@ -0,0 +1,8 @@
+1.1
+Added TLS support
+  Can supply custom CA cert, bypass peer checking, or accept an unknown certificate
+Ping mode
+  When used with verbose, helps debug TLS issues
+Config file
+  Use -f to supply a YAML config file that maps to the command line flags

data/LICENSE ADDED

	@@ -0,0 +1,2 @@
1	+ This software is licensed under the BSD license as here:
2	+ http://www.opensource.org/licenses/bsd-license.php

data/README CHANGED

@@ -1,9 +1,21 @@
 Ship logs to a syslog server
 ----------------------------
-Usage: bin/syslog-shipper [options] -s HOST:PORT <path_or_glob> [path_or_glob2] [...]
-  If a path begins with '+' each line is sent unmodified to the syslog server.
-  Otherwise, this tool will prefix each line read from the file with a syslog
-  header.
-  For example: syslog-shipper -s somehost:514 +/var/log/messages /var/log/apache2/access.log
+[syslog-shipper (master *+$)]$ bin/syslog-shipper -h
+      Usage: bin/syslog-shipper [options] -s HOST:PORT <path_or_glob> [path_or_glob2] [...]
+      If a path begins with '+' each line is sent unmodified to the syslog server.
+      Otherwise, this tool will prefix each line read from the file with a syslog
+      header.
+      For example: bin/syslog-shipper -s somehost:514 +/var/log/messages /var/log/apache2/access.syslog
+  --check-interval, -i <i>:   How frequently, in seconds, to check the glob patternsfor new files (default: 5)
+        --exclude, -x <s+>:   A pattern to ignore. Wildcard/globs accepted. Can be specified multiple times
+          --server, -s <s>:   What syslog server to ship to (uses TCP)
+             --verbose, -v:   Verbose mode
+                --ping, -p:   Try to connect and quit immediately after
+         --ca-cert, -c <s>:   Custom certificate used to verify TLS certificates (implies --tls)
+     --skip-peer-check, -k:   When connecting with TLS, do not prompt the user to verify the peer (not recommended, implies --tls)
+                 --tls, -t:   Connect via tls
+     --config-file, -f <s>:   YAML config file (command line options override values in this file)
+             --version, -e:   Print version and exit
+                --help, -h:   Show this message

data/bin/syslog-shipper CHANGED

@@ -1,57 +1,53 @@
-#!/usr/bin/env ruby
+#!/usr/bin/env ruby -rubygems
-require "rubygems"
-require "optparse"
 require File.expand_path('../../lib/syslog_shipper',  __FILE__)
+require 'trollop'
+require 'yaml'
 def main(args)
-  globcheck_interval = 5
-  exclude_patterns = []
-  hostarg = nil
-  verbose = false
-  opts = OptionParser.new do |opts|
-    opts.banner = [
-      "Usage: #{$0} [options] -s HOST:PORT <path_or_glob> [path_or_glob2] [...]",
-      "  If a path begins with '+' each line is sent unmodified to the syslog server.",
-      "  Otherwise, this tool will prefix each line read from the file with a syslog",
-      "  header. ",
-      "",
-      "  For example: #{$0} -s somehost:514 +/var/log/messages /var/log/apache2/access.log",
-    ].join("\n")
-    opts.on("-i SECONDS", "--check-interval SECONDS",
-            "How frequently, in seconds, to check the glob patterns" \
-            "for new files") do |x|
-      globcheck_interval = x.to_f
-    end # -i SECONDS
-    opts.on("-x EXCLUDE", "--exclude EXCLUDE",
-            "A pattern to ignore. Wildcard/globs accepted." \
-            " Can be specified multiple times") do |pattern|
-      exclude_patterns << pattern_to_regexp(pattern)
-    end
+  options = Trollop::options do
+    version "syslog-shipper 1.0"
+    banner <<-EOS
+      Usage: #{$0} [options] -s HOST:PORT <path_or_glob> [path_or_glob2] [...]
+      If a path begins with '+' each line is sent unmodified to the syslog server.
+      Otherwise, this tool will prefix each line read from the file with a syslog
+      header.
+      For example: #{$0} -s somehost:514 +/var/log/messages /var/log/apache2/access.syslog
+    EOS
+    opt :check_interval, "How frequently, in seconds, to check the glob patterns" \
+            "for new files", :default => 5, :short => :i
+    opt :exclude, "A pattern to ignore. Wildcard/globs accepted." \
+            " Can be specified multiple times", :short => :x, :type => :strings, :multi => true
+    opt :server, "What syslog server to ship to (uses TCP)", :type => :string
+    opt :verbose, "Verbose mode"
+    opt :ping, "Try to connect and quit immediately after"
+    opt :ca_cert, "Custom certificate used to verify TLS certificates (implies --tls)", :type => :string
+    opt :skip_peer_check, "When connecting with TLS, do not prompt the user to verify the peer (not recommended, implies --tls)"
+    opt :tls, "Connect via tls"
+    opt :config_file, "YAML config file (command line options override values in this file)", :type => :string, :short => :f
+  end
-    opts.on("-s HOST:PORT", "--server HOST:PORT",
-            "What syslog server to ship to (uses TCP)") do |arg|
-      hostarg = arg
-    end
+  files = ARGV || []
-    opts.on("-v", "--verbose", "verbose (outputs each log line as seen)") do |arg|
-      verbose = true
-    end
+  if options[:config_file]
+    config = Hash[YAML::load(open(options[:config_file])).map { |k, v| [k.to_sym, v] }]
+    # prefer command line values, but take them from the config file
+    options.merge!(config) {|k, right_v, left_v| right_v.nil? ? left_v : right_v }
+    files += options[:files]
+  end
-    opts.on("-c CERT_PATH", "--ca-cert CERT_PATH", "Certificate authority PEM file to use") do |arg|
-      SyslogShipper::Client.ca_cert = arg
-    end
-  end # OptionParser
+  Trollop.die "You must supply files to watch" if files.empty?
+  Trollop.die "You must supply the host:port to connect to" if options.server.nil?
-  opts.parse!(args)
+  host, port = options[:server].split(":")
+  port = 514 if port == nil
+  exluded_patterns = options[:exclude] ? options[:exclude].map{|glob| pattern_to_regexp(glob)} : []
-  if args.length == 0 or hostarg == nil
-    puts opts.banner
-    return 1
-  end
+  options[:tls] = true if (options[:tls] || options[:skip_peer_check] || options[:ca_cert])
+  puts options if options[:verbose]
   EventMachine.run do
     Signal.trap("INT") do
@@ -61,26 +57,28 @@ def main(args)
       end
     end
-    host, port = hostarg.split(":")
-    port = 514 if port == nil
-    connection = EventMachine::connect(host, port, SyslogShipper::TlsWrapper)
-    args.each do |path|
-      if path.start_with?("+")
+    files.uniq.each do |path|
+      if path =~ /\A\+/
         raw = true
         path = path[1..-1]
       else
         raw = false
       end
+      connection = if options[:tls]
+        EventMachine::connect(host, port, SyslogShipper::TlsWrapper, options[:ca_cert], options[:tls], options[:skip_peer_check], options[:verbose])
+      else
+        EventMachine::connect(host, port)
+      end
       EventMachine::FileGlobWatchTail.new(path, SyslogShipper::Client,
-                                          interval = globcheck_interval,
-                                          exclude = exclude_patterns,
-                                          start_pos = -1,
-                                          connection = connection,
-                                          raw = raw,
-                                          verbose = verbose
-                                          )
+                                          options[:check_interval],
+                                          exclude = exluded_patterns,
+                                          {:startpos => -1,
+                                          :connection => connection,
+                                          :raw => raw,
+                                          :ping => options[:ping],
+                                          :verbose => options[:verbose]})
     end # args.each
   end # EventMachine.run
 end # def main

data/lib/syslog_shipper/client.rb CHANGED

@@ -2,29 +2,27 @@ require "socket"
 module SyslogShipper
   class Client < EventMachine::FileTail
-    class << self
-      attr_accessor :ca_cert
-    end
-    def initialize(path, startpos=-1, connection=nil, raw=false, verbose=false)
-      super(path, startpos)
+    def initialize path, options = {:startpos => -1}
+      super path, options[:startpos]
       @buffer = BufferedTokenizer.new
       @hostname = Socket.gethostname
-      @connection = connection
-      @raw = raw
-      @verbose = verbose
+      @connection = options[:connection]
+      @raw = options[:raw]
+      @ping = options[:ping]
+      @verbose = options[:verbose]
     end
     def receive_data(data)
       @buffer.extract(data).each do |line|
-        line = if @raw
-          "#{line}\n"
-        else
-          "#{Time.now.strftime("%b %d %H:%M:%S")} #{@hostname} #{path}: #{line}\n"
+        if @ping
+          puts 'connection successful'
+          exit
+        end
+        if message = build_message(line)
+          puts message if @verbose
+          send_data message
         end
-        print line if @verbose
-        send_data(line)
       end
     end
@@ -33,5 +31,16 @@ module SyslogShipper
     def send_data line
       @connection.send_data line
     end
+    def build_message line
+      # don't send anything if there is no data
+      return if line && line.gsub(/\s/, '').empty?
+      if @raw
+        "#{line}\n"
+      else
+        "#{Time.now.strftime("%b %d %H:%M:%S")} #{@hostname} #{path}: #{line}\n"
+      end
+    end
   end
 end

data/lib/syslog_shipper/tls_wrapper.rb CHANGED

@@ -1,25 +1,69 @@
 require 'openssl'
+require 'thread'
 module SyslogShipper::TlsWrapper
+  class << self
+    attr_accessor :verified
+  end
+  def initialize(ca_cert = nil, with_tls = false, bypass_peer_check = false, verbose = false)
+    @ca_cert = ca_cert
+    @with_tls = true
+    @bypass_peer_check = bypass_peer_check
+    @verbose = verbose
+  end
   def post_init
-    start_tls(:verify_peer => true)
+    puts 'post init' if @verbose
+    start_tls :verify_peer => @with_tls
   end
   def connection_completed
+    puts 'connection completed' if @verbose
   end
   def ssl_verify_peer cert
-    ca_cert = OpenSSL::X509::Certificate.new File.read(SyslogShipper::Client.ca_cert)
-    server_cert = OpenSSL::X509::Certificate.new cert
-    server_cert.verify ca_cert.public_key
+    puts 'verifying peer' if @verbose
+    unless defined?(@@verified)
+      return true if @bypass_peer_check
+      server_cert = OpenSSL::X509::Certificate.new cert
+      verified = false
+      if @ca_cert
+        ca_cert = read_ca_cert
+        verified = server_cert.verify(ca_cert.public_key)
+      end
+      unless verified
+        puts server_cert.inspect
+        print "The server certificate is not recognized, would you still like to connect? (Y/N) "
+        answer = STDIN.gets.chomp
+        unless ['y', 'yes'].include?(answer.downcase)
+          raise OpenSSL::X509::CertificateError.new("Couldn't verify peer")
+        end
+      end
+      @@verified = verified
+      puts 'verified peer' if @verbose
+    end
+    true
   end
   def ssl_handshake_completed
-    $server_handshake_completed = true
+    puts 'ssl handshake completed' if @verbose
   end
   def unbind
+    puts 'connection unbound!' if @verbose
+  end
+  private
+  def read_ca_cert
+    OpenSSL::X509::Certificate.new(File.read(@ca_cert))
   end
 end

data/spec/client_spec.rb CHANGED

@@ -6,8 +6,19 @@ describe SyslogShipper::Client do
     end
-    context "sending data" do
-      it "sends over TLS"
+    it 'builds a message'
+    it 'prints the message if in verbose mode'
+    it 'sends data'
+  end
+  describe '#build_message' do
+    context 'raw mode' do
+      it 'does not modify the message'
+    end
+    context 'non-raw mode' do
+      it 'prepends the timestamp and host'
     end
   end
 end

data/spec/tls_wrapper_spec.rb ADDED

@@ -0,0 +1,59 @@
+require 'spec_helper'
+class MyTlsModule
+  include SyslogShipper::TlsWrapper
+end
+describe SyslogShipper::TlsWrapper do
+  let(:subject) {MyTlsModule.new}
+  let(:server_cert) {double}
+  let(:ca_cert) {double}
+  before(:each) do
+    MyTlsModule.class_variable_set(:@@verified, false)
+    subject.stub(:read_ca_cert).and_return(ca_cert)
+    ca_cert.stub(:public_key)
+    server_cert.stub(:public_key)
+    OpenSSL::X509::Certificate.stub(:new).and_return(server_cert)
+  end
+  describe "#ssl_verify_peer" do
+    context 'using a valid CA certificate' do
+      before(:each) do
+        subject.instance_variable_set(:@ca_cert, double)
+        server_cert.stub(:verify).and_return true
+      end
+      it 'verifies the peer' do
+        subject.ssl_verify_peer("").should be_true
+      end
+    end
+    context 'connecting to an unverified peer' do
+      before(:each) do
+        server_cert.stub(:verify).and_return false
+      end
+      it 'should connect if the bypass peer checking flag is set' do
+        subject.instance_variable_set(:@bypass_peer_check, true)
+        subject.ssl_verify_peer("").should be_true
+      end
+      it 'should connect if the user answers yes to the command prompt' do
+        pending("previous tests keeping state...")
+        STDIN.should_receive(:gets).and_return("yes")
+        subject.ssl_verify_peer("").should be_true
+      end
+      it 'should not connect to an untrusted peer' do
+        pending("previous tests keeping state...")
+        STDIN.stub(:gets).and_return("no")
+        lambda {
+          subject.ssl_verify_peer("")
+        }.should raise_error(OpenSSL::X509::CertificateError)
+      end
+    end
+  end
+end

metadata CHANGED

@@ -1,82 +1,78 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: syslog-shipper
-version: !ruby/object:Gem::Version
-  prerelease: false
-  segments:
-  - 1
-  - 0
-  - 20120102102042
-  version: 1.0.20120102102042
+version: !ruby/object:Gem::Version
+  version: '1.1'
+  prerelease:
 platform: ruby
-authors:
-- Jordan Sissel
+authors:
+- Neil Matatall
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-01-02 00:00:00 -08:00
-default_executable:
-dependencies:
-- !ruby/object:Gem::Dependency
+date: 2012-01-19 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: eventmachine-tail
+  requirement: &70190739730420 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
   prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement
+  version_requirements: *70190739730420
+- !ruby/object:Gem::Dependency
+  name: trollop
+  requirement: &70190739729940 !ruby/object:Gem::Requirement
     none: false
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        segments:
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
-  version_requirements: *id001
+  prerelease: false
+  version_requirements: *70190739729940
 description: Ship logs from files to a remote syslog server over TCP
-email: jls@semicomplete.com
-executables:
+email: neil@matatall.com
+executables:
 - syslog-shipper
 extensions: []
 extra_rdoc_files: []
-files:
+files:
 - README
-- lib/syslog_shipper/tls_wrapper.rb
+- LICENSE
+- HISTORY
 - lib/syslog_shipper/client.rb
+- lib/syslog_shipper/tls_wrapper.rb
 - lib/syslog_shipper.rb
 - bin/syslog-shipper
-- spec/spec_helper.rb
 - spec/client_spec.rb
-has_rdoc: true
-homepage: https://github.com/jordansissel/syslog-shipper
+- spec/spec_helper.rb
+- spec/tls_wrapper_spec.rb
+homepage: https://github.com/oreoshake/syslog-shipper
 licenses: []
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      segments:
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      segments:
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.3.7
+rubygems_version: 1.8.10
 signing_key:
 specification_version: 3
-summary: syslog-shipper - a tool for streaming logs from files to a remote syslog server
+summary: syslog-shipper - a tool for streaming logs from files to a remote syslog
+  server
 test_files: []