Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Add ssl_min_version and ssl_max_version params #61

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

WIP: Add ssl_min_version and ssl_max_version params #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0a3d031
expose_ssl_min_max_version
emiran-orange Feb 5, 2024
664b464
min and max
emiran-orange Feb 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,8 @@ $ td-agent-gem install fluent-plugin-remote_syslog
| tls | bool (default: false) | | use TLS (tcp only) |
| ca_file | string | | ca_file path (tls mode only) |
| verify_mode | integer | | SSL verification mode (tls mode only) |
| ssl_min_version | string | | SSL/TLS minimal version (tls mode only) |
| ssl_max_version | string | | SSL/TLS maximal version (tls mode only) |
| packet_size | integer (default: `1024`) | | size limitation for syslog packet |
| timeout | integer | | TCP transfer timeout. if value is 0, wait forever |
| timeout_exception | bool (default: `false`) | | if value is true, raise exception by transfer timeout |
Expand All @@ -67,6 +69,8 @@ $ td-agent-gem install fluent-plugin-remote_syslog
| keep_alive_cnt | integer | | set TCP keep alive probe count |
| keep_alive_intvl | integer | | set TCP keep alive probe interval |

Note: Both `ssl_min_version` and `ssl_max_version` must be set if one is set

### Common Configuration

#### Buffer Section
Expand Down
6 changes: 5 additions & 1 deletion lib/fluent/plugin/out_remote_syslog.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ class RemoteSyslogOutput < Output
config_param :tls, :bool, :default => false
config_param :ca_file, :string, :default => nil
config_param :verify_mode, :integer, default: nil
config_param :ssl_min_version, :string, :default => nil
config_param :ssl_max_version, :string, :default => nil
config_param :packet_size, :size, default: 1024
config_param :timeout, :time, default: nil
config_param :timeout_exception, :bool, default: false
Expand Down Expand Up @@ -134,6 +136,8 @@ def create_sender(host, port)
program: @program,
}
options[:ca_file] = @ca_file if @ca_file
options[:ssl_min_version] = @ssl_min_version if @ssl_min_version
options[:ssl_max_version] = @ssl_max_version if @ssl_max_version
options[:verify_mode] = @verify_mode if @verify_mode
sender = RemoteSyslogSender::TcpSender.new(
host,
Expand Down Expand Up @@ -161,7 +165,7 @@ def create_sender(host, port)
module SeverityMapper
DICT = {
# "warning" is not supported, but we should use it since "warn" is deprecated.
"warning" => "warn",
"warning" => "warn",
}

def self.map(severity)
Expand Down