From 4f487e15a7a00f1a9a466f7bd6be8bcb2257ea14 Mon Sep 17 00:00:00 2001 From: Aiwantaozi Date: Tue, 17 Jul 2018 00:19:07 +0800 Subject: [PATCH] support ssl --- lib/remote_syslog_sender/tcp_sender.rb | 8 ++++++-- remote_syslog_sender.gemspec | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/remote_syslog_sender/tcp_sender.rb b/lib/remote_syslog_sender/tcp_sender.rb index fb1a258..e9dd2de 100644 --- a/lib/remote_syslog_sender/tcp_sender.rb +++ b/lib/remote_syslog_sender/tcp_sender.rb @@ -16,6 +16,9 @@ def initialize(remote_hostname, remote_port, options = {}) @ssl_method = options[:ssl_method] || 'TLSv1_2' @ca_file = options[:ca_file] @verify_mode = options[:verify_mode] + @client_cert = options[:client_cert] + @client_cert_key = options[:client_cert_key] + @client_cert_key_pass = options[:client_cert_key_pass] @timeout = options[:timeout] || 600 @timeout_exception = !!options[:timeout_exception] @exponential_backoff = !!options[:exponential_backoff] @@ -64,9 +67,10 @@ def connect if @tls require 'openssl' context = OpenSSL::SSL::SSLContext.new(@ssl_method) - context.ca_file = @ca_file if @ca_file context.verify_mode = @verify_mode if @verify_mode - + context.cert = OpenSSL::X509::Certificate.new(File.open(@client_cert) { |f| f.read }) if @client_cert + context.key = OpenSSL::PKey::RSA.new(File.open(@client_cert_key) { |f| f.read }, @client_cert_key_pass) if @client_cert_key + context.ca_file = @ca_file if @ca_file @socket = OpenSSL::SSL::SSLSocket.new(@tcp_socket, context) @socket.connect @socket.post_connection_check(@remote_hostname) diff --git a/remote_syslog_sender.gemspec b/remote_syslog_sender.gemspec index 037d4bd..bce6724 100644 --- a/remote_syslog_sender.gemspec +++ b/remote_syslog_sender.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |s| s.name = 'remote_syslog_sender' - s.version = '1.2.1' + s.version = '1.2.2' s.summary = "Message sender that sends directly to a remote syslog endpoint" s.description = "Message sender that sends directly to a remote syslog endpoint (Support UDP, TCP, TCP+TLS)"