Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TLS Support #96

Closed
wants to merge 28 commits into from
Closed

TLS Support #96

Changes from all commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
7e20946
Fix panic if Close() is called more than once
sparrc May 21, 2021
c826203
v1.6.1
tagomoris May 25, 2021
24c9c8c
TLS Support
zonito Jul 9, 2021
0cc6bb6
Add callback for error handling when using async
ivan-valkov Sep 23, 2021
ab7cb0b
Update readme and changelog
ivan-valkov Sep 24, 2021
13b1e94
Fix panic on accessing unexported struct field
dearoneesama Oct 15, 2021
c58aabd
add GitHub Actions CI yaml
tagomoris Oct 21, 2021
440cf4b
Update test command
tagomoris Oct 21, 2021
3056e24
try to set GO11MODULES
tagomoris Oct 21, 2021
948d260
update Golang versions
tagomoris Oct 21, 2021
209602a
stop running tests on Travis
tagomoris Oct 21, 2021
0551a9c
Replace the build status badge with GitHub Workflow's one
fujimotos Oct 22, 2021
6d82ee8
v1.6.3
tagomoris Oct 31, 2021
df17154
Properly stop logger during (re)connect failure
akerouanton Apr 25, 2020
a3b6167
Use a RWMutex to allow the write fastpath to be executed concurrently
akerouanton Oct 20, 2021
051c3f1
Use function literals to defer unlock calls
akerouanton Oct 21, 2021
a2fde2f
v1.7.0
tagomoris Oct 31, 2021
d401a57
Code Review Comment Fix
zonito Nov 10, 2021
5072567
TlsInsecureSkipVerify as a config with default
zonito Nov 10, 2021
7530f74
Fix
zonito Nov 10, 2021
707f695
Add callback for error handling when using async
ivan-valkov Sep 23, 2021
8e92a5e
Update readme and changelog
ivan-valkov Sep 24, 2021
caff065
Properly stop logger during (re)connect failure
akerouanton Apr 25, 2020
631cedf
Use a RWMutex to allow the write fastpath to be executed concurrently
akerouanton Oct 20, 2021
f504738
Use function literals to defer unlock calls
akerouanton Oct 21, 2021
56f58db
After Rebase
zonito Nov 10, 2021
3d9613e
Merge branch 'master' into master
zonito Nov 10, 2021
f5bd632
typo
zonito Nov 10, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion fluent/fluent.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package fluent

import (
"context"
"crypto/tls"
"encoding/json"
"errors"
"fmt"
Expand Down Expand Up @@ -36,6 +37,9 @@ const (
// Default sub-second precision value to false since it is only compatible
// with fluentd versions v0.14 and above.
defaultSubSecondPrecision = false

// Default value whether to skip checking insecure certs on TLS connections.
defaultTlsInsecureSkipVerify = false
)

// randomGenerator is used by getUniqueId to generate ack hashes. Its value is replaced
Expand Down Expand Up @@ -69,6 +73,9 @@ type Config struct {
// respond with an acknowledgement. This option improves the reliability
// of the message transmission.
RequestAck bool `json:"request_ack"`

// Flag to skip verifying insecure certs on TLS connections
TlsInsecureSkipVerify bool `json: "tls_insecure_skip_verify"`
}

type ErrUnknownNetwork struct {
Expand Down Expand Up @@ -147,6 +154,9 @@ func newWithDialer(config Config, d dialer) (f *Fluent, err error) {
if config.MaxRetryWait == 0 {
config.MaxRetryWait = defaultMaxRetryWait
}
if !config.TlsInsecureSkipVerify {
config.TlsInsecureSkipVerify = defaultTlsInsecureSkipVerify
}
if config.AsyncConnect {
fmt.Fprintf(os.Stderr, "fluent#New: AsyncConnect is now deprecated, please use Async instead")
config.Async = config.Async || config.AsyncConnect
Expand Down Expand Up @@ -418,6 +428,13 @@ func (f *Fluent) connect(ctx context.Context) (err error) {
f.conn, err = f.dialer.DialContext(ctx,
f.Config.FluentNetwork,
f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort))
case "tls":
tlsConfig := &tls.Config{InsecureSkipVerify: f.Config.TlsInsecureSkipVerify}
f.conn, err = tls.DialWithDialer(
&net.Dialer{Timeout: f.Config.Timeout},
"tcp",
f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort), tlsConfig,
)
case "unix":
f.conn, err = f.dialer.DialContext(ctx,
f.Config.FluentNetwork,
Expand Down Expand Up @@ -554,7 +571,7 @@ func (f *Fluent) write(ctx context.Context, msg *msgToSend) (bool, error) {
defer f.muconn.RUnlock()

if f.conn == nil {
return fmt.Errorf("connection has been closed before writing to it.")
return fmt.Errorf("connection has been closed before writing to it")
}

t := f.Config.WriteTimeout
Expand Down