Example 21 with MessageInput
use of org.graylog2.plugin.inputs.MessageInput in project graylog2-server by Graylog2.
the class AbstractTcpTransport method launch.
@Override
public void launch(final MessageInput input) throws MisfireException {
try {
bootstrap = getBootstrap(input);
bootstrap.bind(socketAddress).addListener(new InputLaunchListener(channelReference, input, getRecvBufferSize())).syncUninterruptibly();
} catch (Exception e) {
throw new MisfireException(e);
}
}
Also used :
MisfireException(org.graylog2.plugin.inputs.MisfireException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
GeneralSecurityException(java.security.GeneralSecurityException)
SSLException(javax.net.ssl.SSLException)
PKCSException(org.bouncycastle.pkcs.PKCSException)
MisfireException(org.graylog2.plugin.inputs.MisfireException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Example 22 with MessageInput
use of org.graylog2.plugin.inputs.MessageInput in project graylog2-server by Graylog2.
the class AbstractTcpTransport method getBootstrap.
protected ServerBootstrap getBootstrap(MessageInput input) {
final LinkedHashMap<String, Callable<? extends ChannelHandler>> parentHandlers = getChannelHandlers(input);
final LinkedHashMap<String, Callable<? extends ChannelHandler>> childHandlers = getChildChannelHandlers(input);
childEventLoopGroup = eventLoopGroupFactory.create(workerThreads, localRegistry, "workers");
return new ServerBootstrap().group(parentEventLoopGroup, childEventLoopGroup).channelFactory(new ServerSocketChannelFactory(nettyTransportConfiguration.getType())).option(ChannelOption.ALLOCATOR, PooledByteBufAllocator.DEFAULT).option(ChannelOption.RCVBUF_ALLOCATOR, new FixedRecvByteBufAllocator(8192)).option(ChannelOption.SO_RCVBUF, getRecvBufferSize()).childOption(ChannelOption.SO_RCVBUF, getRecvBufferSize()).childOption(ChannelOption.SO_KEEPALIVE, tcpKeepalive).handler(getChannelInitializer(parentHandlers)).childHandler(getChannelInitializer(childHandlers));
}
Also used :
ServerSocketChannelFactory(org.graylog2.inputs.transports.netty.ServerSocketChannelFactory)
FixedRecvByteBufAllocator(io.netty.channel.FixedRecvByteBufAllocator)
ChannelHandler(io.netty.channel.ChannelHandler)
ExceptionLoggingChannelHandler(org.graylog2.inputs.transports.netty.ExceptionLoggingChannelHandler)
Callable(java.util.concurrent.Callable)
ServerBootstrap(io.netty.bootstrap.ServerBootstrap)
Example 23 with MessageInput
use of org.graylog2.plugin.inputs.MessageInput in project graylog2-server by Graylog2.
the class AbstractTcpTransport method getChildChannelHandlers.
@Override
protected LinkedHashMap<String, Callable<? extends ChannelHandler>> getChildChannelHandlers(MessageInput input) {
final LinkedHashMap<String, Callable<? extends ChannelHandler>> handlers = new LinkedHashMap<>();
final CodecAggregator aggregator = getAggregator();
handlers.put("channel-registration", () -> new ChannelRegistrationHandler(childChannels));
handlers.put("traffic-counter", () -> throughputCounter);
handlers.put("connection-counter", () -> connectionCounter);
if (tlsEnable) {
LOG.info("Enabled TLS for input [{}/{}]. key-file=\"{}\" cert-file=\"{}\"", input.getName(), input.getId(), tlsKeyFile, tlsCertFile);
handlers.put("tls", getSslHandlerCallable(input));
}
handlers.putAll(getCustomChildChannelHandlers(input));
if (aggregator != null) {
LOG.debug("Adding codec aggregator {} to channel pipeline", aggregator);
handlers.put("codec-aggregator", () -> new ByteBufMessageAggregationHandler(aggregator, localRegistry));
}
handlers.put("rawmessage-handler", () -> new RawMessageHandler(input));
handlers.put("exception-logger", () -> new ExceptionLoggingChannelHandler(input, LOG, this.tcpKeepalive));
return handlers;
}
Also used :
CodecAggregator(org.graylog2.plugin.inputs.codecs.CodecAggregator)
ExceptionLoggingChannelHandler(org.graylog2.inputs.transports.netty.ExceptionLoggingChannelHandler)
ByteBufMessageAggregationHandler(org.graylog2.inputs.transports.netty.ByteBufMessageAggregationHandler)
ChannelRegistrationHandler(org.graylog2.inputs.transports.netty.ChannelRegistrationHandler)
ChannelHandler(io.netty.channel.ChannelHandler)
ExceptionLoggingChannelHandler(org.graylog2.inputs.transports.netty.ExceptionLoggingChannelHandler)
Callable(java.util.concurrent.Callable)
LinkedHashMap(java.util.LinkedHashMap)
RawMessageHandler(org.graylog2.inputs.transports.netty.RawMessageHandler)
Example 24 with MessageInput
use of org.graylog2.plugin.inputs.MessageInput in project graylog2-server by Graylog2.
the class AbstractTcpTransport method buildSslHandlerCallable.
private Callable<ChannelHandler> buildSslHandlerCallable(SslProvider tlsProvider, File certFile, File keyFile, String password, ClientAuth clientAuth, File clientAuthCertFile, MessageInput input) {
return new Callable<ChannelHandler>() {
@Override
public ChannelHandler call() throws Exception {
try {
return new SslHandler(createSslEngine(input));
} catch (SSLException e) {
LOG.error("Error creating SSL context. Make sure the certificate and key are in the correct format: cert=X.509 key=PKCS#8");
throw e;
}
}
private SSLEngine createSslEngine(MessageInput input) throws IOException, CertificateException, OperatorCreationException, PKCSException {
final X509Certificate[] clientAuthCerts;
if (EnumSet.of(ClientAuth.OPTIONAL, ClientAuth.REQUIRE).contains(clientAuth)) {
if (clientAuthCertFile.exists()) {
clientAuthCerts = KeyUtil.loadX509Certificates(clientAuthCertFile.toPath());
} else {
LOG.warn("Client auth configured, but no authorized certificates / certificate authorities configured for input [{}/{}]", input.getName(), input.getId());
clientAuthCerts = null;
}
} else {
clientAuthCerts = null;
}
// Netty's SSLContextBuilder chokes on some PKCS8 key file formats. So we need to pass a
// private key and keyCertChain instead of the corresponding files.
PrivateKey privateKey = KeyUtil.privateKeyFromFile(password, keyFile);
X509Certificate[] keyCertChain = KeyUtil.loadX509Certificates(certFile.toPath());
final SslContextBuilder sslContext = SslContextBuilder.forServer(privateKey, keyCertChain).sslProvider(tlsProvider).clientAuth(clientAuth).trustManager(clientAuthCerts);
sslContext.protocols(enabledTLSProtocols);
if (tlsProvider.equals(SslProvider.OPENSSL)) {
if (!enabledTLSProtocols.contains("TLSv1") && !enabledTLSProtocols.contains("TLSv1.1")) {
// Netty tcnative does not adhere jdk.tls.disabledAlgorithms: https://github.com/netty/netty-tcnative/issues/530
// We need to build our own cipher list
sslContext.ciphers(secureDefaultCiphers.get());
}
}
// TODO: Use byte buffer allocator of channel
return sslContext.build().newEngine(ByteBufAllocator.DEFAULT);
}
};
}
Also used :
PrivateKey(java.security.PrivateKey)
SslContextBuilder(io.netty.handler.ssl.SslContextBuilder)
MessageInput(org.graylog2.plugin.inputs.MessageInput)
SSLException(javax.net.ssl.SSLException)
Callable(java.util.concurrent.Callable)
SslHandler(io.netty.handler.ssl.SslHandler)
X509Certificate(java.security.cert.X509Certificate)
Example 25 with MessageInput
use of org.graylog2.plugin.inputs.MessageInput in project graylog2-server by Graylog2.
the class InputsResource method update.
@PUT
@Timed
@Path("/{inputId}")
@ApiOperation(value = "Update input on this node", response = InputCreated.class)
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such input on this node."), @ApiResponse(code = 400, message = "Missing or invalid input configuration.") })
@AuditEvent(type = AuditEventTypes.MESSAGE_INPUT_UPDATE)
public Response update(@ApiParam(name = "JSON body", required = true) @Valid @NotNull InputCreateRequest lr, @ApiParam(name = "inputId", required = true) @PathParam("inputId") String inputId) throws org.graylog2.database.NotFoundException, NoSuchInputTypeException, ConfigurationException, ValidationException {
checkPermission(RestPermissions.INPUTS_EDIT, inputId);
final Input input = inputService.find(inputId);
final Map<String, Object> mergedInput = input.getFields();
final MessageInput messageInput = messageInputFactory.create(lr, getCurrentUser().getName(), lr.node());
messageInput.checkConfiguration();
mergedInput.putAll(messageInput.asMap());
final Input newInput = inputService.create(input.getId(), mergedInput);
inputService.update(newInput);
final URI inputUri = getUriBuilderToSelf().path(InputsResource.class).path("{inputId}").build(input.getId());
return Response.created(inputUri).entity(InputCreated.create(input.getId())).build();
}
Also used :
Input(org.graylog2.inputs.Input)
MessageInput(org.graylog2.plugin.inputs.MessageInput)
MessageInput(org.graylog2.plugin.inputs.MessageInput)
URI(java.net.URI)
Path(javax.ws.rs.Path)
Timed(com.codahale.metrics.annotation.Timed)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
MessageInput (org.graylog2.plugin.inputs.MessageInput)47
Test (org.junit.Test)18
Callable (java.util.concurrent.Callable)17
NotFoundException (org.graylog2.database.NotFoundException)10
Configuration (org.graylog2.plugin.configuration.Configuration)9
ChannelHandler (io.netty.channel.ChannelHandler)8
LinkedHashMap (java.util.LinkedHashMap)8
Input (org.graylog2.inputs.Input)8
MisfireException (org.graylog2.plugin.inputs.MisfireException)7
ChannelHandler (org.jboss.netty.channel.ChannelHandler)7
Timed (com.codahale.metrics.annotation.Timed)6
ApiOperation (io.swagger.annotations.ApiOperation)6
ApiResponses (io.swagger.annotations.ApiResponses)6
EventBus (com.google.common.eventbus.EventBus)5
AuditEvent (org.graylog2.audit.jersey.AuditEvent)5
Subscribe (com.google.common.eventbus.Subscribe)4
Produces (javax.ws.rs.Produces)4
IOState (org.graylog2.plugin.IOState)4
LocalMetricRegistry (org.graylog2.plugin.LocalMetricRegistry)4
Extractor (org.graylog2.plugin.inputs.Extractor)4
