Obsolete ssl_certificate_verification option

Fixes #25
logstash-plugins · Aug 5, 2016 · 4f188c9 · 4f188c9
1 parent 9f9a296
commit 4f188c9
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 26 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## 5.0.0
+  - Obsolete ssl_certificate_verify option that didn't actually work
+
 ## 4.0.3
   - Raise configuration error when user supplies a trust/keystore without a password
 

diff --git a/lib/logstash/plugin_mixins/http_client.rb b/lib/logstash/plugin_mixins/http_client.rb
@@ -52,9 +52,7 @@ def setup_http_client_config
     # See https://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/conn/PoolingHttpClientConnectionManager.html#setValidateAfterInactivity(int)[these docs for more info]
     config :validate_after_inactivity, :validate => :number, :default => 200
 
-    # Set this to false to disable SSL/TLS certificate validation
-    # Note: setting this to false is generally considered insecure!
-    config :ssl_certificate_validation, :validate => :boolean, :default => true
+    config :ssl_certificate_validation, :obsolete => "This option did not work in a meaningful way and has been removed! Please use the correct truststore"
 
     # If you need to use a custom X.509 CA (.pem certs) specify the path to that here
     config :cacert, :validate => :path
@@ -119,7 +117,7 @@ def client_config
         @proxy
     end
 
-    c[:ssl] = {verify: @ssl_certificate_validation}
+    c[:ssl] = {}
     if @cacert
       c[:ssl][:ca_file] = @cacert
     end

diff --git a/logstash-mixin-http_client.gemspec b/logstash-mixin-http_client.gemspec
@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-mixin-http_client'
-  s.version         = '4.0.3'
+  s.version         = '5.0.0'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "AWS mixins to provide a unified interface for Amazon Webservice"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

diff --git a/spec/plugin_mixin/http_client_spec.rb b/spec/plugin_mixin/http_client_spec.rb
@@ -148,26 +148,5 @@ class Dummy < LogStash::Inputs::Base
 
       include_examples("raising a configuration error")
     end
-
-    describe "ssl certificate validation" do
-      subject { Dummy.new(conf).send(:client_config) }
-
-      context "when set to true" do
-        let(:conf) { basic_config.merge("ssl_certificate_validation" => true)}
-
-        it "should set [:ssl][:verify] to true" do
-          expect(subject[:ssl][:verify]).to eql(true)
-        end
-      end
-
-      context "when set to false" do
-        let(:conf) { basic_config.merge("ssl_certificate_validation" => false)}
-
-        it "should set [:ssl][:verify] to true" do
-          expect(subject[:ssl][:verify]).to eql(false)
-        end
-      end
-    end
-
   end
 end