Skip to content

Commit 937f814

Browse files
DavidMiserakDavidMiserak
committed
fix: Add x509 key pair to config
1 parent 7242968 commit 937f814

File tree

2 files changed

+24
-1
lines changed

2 files changed

+24
-1
lines changed

CHANGELOG.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,9 @@
11
# CHANGELOG
22

3-
## 1.10.0
3+
## 10.0.1
4+
* Support x509 Key Pair option
45

6+
## 1.10.0
57
* Refactor Fluent Logger for Improved Thread Safety and Error Handling
68
* Follow the recent Golang module updates
79
* Stabilize testing on CI

fluent/fluent.go

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,10 @@ const (
3838
// Default value whether to skip checking insecure certs on TLS connections.
3939
defaultTlsInsecureSkipVerify = false
4040
defaultReadTimeout = time.Duration(0) // Read() will not time out
41+
42+
// Default values for cert and key pair
43+
defaultTlsCertFile = ""
44+
defaultTlsKeyFile = ""
4145
)
4246

4347
// randomGenerator is used by getUniqueId to generate ack hashes. Its value is replaced
@@ -82,6 +86,10 @@ type Config struct {
8286

8387
// ReadTimeout specifies the timeout on reads. Currently only acks are read.
8488
ReadTimeout time.Duration `json:"read_timeout"`
89+
90+
// Cert file and key file
91+
TlsCertFile string `json: "tls_cert_file"`
92+
TlsKeyFile string `json: "tls_key_file"`
8593
}
8694

8795
type ErrUnknownNetwork struct {
@@ -171,6 +179,12 @@ func newWithDialer(config Config, d dialer) (f *Fluent, err error) {
171179
if !config.TlsInsecureSkipVerify {
172180
config.TlsInsecureSkipVerify = defaultTlsInsecureSkipVerify
173181
}
182+
if config.TlsCertFile == "" {
183+
config.TlsCertFile = defaultTlsCertFile
184+
}
185+
if config.TlsKeyFile == "" {
186+
config.TlsKeyFile = defaultTlsKeyFile
187+
}
174188
if config.AsyncConnect {
175189
fmt.Fprintf(os.Stderr, "fluent#New: AsyncConnect is now deprecated, please use Async instead")
176190
config.Async = config.Async || config.AsyncConnect
@@ -465,6 +479,13 @@ func (f *Fluent) connect(ctx context.Context) (err error) {
465479
f.Config.FluentHost+":"+strconv.Itoa(f.Config.FluentPort))
466480
case "tls":
467481
tlsConfig := &tls.Config{InsecureSkipVerify: f.Config.TlsInsecureSkipVerify}
482+
if (f.Config.TlsCertFile != "") && (f.Config.TlsKeyFile != "") {
483+
cert, err := tls.LoadX509KeyPair(f.Config.TlsCertFile, f.Config.TlsKeyFile)
484+
if err != nil {
485+
return err
486+
}
487+
tlsConfig = &tls.Config{Certificates: []tls.Certificate{cert}, InsecureSkipVerify: f.Config.TlsInsecureSkipVerify}
488+
}
468489
f.conn, err = tls.DialWithDialer(
469490
&net.Dialer{Timeout: f.Config.Timeout},
470491
"tcp",

0 commit comments

Comments
 (0)