From 7913005fbbe4d26b187635658553470cd99e3b97 Mon Sep 17 00:00:00 2001 From: Lee Hinman <57081003+leehinman@users.noreply.github.com> Date: Mon, 10 Aug 2020 09:42:07 -0500 Subject: [PATCH] Improve validation check for Azure configuration (#20389) A blob container name must be between 3 and 63 characters in length; start with a letter or number; and contain only letters, numbers, and the hyphen. All letters used in blob container names must be lowercase. Added validation to make sure the storage container name meets those requirements. Closes #20369 --- CHANGELOG.next.asciidoc | 1 + x-pack/filebeat/input/azureeventhub/config.go | 27 +++++++++++++++++ .../input/azureeventhub/config_test.go | 29 +++++++++++++++++++ 3 files changed, 57 insertions(+) create mode 100644 x-pack/filebeat/input/azureeventhub/config_test.go diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index f818a846ac8..6ab646f2229 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -235,6 +235,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Fix `okta` geoip lookup in pipeline for `destination.ip` {pull}20454[20454] - Fix mapping exception in the `googlecloud/audit` dataset pipeline. {issue}18465[18465] {pull}20465[20465] - Fix `cisco` asa and ftd parsing of messages 106102 and 106103. {pull}20469[20469] +- Improve validation checks for Azure configuration {issue}20369[20369] {pull}20389[20389] *Heartbeat* diff --git a/x-pack/filebeat/input/azureeventhub/config.go b/x-pack/filebeat/input/azureeventhub/config.go index 0521d3a76e6..68ad8d109e0 100644 --- a/x-pack/filebeat/input/azureeventhub/config.go +++ b/x-pack/filebeat/input/azureeventhub/config.go @@ -7,6 +7,7 @@ package azureeventhub import ( "errors" "fmt" + "unicode" ) type azureInputConfig struct { @@ -36,6 +37,32 @@ func (conf *azureInputConfig) Validate() error { } if conf.SAContainer == "" { conf.SAContainer = fmt.Sprintf("%s-%s", ephContainerName, conf.EventHubName) + + } + err := storageContainerValidate(conf.SAContainer) + if err != nil { + return err + } + + return nil +} + +func storageContainerValidate(name string) error { + runes := []rune(name) + length := len(runes) + if length < 3 { + return fmt.Errorf("storage_account_container (%s) must be 3 or more characters", name) + } + if length > 63 { + return fmt.Errorf("storage_account_container (%s) must be less than 63 characters", name) + } + if !unicode.IsLower(runes[0]) && !unicode.IsNumber(runes[0]) { + return fmt.Errorf("storage_account_container (%s) must start with a lowercase letter or number", name) + } + for i := 0; i < length; i++ { + if !unicode.IsLower(runes[i]) && !unicode.IsNumber(runes[i]) && !('-' == runes[i]) { + return fmt.Errorf("rune %d of storage_account_container (%s) is not a lowercase letter, number or dash", i, name) + } } return nil } diff --git a/x-pack/filebeat/input/azureeventhub/config_test.go b/x-pack/filebeat/input/azureeventhub/config_test.go new file mode 100644 index 00000000000..b6f264911d8 --- /dev/null +++ b/x-pack/filebeat/input/azureeventhub/config_test.go @@ -0,0 +1,29 @@ +// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one +// or more contributor license agreements. Licensed under the Elastic License; +// you may not use this file except in compliance with the Elastic License. + +package azureeventhub + +import ( + "testing" +) + +func TestStorageContainerValidate(t *testing.T) { + var tests = []struct { + input string + errIsNil bool + }{ + {"a-valid-name", true}, + {"a", false}, + {"a-name-that-is-really-too-long-to-be-valid-and-should-never-be-used-no-matter-what", false}, + {"-not-valid", false}, + {"capital-A-not-valid", false}, + {"no_underscores_either", false}, + } + for _, test := range tests { + err := storageContainerValidate(test.input) + if (err == nil) != test.errIsNil { + t.Errorf("storageContainerValidate(%s) = %v", test.input, err) + } + } +}