Implement TLS support for the GelfWriter

This implements TLS support for the GelfWriter.
This commit is contained in:
Michael Insel 2018-11-30 22:08:18 +01:00
parent d94e300907
commit 90bb423226
2 changed files with 30 additions and 1 deletions

View File

@ -169,7 +169,30 @@ void GelfWriter::ReconnectInternal()
throw ex;
}
m_Stream = new NetworkStream(socket);
if (GetEnableTls()) {
std::shared_ptr<SSL_CTX> sslContext;
try {
sslContext = MakeSSLContext(GetCertPath(), GetKeyPath(), GetCaPath());
} catch (const std::exception& ex) {
Log(LogWarning, "GelfWriter")
<< "Unable to create SSL context.";
throw ex;
}
TlsStream::Ptr tlsStream = new TlsStream(socket, GetHost(), RoleClient, sslContext);
try {
tlsStream->Handshake();
} catch (const std::exception& ex) {
Log(LogWarning, "GelfWriter")
<< "TLS handshake with host'" << GetHost() << "' on port '" << GetPort() << "' failed.'";
throw ex;
}
m_Stream = tlsStream;
} else
m_Stream = new NetworkStream(socket);
SetConnected(true);

View File

@ -31,6 +31,12 @@ class GelfWriter : ConfigObject
[config] bool enable_ha {
default {{{ return false; }}}
};
[config] bool enable_tls {
default {{{ return false; }}}
};
[config] String ca_path;
[config] String cert_path;
[config] String key_path;
};
}