Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

empty password causes logstash to crash #614

Open
jsvd opened this issue Jul 3, 2017 · 3 comments · May be fixed by #615
Open

empty password causes logstash to crash #614

jsvd opened this issue Jul 3, 2017 · 3 comments · May be fixed by #615
Labels
bug

Comments

@jsvd
Copy link
Member

jsvd commented Jul 3, 2017

configuration example:

input { stdin {} }
output {  elasticsearch { user => "logstash_internal" password => "" } }

result:

/tmp/logstash-5.4.3 % bin/logstash -f cfg
[2017-07-03T19:04:08,381][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>[], :added=>[http://[email protected]:9200/]}}
[2017-07-03T19:04:08,388][INFO ][logstash.outputs.elasticsearch] Running health check to see if an Elasticsearch connection is working {:healthcheck_url=>http://[email protected]:9200/, :path=>"/"}
[2017-07-03T19:04:08,395][ERROR][logstash.pipeline        ] Error registering plugin {:plugin=>"#<LogStash::OutputDelegator:0x64ce08d1 @namespaced_metric=#<LogStash::Instrument::NamespacedMetric:0x735558e8 @metric=#<LogStash::Instrument::Metric:0x4081602f @collector=#<LogStash::Instrument::Collector:0x296ae6bd @agent=nil, @metric_store=#<LogStash::Instrument::MetricStore:0x3d76ebc1 @store=#<Concurrent::Map:0x000000000602c8 entries=2 default_proc=nil>, @structured_lookup_mutex=#<Mutex:0x64bd769f>, @fast_lookup=#<Concurrent::Map:0x000000000602cc entries=50 default_proc=nil>>>>, @namespace_name=[:stats, :pipelines, :main, :plugins, :outputs, :\"a7a59f15348a6e72ab81b9763fa5a0f1f98e278c-2\"]>, @metric=#<LogStash::Instrument::NamespacedMetric:0x51d7a672 @metric=#<LogStash::Instrument::Metric:0x4081602f @collector=#<LogStash::Instrument::Collector:0x296ae6bd @agent=nil, @metric_store=#<LogStash::Instrument::MetricStore:0x3d76ebc1 @store=#<Concurrent::Map:0x000000000602c8 entries=2 default_proc=nil>, @structured_lookup_mutex=#<Mutex:0x64bd769f>, @fast_lookup=#<Concurrent::Map:0x000000000602cc entries=50 default_proc=nil>>>>, @namespace_name=[:stats, :pipelines, :main, :plugins, :outputs]>, @logger=#<LogStash::Logging::Logger:0x54f3eb05 @logger=#<Java::OrgApacheLoggingLog4jCore::Logger:0x34a6a83d>>, @strategy=#<LogStash::OutputDelegatorStrategies::Shared:0x2004476b @output=<LogStash::Outputs::ElasticSearch user=>\"logstash_internal\", password=><password>, id=>\"a7a59f15348a6e72ab81b9763fa5a0f1f98e278c-2\", enable_metric=>true, codec=><LogStash::Codecs::Plain id=>\"plain_25de69cc-03ac-41e9-8499-da9dd657df8d\", enable_metric=>true, charset=>\"UTF-8\">, workers=>1, index=>\"logstash-%{+YYYY.MM.dd}\", manage_template=>true, template_name=>\"logstash\", template_overwrite=>false, hosts=>[//127.0.0.1], idle_flush_time=>1, doc_as_upsert=>false, script_type=>\"inline\", script_lang=>\"painless\", script_var_name=>\"event\", scripted_upsert=>false, retry_initial_interval=>2, retry_max_interval=>64, retry_on_conflict=>1, action=>\"index\", ssl_certificate_verification=>true, sniffing=>false, sniffing_delay=>5, timeout=>60, pool_max=>1000, pool_max_per_route=>100, resurrect_delay=>5, validate_after_inactivity=>10000, http_compression=>false>>, @id=\"a7a59f15348a6e72ab81b9763fa5a0f1f98e278c-2\", @metric_events=#<LogStash::Instrument::NamespacedMetric:0x503aba36 @metric=#<LogStash::Instrument::Metric:0x4081602f @collector=#<LogStash::Instrument::Collector:0x296ae6bd @agent=nil, @metric_store=#<LogStash::Instrument::MetricStore:0x3d76ebc1 @store=#<Concurrent::Map:0x000000000602c8 entries=2 default_proc=nil>, @structured_lookup_mutex=#<Mutex:0x64bd769f>, @fast_lookup=#<Concurrent::Map:0x000000000602cc entries=50 default_proc=nil>>>>, @namespace_name=[:stats, :pipelines, :main, :plugins, :outputs, :\"a7a59f15348a6e72ab81b9763fa5a0f1f98e278c-2\", :events]>, @output_class=LogStash::Outputs::ElasticSearch>", :error=>"undefined method `tr' for nil:NilClass"}
[2017-07-03T19:04:08,410][ERROR][logstash.agent           ] Pipeline aborted due to error {:exception=>#<NoMethodError: undefined method `tr' for nil:NilClass>, :backtrace=>["/private/tmp/logstash-5.4.3/vendor/jruby/lib/ruby/1.9/cgi/util.rb:16:in `unescape'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/manticore_adapter.rb:58:in `perform_request'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:269:in `perform_request_to_url'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:237:in `healthcheck!'", "org/jruby/RubyHash.java:1342:in `each'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:233:in `healthcheck!'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:319:in `update_urls'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/pool.rb:70:in `start'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client.rb:284:in `build_pool'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client.rb:60:in `initialize'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client_builder.rb:101:in `create_http_client'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client_builder.rb:97:in `build'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch.rb:230:in `build_client'", "/tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/common.rb:28:in `register'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/output_delegator_strategies/shared.rb:9:in `register'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/output_delegator.rb:41:in `register'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/pipeline.rb:268:in `register_plugin'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/pipeline.rb:279:in `register_plugins'", "org/jruby/RubyArray.java:1613:in `each'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/pipeline.rb:279:in `register_plugins'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/pipeline.rb:288:in `start_workers'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/pipeline.rb:214:in `run'", "/tmp/logstash-5.4.3/logstash-core/lib/logstash/agent.rb:398:in `start_pipeline'"]}
[2017-07-03T19:04:08,480][INFO ][logstash.agent           ] Successfully started Logstash API endpoint {:port=>9600}
[2017-07-03T19:04:11,434][WARN ][logstash.agent           ] stopping pipeline {:id=>"main"}
@jsvd jsvd added the bug label Jul 3, 2017
@jsvd
Copy link
Member Author

jsvd commented Jul 4, 2017
edited
Loading

Another way to trigger:

% bin/logstash -i irb
1.9 :001 > LogStash::Plugin.lookup("output", "elasticsearch")
 => LogStash::Outputs::ElasticSearch 
1.9 :002 > LogStash::Outputs::ElasticSearch::HttpClient.new(:client_settings=>{:pool_max=>1000, :pool_max_per_route=>100, :check_connection_timeout=>10000, :http_compression=>false}, :resurrect_delay=>5, :timeout=>60, :bulk_path=>"/_bulk", :sniffing_path=>"/_nodes/http", :healthcheck_path=>"/", :user=>"hey", :password=>"", :hosts=>[URI.parse("http://localhost")], :logger => LogStash::Logging::Logger.new("Hey"))

NoMethodError: undefined method `tr' for nil:NilClass
	from /private/tmp/logstash-5.4.3/vendor/jruby/lib/ruby/1.9/cgi/util.rb:16:in `unescape'
	from /tmp/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/logstash-output-elasticsearch-7.3.5-java/lib/logstash/outputs/elasticsearch/http_client/manticore_adapter.rb:60:in `perform_request'

The code responsible for this comes from the calculate_property method in HttpClient , that treats empty strings as nil:

      default = nil if default.is_a?(String) && default.empty? # Blanks are as good as nil
      uri_value = nil if uri_value.is_a?(String) && uri_value.empty?

@jsvd jsvd linked a pull request Jul 4, 2017 that will close this issue
Open
This was referenced Jul 13, 2017
Closed
Closed
@webmat
Copy link
Contributor

webmat commented May 28, 2018

I was only able to reproduce this on Logstash 5.5.0, but not 5.6 nor 6.2.4.

The latter two both react as expected by logging 401s, when either the password option is an empty string, or when the user:pass are specified in a host (with an empty pass).

In other words, this works in both supported versions. Should we actually just close this as won't fix, since the 5.x line is no longer affected?

@webmat
Copy link
Contributor

webmat commented May 28, 2018
edited
Loading

Note, however, that I do not have a user without a password. X-Pack doesn't let me create one.

Is a situation where the passwordless user is in fact a reverse proxy user (e.g. an http auth user in nginx)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

support empty password jsvd/logstash-output-elasticsearch
2 participants
@webmat @jsvd