Skip to content

Commit 7f98627

Browse files
cosmo0920cosmo0920
committed
output: Load CertStore with a user-defined store name
Signed-off-by: Hiroshi Hatake <[email protected]>
1 parent 357f1b3 commit 7f98627

File tree

2 files changed

+41
-0
lines changed

2 files changed

+41
-0
lines changed

include/fluent-bit/flb_output.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -369,6 +369,9 @@ struct flb_output_instance {
369369
char *tls_min_version; /* Minimum protocol version of TLS */
370370
char *tls_max_version; /* Maximum protocol version of TLS */
371371
char *tls_ciphers; /* TLS ciphers */
372+
# if defined(FLB_SYSTEM_WINDOWS)
373+
char *tls_win_certstore_name; /* CertStore Name (Windows) */
374+
# endif
372375
#endif
373376

374377
/*

src/flb_output.c

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,11 @@ struct flb_config_map output_global_properties[] = {
8383
"Accepted values: a positive integer, 'no_limits', 'false', or 'off' to disable retry limits, "
8484
"or 'no_retries' to disable retries entirely."
8585
},
86+
{
87+
FLB_CONFIG_MAP_STR, "tls.windows.certstore_name", NULL,
88+
0, FLB_FALSE, 0,
89+
"Sets the certstore name on an output (Windows)"
90+
},
8691

8792
{0}
8893
};
@@ -174,6 +179,11 @@ static void flb_output_free_properties(struct flb_output_instance *ins)
174179
if (ins->tls_ciphers) {
175180
flb_sds_destroy(ins->tls_ciphers);
176181
}
182+
# if defined(FLB_SYSTEM_WINDOWS)
183+
if (ins->tls_win_certstore_name) {
184+
flb_sds_destroy(ins->tls_win_certstore_name);
185+
}
186+
# endif
177187
#endif
178188
}
179189

@@ -751,6 +761,9 @@ struct flb_output_instance *flb_output_new(struct flb_config *config,
751761
instance->tls_crt_file = NULL;
752762
instance->tls_key_file = NULL;
753763
instance->tls_key_passwd = NULL;
764+
# if defined(FLB_SYSTEM_WINDOWS)
765+
instance->tls_win_certstore_name = NULL;
766+
# endif
754767
#endif
755768

756769
if (plugin->flags & FLB_OUTPUT_NET) {
@@ -975,6 +988,11 @@ int flb_output_set_property(struct flb_output_instance *ins,
975988
else if (prop_key_check("tls.ciphers", k, len) == 0) {
976989
flb_utils_set_plugin_string_property("tls.ciphers", &ins->tls_ciphers, tmp);
977990
}
991+
# if defined(FLB_SYSTEM_WINDOWS)
992+
else if (prop_key_check("tls.windows.certstore_name", k, len) == 0 && tmp) {
993+
flb_utils_set_plugin_string_property("tls.windows.certstore_name", &ins->tls_win_certstore_name, tmp);
994+
}
995+
# endif
978996
#endif
979997
else if (prop_key_check("storage.total_limit_size", k, len) == 0 && tmp) {
980998
if (strcasecmp(tmp, "off") == 0 ||
@@ -1359,6 +1377,26 @@ int flb_output_init_all(struct flb_config *config)
13591377
return -1;
13601378
}
13611379
}
1380+
1381+
# if defined (FLB_SYSTEM_WINDOWS)
1382+
if (ins->tls_win_certstore_name) {
1383+
ret = flb_tls_set_certstore_name(ins->tls, ins->tls_win_certstore_name);
1384+
if (ret == -1) {
1385+
flb_error("[output %s] error specify certstore name in TLS context",
1386+
ins->name);
1387+
1388+
return -1;
1389+
}
1390+
1391+
ret = flb_tls_load_system_certificates(ins->tls);
1392+
if (ret == -1) {
1393+
flb_error("[output %s] error set up to load certstore with a user-defined name in TLS context",
1394+
ins->name);
1395+
1396+
return -1;
1397+
}
1398+
}
1399+
# endif
13621400
}
13631401
#endif
13641402
/*

0 commit comments

Comments
 (0)