From 8be5594678d8051c4e486733078521a46df449a2 Mon Sep 17 00:00:00 2001 From: Lee Hinman <57081003+leehinman@users.noreply.github.com> Date: Mon, 10 Aug 2020 11:57:46 -0500 Subject: [PATCH] Improve validation check for Azure configuration (#20389) (#20515) A blob container name must be between 3 and 63 characters in length; start with a letter or number; and contain only letters, numbers, and the hyphen. All letters used in blob container names must be lowercase. Added validation to make sure the storage container name meets those requirements. Closes #20369 (cherry picked from commit 7913005fbbe4d26b187635658553470cd99e3b97) --- CHANGELOG.next.asciidoc | 1 + x-pack/filebeat/input/azureeventhub/config.go | 27 +++++++++++++++++ .../input/azureeventhub/config_test.go | 29 +++++++++++++++++++ 3 files changed, 57 insertions(+) create mode 100644 x-pack/filebeat/input/azureeventhub/config_test.go diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index c9a47c27f0c..a151b7b507b 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -266,6 +266,7 @@ field. You can revert this change by configuring tags for the module and omittin - Fix `fortinet` setting `event.timezone` to the system one when no `tz` field present {pull}20273[20273] - Fix `okta` geoip lookup in pipeline for `destination.ip` {pull}20454[20454] - Fix `cisco` asa and ftd parsing of messages 106102 and 106103. {pull}20469[20469] +- Improve validation checks for Azure configuration {issue}20369[20369] {pull}20389[20389] *Heartbeat* diff --git a/x-pack/filebeat/input/azureeventhub/config.go b/x-pack/filebeat/input/azureeventhub/config.go index 0521d3a76e6..68ad8d109e0 100644 --- a/x-pack/filebeat/input/azureeventhub/config.go +++ b/x-pack/filebeat/input/azureeventhub/config.go @@ -7,6 +7,7 @@ package azureeventhub import ( "errors" "fmt" + "unicode" ) type azureInputConfig struct { @@ -36,6 +37,32 @@ func (conf *azureInputConfig) Validate() error { } if conf.SAContainer == "" { conf.SAContainer = fmt.Sprintf("%s-%s", ephContainerName, conf.EventHubName) + + } + err := storageContainerValidate(conf.SAContainer) + if err != nil { + return err + } + + return nil +} + +func storageContainerValidate(name string) error { + runes := []rune(name) + length := len(runes) + if length < 3 { + return fmt.Errorf("storage_account_container (%s) must be 3 or more characters", name) + } + if length > 63 { + return fmt.Errorf("storage_account_container (%s) must be less than 63 characters", name) + } + if !unicode.IsLower(runes[0]) && !unicode.IsNumber(runes[0]) { + return fmt.Errorf("storage_account_container (%s) must start with a lowercase letter or number", name) + } + for i := 0; i < length; i++ { + if !unicode.IsLower(runes[i]) && !unicode.IsNumber(runes[i]) && !('-' == runes[i]) { + return fmt.Errorf("rune %d of storage_account_container (%s) is not a lowercase letter, number or dash", i, name) + } } return nil } diff --git a/x-pack/filebeat/input/azureeventhub/config_test.go b/x-pack/filebeat/input/azureeventhub/config_test.go new file mode 100644 index 00000000000..b6f264911d8 --- /dev/null +++ b/x-pack/filebeat/input/azureeventhub/config_test.go @@ -0,0 +1,29 @@ +// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one +// or more contributor license agreements. Licensed under the Elastic License; +// you may not use this file except in compliance with the Elastic License. + +package azureeventhub + +import ( + "testing" +) + +func TestStorageContainerValidate(t *testing.T) { + var tests = []struct { + input string + errIsNil bool + }{ + {"a-valid-name", true}, + {"a", false}, + {"a-name-that-is-really-too-long-to-be-valid-and-should-never-be-used-no-matter-what", false}, + {"-not-valid", false}, + {"capital-A-not-valid", false}, + {"no_underscores_either", false}, + } + for _, test := range tests { + err := storageContainerValidate(test.input) + if (err == nil) != test.errIsNil { + t.Errorf("storageContainerValidate(%s) = %v", test.input, err) + } + } +}