yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #11536 from zhongwencool/comma_separated_binary 

chore: ciphers should allow empty space(comma_separated_binary)
This commit is contained in:
JianBo He 2023-08-30 10:20:06 +08:00 committed by GitHub
parent 70dc53c6c2 4e7ba5d35f
commit 06fad14d07
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 58 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/emqx/src/emqx_connection.erl
View File

@ -1216,9 +1216,9 @@ inc_counter(Key, Inc) ->
set_tcp_keepalive({quic, _Listener}) -> set_tcp_keepalive({quic, _Listener}) ->
ok; ok;
set_tcp_keepalive({Type, Id}) -> set_tcp_keepalive({Type, Id}) ->
Conf = emqx_config:get_listener_conf(Type, Id, [tcp_options, keepalive], <<"none">>), Conf = emqx_config:get_listener_conf(Type, Id, [tcp_options, keepalive], "none"),
case iolist_to_binary(Conf) of case Conf of
<<"none">> -> "none" ->
ok; ok;
Value -> Value ->
%% the value is already validated by schema, so we do not validate it again. %% the value is already validated by schema, so we do not validate it again.

5
apps/emqx/src/emqx_schema.erl
View File

@ -2331,7 +2331,8 @@ converter_ciphers(<<>>, _Opts) ->
[]; [];
converter_ciphers(Ciphers, _Opts) when is_list(Ciphers) -> Ciphers; converter_ciphers(Ciphers, _Opts) when is_list(Ciphers) -> Ciphers;
converter_ciphers(Ciphers, _Opts) when is_binary(Ciphers) -> converter_ciphers(Ciphers, _Opts) when is_binary(Ciphers) ->
binary:split(Ciphers, <<",">>, [global]). {ok, List} = to_comma_separated_binary(binary_to_list(Ciphers)),
List.
default_ciphers(Which) -> default_ciphers(Which) ->
lists:map( lists:map(
@ -2649,7 +2650,7 @@ validate_tcp_keepalive(Value) ->
%% @doc This function is used as value validator and also run-time parser. %% @doc This function is used as value validator and also run-time parser.
parse_tcp_keepalive(Str) -> parse_tcp_keepalive(Str) ->
try try
[Idle, Interval, Probes] = binary:split(iolist_to_binary(Str), <<",">>, [global]), {ok, [Idle, Interval, Probes]} = to_comma_separated_binary(Str),
%% use 10 times the Linux defaults as range limit %% use 10 times the Linux defaults as range limit
IdleInt = parse_ka_int(Idle, "Idle", 1, 7200_0), IdleInt = parse_ka_int(Idle, "Idle", 1, 7200_0),
IntervalInt = parse_ka_int(Interval, "Interval", 1, 75_0), IntervalInt = parse_ka_int(Interval, "Interval", 1, 75_0),

54
apps/emqx/test/emqx_listeners_update_SUITE.erl
View File

@ -116,6 +116,55 @@ t_update_conf(_Conf) ->
?assert(is_running('wss:default')), ?assert(is_running('wss:default')),
ok. ok.
t_update_tcp_keepalive_conf(_Conf) ->
Keepalive = <<"240,30,5">>,
KeepaliveStr = binary_to_list(Keepalive),
Raw = emqx:get_raw_config(?LISTENERS),
Raw1 = emqx_utils_maps:deep_put(
[<<"tcp">>, <<"default">>, <<"bind">>], Raw, <<"127.0.0.1:1883">>
),
Raw2 = emqx_utils_maps:deep_put(
[<<"tcp">>, <<"default">>, <<"tcp_options">>, <<"keepalive">>], Raw1, Keepalive
),
?assertMatch({ok, _}, emqx:update_config(?LISTENERS, Raw2)),
?assertMatch(
#{
<<"tcp">> := #{
<<"default">> := #{
<<"bind">> := <<"127.0.0.1:1883">>,
<<"tcp_options">> := #{<<"keepalive">> := Keepalive}
}
}
},
emqx:get_raw_config(?LISTENERS)
),
?assertMatch(
#{tcp := #{default := #{tcp_options := #{keepalive := KeepaliveStr}}}},
emqx:get_config(?LISTENERS)
),
Keepalive2 = <<" 241, 31, 6 ">>,
KeepaliveStr2 = binary_to_list(Keepalive2),
Raw3 = emqx_utils_maps:deep_put(
[<<"tcp">>, <<"default">>, <<"tcp_options">>, <<"keepalive">>], Raw1, Keepalive2
),
?assertMatch({ok, _}, emqx:update_config(?LISTENERS, Raw3)),
?assertMatch(
#{
<<"tcp">> := #{
<<"default">> := #{
<<"bind">> := <<"127.0.0.1:1883">>,
<<"tcp_options">> := #{<<"keepalive">> := Keepalive2}
}
}
},
emqx:get_raw_config(?LISTENERS)
),
?assertMatch(
#{tcp := #{default := #{tcp_options := #{keepalive := KeepaliveStr2}}}},
emqx:get_config(?LISTENERS)
),
ok.
t_update_empty_ssl_options_conf(_Conf) -> t_update_empty_ssl_options_conf(_Conf) ->
Raw = emqx:get_raw_config(?LISTENERS), Raw = emqx:get_raw_config(?LISTENERS),
Raw1 = emqx_utils_maps:deep_put( Raw1 = emqx_utils_maps:deep_put(
@ -139,10 +188,11 @@ t_update_empty_ssl_options_conf(_Conf) ->
Raw7 = emqx_utils_maps:deep_put( Raw7 = emqx_utils_maps:deep_put(
[<<"wss">>, <<"default">>, <<"ssl_options">>, <<"ciphers">>], Raw6, <<"">> [<<"wss">>, <<"default">>, <<"ssl_options">>, <<"ciphers">>], Raw6, <<"">>
), ),
Ciphers = <<"TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256 ">>,
Raw8 = emqx_utils_maps:deep_put( Raw8 = emqx_utils_maps:deep_put(
[<<"ssl">>, <<"default">>, <<"ssl_options">>, <<"ciphers">>], [<<"ssl">>, <<"default">>, <<"ssl_options">>, <<"ciphers">>],
Raw7, Raw7,
<<"TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256">> Ciphers
), ),
?assertMatch({ok, _}, emqx:update_config(?LISTENERS, Raw8)), ?assertMatch({ok, _}, emqx:update_config(?LISTENERS, Raw8)),
?assertMatch( ?assertMatch(
@ -153,7 +203,7 @@ t_update_empty_ssl_options_conf(_Conf) ->
<<"bind">> := <<"127.0.0.1:8883">>, <<"bind">> := <<"127.0.0.1:8883">>,
<<"ssl_options">> := #{ <<"ssl_options">> := #{
<<"cacertfile">> := <<"">>, <<"cacertfile">> := <<"">>,
<<"ciphers">> := <<"TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256">> <<"ciphers">> := Ciphers
} }
} }
}, },