feat(quic): listener use common server ssl_options
This commit is contained in:
William Yang
parent
fc3e8715a1
commit
0e40f6cf48
|
|
@ -1868,6 +1868,21 @@ fields_mqtt_quic_listener_keep_alive_interval {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fields_mqtt_quic_listener_ssl_options {
|
||||||
|
desc {
|
||||||
|
en: """
|
||||||
|
TLS options for QUIC transport
|
||||||
|
"""
|
||||||
|
zh: """
|
||||||
|
QUIC 传输层的 TLS 选项
|
||||||
|
"""
|
||||||
|
}
|
||||||
|
label: {
|
||||||
|
en: "TLS Options"
|
||||||
|
zh: "TLS 选项"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
base_listener_bind {
|
base_listener_bind {
|
||||||
desc {
|
desc {
|
||||||
en: """IP address and port for the listening socket."""
|
en: """IP address and port for the listening socket."""
|
||||||
|
|
|
||||||
|
|
@ -370,19 +370,23 @@ do_start_listener(quic, ListenerName, #{bind := Bind} = Opts) ->
|
||||||
case [A || {quicer, _, _} = A <- application:which_applications()] of
|
case [A || {quicer, _, _} = A <- application:which_applications()] of
|
||||||
[_] ->
|
[_] ->
|
||||||
DefAcceptors = erlang:system_info(schedulers_online) * 8,
|
DefAcceptors = erlang:system_info(schedulers_online) * 8,
|
||||||
|
SSLOpts = maps:merge(
|
||||||
|
maps:with([certfile, keyfile], Opts),
|
||||||
|
maps:get(ssl_options, Opts, #{})
|
||||||
|
),
|
||||||
ListenOpts =
|
ListenOpts =
|
||||||
[
|
[
|
||||||
{cert, maps:get(certfile, Opts)},
|
{certfile, str(maps:get(certfile, SSLOpts))},
|
||||||
{key, maps:get(keyfile, Opts)},
|
{keyfile, str(maps:get(keyfile, SSLOpts))},
|
||||||
{alpn, ["mqtt"]},
|
{alpn, ["mqtt"]},
|
||||||
{conn_acceptors, lists:max([DefAcceptors, maps:get(acceptors, Opts, 0)])},
|
{conn_acceptors, lists:max([DefAcceptors, maps:get(acceptors, Opts, 0)])},
|
||||||
{keep_alive_interval_ms, maps:get(keep_alive_interval, Opts, 0)},
|
{keep_alive_interval_ms, maps:get(keep_alive_interval, Opts, 0)},
|
||||||
{idle_timeout_ms, maps:get(idle_timeout, Opts, 0)},
|
{idle_timeout_ms, maps:get(idle_timeout, Opts, 0)},
|
||||||
{handshake_idle_timeout_ms, maps:get(handshake_idle_timeout, Opts, 10000)},
|
{handshake_idle_timeout_ms, maps:get(handshake_idle_timeout, Opts, 10000)},
|
||||||
{server_resumption_level, 2},
|
{server_resumption_level, 2},
|
||||||
{verify, maps:get(verify, Opts, verify_none)}
|
{verify, maps:get(verify, SSLOpts, verify_none)}
|
||||||
] ++
|
] ++
|
||||||
case maps:get(cacertfile, Opts, undefined) of
|
case maps:get(cacertfile, SSLOpts, undefined) of
|
||||||
undefined -> [];
|
undefined -> [];
|
||||||
CaCertFile -> [{cacertfile, binary_to_list(CaCertFile)}]
|
CaCertFile -> [{cacertfile, binary_to_list(CaCertFile)}]
|
||||||
end,
|
end,
|
||||||
|
|
|
||||||
|
|
@ -845,31 +845,20 @@ fields("mqtt_wss_listener") ->
|
||||||
];
|
];
|
||||||
fields("mqtt_quic_listener") ->
|
fields("mqtt_quic_listener") ->
|
||||||
[
|
[
|
||||||
{"cacertfile",
|
|
||||||
sc(
|
|
||||||
binary(),
|
|
||||||
#{
|
|
||||||
default => undefined,
|
|
||||||
required => false,
|
|
||||||
desc => ?DESC(common_ssl_opts_schema_cacertfile)
|
|
||||||
}
|
|
||||||
)},
|
|
||||||
{"certfile",
|
{"certfile",
|
||||||
sc(
|
sc(
|
||||||
string(),
|
string(),
|
||||||
#{desc => ?DESC(fields_mqtt_quic_listener_certfile)}
|
#{
|
||||||
|
%% TODO: deprecated => {since, "5.1.0"}
|
||||||
|
desc => ?DESC(fields_mqtt_quic_listener_certfile)
|
||||||
|
}
|
||||||
)},
|
)},
|
||||||
{"keyfile",
|
{"keyfile",
|
||||||
sc(
|
sc(
|
||||||
string(),
|
string(),
|
||||||
#{desc => ?DESC(fields_mqtt_quic_listener_keyfile)}
|
%% TODO: deprecated => {since, "5.1.0"}
|
||||||
)},
|
|
||||||
{"verify",
|
|
||||||
sc(
|
|
||||||
hoconsc:enum([verify_peer, verify_none]),
|
|
||||||
#{
|
#{
|
||||||
default => verify_none,
|
desc => ?DESC(fields_mqtt_quic_listener_keyfile)
|
||||||
desc => ?DESC(common_ssl_opts_schema_verify)
|
|
||||||
}
|
}
|
||||||
)},
|
)},
|
||||||
{"ciphers", ciphers_schema(quic)},
|
{"ciphers", ciphers_schema(quic)},
|
||||||
|
|
@ -896,6 +885,14 @@ fields("mqtt_quic_listener") ->
|
||||||
default => 0,
|
default => 0,
|
||||||
desc => ?DESC(fields_mqtt_quic_listener_keep_alive_interval)
|
desc => ?DESC(fields_mqtt_quic_listener_keep_alive_interval)
|
||||||
}
|
}
|
||||||
|
)},
|
||||||
|
{"ssl_options",
|
||||||
|
sc(
|
||||||
|
ref("listener_quic_ssl_opts"),
|
||||||
|
#{
|
||||||
|
required => false,
|
||||||
|
desc => ?DESC(fields_mqtt_quic_listener_ssl_options)
|
||||||
|
}
|
||||||
)}
|
)}
|
||||||
] ++ base_listener(14567);
|
] ++ base_listener(14567);
|
||||||
fields("ws_opts") ->
|
fields("ws_opts") ->
|
||||||
|
|
@ -1106,6 +1103,8 @@ fields("listener_wss_opts") ->
|
||||||
},
|
},
|
||||||
true
|
true
|
||||||
);
|
);
|
||||||
|
fields("listener_quic_ssl_opts") ->
|
||||||
|
server_ssl_opts_schema(#{}, false);
|
||||||
fields("ssl_client_opts") ->
|
fields("ssl_client_opts") ->
|
||||||
client_ssl_opts_schema(#{});
|
client_ssl_opts_schema(#{});
|
||||||
fields("deflate_opts") ->
|
fields("deflate_opts") ->
|
||||||
|
|
@ -1785,6 +1784,8 @@ desc("listener_ssl_opts") ->
|
||||||
"Socket options for SSL connections.";
|
"Socket options for SSL connections.";
|
||||||
desc("listener_wss_opts") ->
|
desc("listener_wss_opts") ->
|
||||||
"Socket options for WebSocket/SSL connections.";
|
"Socket options for WebSocket/SSL connections.";
|
||||||
|
desc("listener_quic_ssl_opts") ->
|
||||||
|
"TLS options for QUIC transport.";
|
||||||
desc("ssl_client_opts") ->
|
desc("ssl_client_opts") ->
|
||||||
"Socket options for SSL clients.";
|
"Socket options for SSL clients.";
|
||||||
desc("deflate_opts") ->
|
desc("deflate_opts") ->
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue