Add mqtt connect tests cases
This commit is contained in:
HuangDan
parent
95d36d0204
commit
0fbf813ebf
|
|
@ -1066,7 +1066,7 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem
|
|||
## Most of it was copied from Mozilla’s Server Side TLS article
|
||||
##
|
||||
## Value: Ciphers
|
||||
## listener.ssl.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA
|
||||
listener.ssl.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA
|
||||
|
||||
## SSL parameter renegotiation is a feature that allows a client and a server
|
||||
## to renegotiate the parameters of the SSL connection on the fly.
|
||||
|
|
|
|||
|
|
@ -23,9 +23,9 @@
|
|||
|
||||
-include_lib("eunit/include/eunit.hrl").
|
||||
|
||||
all() -> [].
|
||||
all() -> [{group, connect}].
|
||||
|
||||
groups() -> [].
|
||||
groups() -> [{connect, [start]}].
|
||||
|
||||
init_per_suite(Config) ->
|
||||
Config.
|
||||
|
|
@ -39,3 +39,6 @@ init_per_group(_Group, Config) ->
|
|||
end_per_group(_Group, _Config) ->
|
||||
ok.
|
||||
|
||||
start(_Config) ->
|
||||
{ok, ClientPid, _} = emqx_client:start_link().
|
||||
|
||||
|
|
|
|||
|
|
@ -29,6 +29,31 @@
|
|||
{cacertfile, "certs/cacert.pem"},
|
||||
{certfile, "certs/client-cert.pem"}]).
|
||||
|
||||
-define(CIPHERS, [{ciphers,
|
||||
["ECDHE-ECDSA-AES256-GCM-SHA384",
|
||||
"ECDHE-RSA-AES256-GCM-SHA384",
|
||||
"ECDHE-ECDSA-AES256-SHA384",
|
||||
"ECDHE-RSA-AES256-SHA384","ECDHE-ECDSA-DES-CBC3-SHA",
|
||||
"ECDH-ECDSA-AES256-GCM-SHA384",
|
||||
"ECDH-RSA-AES256-GCM-SHA384",
|
||||
"ECDH-ECDSA-AES256-SHA384","ECDH-RSA-AES256-SHA384",
|
||||
"DHE-DSS-AES256-GCM-SHA384","DHE-DSS-AES256-SHA256",
|
||||
"AES256-GCM-SHA384","AES256-SHA256",
|
||||
"ECDHE-ECDSA-AES128-GCM-SHA256",
|
||||
"ECDHE-RSA-AES128-GCM-SHA256",
|
||||
"ECDHE-ECDSA-AES128-SHA256",
|
||||
"ECDHE-RSA-AES128-SHA256",
|
||||
"ECDH-ECDSA-AES128-GCM-SHA256",
|
||||
"ECDH-RSA-AES128-GCM-SHA256",
|
||||
"ECDH-ECDSA-AES128-SHA256","ECDH-RSA-AES128-SHA256",
|
||||
"DHE-DSS-AES128-GCM-SHA256","DHE-DSS-AES128-SHA256",
|
||||
"AES128-GCM-SHA256","AES128-SHA256",
|
||||
"ECDHE-ECDSA-AES256-SHA","ECDHE-RSA-AES256-SHA",
|
||||
"DHE-DSS-AES256-SHA","ECDH-ECDSA-AES256-SHA",
|
||||
"ECDH-RSA-AES256-SHA","AES256-SHA",
|
||||
"ECDHE-ECDSA-AES128-SHA","ECDHE-RSA-AES128-SHA",
|
||||
"DHE-DSS-AES128-SHA","ECDH-ECDSA-AES128-SHA",
|
||||
"ECDH-RSA-AES128-SHA","AES128-SHA"]}]).
|
||||
|
||||
run_setup_steps() ->
|
||||
NewConfig = generate_config(),
|
||||
|
|
@ -71,7 +96,7 @@ change_opts(SslType) ->
|
|||
lists:foldl(fun({Protocol, Port, Opts} = Listener, Acc) ->
|
||||
case Protocol of
|
||||
ssl ->
|
||||
SslOpts = proplists:get_value(sslopts, Opts),
|
||||
SslOpts = proplists:get_value(ssl_options, Opts),
|
||||
Keyfile = local_path(["etc/certs", "key.pem"]),
|
||||
Certfile = local_path(["etc/certs", "cert.pem"]),
|
||||
TupleList1 = lists:keyreplace(keyfile, 1, SslOpts, {keyfile, Keyfile}),
|
||||
|
|
@ -89,13 +114,15 @@ change_opts(SslType) ->
|
|||
(_) -> true
|
||||
end, TupleList2)
|
||||
end,
|
||||
[{Protocol, Port, lists:keyreplace(sslopts, 1, Opts, {sslopts, TupleList3})} | Acc];
|
||||
[{Protocol, Port, lists:keyreplace(ssl_options, 1, Opts, {ssl_options, TupleList3})} | Acc];
|
||||
_ ->
|
||||
[Listener | Acc]
|
||||
end
|
||||
end, [], Listeners),
|
||||
application:set_env(?APP, listeners, NewListeners).
|
||||
|
||||
client_ssl() ->
|
||||
[{Key, local_path(["etc", File])} || {Key, File} <- ?MQTT_SSL_CLIENT].
|
||||
client_ssl_twoway() ->
|
||||
[{Key, local_path(["etc", File])} || {Key, File} <- ?MQTT_SSL_CLIENT] ++ ?CIPHERS.
|
||||
|
||||
client_ssl() ->
|
||||
?CIPHERS ++ [{reuse_sessions, true}].
|
||||
|
|
|
|||
Loading…
Reference in New Issue