diff --git a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl index 7da78a998..deea23402 100644 --- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl +++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl @@ -63,8 +63,10 @@ check(ClientInfo = #{ clientid := Clientid emqx_metrics:inc(?AUTH_METRICS(ignore)), ok; List -> - case match_password(NPassword, HashType, List) of - false -> + case [ Hash || <> <- lists:sort(fun emqx_auth_mnesia_cli:comparing/2, List), + Hash =:= hash(NPassword, Salt, HashType) + ] of + [] -> ?LOG(error, "[Mnesia] Auth from mnesia failed: ~p", [ClientInfo]), emqx_metrics:inc(?AUTH_METRICS(failure)), {stop, AuthResult#{anonymous => false, auth_result => password_error}}; @@ -76,34 +78,7 @@ check(ClientInfo = #{ clientid := Clientid description() -> "Authentication with Mnesia". -match_password(Password, HashType, HashList) -> - lists:any( - fun(Secret) -> - case is_salt_hash(Secret, HashType) of - true -> - <> = Secret, - Hash =:= hash(Password, Salt, HashType); - _ -> - Secret =:= hash(Password, HashType) - end - end, HashList). - -hash(undefined, HashType) -> - hash(<<>>, HashType); -hash(Password, HashType) -> - emqx_passwd:hash(HashType, Password). - hash(undefined, SaltBin, HashType) -> hash(<<>>, SaltBin, HashType); hash(Password, SaltBin, HashType) -> emqx_passwd:hash(HashType, <>). - -is_salt_hash(_, plain) -> - true; -is_salt_hash(Secret, HashType) -> - not (byte_size(Secret) == len(HashType)). - -len(md5) -> 32; -len(sha) -> 40; -len(sha256) -> 64; -len(sha512) -> 128. diff --git a/apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf b/apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf index bf3d290a0..2c8454358 100644 --- a/apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf +++ b/apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf @@ -47,6 +47,14 @@ auth.pgsql.ssl = off ## ## auth.pgsql.ssl_opts.tls_versions = tlsv1.2 +## TLS version +## You can configure multi-version use "," split, +## default value is :tlsv1.2 +## Example: +## tlsv1.1,tlsv1.2,tlsv1.3 +## +## auth.pgsql.ssl.tls_versions = tlsv1.2 + ## SSL keyfile. ## ## Value: File diff --git a/apps/emqx_auth_pgsql/test/.placeholder b/apps/emqx_auth_pgsql/test/.placeholder deleted file mode 100644 index e69de29bb..000000000 diff --git a/apps/emqx_lwm2m/README.md b/apps/emqx_lwm2m/README.md index fdfc30bce..f97feb12c 100644 --- a/apps/emqx_lwm2m/README.md +++ b/apps/emqx_lwm2m/README.md @@ -83,6 +83,7 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the - "register": LwM2M Register - "update": LwM2M Update - "data" contains the query options and the object-list of the register message + - The *update* message is only published if the object-list changed. ### Downlink Command and Uplink Response (LwM2M Device Management & Service Enablement Interface) @@ -113,6 +114,7 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the "path": {?ResourcePath} } ``` + - {?ResourcePath}: String, LwM2M full resource path. e.g. "3/0", "/3/0/0", "/3/0/6/0" - **If {?MsgType} = "write" (single write)**: ```json { @@ -121,6 +123,8 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the "value": {?Value} } ``` + - {?ValueType}: String, can be: "Time", "String", "Integer", "Float", "Boolean", "Opaque", "Objlnk" + - {?Value}: Value of the resource, depends on "type". - **If {?MsgType} = "write" (batch write)**: ```json { @@ -183,21 +187,6 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the } ``` - {?ObjectInstanceID}: Integer, LwM2M Object Instance ID - - {?ResourcePath}: String, LwM2M full resource path. e.g. "3/0", "/3/0/0", "/3/0/6/0" - - {?Content}: - ```json - [ - { - "name": {?ResourceName}, - "path": {?ResourcePath}, - "type": {?ValueType}, - "value": {?Value} - } - ] - ``` - - {?ResourceName}: String, LwM2M resource description, e.g. "Available Power Sources" - - {?ValueType}: String, can be: "Time", "String", "Integer", "Float", "Boolean", "Opaque", "Objlnk" - - {?Value}: Value of resource, depends on the {?ValueType}. - **The response of LwM2M will be converted to following MQTT message:** - **Method:** PUBLISH @@ -262,17 +251,11 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the ```json [ { - "name": {?ResourceName}, "path": {?ResourcePath}, - "type": {?ValueType}, "value": {?Value} } ] ``` - - {?ResourceName}: String, LwM2M resource description, e.g. "Available Power Sources" - - {?ResourcePath}: String, LwM2M resource full path. e.g. "3/0", "/3/0/0", "/3/0/6/0" - - {?ValueType}: String, can be: "Time", "String", "Integer", "Float", "Boolean", "Opaque", "Objlnk" - - {?Value}: Value of the resource, depends on "type". - **If {?MsgType} = "ack", "data" does not exists** @@ -308,11 +291,10 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the "data": { "code": {?StatusCode}, "codeMsg": {?CodeMsg}, + "reqPath": {?RequestPath}, "content": [ { - "name": {?ResourceName}, "path": {?ResourcePath}, - "type": {?ValueType}, "value": {?Value} } ] @@ -338,11 +320,12 @@ The MQTT message will be translated to an LwM2M DISCOVER command and sent to the "data": { "code": {?StatusCode}, "codeMsg": {?CodeMsg}, + "reqPath": {?RequestPath}, "content": [ - "name": {?ResourceName}, - "path": {?ResourcePath}, - "type": {?ValueType}, - "value": {?Value} + { + "path": {?ResourcePath}, + "value": {?Value} + } ] } } diff --git a/apps/emqx_prometheus/README.md b/apps/emqx_prometheus/README.md index 8d812fc34..04bf32cbd 100644 --- a/apps/emqx_prometheus/README.md +++ b/apps/emqx_prometheus/README.md @@ -48,6 +48,229 @@ json data ``` +## Before EMQ X v4.0.0 +The prometheus data simple is: + + +```bash +# TYPE erlang_vm_ets_limit gauge +erlang_vm_ets_limit 2097152 +# TYPE erlang_vm_logical_processors gauge +erlang_vm_logical_processors 2 +# TYPE erlang_vm_logical_processors_available gauge +erlang_vm_logical_processors_available 2 +# TYPE erlang_vm_logical_processors_online gauge +erlang_vm_logical_processors_online 2 +# TYPE erlang_vm_port_count gauge +erlang_vm_port_count 19 +# TYPE erlang_vm_port_limit gauge +erlang_vm_port_limit 1048576 +# TYPE erlang_vm_process_count gauge +erlang_vm_process_count 460 +# TYPE erlang_vm_process_limit gauge +erlang_vm_process_limit 2097152 +# TYPE erlang_vm_schedulers gauge +erlang_vm_schedulers 2 +# TYPE erlang_vm_schedulers_online gauge +erlang_vm_schedulers_online 2 +# TYPE erlang_vm_smp_support untyped +erlang_vm_smp_support 1 +# TYPE erlang_vm_threads untyped +erlang_vm_threads 1 +# TYPE erlang_vm_thread_pool_size gauge +erlang_vm_thread_pool_size 32 +# TYPE erlang_vm_time_correction untyped +erlang_vm_time_correction 1 +# TYPE erlang_vm_statistics_context_switches counter +erlang_vm_statistics_context_switches 39850 +# TYPE erlang_vm_statistics_garbage_collection_number_of_gcs counter +erlang_vm_statistics_garbage_collection_number_of_gcs 17116 +# TYPE erlang_vm_statistics_garbage_collection_words_reclaimed counter +erlang_vm_statistics_garbage_collection_words_reclaimed 55711819 +# TYPE erlang_vm_statistics_garbage_collection_bytes_reclaimed counter +erlang_vm_statistics_garbage_collection_bytes_reclaimed 445694552 +# TYPE erlang_vm_statistics_bytes_received_total counter +erlang_vm_statistics_bytes_received_total 400746 +# TYPE erlang_vm_statistics_bytes_output_total counter +erlang_vm_statistics_bytes_output_total 337197 +# TYPE erlang_vm_statistics_reductions_total counter +erlang_vm_statistics_reductions_total 21157980 +# TYPE erlang_vm_statistics_run_queues_length_total gauge +erlang_vm_statistics_run_queues_length_total 0 +# TYPE erlang_vm_statistics_runtime_milliseconds counter +erlang_vm_statistics_runtime_milliseconds 6559 +# TYPE erlang_vm_statistics_wallclock_time_milliseconds counter +erlang_vm_statistics_wallclock_time_milliseconds 261243 +# TYPE erlang_vm_memory_atom_bytes_total gauge +erlang_vm_memory_atom_bytes_total{usage="used"} 1814822 +erlang_vm_memory_atom_bytes_total{usage="free"} 22459 +# TYPE erlang_vm_memory_bytes_total gauge +erlang_vm_memory_bytes_total{kind="system"} 109820104 +erlang_vm_memory_bytes_total{kind="processes"} 44983656 +# TYPE erlang_vm_dets_tables gauge +erlang_vm_dets_tables 1 +# TYPE erlang_vm_ets_tables gauge +erlang_vm_ets_tables 139 +# TYPE erlang_vm_memory_processes_bytes_total gauge +erlang_vm_memory_processes_bytes_total{usage="used"} 44983656 +erlang_vm_memory_processes_bytes_total{usage="free"} 0 +# TYPE erlang_vm_memory_system_bytes_total gauge +erlang_vm_memory_system_bytes_total{usage="atom"} 1837281 +erlang_vm_memory_system_bytes_total{usage="binary"} 595872 +erlang_vm_memory_system_bytes_total{usage="code"} 40790577 +erlang_vm_memory_system_bytes_total{usage="ets"} 37426896 +erlang_vm_memory_system_bytes_total{usage="other"} 29169478 +# TYPE erlang_mnesia_held_locks gauge +erlang_mnesia_held_locks 0 +# TYPE erlang_mnesia_lock_queue gauge +erlang_mnesia_lock_queue 0 +# TYPE erlang_mnesia_transaction_participants gauge +erlang_mnesia_transaction_participants 0 +# TYPE erlang_mnesia_transaction_coordinators gauge +erlang_mnesia_transaction_coordinators 0 +# TYPE erlang_mnesia_failed_transactions counter +erlang_mnesia_failed_transactions 2 +# TYPE erlang_mnesia_committed_transactions counter +erlang_mnesia_committed_transactions 239 +# TYPE erlang_mnesia_logged_transactions counter +erlang_mnesia_logged_transactions 60 +# TYPE erlang_mnesia_restarted_transactions counter +erlang_mnesia_restarted_transactions 0 +# TYPE emqx_packets_auth_received counter +emqx_packets_auth_received 0 +# TYPE emqx_packets_auth_sent counter +emqx_packets_auth_sent 0 +# TYPE emqx_packets_received counter +emqx_packets_received 0 +# TYPE emqx_packets_sent counter +emqx_packets_sent 0 +# TYPE emqx_packets_connect counter +emqx_packets_connect 0 +# TYPE emqx_packets_connack_sent counter +emqx_packets_connack_sent 0 +# TYPE emqx_packets_connack_error counter +emqx_packets_connack_error 0 +# TYPE emqx_packets_connack_auth_error counter +emqx_packets_connack_auth_error 0 +# TYPE emqx_packets_disconnect_received counter +emqx_packets_disconnect_received 0 +# TYPE emqx_packets_disconnect_sent counter +emqx_packets_disconnect_sent 0 +# TYPE emqx_packets_subscribe counter +emqx_packets_subscribe 0 +# TYPE emqx_packets_subscribe_error counter +emqx_packets_subscribe_error 0 +# TYPE emqx_packets_subscribe_auth_error counter +emqx_packets_subscribe_auth_error 0 +# TYPE emqx_packets_suback counter +emqx_packets_suback 0 +# TYPE emqx_packets_unsubscribe counter +emqx_packets_unsubscribe 0 +# TYPE emqx_packets_unsubscribe_error counter +emqx_packets_unsubscribe_error 0 +# TYPE emqx_packets_unsuback counter +emqx_packets_unsuback 0 +# TYPE emqx_packets_publish_received counter +emqx_packets_publish_received 0 +# TYPE emqx_packets_publish_sent counter +emqx_packets_publish_sent 0 +# TYPE emqx_packets_publish_auth_error counter +emqx_packets_publish_auth_error 0 +# TYPE emqx_packets_publish_error counter +emqx_packets_publish_error 0 +# TYPE emqx_packets_puback_received counter +emqx_packets_puback_received 0 +# TYPE emqx_packets_puback_sent counter +emqx_packets_puback_sent 0 +# TYPE emqx_packets_puback_missed counter +emqx_packets_puback_missed 0 +# TYPE emqx_packets_pubrec_received counter +emqx_packets_pubrec_received 0 +# TYPE emqx_packets_pubrec_sent counter +emqx_packets_pubrec_sent 0 +# TYPE emqx_packets_pubrec_missed counter +emqx_packets_pubrec_missed 0 +# TYPE emqx_packets_pubrel_received counter +emqx_packets_pubrel_received 0 +# TYPE emqx_packets_pubrel_sent counter +emqx_packets_pubrel_sent 0 +# TYPE emqx_packets_pubrel_missed counter +emqx_packets_pubrel_missed 0 +# TYPE emqx_packets_pubcomp_received counter +emqx_packets_pubcomp_received 0 +# TYPE emqx_packets_pubcomp_sent counter +emqx_packets_pubcomp_sent 0 +# TYPE emqx_packets_pubcomp_missed counter +emqx_packets_pubcomp_missed 0 +# TYPE emqx_packets_pingreq counter +emqx_packets_pingreq 0 +# TYPE emqx_packets_pingresp counter +emqx_packets_pingresp 0 +# TYPE emqx_bytes_received counter +emqx_bytes_received 0 +# TYPE emqx_bytes_sent counter +emqx_bytes_sent 0 +# TYPE emqx_connections_count gauge +emqx_connections_count 0 +# TYPE emqx_connections_max gauge +emqx_connections_max 0 +# TYPE emqx_retained_count gauge +emqx_retained_count 3 +# TYPE emqx_retained_max gauge +emqx_retained_max 3 +# TYPE emqx_routes_count gauge +emqx_routes_count 0 +# TYPE emqx_routes_max gauge +emqx_routes_max 0 +# TYPE emqx_sessions_count gauge +emqx_sessions_count 0 +# TYPE emqx_sessions_max gauge +emqx_sessions_max 0 +# TYPE emqx_subscriptions_count gauge +emqx_subscriptions_count 0 +# TYPE emqx_subscriptions_max gauge +emqx_subscriptions_max 0 +# TYPE emqx_topics_count gauge +emqx_topics_count 0 +# TYPE emqx_topics_max gauge +emqx_topics_max 0 +# TYPE emqx_vm_cpu_use gauge +emqx_vm_cpu_use 100.0 +# TYPE emqx_vm_cpu_idle gauge +emqx_vm_cpu_idle 0.0 +# TYPE emqx_vm_run_queue gauge +emqx_vm_run_queue 1 +# TYPE emqx_vm_process_messages_in_queues gauge +emqx_vm_process_messages_in_queues 0 +# TYPE emqx_messages_received counter +emqx_messages_received 0 +# TYPE emqx_messages_sent counter +emqx_messages_sent 0 +# TYPE emqx_messages_dropped counter +emqx_messages_dropped 0 +# TYPE emqx_messages_retained counter +emqx_messages_retained 3 +# TYPE emqx_messages_qos0_received counter +emqx_messages_qos0_received 0 +# TYPE emqx_messages_qos0_sent counter +emqx_messages_qos0_sent 0 +# TYPE emqx_messages_qos1_received counter +emqx_messages_qos1_received 0 +# TYPE emqx_messages_qos1_sent counter +emqx_messages_qos1_sent 0 +# TYPE emqx_messages_qos2_received counter +emqx_messages_qos2_received 0 +# TYPE emqx_messages_qos2_expired counter +emqx_messages_qos2_expired 0 +# TYPE emqx_messages_qos2_sent counter +emqx_messages_qos2_sent 0 +# TYPE emqx_messages_qos2_dropped counter +emqx_messages_qos2_dropped 0 +# TYPE emqx_messages_forward counter +emqx_messages_forward 0 +``` + + License ------- diff --git a/sync-apps.sh b/sync-apps.sh new file mode 100755 index 000000000..85cca416d --- /dev/null +++ b/sync-apps.sh @@ -0,0 +1,100 @@ +#!/bin/bash + +set -euo pipefail + +force="${1:-no}" + +apps=( +# "emqx_auth_http" # permanently diverged +# "emqx_web_hook" # permanently diverged +"emqx_auth_jwt" +"emqx_auth_ldap" +"emqx_auth_mongo" +"emqx_auth_mysql" +"emqx_auth_pgsql" +"emqx_auth_redis" +"emqx_bridge_mqtt" +"emqx_coap" +"emqx_dashboard" +"emqx_exhook" +"emqx_exproto" +"emqx_lua_hook" +"emqx_lwm2m" +"emqx_management" +"emqx_plugin_template" +"emqx_prometheus" +"emqx_psk_file" +"emqx_recon" +"emqx_retainer" +"emqx_rule_engine" +"emqx_sasl" +"emqx_sn" +"emqx_stomp" +"emqx_telemetry" +) + +if git status --porcelain | grep -qE 'apps/'; then + echo 'apps dir is not git-clear, refuse to sync' +# exit 1 +fi + +mkdir -p tmp/ + +download_zip() { + local app="$1" + local ref="$2" + local vsn="$(echo "$ref" | tr '/' '-')" + local file="tmp/${app}-${vsn}.zip" + if [ -f "$file" ] && [ "$force" != "force" ]; then + return 0 + fi + local repo="$(echo "$app" | sed 's#_#-#g')" + local url="https://github.com/emqx/$repo/archive/$ref.zip" + echo "downloading ${url}" + curl -fLsS -o "$file" "$url" +} + +default_vsn="dev/v4.3.0" +download_zip "emqx_auth_mnesia" "e4.2.3" +for app in ${apps[@]}; do + download_zip "$app" "$default_vsn" +done + +extract_zip(){ + local app="$1" + local ref="$2" + local vsn_arg="${3:-}" + local vsn_dft="$(echo "$ref" | tr '/' '-')" + local vsn + if [ -n "$vsn_arg" ]; then + vsn="$vsn_arg" + else + vsn="$vsn_dft" + fi + local file="tmp/${app}-${vsn_dft}.zip" + local repo="$(echo "$app" | sed 's#_#-#g')" + rm -rf "apps/${app}/" + unzip "$file" -d apps/ + mv "apps/${repo}-${vsn}/" "apps/$app/" +} + +extract_zip "emqx_auth_mnesia" "e4.2.2" "e4.2.2" +for app in ${apps[@]}; do + extract_zip "$app" "$default_vsn" +done + +cleanup_app(){ + local app="$1" + pushd "apps/$app" + rm -f Makefile rebar.config.script LICENSE src/*.app.src.script src/*.appup.src + rm -rf ".github" ".ci" + # restore rebar.config and app.src + git checkout rebar.config + git checkout src/*.app.src + popd +} + +apps+=( "emqx_auth_mnesia" ) +for app in ${apps[@]}; do + cleanup_app $app +done