yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #9362 from thalesmg/flatten-crl-cache-ns-rv44 

refactor: flatten crl_cache config namespace into root
This commit is contained in:
Thales Macedo Garitezi 2022-11-14 10:44:51 -03:00 committed by GitHub
parent 5c169d2060 5df513f277
commit 2952d01a53
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/emqx.conf
View File

@ -1566,14 +1566,14 @@ listener.ssl.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem
## ##
## Value: Duration ## Value: Duration
## Default: 15 s ## Default: 15 s
## crl_cache.http_timeout = 15s ## crl_cache_http_timeout = 15s
## The period to refresh the CRLs from the servers. This is global ## The period to refresh the CRLs from the servers. This is global
## for all URLs and listeners. ## for all URLs and listeners.
## ##
## Value: Duration ## Value: Duration
## Default: 15 m ## Default: 15 m
## crl_cache.refresh_interval = 15m ## crl_cache_refresh_interval = 15m
## The Ephemeral Diffie-Helman key exchange is a very effective way of ## The Ephemeral Diffie-Helman key exchange is a very effective way of
## ensuring Forward Secrecy by exchanging a set of keys that never hit ## ensuring Forward Secrecy by exchanging a set of keys that never hit

6
priv/emqx.schema
View File

@ -1712,12 +1712,12 @@ end}.
{datatype, string} {datatype, string}
]}. ]}.
{mapping, "crl_cache.http_timeout", "emqx.crl_cache_http_timeout", [ {mapping, "crl_cache_http_timeout", "emqx.crl_cache_http_timeout", [
{default, "15s"}, {default, "15s"},
{datatype, {duration, ms}} {datatype, {duration, ms}}
]}. ]}.
{mapping, "crl_cache.refresh_interval", "emqx.crl_cache_refresh_interval", [ {mapping, "crl_cache_refresh_interval", "emqx.crl_cache_refresh_interval", [
{default, "15m"}, {default, "15m"},
{datatype, {duration, ms}} {datatype, {duration, ms}}
]}. ]}.
@ -2339,7 +2339,7 @@ end}.
end, end,
CRLCheck = case cuttlefish:conf_get(Prefix ++ ".enable_crl_check", Conf, false) of CRLCheck = case cuttlefish:conf_get(Prefix ++ ".enable_crl_check", Conf, false) of
true -> true ->
HTTPTimeout = cuttlefish:conf_get("crl_cache.http_timeout", Conf, timer:seconds(15)), HTTPTimeout = cuttlefish:conf_get("crl_cache_http_timeout", Conf, timer:seconds(15)),
%% {crl_check, true} doesn't work %% {crl_check, true} doesn't work
[ {crl_check, peer} [ {crl_check, peer}
, {crl_cache, {ssl_crl_cache, {internal, [{http, HTTPTimeout}]}}} , {crl_cache, {ssl_crl_cache, {internal, [{http, HTTPTimeout}]}}}

2
test/emqx_crl_cache_SUITE.erl
View File

@ -124,6 +124,7 @@ end_per_testcase(t_not_cached_and_unreachable, _Config) ->
end_per_testcase(t_refresh_config, Config) -> end_per_testcase(t_refresh_config, Config) ->
OldConfigs = ?config(old_configs, Config), OldConfigs = ?config(old_configs, Config),
meck:unload([emqx_crl_cache]), meck:unload([emqx_crl_cache]),
clear_crl_cache(),
emqx_ct_helpers:stop_apps([]), emqx_ct_helpers:stop_apps([]),
emqx_ct_helpers:change_emqx_opts( emqx_ct_helpers:change_emqx_opts(
ssl_twoway, [ {crl_options, [ {crl_check_enabled, false} ssl_twoway, [ {crl_options, [ {crl_check_enabled, false}
@ -140,7 +141,6 @@ end_per_testcase(t_refresh_config, Config) ->
end, end,
OldConfigs), OldConfigs),
application:stop(cowboy), application:stop(cowboy),
clear_crl_cache(),
ok = snabbkaffe:stop(), ok = snabbkaffe:stop(),
ok; ok;
end_per_testcase(_TestCase, _Config) -> end_per_testcase(_TestCase, _Config) ->