feat: validate tls_versions value

This commit is contained in:
zhongwencool 2022-11-11 18:05:31 +08:00
parent 9b01c7f4a9
commit 2b6be02485
3 changed files with 14 additions and 1 deletions

View File

@ -3,6 +3,8 @@
## Enhancements
- Make sure listener's tls_versions is `[tlsv1,tlsv1.1,tlsv1.2,tlsv1.3]` [#9260](https://github.com/emqx/emqx/pull/9260).
- Remove useless information from the dashboard listener failure log [#9260](https://github.com/emqx/emqx/pull/9260).
- We now trigger the `'message.acked'` hook after the CoAP gateway sends a message to the device and receives the ACK from the device [#9264](https://github.com/emqx/emqx/pull/9264).

View File

@ -2,6 +2,8 @@
## 增强
- 确证监听器的 tls_versions 为 `[tlsv1,tlsv1.1,tlsv1.2,tlsv1.3]` [#9260](https://github.com/emqx/emqx/pull/9260).
- 删除 Dashboard 监听器失败时日志中的无用信息 [#9260](https://github.com/emqx/emqx/pull/9260).
- 当 CoAP 网关给设备投递消息并收到设备发来的确认之后,回调 `'message.acked'` 钩子 [#9264](https://github.com/emqx/emqx/pull/9264)。

View File

@ -2203,7 +2203,16 @@ end}.
SslOpts = fun(Prefix) ->
Versions = case SplitFun(cuttlefish:conf_get(Prefix ++ ".tls_versions", Conf, undefined)) of
undefined -> undefined;
L -> [list_to_atom(V) || V <- L]
L ->
Versions0 = [list_to_atom(V) || V <- L],
SupportVersions = ['tlsv1', 'tlsv1.1', 'tlsv1.2', 'tlsv1.3'],
case lists:all(fun(V) -> lists:member(V, SupportVersions) end, Versions0) of
false ->
cuttlefish:invalid(
lists:flatten(io_lib:format("tls_versions: only support ~p", [SupportVersions])));
true ->
Versions0
end
end,
TLSCiphers = cuttlefish:conf_get(Prefix++".ciphers", Conf, undefined),
PSKCiphers = cuttlefish:conf_get(Prefix++".psk_ciphers", Conf, undefined),