From 3db876781b6313263028d50e3191e1a4e795e74c Mon Sep 17 00:00:00 2001 From: turtled Date: Thu, 3 Nov 2016 11:04:57 +0800 Subject: [PATCH] handshake_timeout change --- etc/emq.conf | 4 ++-- priv/emq.schema | 2 +- src/emqttd_http.erl | 2 ++ test/emqttd_SUITE_data/emqttd.conf | 4 ++-- test/emqttd_SUITE_data/emqttd.schema | 2 +- 5 files changed, 8 insertions(+), 6 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 694f0fc1e..0bf53ebe7 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -206,7 +206,7 @@ mqtt.listener.ssl.max_clients = 512 ## Configuring SSL Options ## See http://erlang.org/doc/man/ssl.html -mqtt.listener.ssl.handshake_timeout = 2000 +mqtt.listener.ssl.handshake_timeout = 15 mqtt.listener.ssl.keyfile = etc/certs/key.pem mqtt.listener.ssl.certfile = etc/certs/cert.pem ## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem @@ -222,7 +222,7 @@ mqtt.listener.http.max_clients = 64 ## mqtt.listener.https = 8084 ## mqtt.listener.https.acceptors = 4 ## mqtt.listener.https.max_clients = 64 -## mqtt.listener.https.handshake_timeout = 10 +## mqtt.listener.https.handshake_timeout = 15 ## mqtt.listener.https.certfile = etc/certs/cert.pem ## mqtt.listener.https.keyfile = etc/certs/key.pem ## mqtt.listener.https.cacertfile = etc/certs/cacert.pem diff --git a/priv/emq.schema b/priv/emq.schema index a9d04575c..05a7209e5 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -611,7 +611,7 @@ end}. {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}]) end, SslOpts = fun(Prefix) -> - Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)}, + Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000}, {keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)}, {certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)}, {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)}, diff --git a/src/emqttd_http.erl b/src/emqttd_http.erl index 6b1c7dc93..2f1d32a44 100644 --- a/src/emqttd_http.erl +++ b/src/emqttd_http.erl @@ -137,6 +137,8 @@ authorized(Req) -> case emqttd_access_control:auth(#mqtt_client{username = Username, peername = Peer}, Password) of ok -> true; + {ok, _IsSuper} -> + true; {error, Reason} -> lager:error("HTTP Auth failure: username=~s, reason=~p", [Username, Reason]), false diff --git a/test/emqttd_SUITE_data/emqttd.conf b/test/emqttd_SUITE_data/emqttd.conf index 694f0fc1e..0bf53ebe7 100644 --- a/test/emqttd_SUITE_data/emqttd.conf +++ b/test/emqttd_SUITE_data/emqttd.conf @@ -206,7 +206,7 @@ mqtt.listener.ssl.max_clients = 512 ## Configuring SSL Options ## See http://erlang.org/doc/man/ssl.html -mqtt.listener.ssl.handshake_timeout = 2000 +mqtt.listener.ssl.handshake_timeout = 15 mqtt.listener.ssl.keyfile = etc/certs/key.pem mqtt.listener.ssl.certfile = etc/certs/cert.pem ## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem @@ -222,7 +222,7 @@ mqtt.listener.http.max_clients = 64 ## mqtt.listener.https = 8084 ## mqtt.listener.https.acceptors = 4 ## mqtt.listener.https.max_clients = 64 -## mqtt.listener.https.handshake_timeout = 10 +## mqtt.listener.https.handshake_timeout = 15 ## mqtt.listener.https.certfile = etc/certs/cert.pem ## mqtt.listener.https.keyfile = etc/certs/key.pem ## mqtt.listener.https.cacertfile = etc/certs/cacert.pem diff --git a/test/emqttd_SUITE_data/emqttd.schema b/test/emqttd_SUITE_data/emqttd.schema index a9d04575c..05a7209e5 100644 --- a/test/emqttd_SUITE_data/emqttd.schema +++ b/test/emqttd_SUITE_data/emqttd.schema @@ -611,7 +611,7 @@ end}. {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}]) end, SslOpts = fun(Prefix) -> - Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)}, + Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000}, {keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)}, {certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)}, {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},