fix: config schema sni disable
This commit is contained in:
DDDHuang
parent
af4250dcf4
commit
4a692f0c2e
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_auth_http,
|
{application, emqx_auth_http,
|
||||||
[{description, "EMQ X Authentication/ACL with HTTP API"},
|
[{description, "EMQ X Authentication/ACL with HTTP API"},
|
||||||
{vsn, "4.3.4"}, % strict semver, bump manually!
|
{vsn, "4.3.5"}, % strict semver, bump manually!
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{registered, [emqx_auth_http_sup]},
|
{registered, [emqx_auth_http_sup]},
|
||||||
{applications, [kernel,stdlib,ehttpc]},
|
{applications, [kernel,stdlib,ehttpc]},
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,9 @@
|
||||||
%% -*- mode: erlang -*-
|
%% -*- mode: erlang -*-
|
||||||
{VSN,
|
{VSN,
|
||||||
[{"4.3.3",
|
[{"4.3.4",
|
||||||
|
[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}
|
||||||
|
]},
|
||||||
|
{"4.3.3",
|
||||||
[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_http,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_http,brutal_purge,soft_purge,[]}]},
|
||||||
{"4.3.2",
|
{"4.3.2",
|
||||||
|
|
@ -11,7 +14,9 @@
|
||||||
{<<"4.3.[0-1]">>,
|
{<<"4.3.[0-1]">>,
|
||||||
[{restart_application,emqx_auth_http}]},
|
[{restart_application,emqx_auth_http}]},
|
||||||
{<<".*">>,[]}],
|
{<<".*">>,[]}],
|
||||||
[{"4.3.3",
|
[{"4.3.4",
|
||||||
|
[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}]},
|
||||||
|
{"4.3.3",
|
||||||
[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_http,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_http,brutal_purge,soft_purge,[]}]},
|
||||||
{"4.3.2",
|
{"4.3.2",
|
||||||
|
|
|
||||||
|
|
@ -71,6 +71,7 @@ translate_env(EnvName) ->
|
||||||
end,
|
end,
|
||||||
SNI = case application:get_env(?APP, server_name_indication, undefined) of
|
SNI = case application:get_env(?APP, server_name_indication, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI0 -> SNI0
|
SNI0 -> SNI0
|
||||||
end,
|
end,
|
||||||
TLSOpts = lists:filter(
|
TLSOpts = lists:filter(
|
||||||
|
|
|
||||||
|
|
@ -73,6 +73,7 @@
|
||||||
{verify, cuttlefish:conf_get("auth.ldap.ssl.verify", Conf, undefined)},
|
{verify, cuttlefish:conf_get("auth.ldap.ssl.verify", Conf, undefined)},
|
||||||
{server_name_indication, case cuttlefish:conf_get("auth.ldap.ssl.server_name_indication", Conf, undefined) of
|
{server_name_indication, case cuttlefish:conf_get("auth.ldap.ssl.server_name_indication", Conf, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI -> SNI
|
SNI -> SNI
|
||||||
end}]
|
end}]
|
||||||
end,
|
end,
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_auth_ldap,
|
{application, emqx_auth_ldap,
|
||||||
[{description, "EMQ X Authentication/ACL with LDAP"},
|
[{description, "EMQ X Authentication/ACL with LDAP"},
|
||||||
{vsn, "4.3.3"}, % strict semver, bump manually!
|
{vsn, "4.3.4"}, % strict semver, bump manually!
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{registered, [emqx_auth_ldap_sup]},
|
{registered, [emqx_auth_ldap_sup]},
|
||||||
{applications, [kernel,stdlib,eldap2,ecpool]},
|
{applications, [kernel,stdlib,eldap2,ecpool]},
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,10 @@
|
||||||
%% -*-: erlang -*-
|
%% -*-: erlang -*-
|
||||||
{VSN,
|
{VSN,
|
||||||
[ {"4.3.0",
|
[ {"4.3.3", [
|
||||||
|
%% There are only changes to the schema file, so we don't need
|
||||||
|
%% any commands here.
|
||||||
|
]},
|
||||||
|
{"4.3.0",
|
||||||
[ {load_module, emqx_acl_ldap, brutal_purge, soft_purge, []}
|
[ {load_module, emqx_acl_ldap, brutal_purge, soft_purge, []}
|
||||||
, {load_module, emqx_auth_ldap_cli, brutal_purge, soft_purge, []}
|
, {load_module, emqx_auth_ldap_cli, brutal_purge, soft_purge, []}
|
||||||
, {load_module, emqx_auth_ldap_app, brutal_purge, soft_purge, []}
|
, {load_module, emqx_auth_ldap_app, brutal_purge, soft_purge, []}
|
||||||
|
|
@ -16,7 +20,7 @@
|
||||||
]},
|
]},
|
||||||
{<<".*">>, []}
|
{<<".*">>, []}
|
||||||
],
|
],
|
||||||
[
|
[ {"4.3.3", []},
|
||||||
{"4.3.0",
|
{"4.3.0",
|
||||||
[ {load_module, emqx_acl_ldap, brutal_purge, soft_purge, []}
|
[ {load_module, emqx_acl_ldap, brutal_purge, soft_purge, []}
|
||||||
, {load_module, emqx_auth_ldap_cli, brutal_purge, soft_purge, []}
|
, {load_module, emqx_auth_ldap_cli, brutal_purge, soft_purge, []}
|
||||||
|
|
|
||||||
|
|
@ -141,6 +141,7 @@
|
||||||
Filter([{verify, Verify},
|
Filter([{verify, Verify},
|
||||||
{server_name_indication, case cuttlefish:conf_get(Prefix ++ ".server_name_indication", Conf, undefined) of
|
{server_name_indication, case cuttlefish:conf_get(Prefix ++ ".server_name_indication", Conf, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI -> SNI
|
SNI -> SNI
|
||||||
end},
|
end},
|
||||||
{keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
|
{keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
|
||||||
|
|
|
||||||
|
|
@ -109,6 +109,7 @@
|
||||||
end,
|
end,
|
||||||
SNI = case cuttlefish:conf_get("auth.mysql.ssl.server_name_indication", Conf, undefined) of
|
SNI = case cuttlefish:conf_get("auth.mysql.ssl.server_name_indication", Conf, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI0 -> SNI0
|
SNI0 -> SNI0
|
||||||
end,
|
end,
|
||||||
Options ++ [{ssl, Filter([{server_name_indication, SNI},
|
Options ++ [{ssl, Filter([{server_name_indication, SNI},
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_auth_mysql,
|
{application, emqx_auth_mysql,
|
||||||
[{description, "EMQ X Authentication/ACL with MySQL"},
|
[{description, "EMQ X Authentication/ACL with MySQL"},
|
||||||
{vsn, "4.3.1"}, % strict semver, bump manually!
|
{vsn, "4.3.2"}, % strict semver, bump manually!
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{registered, [emqx_auth_mysql_sup]},
|
{registered, [emqx_auth_mysql_sup]},
|
||||||
{applications, [kernel,stdlib,mysql,ecpool]},
|
{applications, [kernel,stdlib,mysql,ecpool]},
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,15 @@
|
||||||
%% -*- mode: erlang -*-
|
%% -*- mode: erlang -*-
|
||||||
{VSN,
|
{VSN,
|
||||||
[{"4.3.0",
|
[{"4.3.1", [
|
||||||
|
%% There are only changes to the schema file, so we don't need
|
||||||
|
%% any commands here.
|
||||||
|
]},
|
||||||
|
{"4.3.0",
|
||||||
[{load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}],
|
{<<".*">>,[]}],
|
||||||
[{"4.3.0",
|
[{"4.3.1", []},
|
||||||
|
{"4.3.0",
|
||||||
[{load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}]
|
{<<".*">>,[]}]
|
||||||
|
|
|
||||||
|
|
@ -109,6 +109,7 @@
|
||||||
{verify, Verify},
|
{verify, Verify},
|
||||||
{server_name_indication, case cuttlefish:conf_get(Prefix ++ ".server_name_indication", Conf, undefined) of
|
{server_name_indication, case cuttlefish:conf_get(Prefix ++ ".server_name_indication", Conf, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI -> SNI
|
SNI -> SNI
|
||||||
end},
|
end},
|
||||||
{versions, [list_to_existing_atom(Value)
|
{versions, [list_to_existing_atom(Value)
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_auth_pgsql,
|
{application, emqx_auth_pgsql,
|
||||||
[{description, "EMQ X Authentication/ACL with PostgreSQL"},
|
[{description, "EMQ X Authentication/ACL with PostgreSQL"},
|
||||||
{vsn, "4.3.1"}, % strict semver, bump manually!
|
{vsn, "4.3.2"}, % strict semver, bump manually!
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{registered, [emqx_auth_pgsql_sup]},
|
{registered, [emqx_auth_pgsql_sup]},
|
||||||
{applications, [kernel,stdlib,epgsql,ecpool]},
|
{applications, [kernel,stdlib,epgsql,ecpool]},
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,15 @@
|
||||||
%% -*- mode: erlang -*-
|
%% -*- mode: erlang -*-
|
||||||
{VSN,
|
{VSN,
|
||||||
[{"4.3.0",
|
[{"4.3.1", [
|
||||||
|
%% There are only changes to the schema file, so we don't need
|
||||||
|
%% any commands here.
|
||||||
|
]},
|
||||||
|
{"4.3.0",
|
||||||
[{load_module,emqx_auth_pgsql_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_pgsql_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}],
|
{<<".*">>,[]}],
|
||||||
[{"4.3.0",
|
[{"4.3.1", []},
|
||||||
|
{"4.3.0",
|
||||||
[{load_module,emqx_auth_pgsql_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_pgsql_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}]
|
{<<".*">>,[]}]
|
||||||
|
|
|
||||||
|
|
@ -98,6 +98,7 @@
|
||||||
end,
|
end,
|
||||||
SNI = case cuttlefish:conf_get("auth.redis.ssl.server_name_indication", Conf, undefined) of
|
SNI = case cuttlefish:conf_get("auth.redis.ssl.server_name_indication", Conf, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI0 -> SNI0
|
SNI0 -> SNI0
|
||||||
end,
|
end,
|
||||||
[{options, [{ssl_options,
|
[{options, [{ssl_options,
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_auth_redis,
|
{application, emqx_auth_redis,
|
||||||
[{description, "EMQ X Authentication/ACL with Redis"},
|
[{description, "EMQ X Authentication/ACL with Redis"},
|
||||||
{vsn, "4.3.1"}, % strict semver, bump manually!
|
{vsn, "4.3.2"}, % strict semver, bump manually!
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{registered, [emqx_auth_redis_sup]},
|
{registered, [emqx_auth_redis_sup]},
|
||||||
{applications, [kernel,stdlib,eredis,eredis_cluster,ecpool]},
|
{applications, [kernel,stdlib,eredis,eredis_cluster,ecpool]},
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,15 @@
|
||||||
%% -*- mode: erlang -*-
|
%% -*- mode: erlang -*-
|
||||||
{VSN,
|
{VSN,
|
||||||
[{"4.3.0",
|
[{"4.3.1", [
|
||||||
|
%% There are only changes to the schema file, so we don't need
|
||||||
|
%% any commands here.
|
||||||
|
]},
|
||||||
|
{"4.3.0",
|
||||||
[{load_module,emqx_auth_redis_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_redis_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}],
|
{<<".*">>,[]}],
|
||||||
[{"4.3.0",
|
[{"4.3.1", []},
|
||||||
|
{"4.3.0",
|
||||||
[{load_module,emqx_auth_redis_app,brutal_purge,soft_purge,[]},
|
[{load_module,emqx_auth_redis_app,brutal_purge,soft_purge,[]},
|
||||||
{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]},
|
{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}]
|
{<<".*">>,[]}]
|
||||||
|
|
|
||||||
|
|
@ -2,8 +2,7 @@
|
||||||
{VSN,
|
{VSN,
|
||||||
[
|
[
|
||||||
{"4.3.4", [
|
{"4.3.4", [
|
||||||
%% There are only changes to the schema file, so we don't need
|
{load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []}
|
||||||
%% any commands here.
|
|
||||||
]},
|
]},
|
||||||
{"4.3.3", [
|
{"4.3.3", [
|
||||||
{load_module, emqx_bridge_mqtt, brutal_purge, soft_purge, []}
|
{load_module, emqx_bridge_mqtt, brutal_purge, soft_purge, []}
|
||||||
|
|
@ -21,6 +20,7 @@
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
{"4.3.4", [
|
{"4.3.4", [
|
||||||
|
{load_module, emqx_bridge_mqtt_actions, brutal_purge, soft_purge, []}
|
||||||
]},
|
]},
|
||||||
{"4.3.3", [
|
{"4.3.3", [
|
||||||
{load_module, emqx_bridge_mqtt, brutal_purge, soft_purge, []}
|
{load_module, emqx_bridge_mqtt, brutal_purge, soft_purge, []}
|
||||||
|
|
|
||||||
|
|
@ -240,6 +240,23 @@
|
||||||
zh => <<"SSL 加密算法"/utf8>>},
|
zh => <<"SSL 加密算法"/utf8>>},
|
||||||
description => #{en => <<"SSL Ciphers">>,
|
description => #{en => <<"SSL Ciphers">>,
|
||||||
zh => <<"SSL 加密算法"/utf8>>}
|
zh => <<"SSL 加密算法"/utf8>>}
|
||||||
|
},
|
||||||
|
verify => #{
|
||||||
|
order => 19,
|
||||||
|
type => boolean,
|
||||||
|
default => false,
|
||||||
|
title => #{en => <<"Verify Server Certfile">>,
|
||||||
|
zh => <<"校验服务器证书"/utf8>>},
|
||||||
|
description => #{en => <<"Whether to verify the server certificate. By default, the client will not verify the server's certificate. If verification is required, please set it to true.">>,
|
||||||
|
zh => <<"是否校验服务器证书。 默认客户端不会去校验服务器的证书,如果需要校验,请设置成true。"/utf8>>}
|
||||||
|
},
|
||||||
|
server_name_indication => #{
|
||||||
|
order => 20,
|
||||||
|
type => string,
|
||||||
|
title => #{en => <<"Server Name Indication">>,
|
||||||
|
zh => <<"服务器名称指示"/utf8>>},
|
||||||
|
description => #{en => <<"Specify the hostname used for peer certificate verification, or set to disable to turn off this verification.">>,
|
||||||
|
zh => <<"指定用于对端证书验证时使用的主机名,或者设置为 disable 以关闭此项验证。"/utf8>>}
|
||||||
}
|
}
|
||||||
}).
|
}).
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_plugin_libs,
|
{application, emqx_plugin_libs,
|
||||||
[{description, "EMQ X Plugin utility libs"},
|
[{description, "EMQ X Plugin utility libs"},
|
||||||
{vsn, "4.3.3"},
|
{vsn, "4.3.2"},
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{applications, [kernel,stdlib]},
|
{applications, [kernel,stdlib]},
|
||||||
{env, []}
|
{env, []}
|
||||||
|
|
|
||||||
|
|
@ -2,13 +2,13 @@
|
||||||
|
|
||||||
{VSN,
|
{VSN,
|
||||||
[
|
[
|
||||||
{<<"4\\.3\\.[0-2]">>, [
|
{<<"4\\.3\\.[0-1]">>, [
|
||||||
{load_module, emqx_plugin_libs_ssl, brutal_purge, soft_purge, []}
|
{load_module, emqx_plugin_libs_ssl, brutal_purge, soft_purge, []}
|
||||||
]},
|
]},
|
||||||
{<<".*">>, []}
|
{<<".*">>, []}
|
||||||
],
|
],
|
||||||
[
|
[
|
||||||
{<<"4\\.3\\.[0-2]">>, [
|
{<<"4\\.3\\.[0-1]">>, [
|
||||||
{load_module, emqx_plugin_libs_ssl, brutal_purge, soft_purge, []}
|
{load_module, emqx_plugin_libs_ssl, brutal_purge, soft_purge, []}
|
||||||
]},
|
]},
|
||||||
{<<".*">>, []}
|
{<<".*">>, []}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{application, emqx_web_hook,
|
{application, emqx_web_hook,
|
||||||
[{description, "EMQ X WebHook Plugin"},
|
[{description, "EMQ X WebHook Plugin"},
|
||||||
{vsn, "4.3.10"}, % strict semver, bump manually!
|
{vsn, "4.3.11"}, % strict semver, bump manually!
|
||||||
{modules, []},
|
{modules, []},
|
||||||
{registered, [emqx_web_hook_sup]},
|
{registered, [emqx_web_hook_sup]},
|
||||||
{applications, [kernel,stdlib,ehttpc]},
|
{applications, [kernel,stdlib,ehttpc]},
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,7 @@
|
||||||
[ %% nothing so far
|
[ %% nothing so far
|
||||||
%% 4.3.9 is taken by release 4.3.12
|
%% 4.3.9 is taken by release 4.3.12
|
||||||
]},
|
]},
|
||||||
|
{"4.3.10", [{load_module,emqx_web_hook_app,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}],
|
{<<".*">>,[]}],
|
||||||
[{<<"4\\.3\\.[0-2]">>,
|
[{<<"4\\.3\\.[0-2]">>,
|
||||||
[{apply,{application,stop,[emqx_web_hook]}},
|
[{apply,{application,stop,[emqx_web_hook]}},
|
||||||
|
|
@ -33,4 +34,5 @@
|
||||||
[ %% nothing so far
|
[ %% nothing so far
|
||||||
%% 4.3.9 is taken by release 4.3.12
|
%% 4.3.9 is taken by release 4.3.12
|
||||||
]},
|
]},
|
||||||
|
{"4.3.10", [{load_module,emqx_web_hook_app,brutal_purge,soft_purge,[]}]},
|
||||||
{<<".*">>,[]}]}.
|
{<<".*">>,[]}]}.
|
||||||
|
|
|
||||||
|
|
@ -61,6 +61,7 @@ translate_env() ->
|
||||||
end,
|
end,
|
||||||
SNI = case application:get_env(?APP, server_name_indication, undefined) of
|
SNI = case application:get_env(?APP, server_name_indication, undefined) of
|
||||||
"disable" -> disable;
|
"disable" -> disable;
|
||||||
|
"" -> undefined;
|
||||||
SNI0 -> SNI0
|
SNI0 -> SNI0
|
||||||
end,
|
end,
|
||||||
TLSOpts = lists:filter(fun({_K, V}) ->
|
TLSOpts = lists:filter(fun({_K, V}) ->
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue