Merge pull request #3430 from emqx/master
Auto-pull-request-by-2020-04-30
This commit is contained in:
tigercl
GitHub
commit
5aa4cb4b5c
|
|
@ -1,4 +1,4 @@
|
|||
{minimum_otp_vsn, "21.0"}.
|
||||
{minimum_otp_vsn, "21.3"}.
|
||||
|
||||
{deps,
|
||||
[{gproc, {git, "https://github.com/uwiger/gproc", {tag, "0.8.0"}}},
|
||||
|
|
|
|||
|
|
@ -163,25 +163,20 @@ init(ConnInfo = #{peername := {PeerHost, _Port},
|
|||
sockname := {_Host, SockPort}}, Options) ->
|
||||
Zone = proplists:get_value(zone, Options),
|
||||
Peercert = maps:get(peercert, ConnInfo, undefined),
|
||||
Username = case peer_cert_as_username(Options) of
|
||||
cn -> esockd_peercert:common_name(Peercert);
|
||||
dn -> esockd_peercert:subject(Peercert);
|
||||
crt -> Peercert;
|
||||
_ -> undefined
|
||||
end,
|
||||
Protocol = maps:get(protocol, ConnInfo, mqtt),
|
||||
MountPoint = emqx_zone:mountpoint(Zone),
|
||||
ClientInfo = #{zone => Zone,
|
||||
protocol => Protocol,
|
||||
peerhost => PeerHost,
|
||||
sockport => SockPort,
|
||||
peercert => Peercert,
|
||||
clientid => undefined,
|
||||
username => Username,
|
||||
mountpoint => MountPoint,
|
||||
is_bridge => false,
|
||||
is_superuser => false
|
||||
},
|
||||
ClientInfo = setting_peercert_infos(
|
||||
Peercert,
|
||||
#{zone => Zone,
|
||||
protocol => Protocol,
|
||||
peerhost => PeerHost,
|
||||
sockport => SockPort,
|
||||
clientid => undefined,
|
||||
username => undefined,
|
||||
mountpoint => MountPoint,
|
||||
is_bridge => false,
|
||||
is_superuser => false
|
||||
}, Options),
|
||||
#channel{conninfo = ConnInfo,
|
||||
clientinfo = ClientInfo,
|
||||
topic_aliases = #{inbound => #{},
|
||||
|
|
@ -195,8 +190,21 @@ init(ConnInfo = #{peername := {PeerHost, _Port},
|
|||
pendings = []
|
||||
}.
|
||||
|
||||
peer_cert_as_username(Options) ->
|
||||
proplists:get_value(peer_cert_as_username, Options).
|
||||
setting_peercert_infos(NoSSL, ClientInfo, _Options)
|
||||
when NoSSL =:= nossl;
|
||||
NoSSL =:= undefined ->
|
||||
ClientInfo#{username => undefined};
|
||||
|
||||
setting_peercert_infos(Peercert, ClientInfo, Options) ->
|
||||
{DN, CN} = {esockd_peercert:subject(Peercert),
|
||||
esockd_peercert:common_name(Peercert)},
|
||||
Username = case proplists:get_value(peer_cert_as_username, Options) of
|
||||
cn -> CN;
|
||||
dn -> DN;
|
||||
crt -> Peercert;
|
||||
_ -> undefined
|
||||
end,
|
||||
ClientInfo#{username => Username, dn => DN, cn => CN}.
|
||||
|
||||
%%--------------------------------------------------------------------
|
||||
%% Handle incoming packet
|
||||
|
|
@ -236,10 +244,15 @@ handle_in(?CONNECT_PACKET(ConnPkt), Channel) ->
|
|||
handle_out(connack, ReasonCode, NChannel)
|
||||
end;
|
||||
|
||||
handle_in(Packet = ?AUTH_PACKET(?RC_CONTINUE_AUTHENTICATION, _Properties), Channel) ->
|
||||
handle_in(Packet = ?AUTH_PACKET(?RC_CONTINUE_AUTHENTICATION, _Properties), Channel = #channel{conn_state = ConnState}) ->
|
||||
case enhanced_auth(Packet, Channel) of
|
||||
{ok, NProperties, NChannel} ->
|
||||
process_connect(NProperties, ensure_connected(NChannel));
|
||||
case ConnState of
|
||||
connecting ->
|
||||
process_connect(NProperties, ensure_connected(NChannel));
|
||||
_ ->
|
||||
handle_out(auth, {?RC_SUCCESS, NProperties}, NChannel)
|
||||
end;
|
||||
{continue, NProperties, NChannel} ->
|
||||
handle_out(auth, {?RC_CONTINUE_AUTHENTICATION, NProperties}, NChannel);
|
||||
{error, NReasonCode, NChannel} ->
|
||||
|
|
@ -977,10 +990,10 @@ enrich_conninfo(ConnPkt = #mqtt_packet_connect{
|
|||
username = Username
|
||||
},
|
||||
Channel = #channel{conninfo = ConnInfo,
|
||||
clientinfo = ClientInfo
|
||||
clientinfo = #{zone := Zone}
|
||||
}) ->
|
||||
ExpiryInterval = expiry_interval(ClientInfo, ConnPkt),
|
||||
ReceiveMaximum = receive_maximum(ClientInfo, ConnProps),
|
||||
ExpiryInterval = expiry_interval(Zone, ConnPkt),
|
||||
ReceiveMaximum = receive_maximum(Zone, ConnProps),
|
||||
NConnInfo = ConnInfo#{proto_name => ProtoName,
|
||||
proto_ver => ProtoVer,
|
||||
clean_start => CleanStart,
|
||||
|
|
@ -995,16 +1008,16 @@ enrich_conninfo(ConnPkt = #mqtt_packet_connect{
|
|||
|
||||
%% If the Session Expiry Interval is absent the value 0 is used.
|
||||
-compile({inline, [expiry_interval/2]}).
|
||||
expiry_interval(_ClientInfo, #mqtt_packet_connect{proto_ver = ?MQTT_PROTO_V5,
|
||||
properties = ConnProps}) ->
|
||||
expiry_interval(_Zone, #mqtt_packet_connect{proto_ver = ?MQTT_PROTO_V5,
|
||||
properties = ConnProps}) ->
|
||||
emqx_mqtt_props:get('Session-Expiry-Interval', ConnProps, 0);
|
||||
expiry_interval(#{zone := Zone}, #mqtt_packet_connect{clean_start = false}) ->
|
||||
expiry_interval(Zone, #mqtt_packet_connect{clean_start = false}) ->
|
||||
emqx_zone:session_expiry_interval(Zone);
|
||||
expiry_interval(_ClientInfo, #mqtt_packet_connect{clean_start = true}) ->
|
||||
expiry_interval(_Zone, #mqtt_packet_connect{clean_start = true}) ->
|
||||
0.
|
||||
|
||||
-compile({inline, [receive_maximum/2]}).
|
||||
receive_maximum(#{zone := Zone}, ConnProps) ->
|
||||
receive_maximum(Zone, ConnProps) ->
|
||||
emqx_mqtt_props:get('Receive-Maximum', ConnProps, emqx_zone:max_inflight(Zone)).
|
||||
|
||||
%%--------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -128,7 +128,6 @@
|
|||
sockport := non_neg_integer(),
|
||||
clientid := clientid(),
|
||||
username := username(),
|
||||
peercert := esockd_peercert:peercert(),
|
||||
is_bridge := boolean(),
|
||||
is_superuser := boolean(),
|
||||
mountpoint := maybe(binary()),
|
||||
|
|
@ -136,6 +135,8 @@
|
|||
password => maybe(binary()),
|
||||
auth_result => auth_result(),
|
||||
anonymous => boolean(),
|
||||
cn => binary(),
|
||||
dn => binary(),
|
||||
atom() => term()
|
||||
}).
|
||||
-type(clientid() :: binary()|atom()).
|
||||
|
|
|
|||
Loading…
Reference in New Issue