yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(gw): not updating the authenticator using re-creation

This commit is contained in:
JianBo He 2022-06-14 16:40:34 +08:00
parent 7d38f83aef
commit 77d4faa632
4 changed files with 48 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
apps/emqx_gateway/src/emqx_gateway_insta_sup.erl
View File

@ -265,8 +265,11 @@ ensure_authn_running(State = #state{ctx = Ctx, authns = Authns}) ->
), ),
State#state{ctx = maps:put(auth, AuthnNames, Ctx)}. State#state{ctx = maps:put(auth, AuthnNames, Ctx)}.
do_update_authenticator({ChainName, Confs}) ->
do_update_authenticator(ChainName, Confs).
do_update_authenticator(ChainName, Confs) -> do_update_authenticator(ChainName, Confs) ->
[#{id := AuthenticatorId}] = emqx_authentication:list_authenticators(ChainName), {ok, [#{id := AuthenticatorId}]} = emqx_authentication:list_authenticators(ChainName),
{ok, _} = emqx_authentication:update_authenticator(ChainName, AuthenticatorId, Confs), {ok, _} = emqx_authentication:update_authenticator(ChainName, AuthenticatorId, Confs),
ok. ok.
@ -278,21 +281,19 @@ do_update_authenticator(ChainName, Confs) ->
init_authn(GwName, Config) -> init_authn(GwName, Config) ->
Authns = authns(GwName, Config), Authns = authns(GwName, Config),
try try
_ = application:ensure_all_started(emqx_authn), ok = do_init_authn(Authns),
do_init_authn(Authns, []) Authns
catch catch
throw:Reason = {badauth, _} -> throw:Reason = {badauth, _} ->
do_deinit_authn(proplists:get_keys(Authns)), do_deinit_authn(Authns),
throw(Reason) throw(Reason)
end. end.
do_init_authn([], Authns) -> do_init_authn([]) ->
lists:reverse(Authns); ok;
do_init_authn([{ChainName, AuthConf} | More], Authns) when is_map(AuthConf) -> do_init_authn([{ChainName, AuthConf} | More]) when is_map(AuthConf) ->
ok = do_create_authn_chain(ChainName, AuthConf), ok = do_create_authn_chain(ChainName, AuthConf),
do_init_authn(More, [{ChainName, AuthConf} | Authns]); do_init_authn(More).
do_init_authn([_BadConf | More], Authns) ->
do_init_authn(More, Authns).
authns(GwName, Config) -> authns(GwName, Config) ->
Listeners = maps:to_list(maps:get(listeners, Config, #{})), Listeners = maps:to_list(maps:get(listeners, Config, #{})),
@ -332,9 +333,9 @@ do_create_authn_chain(ChainName, AuthConf) ->
throw({badauth, Reason}) throw({badauth, Reason})
end. end.
do_deinit_authn(Names) -> do_deinit_authn(Authns) ->
lists:foreach( lists:foreach(
fun(ChainName) -> fun({ChainName, _}) ->
case emqx_authentication:delete_chain(ChainName) of case emqx_authentication:delete_chain(ChainName) of
ok -> ok ->
ok; ok;
@ -348,7 +349,7 @@ do_deinit_authn(Names) ->
}) })
end end
end, end,
Names Authns
). ).
do_update_one_by_one( do_update_one_by_one(
@ -361,8 +362,8 @@ do_update_one_by_one(
) -> ) ->
NEnable = maps:get(enable, NCfg, true), NEnable = maps:get(enable, NCfg, true),
OAuths = authns(GwName, OCfg), OAuthns = authns(GwName, OCfg),
NAuths = authns(GwName, NCfg), NAuthns = authns(GwName, NCfg),
case {Status, NEnable} of case {Status, NEnable} of
{stopped, true} -> {stopped, true} ->
@ -371,16 +372,11 @@ do_update_one_by_one(
{stopped, false} -> {stopped, false} ->
{ok, State#state{config = NCfg}}; {ok, State#state{config = NCfg}};
{running, true} -> {running, true} ->
NState = {Added, Updated, Deleted} = diff_auths(NAuthns, OAuthns),
case NAuths == OAuths of _ = do_deinit_authn(Deleted),
true -> _ = do_init_authn(Added),
State; _ = lists:foreach(fun do_update_authenticator/1, Updated),
false -> NState = State#state{authns = NAuthns},
%% Reset Authentication first
_ = do_deinit_authn(State#state.authns),
Authns = init_authn(State#state.name, NCfg),
State#state{authns = Authns}
end,
%% TODO: minimum impact update ??? %% TODO: minimum impact update ???
cb_gateway_update(NCfg, NState); cb_gateway_update(NCfg, NState);
{running, false} -> {running, false} ->
@ -392,6 +388,31 @@ do_update_one_by_one(
throw(nomatch) throw(nomatch)
end. end.
diff_auths(NAuthns, OAuthns) ->
NNames = proplists:get_keys(NAuthns),
ONames = proplists:get_keys(OAuthns),
AddedNames = NNames -- ONames,
DeletedNames = ONames -- NNames,
BothNames = NNames -- AddedNames,
UpdatedNames = lists:foldl(
fun(Name, Acc) ->
case
proplists:get_value(Name, NAuthns) ==
proplists:get_value(Name, OAuthns)
of
true -> Acc;
false -> [Name | Acc]
end
end,
[],
BothNames
),
{
lists:filter(fun({Name, _}) -> lists:member(Name, AddedNames) end, NAuthns),
lists:filter(fun({Name, _}) -> lists:member(Name, UpdatedNames) end, NAuthns),
lists:filter(fun({Name, _}) -> lists:member(Name, DeletedNames) end, OAuthns)
}.
cb_gateway_unload( cb_gateway_unload(
State = #state{ State = #state{
name = GwName, name = GwName,
@ -404,7 +425,6 @@ cb_gateway_unload(
CbMod:on_gateway_unload(Gateway, GwState), CbMod:on_gateway_unload(Gateway, GwState),
{ok, State#state{ {ok, State#state{
child_pids = [], child_pids = [],
authns = [],
status = stopped, status = stopped,
gw_state = undefined, gw_state = undefined,
started_at = undefined, started_at = undefined,

1
apps/emqx_gateway/test/emqx_exproto_SUITE.erl
View File

@ -72,7 +72,6 @@ init_per_group(GrpName, Cfg) ->
put(grpname, GrpName), put(grpname, GrpName),
Svrs = emqx_exproto_echo_svr:start(), Svrs = emqx_exproto_echo_svr:start(),
emqx_common_test_helpers:start_apps([emqx_gateway], fun set_special_cfg/1), emqx_common_test_helpers:start_apps([emqx_gateway], fun set_special_cfg/1),
emqx_logger:set_log_level(debug),
[{servers, Svrs}, {listener_type, GrpName} | Cfg]. [{servers, Svrs}, {listener_type, GrpName} | Cfg].
end_per_group(_, Cfg) -> end_per_group(_, Cfg) ->

4
apps/emqx_gateway/test/emqx_gateway_SUITE.erl
View File

@ -34,7 +34,7 @@ all() -> emqx_common_test_helpers:all(?MODULE).
init_per_suite(Conf) -> init_per_suite(Conf) ->
emqx_config:erase(gateway), emqx_config:erase(gateway),
emqx_common_test_helpers:load_config(emqx_gateway_schema, ?CONF_DEFAULT), emqx_common_test_helpers:load_config(emqx_gateway_schema, ?CONF_DEFAULT),
emqx_common_test_helpers:start_apps([emqx_gateway]), emqx_common_test_helpers:start_apps([emqx_authn, emqx_gateway]),
Conf. Conf.
end_per_suite(_Conf) -> end_per_suite(_Conf) ->
@ -44,7 +44,7 @@ end_per_suite(_Conf) ->
init_per_testcase(t_get_basic_usage_info_2, Config) -> init_per_testcase(t_get_basic_usage_info_2, Config) ->
DataDir = ?config(data_dir, Config), DataDir = ?config(data_dir, Config),
emqx_common_test_helpers:stop_apps([emqx_gateway]), application:stop(emqx_gateway),
ok = setup_fake_usage_data(DataDir), ok = setup_fake_usage_data(DataDir),
Config; Config;
init_per_testcase(_TestCase, Config) -> init_per_testcase(_TestCase, Config) ->

4
apps/emqx_gateway/test/emqx_sn_protocol_SUITE.erl
View File

@ -1914,8 +1914,6 @@ t_register_subs_resume_on(_) ->
_ = emqx:publish(emqx_message:make(test, ?QOS_1, <<"topic-b">>, <<"m2">>)), _ = emqx:publish(emqx_message:make(test, ?QOS_1, <<"topic-b">>, <<"m2">>)),
_ = emqx:publish(emqx_message:make(test, ?QOS_2, <<"topic-b">>, <<"m3">>)), _ = emqx:publish(emqx_message:make(test, ?QOS_2, <<"topic-b">>, <<"m3">>)),
emqx_logger:set_log_level(debug),
{ok, NSocket} = gen_udp:open(0, [binary]), {ok, NSocket} = gen_udp:open(0, [binary]),
send_connect_msg(NSocket, <<"test">>, 0), send_connect_msg(NSocket, <<"test">>, 0),
?assertMatch( ?assertMatch(
@ -2088,8 +2086,6 @@ t_register_skip_failure_topic_name_and_reach_max_retry_times(_) ->
?assertMatch(<<2, ?SN_DISCONNECT>>, receive_response(Socket)), ?assertMatch(<<2, ?SN_DISCONNECT>>, receive_response(Socket)),
gen_udp:close(Socket), gen_udp:close(Socket),
emqx_logger:set_log_level(debug),
{ok, NSocket} = gen_udp:open(0, [binary]), {ok, NSocket} = gen_udp:open(0, [binary]),
send_connect_msg(NSocket, <<"test">>, 0), send_connect_msg(NSocket, <<"test">>, 0),
?assertMatch( ?assertMatch(