merge PR#755

2016-11-08 10:34:23 +08:00 · 2016-11-08 10:34:23 +08:00 · 91eb89be2b
parent 52d46f81a6 7f3dd494bd
commit 91eb89be2b
7 changed files with 20 additions and 21 deletions
--- a/docs/source/config.rst
+++ b/docs/source/config.rst
@ -453,7 +453,7 @@ SSL Listener - 8883
    mqtt.listener.ssl.certfile = etc/certs/cert.pem
    mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
    ## mqtt.listener.ssl.verify = verify_peer
-    ## mqtt.listener.ssl.failed_if_no_peer_cert = true
+    ## mqtt.listener.ssl.fail_if_no_peer_cert = true

 HTTP/WS Listener - 8083
 -----------------------
@ -480,7 +480,7 @@ HTTPS/WSS Listener - 8084
    mqtt.listener.https.cacertfile = etc/certs/cacert.pem
    ## 开启双向认证
    ## mqtt.listener.https.verify = verify_peer
-    ## mqtt.listener.https.failed_if_no_peer_cert = true
+    ## mqtt.listener.https.fail_if_no_peer_cert = true

 --------------
 System Monitor
--- a/docs/source/plugins.rst
+++ b/docs/source/plugins.rst
@ -167,7 +167,7 @@ etc/plugins/emq_dashboard.conf:
    ## dashboard.listener.https.keyfile = etc/certs/key.pem
    ## dashboard.listener.https.cacertfile = etc/certs/cacert.pem
    ## dashboard.listener.https.verify = verify_peer
-    ## dashboard.listener.https.failed_if_no_peer_cert = true
+    ## dashboard.listener.https.fail_if_no_peer_cert = true

 -------------------------------
 emq_auth_ldap: LDAP Auth Plugin
--- a/etc/emq.conf
+++ b/etc/emq.conf
@ -206,12 +206,12 @@ mqtt.listener.ssl.max_clients = 512

 ## Configuring SSL Options
 ## See http://erlang.org/doc/man/ssl.html
-mqtt.listener.ssl.handshake_timeout = 2000
+mqtt.listener.ssl.handshake_timeout = 15
 mqtt.listener.ssl.keyfile = etc/certs/key.pem
 mqtt.listener.ssl.certfile = etc/certs/cert.pem
 ## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.ssl.verify = verify_peer
-## mqtt.listener.ssl.failed_if_no_peer_cert = true
+## mqtt.listener.ssl.fail_if_no_peer_cert = true

 ## HTTP and WebSocket Listener
 mqtt.listener.http = 8083
@ -222,12 +222,12 @@ mqtt.listener.http.max_clients = 64
 ## mqtt.listener.https = 8084
 ## mqtt.listener.https.acceptors = 4
 ## mqtt.listener.https.max_clients = 64
-## mqtt.listener.https.handshake_timeout = 2000
+## mqtt.listener.https.handshake_timeout = 15
 ## mqtt.listener.https.certfile = etc/certs/cert.pem
 ## mqtt.listener.https.keyfile = etc/certs/key.pem
 ## mqtt.listener.https.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.https.verify = verify_peer
-## mqtt.listener.https.failed_if_no_peer_cert = true
+## mqtt.listener.https.fail_if_no_peer_cert = true

 ##-------------------------------------------------------------------
 ## System Monitor
--- a/priv/emq.schema
+++ b/priv/emq.schema
@ -536,7 +536,7 @@ end}.
  {datatype, atom}
 ]}.

-{mapping, "mqtt.listener.ssl.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.ssl.fail_if_no_peer_cert", "emqttd.listeners", [
  {datatype, {enum, [true, false]}}
 ]}.

@ -592,7 +592,7 @@ end}.
  {datatype, atom}
 ]}.

-{mapping, "mqtt.listener.https.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.https.fail_if_no_peer_cert", "emqttd.listeners", [
  {datatype, {enum, [true, false]}}
 ]}.

@ -611,12 +611,12 @@ end}.
                           {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}])
              end,
    SslOpts = fun(Prefix) ->
-                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)},
+                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000},
                          {keyfile,    cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
                          {certfile,   cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
                          {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},
                          {verify,     cuttlefish:conf_get(Prefix ++ ".verify", Conf, undefined)},
-                          {failed_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".failed_if_no_peer_cert", Conf, undefined)}])
+                          {fail_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".fail_if_no_peer_cert", Conf, undefined)}])
              end,

    Listeners = fun(Name) when is_atom(Name) ->
--- a/src/emqttd_http.erl
+++ b/src/emqttd_http.erl
@ -137,8 +137,7 @@ authorized(Req) ->
        case emqttd_access_control:auth(#mqtt_client{username = Username, peername = Peer}, Password) of
            ok ->
                true;
-            %% http publish is_super to true?
-            {ok, IsSuper} ->
+            {ok, _IsSuper} -> 
                true;
            {error, Reason} ->
                lager:error("HTTP Auth failure: username=~s, reason=~p", [Username, Reason]),
--- a/test/emqttd_SUITE_data/emqttd.conf
+++ b/test/emqttd_SUITE_data/emqttd.conf
@ -206,12 +206,12 @@ mqtt.listener.ssl.max_clients = 512

 ## Configuring SSL Options
 ## See http://erlang.org/doc/man/ssl.html
-mqtt.listener.ssl.handshake_timeout = 2000
+mqtt.listener.ssl.handshake_timeout = 15
 mqtt.listener.ssl.keyfile = etc/certs/key.pem
 mqtt.listener.ssl.certfile = etc/certs/cert.pem
 ## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.ssl.verify = verify_peer
-## mqtt.listener.ssl.failed_if_no_peer_cert = true
+## mqtt.listener.ssl.fail_if_no_peer_cert = true

 ## HTTP and WebSocket Listener
 mqtt.listener.http = 8083
@ -222,12 +222,12 @@ mqtt.listener.http.max_clients = 64
 ## mqtt.listener.https = 8084
 ## mqtt.listener.https.acceptors = 4
 ## mqtt.listener.https.max_clients = 64
-## mqtt.listener.https.handshake_timeout = 10
+## mqtt.listener.https.handshake_timeout = 15
 ## mqtt.listener.https.certfile = etc/certs/cert.pem
 ## mqtt.listener.https.keyfile = etc/certs/key.pem
 ## mqtt.listener.https.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.https.verify = verify_peer
-## mqtt.listener.https.failed_if_no_peer_cert = true
+## mqtt.listener.https.fail_if_no_peer_cert = true

 ##-------------------------------------------------------------------
 ## System Monitor
--- a/test/emqttd_SUITE_data/emqttd.schema
+++ b/test/emqttd_SUITE_data/emqttd.schema
@ -536,7 +536,7 @@ end}.
  {datatype, atom}
 ]}.

-{mapping, "mqtt.listener.ssl.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.ssl.fail_if_no_peer_cert", "emqttd.listeners", [
  {datatype, {enum, [true, false]}}
 ]}.

@ -592,7 +592,7 @@ end}.
  {datatype, atom}
 ]}.

-{mapping, "mqtt.listener.https.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.https.fail_if_no_peer_cert", "emqttd.listeners", [
  {datatype, {enum, [true, false]}}
 ]}.

@ -611,12 +611,12 @@ end}.
                           {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}])
              end,
    SslOpts = fun(Prefix) ->
-                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)},
+                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000},
                          {keyfile,    cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
                          {certfile,   cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
                          {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},
                          {verify,     cuttlefish:conf_get(Prefix ++ ".verify", Conf, undefined)},
-                          {failed_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".failed_if_no_peer_cert", Conf, undefined)}])
+                          {fail_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".fail_if_no_peer_cert", Conf, undefined)}])
              end,

    Listeners = fun(Name) when is_atom(Name) ->