merge PR#755

This commit is contained in:
Feng Lee 2016-11-08 10:34:23 +08:00
commit 91eb89be2b
7 changed files with 20 additions and 21 deletions

View File

@ -453,7 +453,7 @@ SSL Listener - 8883
mqtt.listener.ssl.certfile = etc/certs/cert.pem
mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
## mqtt.listener.ssl.verify = verify_peer
## mqtt.listener.ssl.failed_if_no_peer_cert = true
## mqtt.listener.ssl.fail_if_no_peer_cert = true
HTTP/WS Listener - 8083
-----------------------
@ -480,7 +480,7 @@ HTTPS/WSS Listener - 8084
mqtt.listener.https.cacertfile = etc/certs/cacert.pem
## 开启双向认证
## mqtt.listener.https.verify = verify_peer
## mqtt.listener.https.failed_if_no_peer_cert = true
## mqtt.listener.https.fail_if_no_peer_cert = true
--------------
System Monitor

View File

@ -167,7 +167,7 @@ etc/plugins/emq_dashboard.conf:
## dashboard.listener.https.keyfile = etc/certs/key.pem
## dashboard.listener.https.cacertfile = etc/certs/cacert.pem
## dashboard.listener.https.verify = verify_peer
## dashboard.listener.https.failed_if_no_peer_cert = true
## dashboard.listener.https.fail_if_no_peer_cert = true
-------------------------------
emq_auth_ldap: LDAP Auth Plugin

View File

@ -206,12 +206,12 @@ mqtt.listener.ssl.max_clients = 512
## Configuring SSL Options
## See http://erlang.org/doc/man/ssl.html
mqtt.listener.ssl.handshake_timeout = 2000
mqtt.listener.ssl.handshake_timeout = 15
mqtt.listener.ssl.keyfile = etc/certs/key.pem
mqtt.listener.ssl.certfile = etc/certs/cert.pem
## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
## mqtt.listener.ssl.verify = verify_peer
## mqtt.listener.ssl.failed_if_no_peer_cert = true
## mqtt.listener.ssl.fail_if_no_peer_cert = true
## HTTP and WebSocket Listener
mqtt.listener.http = 8083
@ -222,12 +222,12 @@ mqtt.listener.http.max_clients = 64
## mqtt.listener.https = 8084
## mqtt.listener.https.acceptors = 4
## mqtt.listener.https.max_clients = 64
## mqtt.listener.https.handshake_timeout = 2000
## mqtt.listener.https.handshake_timeout = 15
## mqtt.listener.https.certfile = etc/certs/cert.pem
## mqtt.listener.https.keyfile = etc/certs/key.pem
## mqtt.listener.https.cacertfile = etc/certs/cacert.pem
## mqtt.listener.https.verify = verify_peer
## mqtt.listener.https.failed_if_no_peer_cert = true
## mqtt.listener.https.fail_if_no_peer_cert = true
##-------------------------------------------------------------------
## System Monitor

View File

@ -536,7 +536,7 @@ end}.
{datatype, atom}
]}.
{mapping, "mqtt.listener.ssl.failed_if_no_peer_cert", "emqttd.listeners", [
{mapping, "mqtt.listener.ssl.fail_if_no_peer_cert", "emqttd.listeners", [
{datatype, {enum, [true, false]}}
]}.
@ -592,7 +592,7 @@ end}.
{datatype, atom}
]}.
{mapping, "mqtt.listener.https.failed_if_no_peer_cert", "emqttd.listeners", [
{mapping, "mqtt.listener.https.fail_if_no_peer_cert", "emqttd.listeners", [
{datatype, {enum, [true, false]}}
]}.
@ -611,12 +611,12 @@ end}.
{nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}])
end,
SslOpts = fun(Prefix) ->
Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)},
Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000},
{keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
{certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
{cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},
{verify, cuttlefish:conf_get(Prefix ++ ".verify", Conf, undefined)},
{failed_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".failed_if_no_peer_cert", Conf, undefined)}])
{fail_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".fail_if_no_peer_cert", Conf, undefined)}])
end,
Listeners = fun(Name) when is_atom(Name) ->

View File

@ -137,8 +137,7 @@ authorized(Req) ->
case emqttd_access_control:auth(#mqtt_client{username = Username, peername = Peer}, Password) of
ok ->
true;
%% http publish is_super to true?
{ok, IsSuper} ->
{ok, _IsSuper} ->
true;
{error, Reason} ->
lager:error("HTTP Auth failure: username=~s, reason=~p", [Username, Reason]),

View File

@ -206,12 +206,12 @@ mqtt.listener.ssl.max_clients = 512
## Configuring SSL Options
## See http://erlang.org/doc/man/ssl.html
mqtt.listener.ssl.handshake_timeout = 2000
mqtt.listener.ssl.handshake_timeout = 15
mqtt.listener.ssl.keyfile = etc/certs/key.pem
mqtt.listener.ssl.certfile = etc/certs/cert.pem
## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
## mqtt.listener.ssl.verify = verify_peer
## mqtt.listener.ssl.failed_if_no_peer_cert = true
## mqtt.listener.ssl.fail_if_no_peer_cert = true
## HTTP and WebSocket Listener
mqtt.listener.http = 8083
@ -222,12 +222,12 @@ mqtt.listener.http.max_clients = 64
## mqtt.listener.https = 8084
## mqtt.listener.https.acceptors = 4
## mqtt.listener.https.max_clients = 64
## mqtt.listener.https.handshake_timeout = 10
## mqtt.listener.https.handshake_timeout = 15
## mqtt.listener.https.certfile = etc/certs/cert.pem
## mqtt.listener.https.keyfile = etc/certs/key.pem
## mqtt.listener.https.cacertfile = etc/certs/cacert.pem
## mqtt.listener.https.verify = verify_peer
## mqtt.listener.https.failed_if_no_peer_cert = true
## mqtt.listener.https.fail_if_no_peer_cert = true
##-------------------------------------------------------------------
## System Monitor

View File

@ -536,7 +536,7 @@ end}.
{datatype, atom}
]}.
{mapping, "mqtt.listener.ssl.failed_if_no_peer_cert", "emqttd.listeners", [
{mapping, "mqtt.listener.ssl.fail_if_no_peer_cert", "emqttd.listeners", [
{datatype, {enum, [true, false]}}
]}.
@ -592,7 +592,7 @@ end}.
{datatype, atom}
]}.
{mapping, "mqtt.listener.https.failed_if_no_peer_cert", "emqttd.listeners", [
{mapping, "mqtt.listener.https.fail_if_no_peer_cert", "emqttd.listeners", [
{datatype, {enum, [true, false]}}
]}.
@ -611,12 +611,12 @@ end}.
{nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}])
end,
SslOpts = fun(Prefix) ->
Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)},
Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000},
{keyfile, cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
{certfile, cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
{cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},
{verify, cuttlefish:conf_get(Prefix ++ ".verify", Conf, undefined)},
{failed_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".failed_if_no_peer_cert", Conf, undefined)}])
{fail_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".fail_if_no_peer_cert", Conf, undefined)}])
end,
Listeners = fun(Name) when is_atom(Name) ->