From 4b8d4b3583c8427189046efd91eab35474d66259 Mon Sep 17 00:00:00 2001 From: Thales Macedo Garitezi Date: Thu, 5 Jan 2023 15:51:54 -0300 Subject: [PATCH 01/57] test: fix hang when calling `ct_slave:stop` on a `slave` started node Some tests use the `slave` module for better readability. But, when shutting those nodes down, if one uses `ct_slave` on them, they will hang. This'll make CT wait until the timetrap (default 30 min) before failing `end_per_testcase`. --- test/emqx_node_helpers.erl | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/test/emqx_node_helpers.erl b/test/emqx_node_helpers.erl index 938318690..0c0250885 100644 --- a/test/emqx_node_helpers.erl +++ b/test/emqx_node_helpers.erl @@ -56,6 +56,7 @@ start_slave(Name, Opts) -> throw(Other) end, pong = net_adm:ping(Node), + put_slave_mod(Node, SlaveMod), setup_node(Node, Opts), Node. @@ -70,11 +71,14 @@ make_node_name(Name) -> stop_slave(Node0) -> Node = make_node_name(Node0), + SlaveMod = get_slave_mod(Node), + erase_slave_mod(Node), case rpc:call(Node, ekka, leave, []) of ok -> ok; {badrpc, nodedown} -> ok end, - case ct_slave:stop(Node) of + case SlaveMod:stop(Node) of + ok -> ok; {ok, _} -> ok; {error, not_started, _} -> ok end. @@ -167,3 +171,16 @@ check_consistent_view([{View, Node} | Rest], Acc) -> add_to_list(Node, Nodes) when is_list(Nodes) -> [Node | Nodes]; add_to_list(Node, Node1) -> [Node, Node1]. + +put_slave_mod(Node, SlaveMod) -> + put({?MODULE, Node}, SlaveMod), + ok. + +get_slave_mod(Node) -> + case get({?MODULE, Node}) of + undefined -> ct_slave; + SlaveMod -> SlaveMod + end. + +erase_slave_mod(Node) -> + erase({?MODULE, Node}). From 7b76982be91ce98fc5eb3da874d0b6397a044059 Mon Sep 17 00:00:00 2001 From: JimMoen Date: Thu, 12 Jan 2023 11:12:49 +0800 Subject: [PATCH 02/57] test: fix a disturbed test environment `$mqtt_sub_caps` --- test/emqx_mqtt_caps_SUITE.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/emqx_mqtt_caps_SUITE.erl b/test/emqx_mqtt_caps_SUITE.erl index 58170a181..925e9af44 100644 --- a/test/emqx_mqtt_caps_SUITE.erl +++ b/test/emqx_mqtt_caps_SUITE.erl @@ -62,5 +62,5 @@ t_check_sub(_) -> ?assertEqual({error, ?RC_SHARED_SUBSCRIPTIONS_NOT_SUPPORTED}, emqx_mqtt_caps:check_sub(ClientInfo, <<"topic">>, SubOpts#{share => true})) after - emqx_zone:unset_env(zone, '$mqtt_pub_caps') + emqx_zone:unset_env(zone, '$mqtt_sub_caps') end. From f08aa9f5f55e6f6fbb7b7068e5c310e9b1bc7b0b Mon Sep 17 00:00:00 2001 From: Thales Macedo Garitezi Date: Thu, 12 Jan 2023 11:09:43 -0300 Subject: [PATCH 03/57] test(crl): add test case for revoke-then-refresh (v4.4) Investigation for https://github.com/emqx/emqx/issues/9732. Apparently, there is no problem if a CRL is cached without revocations, a client cert is revoked, and later the CRL is refreshed. The test case indicates that the same client can at first connect to the server and later is denied connection because the CRL was refreshed. Also, we take the opportunity in this PR to refresh the test certificate and CRL files which would expire in June 2023. --- src/emqx_crl_cache.erl | 1 + test/emqx_crl_cache_SUITE.erl | 110 +++++++++++++++++- .../ca-chain.cert.pem | 106 ++++++++--------- .../client-revoked.cert.pem | 42 +++---- .../client-revoked.key.pem | 55 ++++----- .../emqx_crl_cache_SUITE_data/client.cert.pem | 42 +++---- test/emqx_crl_cache_SUITE_data/client.key.pem | 55 ++++----- .../emqx_crl_cache_http_server.erl | 22 ++-- .../intermediate-not-revoked.crl.pem | 19 +++ .../intermediate-revoked.crl.pem | 20 ++++ .../intermediate.crl.pem | 20 ---- .../emqx_crl_cache_SUITE_data/server.cert.pem | 44 +++---- test/emqx_crl_cache_SUITE_data/server.key.pem | 55 ++++----- 13 files changed, 359 insertions(+), 232 deletions(-) create mode 100644 test/emqx_crl_cache_SUITE_data/intermediate-not-revoked.crl.pem create mode 100644 test/emqx_crl_cache_SUITE_data/intermediate-revoked.crl.pem delete mode 100644 test/emqx_crl_cache_SUITE_data/intermediate.crl.pem diff --git a/src/emqx_crl_cache.erl b/src/emqx_crl_cache.erl index fec62ffbc..885d69a9a 100644 --- a/src/emqx_crl_cache.erl +++ b/src/emqx_crl_cache.erl @@ -147,6 +147,7 @@ handle_info({timeout, TRef, {refresh, URL}}, {noreply, ensure_timer(URL, State, ?RETRY_TIMEOUT)}; {ok, _CRLs} -> ?LOG(debug, "fetched crl response for ~p", [URL]), + ?tp(crl_refresh_timer_done, #{url => URL}), {noreply, ensure_timer(URL, State)} end; _ -> diff --git a/test/emqx_crl_cache_SUITE.erl b/test/emqx_crl_cache_SUITE.erl index 8c9f9456c..a054ca1e7 100644 --- a/test/emqx_crl_cache_SUITE.erl +++ b/test/emqx_crl_cache_SUITE.erl @@ -43,7 +43,7 @@ init_per_testcase(TestCase, Config) TestCase =:= t_filled_cache; TestCase =:= t_revoked -> DataDir = ?config(data_dir, Config), - CRLFile = filename:join([DataDir, "crl.pem"]), + CRLFile = filename:join([DataDir, "intermediate-revoked.crl.pem"]), {ok, CRLPem} = file:read_file(CRLFile), [{'CertificateList', CRLDer, not_encrypted}] = public_key:pem_decode(CRLPem), ServerPid = start_crl_server(CRLPem), @@ -53,9 +53,44 @@ init_per_testcase(TestCase, Config) , {crl_der, CRLDer} , {http_server, ServerPid} | Config]; +init_per_testcase(t_revoke_then_refresh, Config) -> + DataDir = ?config(data_dir, Config), + CRLFileNotRevoked = filename:join([DataDir, "intermediate-not-revoked.crl.pem"]), + {ok, CRLPemNotRevoked} = file:read_file(CRLFileNotRevoked), + [{'CertificateList', CRLDerNotRevoked, not_encrypted}] = public_key:pem_decode(CRLPemNotRevoked), + CRLFileRevoked = filename:join([DataDir, "intermediate-revoked.crl.pem"]), + {ok, CRLPemRevoked} = file:read_file(CRLFileRevoked), + [{'CertificateList', CRLDerRevoked, not_encrypted}] = public_key:pem_decode(CRLPemRevoked), + ServerPid = start_crl_server(CRLPemNotRevoked), + OldListeners = emqx:get_env(listeners), + OldRefreshInterval = emqx:get_env(crl_cache_refresh_interval), + NewRefreshInterval = timer:seconds(10), + ExtraHandler = + fun(emqx) -> + application:set_env(emqx, crl_cache_refresh_interval, NewRefreshInterval), + ok; + (_) -> + ok + end, + ok = setup_crl_options(Config, #{is_cached => true, extra_handler => ExtraHandler}), + ok = snabbkaffe:start_trace(), + {ok, {ok, _}} = + ?wait_async_action( + emqx_crl_cache:refresh_config(), + #{?snk_kind := crl_cache_refresh_config}, + _Timeout = 10_000), + [ {crl_pem_not_revoked, CRLPemNotRevoked} + , {crl_der_not_revoked, CRLDerNotRevoked} + , {crl_pem_revoked, CRLPemRevoked} + , {crl_der_revoked, CRLDerRevoked} + , {http_server, ServerPid} + , {old_configs, [ {listeners, OldListeners} + , {crl_cache_refresh_interval, OldRefreshInterval} + ]} + | Config]; init_per_testcase(t_not_cached_and_unreachable, Config) -> DataDir = ?config(data_dir, Config), - CRLFile = filename:join([DataDir, "crl.pem"]), + CRLFile = filename:join([DataDir, "intermediate-revoked.crl.pem"]), {ok, CRLPem} = file:read_file(CRLFile), [{'CertificateList', CRLDer, not_encrypted}] = public_key:pem_decode(CRLPem), application:stop(cowboy), @@ -65,7 +100,7 @@ init_per_testcase(t_not_cached_and_unreachable, Config) -> | Config]; init_per_testcase(t_refresh_config, Config) -> DataDir = ?config(data_dir, Config), - CRLFile = filename:join([DataDir, "crl.pem"]), + CRLFile = filename:join([DataDir, "intermediate-revoked.crl.pem"]), {ok, CRLPem} = file:read_file(CRLFile), [{'CertificateList', CRLDer, not_encrypted}] = public_key:pem_decode(CRLPem), TestPid = self(), @@ -88,7 +123,7 @@ init_per_testcase(t_refresh_config, Config) -> | Config]; init_per_testcase(_TestCase, Config) -> DataDir = ?config(data_dir, Config), - CRLFile = filename:join([DataDir, "crl.pem"]), + CRLFile = filename:join([DataDir, "intermediate-revoked.crl.pem"]), {ok, CRLPem} = file:read_file(CRLFile), [{'CertificateList', CRLDer, not_encrypted}] = public_key:pem_decode(CRLPem), TestPid = self(), @@ -118,6 +153,30 @@ end_per_testcase(TestCase, Config) clear_crl_cache(), ok = snabbkaffe:stop(), ok; +end_per_testcase(t_revoke_then_refresh, Config) -> + ServerPid = ?config(http_server, Config), + emqx_crl_cache_http_server:stop(ServerPid), + emqx_ct_helpers:stop_apps([]), + OldConfigs = ?config(old_configs, Config), + clear_crl_cache(), + emqx_ct_helpers:stop_apps([]), + emqx_ct_helpers:change_emqx_opts( + ssl_twoway, [ {crl_options, [ {crl_check_enabled, false} + , {crl_cache_urls, []} + ]} + ]), + clear_crl_cache(), + lists:foreach( + fun({Key, MValue}) -> + case MValue of + undefined -> ok; + Value -> application:set_env(emqx, Key, Value) + end + end, + OldConfigs), + application:stop(cowboy), + ok = snabbkaffe:stop(), + ok; end_per_testcase(t_not_cached_and_unreachable, _Config) -> emqx_ct_helpers:stop_apps([]), emqx_ct_helpers:change_emqx_opts( @@ -229,7 +288,7 @@ force_cacertfile(Cacertfile) -> application:set_env(emqx, listeners, SSLListeners ++ OtherListeners), ok. -setup_crl_options(Config, #{is_cached := IsCached}) -> +setup_crl_options(Config, Opts = #{is_cached := IsCached}) -> DataDir = ?config(data_dir, Config), Cacertfile = filename:join(DataDir, "ca-chain.cert.pem"), Certfile = filename:join(DataDir, "server.cert.pem"), @@ -238,6 +297,7 @@ setup_crl_options(Config, #{is_cached := IsCached}) -> false -> []; true -> ["http://localhost:9878/intermediate.crl.pem"] end, + ExtraHandler = maps:get(extra_handler, Opts, fun(_) -> ok end), Handler = fun(emqx) -> emqx_ct_helpers:change_emqx_opts( @@ -255,8 +315,10 @@ setup_crl_options(Config, #{is_cached := IsCached}) -> ]), %% emqx_ct_helpers:change_emqx_opts has cacertfile hardcoded.... ok = force_cacertfile(Cacertfile), + ExtraHandler(emqx), ok; - (_) -> + (App) -> + ExtraHandler(App), ok end, emqx_ct_helpers:start_apps([], Handler), @@ -546,3 +608,39 @@ t_revoked(Config) -> process_flag(trap_exit, true), ?assertMatch({error, {{shutdown, {tls_alert, {certificate_revoked, _}}}, _}}, emqtt:connect(C)), ok. + +t_revoke_then_refresh(Config) -> + DataDir = ?config(data_dir, Config), + CRLPemRevoked = ?config(crl_pem_revoked, Config), + ClientCert = filename:join(DataDir, "client-revoked.cert.pem"), + ClientKey = filename:join(DataDir, "client-revoked.key.pem"), + {ok, C0} = emqtt:start_link([ {ssl, true} + , {ssl_opts, [ {certfile, ClientCert} + , {keyfile, ClientKey} + ]} + , {port, 8883} + ]), + %% At first, the CRL contains no revoked entries, so the client + %% should be allowed connection. + ?assertMatch({ok, _}, emqtt:connect(C0)), + emqtt:stop(C0), + + %% Now we update the CRL on the server and wait for the cache to + %% be refreshed. + ok = snabbkaffe:start_trace(), + {true, {ok, _}} = + ?wait_async_action( + emqx_crl_cache_http_server:set_crl(CRLPemRevoked), + #{?snk_kind := crl_refresh_timer_done}, + 70_000), + + %% The *same client* should now be denied connection. + {ok, C1} = emqtt:start_link([ {ssl, true} + , {ssl_opts, [ {certfile, ClientCert} + , {keyfile, ClientKey} + ]} + , {port, 8883} + ]), + process_flag(trap_exit, true), + ?assertMatch({error, {{shutdown, {tls_alert, {certificate_revoked, _}}}, _}}, emqtt:connect(C1)), + ok. diff --git a/test/emqx_crl_cache_SUITE_data/ca-chain.cert.pem b/test/emqx_crl_cache_SUITE_data/ca-chain.cert.pem index 7fed6be59..eaabd2445 100644 --- a/test/emqx_crl_cache_SUITE_data/ca-chain.cert.pem +++ b/test/emqx_crl_cache_SUITE_data/ca-chain.cert.pem @@ -2,67 +2,67 @@ MIIF+zCCA+OgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwbzELMAkGA1UEBhMCU0Ux EjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMRIwEAYDVQQK DAlNeU9yZ05hbWUxETAPBgNVBAsMCE15Um9vdENBMREwDwYDVQQDDAhNeVJvb3RD -QTAeFw0yMjA2MTMxMjQyMDVaFw0zMjA2MTAxMjQyMDVaMGsxCzAJBgNVBAYTAlNF +QTAeFw0yMzAxMTIxMzA4MTZaFw0zMzAxMDkxMzA4MTZaMGsxCzAJBgNVBAYTAlNF MRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAoMCU15T3JnTmFtZTEZMBcGA1UE CwwQTXlJbnRlcm1lZGlhdGVDQTEZMBcGA1UEAwwQTXlJbnRlcm1lZGlhdGVDQTCC -AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAN32wUPOGrLjVHY37ICI4sWH -2GBEYgGtoKyZTfLKqK8W965uxHxMKKeKC7Ro93ScT4giR2GdsCvMyLP4Dlv7FxL7 -rWEHc7vbP22uT4NQQ0hgfl4ch8rTiSl/5FfynOuvMHnKh58z+lGyQ/uqKqAzc6OD -6FypzSQO2R6JpA+kxKlbTYmOcsLiLFKjCjxyA1ibeozUaRHjPRM7VLHVxYfmpGm/ -86NJxtHrw4hwoKIM9bfURboxfn9R1YM14mZYA6Uw2pScS1+j79tNy74NQNYu1t9E -cyPQk+AJdp2BsbR5KPYr1SMVLHlTwnzjk1IVW4wUUdX2h56ygmRNo9ui74ODfyud -4cclg45SeRdOT0w5e3g20ZvfLZpIkhXk19EIIU/YbG6GpL8gLvBHkz6vvidE7L/2 -h2//alJBeWCvyOloIWYNYnwnHGeXR2c5pzNxHipkBSuMeBaLJOO7X9oqKVanu+xq -nVagFhEYnd+T0PsPa5IVA73KiWMWWeFgJI0pRUydyp0/FhXEhkMWZNJHiscbxcdn -hTdNCAbMfV/4fMar+d/QKY/GMWUVQ4OlXUoo3WjjRi4T8NJEjZGfLdKw5x81WM4A -yqDV3OVVCBf1XrHH4IbvbUDgeG1OEGSV9pdvKX4Sm7226vdOc3HPfRnVyf/N1Pv7 -lzPbUlCheKbTW6Oeq97VAgMBAAGjgaQwgaEwHQYDVR0OBBYEFCuv1TkzC1fSgTfz -E1m1u5pRCJsVMB8GA1UdIwQYMBaAFErA8sZMX6obhoo3XvUpaTy6Z4uhMBIGA1Ud +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQG7dMeU/y9HDNHzhydR0bm +wN9UGplqJOJPwqJRaZZcrn9umgJ9SU2il2ceEVxMDwzBWCRKJO5/H9A9k13SqsXM +2c2c9xXfIF1kb820lCm1Uow5hZ/auDjxliNk9kNJDigCRi3QoIs/dVeWzFsgEC2l +gxRqauN2eNFb6/yXY788YALHBsCRV2NFOFXxtPsvLXpD9Q/8EqYsSMuLARRdHVNU +ryaEF5lhShpcuz0TlIuTy2TiuXJUtJ+p7a4Z7friZ6JsrmQWsVQBj44F8TJRHWzW +C7vm9c+dzEX9eqbr5iPL+L4ctMW9Lz6ePcYfIXne6CElusRUf8G+xM1uwovF9bpV ++9IqY7tAu9G1iY9iNtJgNNDKOCcOGKcZCx6Cg1XYOEKReNnUMazvYeqRrrjV5WQ0 +vOcD5zcBRNTXCddCLa7U0guXP9mQrfuk4NTH1Bt77JieTJ8cfDXHwtaKf6aGbmZP +wl1Xi/GuXNUP/xeog78RKyFwBmjt2JKwvWzMpfmH4mEkG9moh2alva+aEz6LIJuP +16g6s0Q6c793/OvUtpNcewHw4Vjn39LD9o6VLp854G4n8dVpUWSbWS+sXD1ZE69H +g/sMNMyq+09ufkbewY8xoCm/rQ1pqDZAVMWsstJEaYu7b/eb7R+RGOj1YECCV/Yp +EZPdDotbSNRkIi2d/a1NAgMBAAGjgaQwgaEwHQYDVR0OBBYEFExwhjsVUom6tQ+S +qq6xMUETvnPzMB8GA1UdIwQYMBaAFD90kfU5pc5l48THu0Ayj9SNpHuhMBIGA1Ud EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDsGA1UdHwQ0MDIwMKAuoCyG Kmh0dHA6Ly9sb2NhbGhvc3Q6OTg3OC9pbnRlcm1lZGlhdGUuY3JsLnBlbTANBgkq -hkiG9w0BAQsFAAOCAgEAtn/u/ZfmioZyh5DNETRNAftXWvxOyi2MK8soNEsaSbmq -2ajkQwJ1MZ0+C5HuzsoEEoqStYtD3JG34ydPzQbMPwkTDg48+guu8ji30jYXGIfI -RQQfseEj1hN8wTLEDAJGl17kJA+js6dcHkJp93qocOCoOwa5MAYB8ZZq/uRJlzVt -ol6dvhBvhoxkKvJfrhg5dNISVBgIXrs5YOMyXqh6W3YMmepNjs05e5bcLYADyHCd -f4TK9pgyys4OIVHiRZo0+hlaChKo4vDK7acgZOds7qxS/sxrwKe49FTIrAWWP6fG -Ij2RHF91fLhi+10oVVSWtCyWRJOaSM4cenbLN36OUg1JswacsqojTCUylMAa8sAB -RggZ+tt8LlARj3/pdz6IWrccabC+AGZQa1kOKl97hjsE0qy9V5WOiueJ+78u+BY5 -NXIoIyuPG0WCItb76jyn7UDjiCsJt7rfJ5t5rRVLpm8YRG43KuMWjXih/bT07YdE -tA3X5Bk/XLQBqQbRKpR5+CKFhvXbNmKnuAdFbiG8UTFQdo/HGyBR7zzkF4vTqu8s -2pMl4xFAMNnGsWQYce6YioQfYL3apgx9PIqgHr+IzXae6/NIpoIs9ShymEZP1jT5 -9DqKzmUQz3czc7RNXLUZbWxoWRtivrDJGPgbSHyMqVu4h2yLINftHSGegC+ZEgc= +hkiG9w0BAQsFAAOCAgEAK6NgdWQYtPNKQNBGjsgtgqTRh+k30iqSO6Y3yE1KGABO +EuQdVqkC2qUIbCB0M0qoV0ab50KNLfU6cbshggW4LDpcMpoQpI05fukNh1jm3ZuZ +0xsB7vlmlsv00tpqmfIl/zykPDynHKOmFh/hJP/KetMy4+wDv4/+xP31UdEj5XvG +HvMtuqOS23A+H6WPU7ol7KzKBnU2zz/xekvPbUD3JqV+ynP5bgbIZHAndd0o9T8e +NFX23Us4cTenU2/ZlOq694bRzGaK+n3Ksz995Nbtzv5fbUgqmf7Mcq4iHGRVtV11 +MRyBrsXZp2vbF63c4hrf2Zd6SWRoaDKRhP2DMhajpH9zZASSTlfejg/ZRO2s+Clh +YrSTkeMAdnRt6i/q4QRcOTCfsX75RFM5v67njvTXsSaSTnAwaPi78tRtf+WSh0EP +VVPzy++BszBVlJ1VAf7soWZHCjZxZ8ZPqVTy5okoHwWQ09WmYe8GfulDh1oj0wbK +3FjN7bODWHJN+bFf5aQfK+tumYKoPG8RXL6QxpEzjFWjxhIMJHHMKfDWnAV1o1+7 +/1/aDzq7MzEYBbrgQR7oE5ZHtyqhCf9LUgw0Kr7/8QWuNAdeDCJzjXRROU0hJczp +dOyfRlLbHmLLmGOnROlx6LsGNQ17zuz6SPi7ei8/ylhykawDOAGkM1+xFakmQhM= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIFzzCCA7egAwIBAgIUVYtdlrTMH1BoMy9JpiiL/FXv5NMwDQYJKoZIhvcNAQEL +MIIFzzCCA7egAwIBAgIUYjc7hD7/UJ0/VPADfNfp/WpOwRowDQYJKoZIhvcNAQEL BQAwbzELMAkGA1UEBhMCU0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJ U3RvY2tob2xtMRIwEAYDVQQKDAlNeU9yZ05hbWUxETAPBgNVBAsMCE15Um9vdENB -MREwDwYDVQQDDAhNeVJvb3RDQTAeFw0yMjA2MTMxMjQyMDVaFw00MjA2MDgxMjQy -MDVaMG8xCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcM +MREwDwYDVQQDDAhNeVJvb3RDQTAeFw0yMzAxMTIxMzA4MTRaFw00MzAxMDcxMzA4 +MTRaMG8xCzAJBgNVBAYTAlNFMRIwEAYDVQQIDAlTdG9ja2hvbG0xEjAQBgNVBAcM CVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMREwDwYDVQQLDAhNeVJvb3RD QTERMA8GA1UEAwwITXlSb290Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK -AoICAQDRKeWdrXluKLuVxTXxpWbCzBm/6x+kg8EjhIKUm9Mq0t+cOLC1sn99s4E0 -/NBA7jc3O+hQ9S2fZuMp9OUXuf8HjjtlKQY2M9T9kCE9Yxc+ygpcPEvDYl0ke/1r -m6eUOGS2LkIDHebuYbY+KGXjpaF15w49q199wQAk0sbdcCiv+OymBUxi3lrHepo3 -EBIjHtTwNtehgeiJfxCe8TLlLpbPdCsMNwlPvNa0E+1Ol1P9DfHPfK1Dt0ua8X5q -ZBhnW1cawrwzrnth2ZtrSw7RaWhtNWFt/SdedGPgVUMIgFY2I7f2wT2hoe8R/D+e -XLDzVMAW+yrlu/LlBaHE2Ffkk2La8mSHwJOvCZ/Q0V1mJnj6F4pfNemY4MnFX6Jm -7u2TSWooowMppdNPCCRlGk+XS8lfmb9N/0RsOMSz5+1u8wOfFI6Z1GaH6K2Ne2xf -VIBjhGRAiTCHDIFNYBCeAxR64zYeGFKv8L19oV6cbA6St7GMikfk5U/fyG9SUK88 -Fvjm+MrNDu/EEyjkKhK6I9ao3Pb4LcCofTcu44RBYT0HhkjqGWQgapm0i80NcRlL -yK7wm5C8Tntmbehg1KE8iqSzAcBZu6L+j4qQ90T+AIHNTmRUa9dH2uhEej4hIhjd -yJSJcDm4/CYEuK6WgZ6EuJadRy4QgPiH7zWCFXp/OGLvFmUEWQIDAQABo2MwYTAd -BgNVHQ4EFgQUSsDyxkxfqhuGijde9SlpPLpni6EwHwYDVR0jBBgwFoAUSsDyxkxf -qhuGijde9SlpPLpni6EwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw -DQYJKoZIhvcNAQELBQADggIBAJQSy3WpS/j8emep2gJXB7jYxolhhN78DiJaqUZh -0YXa19YaghAsk5YVqbe2XLAGyFqAmmGQ6ymCbULqkdSNUTLTvwHYGFYH7NizUaCS -r9XaB9lizr7dwpd/8HwpqMq7rxNXLMNfl3iVywiKkah6r3goNwz9xgclOj1Q2Uly -s5S3BaNnf8Q9ypygbUMOalYN6KzHloj52inX3fpGfOov0O/1+bkp/3SvATU0aRpB -4bKLt99b69x1HSIkCNxeJQz2klgEMNQYGsnXOYCvnI0cOpGGDxQuIYiZbYbTJb7X -FI7FfV0ryn55mMLgZboGezMhWGYeHpWfa7H0La1ZjgedBsu3HH5VaPuHOngFNa+X -78vbWFcD09biZJwatwZlRjFGItaPSyhqSWJx1IqBZ98ZG9ziOVQ+kq1+uRecI/3S -jNw8LFDnOH20UxJnhRddA7f7cFWkk3WRIIec+wvE7uOibHDwFmqCo6JeOhkZDF5f -R1dfN4CZznMzbUb5iqUb4JwGdViijCaDHTEe3C3nKS1mPxt2kn3H1C37y71Fh5yu -mStVxjZZTdbaP8WPEAEDhK+7eB6pAKa+ERXOlWY1L5nNkh4ahIw5837yIY60oyBh -goiqX/Vy0wEJMa7HgXT3cDnW4NiXQA8nVKsRUiZco136YAATS89iLk3ibYJxzGP+ -G2LZ +AoICAQCnBwSOYVJw47IoMHMXTVDtOYvUt3rqsurEhFcB4O8xmf2mmwr6m7s8A5Ft +AvAehg1GvnXT3t/KiyU7BK+acTwcErGyZwS2wvdB0lpHWSpOn/u5y+4ZETvQefcj +ZTdDOM9VN5nutpitgNb+1yL8sqSexfVbY7DnYYvFjOVBYoP/SGvM9jVjCad+0WL3 +FhuD+L8QAxzCieX3n9UMymlFwINQuEc+TDjuNcEqt+0J5EgS1fwzxb2RCVL0TNv4 +9a71hFGCNRj20AeZm99hbdufm7+0AFO7ocV5q43rLrWFUoBzqKPYIjga/cv/UdWZ +c5RLRXw3JDSrCqkf/mOlaEhNPlmWRF9MSus5Da3wuwgGCaVzmrf30rWR5aHHcscG +e+AOgJ4HayvBUQeb6ZlRXc0YlACiLToMKxuyxDyUcDfVEXpUIsDILF8dkiVQxEU3 +j9g6qjXiqPVdNiwpqXfBKObj8vNCzORnoHYs8cCgib3RgDVWeqkDmlSwlZE7CvQh +U4Loj4l7813xxzYEKkVaT1JdXPWu42CG/b4Y/+f4V+3rkJkYzUwndX6kZNksIBai +phmtvKt+CTdP1eAbT+C9AWWF3PT31+BIhuT0u9tR8BVSkXdQB8dG4M/AAJcTo640 +0mdYYOXT153gEKHJuUBm750ZTy+r6NjNvpw8VrMAakJwHqnIdQIDAQABo2MwYTAd +BgNVHQ4EFgQUP3SR9TmlzmXjxMe7QDKP1I2ke6EwHwYDVR0jBBgwFoAUP3SR9Tml +zmXjxMe7QDKP1I2ke6EwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw +DQYJKoZIhvcNAQELBQADggIBAFMFv4C+I0+xOAb9v6G/IOpfPBZ1ez31EXKJJBra +lulP4nRHQMeb310JS8BIeQ3dl+7+PkSxPABZSwc3jkxdSMvhc+Z4MQtTgos+Qsjs +gH7sTqwWeeQ0lHYxWmkXijrh5OPRZwTKzYQlkcn85BCUXl2KDuNEdiqPbDTao+lc +lA0/UAvC6NCyFKq/jqf4CmW5Kx6yG1v1LaE+IXn7cbIXj+DaehocVXi0wsXqj03Q +DDUHuLHZP+LBsg4e91/0Jy2ekNRTYJifSqr+9ufHl0ZX1pFDZyf396IgZ5CQZ0PJ +nRxZHlCfsxWxmxxdy3FQSE6YwXhdTjjoAa1ApZcKkkt1beJa6/oRLze/ux5x+5q+ +4QczufHd6rjoKBi6BM3FgFQ8As5iNohHXlMHd/xITo1Go3CWw2j9TGH5vzksOElK +B0mcwwt2zwNEjvfytc+tI5jcfGN3tiT5fVHS8hw9dWKevypLL+55Ua9G8ZgDHasT +XFRJHgmnbyFcaAe26D2dSKmhC9u2mHBH+MaI8dj3e7wNBfpxNgp41aFIk+QTmiFW +VXFED6DHQ/Mxq93ACalHdYg18PlIYClbT6Pf2xXBnn33YPhn5xzoTZ+cDH/RpaQp +s0UUTSJT1UTXgtXPnZWQfvKlMjJEIiVFiLEC0sgZRlWuZDRAY0CdZJJxvQp59lqu +cbTm -----END CERTIFICATE----- diff --git a/test/emqx_crl_cache_SUITE_data/client-revoked.cert.pem b/test/emqx_crl_cache_SUITE_data/client-revoked.cert.pem index 53bd2436c..d0a23bf2f 100644 --- a/test/emqx_crl_cache_SUITE_data/client-revoked.cert.pem +++ b/test/emqx_crl_cache_SUITE_data/client-revoked.cert.pem @@ -2,31 +2,31 @@ MIIFnDCCA4SgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0Ux EjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMRkwFwYDVQQL DBBNeUludGVybWVkaWF0ZUNBMRkwFwYDVQQDDBBNeUludGVybWVkaWF0ZUNBMB4X -DTIyMDYxMzEyNDIwNVoXDTIzMDYyMzEyNDIwNVowfTELMAkGA1UEBhMCU0UxEjAQ +DTIzMDExMjEzMDgxNloXDTMzMDQxOTEzMDgxNlowfTELMAkGA1UEBhMCU0UxEjAQ BgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMRIwEAYDVQQKDAlN eU9yZ05hbWUxGTAXBgNVBAsMEE15SW50ZXJtZWRpYXRlQ0ExFzAVBgNVBAMMDmNs -aWVudC1yZXZva2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA584w -VAczDWrlIJXm6+0oYepacPPrVEMC9WwsQFO5GbBDdxrBvxgQ5u8/DDNEtYk0sJMt -zgSLxsYK5duhrwVyICXpKgxMI2fKdKP0zxB/eB4V0vrc6FqR4L8D8XoNPKSaTnjv -NNh3wjLNvmBRfHRSUCe4zEvPZzMLuBIHXRR20prtA90FFV8fliNvMCBIbFkqthjf -fQ/tSXXxNQNjacuHVfY+LVN3xu9Jjll4AaCKKz19rDexq9HTLLZ8y4jBD1eRobp+ -spKKu4HNpon+YMp3vJuNmxsTU+xBkbESWGJTFot7lZL1PVBvxdgbSd3OrPKI+QbK -06FN3iBrcW3Yjp04LQIDAQABo4IBNjCCATIwCQYDVR0TBAIwADARBglghkgBhvhC +aWVudC1yZXZva2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+R6 +PDtIxVlUoLYbDBbaVcxgoLjnWcvqL8wSqyWuqi/Y3cjuNYCziR9nR5dWajtkBjzJ +HyhgAr6gBVSRt4RRmDXoOcprK3GcpowAr65UAmC4hdH0af6FdKjKCnFw67byUg52 +f7ueXZ6t/XuuKxlU/f2rjXVwmmnlhBi5EHDkXxvfgWXJekDfsPbW9j0kaCUWCpfj +rzGbfkXqrPkslO41PYlCbPxoiRItJjindFjcQySYvRq7A2uYMGsrxv4n3rzo5NGt +goBmnGj61ii9WOdopcFxKirhIB9zrxC4x0opRfIaF/n1ZXk6NOnaDxu1LTZ18wfC +ZB979ge6pleeKoPf7QIDAQABo4IBNjCCATIwCQYDVR0TBAIwADARBglghkgBhvhC AQEEBAMCBaAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2VuZXJhdGVkIENsaWVu -dCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUSq+9djRFuryFk0Mdqlsy0chljWswHwYD -VR0jBBgwFoAUK6/VOTMLV9KBN/MTWbW7mlEImxUwDgYDVR0PAQH/BAQDAgXgMB0G +dCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUQeItXr3nc6CZ++G9UCoq1YlQ9oowHwYD +VR0jBBgwFoAUTHCGOxVSibq1D5KqrrExQRO+c/MwDgYDVR0PAQH/BAQDAgXgMB0G A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA7BgNVHR8ENDAyMDCgLqAshipo dHRwOi8vbG9jYWxob3N0Ojk4NzgvaW50ZXJtZWRpYXRlLmNybC5wZW0wMQYIKwYB BQUHAQEEJTAjMCEGCCsGAQUFBzABhhVodHRwOi8vbG9jYWxob3N0Ojk4NzcwDQYJ -KoZIhvcNAQELBQADggIBAD4XyEjAfU0VE+YRQXUxlqpeJdMij0Io9ZCf1j6JMNFl -/p8vbOm6orK55bYWXCzRaIEkgOGlpQLDIXpViAjmBbXisA97hS1v6rW10W6LyNkN -i7LC6kTgBi4yIV3FiQk5CIE3Tj22+0GjaepHc2bPGaLSRBaoe8uBvDlDqRjxW64H -KYOIyux3WqauEziNEVklXG3VNX+6WfUw0jP9p4cglLaL43htwdavA1g7RP0wE1/6 -hvZ242jK4bvCGn/p7IDa8YtgXTufjQf6hJB9kRAJRqrSJQnihb6P9UZr2saaR7mp -28w7a6L1RLSkCSpcwRoTHgTMkFwCD/h7NxZmpoOCBk4vrHY7SXG05ptb6o7x8TD7 -lRV/+ay8EIPWCKGpTrGWHGzjxiuXw4TqnfETlvz0rFUG4TapXwmWnaSwTUk5d10v -olBQJ22CIidkKvoW/6bmD6mtyRX/F3KDTN7vHSsjvaty+TzqjWLLd2rjWpZi5xcc -h/lOyWHXbFkakRT879USUvqU/Y6+2CpbZ2ssks4+bnD8Dsdq1fFLTXtLhBBFcz11 -amuwx923tJTY9f6e7y3X/TveCKcibo+aluA4ACkYix8mR/oFxmsulW6MTVcqZZ+i -9+oo9hyOPQsJhWYISAtLBuDCqz9fKM4llmnuQZA55FuZBkSmHBRAXw5xwA+gbZcs +KoZIhvcNAQELBQADggIBAIFuhokODd54/1B2JiNyG6FMq/2z8B+UquC2iw3p2pyM +g/Jz4Ouvg6gGwUwmykEua06FRCxx5vJ5ahdhXvKst/zH/0qmYTFNMhNsDy76J/Ot +Ss+VwQ8ddpEG3EIUI9BQxB3xL7z7kRQzploQjakNcDWtDt1BmN05Iy2vz4lnYJky +Kss6ya9jEkNibHekhxJuchJ0fVGlVe74MO7RNDFG7+O3tMlxu0zH/LpW093V7BI2 +snXNAwQBizvWTrDKWLDu5JsX8KKkrmDtFTs9gegnxDCOYdtG5GbbMq+H1SjWUJPV +wiXTF8/eE02s4Jzm7ZAxre4bRt/hAg7xTGmDQ1Hn+LzLn18I9LaW5ZWqSwwpgv+g +Z/jiLO9DJ/y525Cl7DLCpSFoDTWlQXouKhcgALcVay/cXCsZ3oFZCustburLiJi/ +zgBeEk1gVpwljriJLeZifyfWtJx6yfgB/h6fid8XLsGRD+Yc8Tzs8J1LIgi+j4ZT +UzKX3B85Kht/dr43UDMtWOF3edkOMaJu7rcg5tTsK+LIyHtXvebKPVvvA9f27Dz/ +4gmhAwwqS87Xv3FMVhZ03DNOJ6XAF+T6OTEqwYs+iK56IMSl1Jy+bCzo0j5jZVbl +XFwGxUHzM7pfM6PDx657oUxG1QwM/fIWA18F+kY/yigXxq6pYMeAiQsPanOThgHp -----END CERTIFICATE----- diff --git a/test/emqx_crl_cache_SUITE_data/client-revoked.key.pem b/test/emqx_crl_cache_SUITE_data/client-revoked.key.pem index b9865d4d6..0b7698da9 100644 --- a/test/emqx_crl_cache_SUITE_data/client-revoked.key.pem +++ b/test/emqx_crl_cache_SUITE_data/client-revoked.key.pem @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEA584wVAczDWrlIJXm6+0oYepacPPrVEMC9WwsQFO5GbBDdxrB -vxgQ5u8/DDNEtYk0sJMtzgSLxsYK5duhrwVyICXpKgxMI2fKdKP0zxB/eB4V0vrc -6FqR4L8D8XoNPKSaTnjvNNh3wjLNvmBRfHRSUCe4zEvPZzMLuBIHXRR20prtA90F -FV8fliNvMCBIbFkqthjffQ/tSXXxNQNjacuHVfY+LVN3xu9Jjll4AaCKKz19rDex -q9HTLLZ8y4jBD1eRobp+spKKu4HNpon+YMp3vJuNmxsTU+xBkbESWGJTFot7lZL1 -PVBvxdgbSd3OrPKI+QbK06FN3iBrcW3Yjp04LQIDAQABAoIBAQDN52MaYMLCel9I -0J6slp62SxtHFgPFdzjbk9jC0xuqa92hoIzVF6V73KxeQ/QWZOf+qN2ZEISwbh4k -CzHVa7ryP3qbtQy0rm8xqKm+fGMd6WttWxR6+Gh4AHSaPNYhNf0zE0033ciTIdmL -77ayHAk51e7a2cRDYR5ZxPnxfkoFy5M2y9U7daAZsEjIyoxjGmkO92YU4byPfUxA -vxC+rcSCUHA1OSoKONuGmwAYrLyHHoIgmVSXe6qSjgSWBPFVLp6OKTiBc7klRnlw -EAcoop7NSit+eMCqQM85Tp8wMmKd+9jfoek9yc5ahWgLDMsd5Dlc/+CXoChmQ5dO -w0h7vqbpAoGBAPk5HEuZ752VJQOtcSfJacOsYlAc8tlOBl33negGIplAKYeWKib7 -xtCzdU29oW4tPIJO6v+e7y+GcV7n2+6DpoXTUr6f4fG3vPQ3ZKPctsAHyFpKvzR3 -137YllShpgQKIcnwC7y/KG+wwgiVjZ+cDWCUuGA9/3m249DdO2b8F+jXAoGBAO4b -1KC32rjzOk3QOZWIvWADbC8MxY0jeM+phtycoeyCreSOKq6dLpX4JD5NZ1XP4uol -wr0Ta0D8FN7T/JRfT8FnoFXTJxwKTi6oGwXQ3Am/bXsz2A2H8vsXL8tgutYfX4Xi -YNf57zNiCTHLC4K9aiS8iJ2UtJIwGi558ONVOPKbAoGBAJcjS0WN1QJ7sDbKuBSo -0LsZj4WGCMA/0RyrTden4NOPVaAkMOvzRF7MdhbvKTbnuApOUbUzbVok7hvgAEBl -FleSEFwKGbu88Zoo/Z9h+nH6RkZ7jfkDtGv4bTJl1YgdnOAZ8wRD6QHS79jE2V4y -BOrNRgMXlhb6Eq5Xe+64cseBAoGBANuLB6tEukQr6AdVRbMNyGbd4QMkyIXRPhRj -IDkLpvVWrJV/S/WCcjDPAkP7xJrHulbgiEUjwZHCnE+0sD/x/ay7KofX0Ei3a8zz -LS9Ym3nValHdxIj9X9mKUIQ6ZSsG9GGTEG4zQg1jiEzEBZH/qf3DZEe/lBryhUFz -J9vEeWSfAoGAPV6RXEP4uJstCBUsWnWXGNtQ8TwS/NsH5FyPuWEXWxJwrUHEDyiA -FhRW2tGH/k5cCZw7lvzmZui+iWBv90l1/N3J2+SKZMVZNGsXCYx9szSd5uAer/Zs -emH0oOBC6NXXVDTIp+vDzy/lx6Xxcp4n6iiI3I+uCOeI5qRhM0GHcdU= ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCz5Ho8O0jFWVSg +thsMFtpVzGCguOdZy+ovzBKrJa6qL9jdyO41gLOJH2dHl1ZqO2QGPMkfKGACvqAF +VJG3hFGYNeg5ymsrcZymjACvrlQCYLiF0fRp/oV0qMoKcXDrtvJSDnZ/u55dnq39 +e64rGVT9/auNdXCaaeWEGLkQcORfG9+BZcl6QN+w9tb2PSRoJRYKl+OvMZt+Reqs ++SyU7jU9iUJs/GiJEi0mOKd0WNxDJJi9GrsDa5gwayvG/ifevOjk0a2CgGacaPrW +KL1Y52ilwXEqKuEgH3OvELjHSilF8hoX+fVleTo06doPG7UtNnXzB8JkH3v2B7qm +V54qg9/tAgMBAAECggEAAml+HRgjZ+gEezot3yngSBW7NvR7v6e9DmKDXpGdB7Go +DANBdGyzG5PU9/AGy9pbgzzl6nnJXcgOD7w8TvRifrK8WCgHa1f05IPMj458GGMR +HlQ8HX647eFEgkLWo4Z6tdB1VM2geDtkNFmn8nJ+wgAYgIdSWPOyDOUi+B43ZbIN +eaLWkP2fiX9tcJp41cytW+ng2YIm4s90Nt4FJPNBNzOrhVm35jciId02MmEjCEnr +0YbK9uoMDC2YLg8vhRcjtsUHV2rREkwEAQj8nCWvWWheIwk943d6OicGAD/yebpV +PTjtlZlpIbrovfvuMcoTxJg3WS8LTg/+cNWAX5a3eQKBgQDcRY7nVSJusYyN0Bij +YWc9H47wU+YucaGT25xKe26w1pl6s4fmr1Sc3NcaN2iyUv4BuAvaQzymHe4g9deU +D9Ws/NCQ9EjHJJsklNyn2KCgkSp7oPKhPwyl64XfPdV2gr5AD6MILf7Rkyib5sSf +1WK8i25KatT7M4mCtrBVJYHNpQKBgQDREjwPIaQBPXouVpnHhSwRHfKD0B1a2koq +4VE6Fnf3ogkiGfV9kqXwIfPHL0tfotFraM3FFmld8RcxhKUPr4oj+K9KTxmMD9lm +9Hal0ANXYmHs5a1iHyoNmTpBGHALWLT9fCoeg+EIYabi2+P1c7cDIdUPkEzo4GmI +nCIpv7hGqQKBgEFUC+8GK+EinWoN1tDV+ZWCP5V9fJ43q1E7592bQBgIfZqLlnnP +dEvVn6Ix3sZMoPMHj9Ra7qjh5Zc28ooCLEBS9tSW7uLJM44k7FCHihQ1GaFy+aLj +HTA0aw7rutycKCq9uH+bjKDBgWDDj3tMAS2kOMCvcJ1UCquO3TtTlWzVAoGBAIDN +8yJ/X0NEVNnnkKZTbWq+QILk3LD0e20fk6Nt5Es0ENxpkczjZEglIsM8Z/trnAnI +b71UqWWu+tMPHYIka77tn1DwmpSnzxCW2+Ib3XMgsaP5fHBPMuFd3X3tSFo1NIxW +yrwyE5nOT7rELhUyTTYoydLk2/09BMedKY7/BtDBAoGAXeX1pX74K1i/uWyYKwYZ +sskRueSo9whDJuZWgNiUovArr57eA+oA+bKdFpiE419348bkFF8jNoGFQ6MXMedD +LqHAYIj+ZPIC4+rObHqO5EaIyblgutwx3citkQp7HXDBxojnOKA9mKQXj1vxCaL1 +/1fFNJQCzEqwnKwnhI2MJ28= +-----END PRIVATE KEY----- diff --git a/test/emqx_crl_cache_SUITE_data/client.cert.pem b/test/emqx_crl_cache_SUITE_data/client.cert.pem index e0405e673..b37d1b0ba 100644 --- a/test/emqx_crl_cache_SUITE_data/client.cert.pem +++ b/test/emqx_crl_cache_SUITE_data/client.cert.pem @@ -2,31 +2,31 @@ MIIFljCCA36gAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0Ux EjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMRkwFwYDVQQL DBBNeUludGVybWVkaWF0ZUNBMRkwFwYDVQQDDBBNeUludGVybWVkaWF0ZUNBMB4X -DTIyMDYxMzEyNDIwNVoXDTIzMDYyMzEyNDIwNVowdzELMAkGA1UEBhMCU0UxEjAQ +DTIzMDExMjEzMDgxNloXDTMzMDQxOTEzMDgxNlowdzELMAkGA1UEBhMCU0UxEjAQ BgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMRIwEAYDVQQKDAlN eU9yZ05hbWUxGTAXBgNVBAsMEE15SW50ZXJtZWRpYXRlQ0ExETAPBgNVBAMMCE15 -Q2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoHIpsxDnO4y -TLKghUGkAIg5102fcVj2sQ4kJhybnN7tfbQ0gZo0GE8A7SQAYM/lO0VcDknp/nkz -A8Lsc5Lc1SJ7z1Iyd+/ZUg3GJE/ijPoPdMlFU4/HndmoMdLhcflCRZiirnLGwdvT -bBrlGD0alK/kOqbSc9LT3oFVXWo2XvAyNtBxU7dHznxT5JuFnPyCZvoY+FvSpCbP -5rV0NLzdCpk+6C4KTs3YAaTh6kVvSCch55E7hE0I2KKLjz1Ge563vPEWOnB40p6w -ZhzcwFIbiXmq8TpA342HInES1tFRwv7ZGSs+B8t/q9nGWTDf1as4+wBrQ/i35Xav -sMuNp+O+mQIDAQABo4IBNjCCATIwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMC +Q2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGuAShewEo8V +/+aWVO/MuUt92m8K0Ut4nC2gOvpjMjf8mhSSf6KfnxPklsFwP4fdyPOjOiXwCsf3 +1QO5fjVr8to3iGTHhEyZpzRcRqmw1eYJC7iDh3BqtYLAT30R+Kq6Mk+f4tXB5Lp/ +2jXgdi0wshWagCPgJO3CtiwGyE8XSa+Q6EBYwzgh3NFbgYdJma4x+S86Y/5WfmXP +zF//UipsFp4gFUqwGuj6kJrN9NnA1xCiuOxCyN4JuFNMfM/tkeh26jAp0OHhJGsT +s3YiUm9Dpt7Rs7o0so9ov9K+hgDFuQw9HZW3WIJI99M5a9QZ4ZEQqKpABtYBl/Nb +VPXcr+T3fQIDAQABo4IBNjCCATIwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMC BaAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2VuZXJhdGVkIENsaWVudCBDZXJ0 -aWZpY2F0ZTAdBgNVHQ4EFgQUwRox6T4QUt1kUQDCuZ6NJNKGHIgwHwYDVR0jBBgw -FoAUK6/VOTMLV9KBN/MTWbW7mlEImxUwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQW +aWZpY2F0ZTAdBgNVHQ4EFgQUOIChBA5aZB0dPWEtALfMIfSopIIwHwYDVR0jBBgw +FoAUTHCGOxVSibq1D5KqrrExQRO+c/MwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQW MBQGCCsGAQUFBwMCBggrBgEFBQcDBDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v bG9jYWxob3N0Ojk4NzgvaW50ZXJtZWRpYXRlLmNybC5wZW0wMQYIKwYBBQUHAQEE JTAjMCEGCCsGAQUFBzABhhVodHRwOi8vbG9jYWxob3N0Ojk4NzcwDQYJKoZIhvcN -AQELBQADggIBAEFjWfL32GKfOExZ+4FPUj80V282pJ4iEuRSmbti/EVZse0GsKvZ -xF1swDdoTrcdNTruHxIKfojwKz28XP6JoM6MUruxQglwdwZGJGlC0KpanR7dvQHa -XT/ushugHptobRh3+f47Gbyd0A0MKfGFLGLC1XZokdrvLPoKHCJWq/DRUgHMnn53 -FrM7a+JXZUpkSU+uqCPTMpkmuZc0E+SPVtLGiH71q1kbMzJKIKSuzkRCG91PW8fT -B2PUmy4W6YV6MUSi+jHx5JDLvjwycTsNFBiK0zZtcKsaz9QWi/qnrjkCWR0LXaRZ -W99ER7hEMe8J5CYt3lrmtaVL8lZ4TnoQE/Rsr1GBr7+WA9WnB/ijSG/3Q02hyqcK -EaFE+aqOvY03UlIyk/m+PFoRwge9vERf2dGgFN4osbczDMwXc67jx1MKyFQLQvg4 -TcN7fXCbqQeWDH0RCAF4goFGqjq/KZQYHN+BOJ1cubUxbY4+9zuQ7pZ1s1tonchA -TQFYbZNXKFUYTrgSSZRoJGGkSQkUKvARsraIdFvOt6qzLq4k86efQAgPDwFd1Kni -+iML7b3fIzHAl00WYH/hvjyjiDbh9YJpGorflgzjyt/dDNcYk5mcMNJJyrY/kPUG -3/eiMMIfW6UFSJq3ePK0NBFCzmdGWGUb+ZQS+JYP51eN2zsbZRm/Pfel +AQELBQADggIBAE0qTL5WIWcxRPU9oTrzJ+oxMTp1JZ7oQdS+ZekLkQ8mP7T6C/Ew +6YftjvkopnHUvn842+PTRXSoEtlFiTccmA60eMAai2tn5asxWBsLIRC9FH3LzOgV +/jgyY7HXuh8XyDBCDD+Sj9QityO+accTHijYAbHPAVBwmZU8nO5D/HsxLjRrCfQf +qf4OQpX3l1ryOi19lqoRXRGwcoZ95dqq3YgTMlLiEqmerQZSR6iSPELw3bcwnAV1 +hoYYzeKps3xhwszCTz2+WaSsUO2sQlcFEsZ9oHex/02UiM4a8W6hGFJl5eojErxH +7MqaSyhwwyX6yt8c75RlNcUThv+4+TLkUTbTnWgC9sFjYfd5KSfAdIMp3jYzw3zw +XEMTX5FaLaOCAfUDttPzn+oNezWZ2UyFTQXQE2CazpRdJoDd04qVg9WLpQxLYRP7 +xSFEHulOPccdAYF2C45yNtJAZyWKfGaAZIxrgEXbMkcdDMlYphpRwpjS8SIBNZ31 +KFE8BczKrg2qO0ywIjanPaRgrFVmeSvBKeU/YLQVx6fZMgOk6vtidLGZLyDXy0Ff +yaZSoj+on++RDz1IXb96Y8scuNlfcYI8QeoNjwiLtf80BV8SRJiG4e/jTvMf/z9L +kWrnDWvx4xkUmxFg4TK42dkNp7sEYBTlVVq9fjKE92ha7FGZRqsxOLNQ -----END CERTIFICATE----- diff --git a/test/emqx_crl_cache_SUITE_data/client.key.pem b/test/emqx_crl_cache_SUITE_data/client.key.pem index 6df146424..2e767d81f 100644 --- a/test/emqx_crl_cache_SUITE_data/client.key.pem +++ b/test/emqx_crl_cache_SUITE_data/client.key.pem @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAtoHIpsxDnO4yTLKghUGkAIg5102fcVj2sQ4kJhybnN7tfbQ0 -gZo0GE8A7SQAYM/lO0VcDknp/nkzA8Lsc5Lc1SJ7z1Iyd+/ZUg3GJE/ijPoPdMlF -U4/HndmoMdLhcflCRZiirnLGwdvTbBrlGD0alK/kOqbSc9LT3oFVXWo2XvAyNtBx -U7dHznxT5JuFnPyCZvoY+FvSpCbP5rV0NLzdCpk+6C4KTs3YAaTh6kVvSCch55E7 -hE0I2KKLjz1Ge563vPEWOnB40p6wZhzcwFIbiXmq8TpA342HInES1tFRwv7ZGSs+ -B8t/q9nGWTDf1as4+wBrQ/i35XavsMuNp+O+mQIDAQABAoIBACZaJ5xFmH/F3nQX -pXvbS2eBOQZxnWvoUg7q9dW8dUcF4cpksBP8H65sC7nJsvqlNXq7HJk0FyQOvBWy -RJYU6qsvT+1FTK2/jV+c3WKMFwOhGNZl5VemA0C8mIe/1PhqdO7DIIygOfxLAaba -EAKD9K4COGfK3rbQOw2rCBFVXI+ed0L2q+IzpyZdvtUFVdDKF9d5i3m2Qr6Ayeuq -dpf2ig69nC+4I505govODX2O9+q7x+zkddooxL72OXdEQFHn8p1K69Zk9iLz2jPX -HPVyKXGYzCOyfZZk/jJjBCv+8bkFQg/Ncm/KSBeBjp2Gxo6EjfERUhkShkxtOB5P -pAETPXECgYEA4SP/hV/MbmXnouKvjoWCZ0dYH92lNVOMMr2Ij/nOpvxTAyc1FXg+ -m5NrvMjRnGu32QfLcJmaXnK9YjqAZD9koQ3DisS0FbwTa7V8NSR5ImJfPWpa2VMP -SiyWQCh6Iba2852hl8Ryph7wbbSXAcocthx6dIuP/QsX2Q95jrh+g0cCgYEAz4XO -MSjwsrT/9i3voVKD+7eWBYkFpOJ+piYxrrmIrkMSWrwPIE9KBFfn7TlPvBPCb+W2 -uN/eLtO8HDePKfJQdZxphvlmy8eeIfjzBhod2HELJy3ShHS57uaD7iLLhPXrV9Gm -As99lS+kKGeH30j9Si53oQU0eIyH8iZX+beR3x8CgYB/DGhqZHghqIIByjhVjgPb -skgJm3NaV25bR9ejn829L9DMi7iKCBQUiSmYHB8lTSgvYhWs0hFp0QgMQYUojRmF -RRYe3gfd6AdxlbWk65MsEyU5rCXeU9/h9K1JQU5CbjBp439H/MTR982nquw4R0zS -e9mioQs9OaBYjkIDhxtliwKBgCRtaHRYq2ezPfsItTesNF7LKxptov/+ghzIN5Bk -IQn13BLxT/Zr9KIujBeoJ8br8QWTXS+2nFm78RlC526Finoaqqt2vASpVajA+mfn -zbVgooSOFpYJp1m4PRBgKzl7sYQI2QtFQNYfNsGg6sjXFx8eaQFq2HsQsAxhjq/W -+VQhAoGBALWrW12fQ0dJffRIXs/PCfwPy24071Q41YEadiZbV2/ZYlpDG6MQIENe -KaDMpflkuHhR6RQZmfJoImLvpKH0iOoxnTzPJhDQHKvwiqei3v7SuN2vh7VWGCGH -ikLROTT/oVrq4Z5XrZuAR1wtqRgi/KwvztG+QTzxLhygOmmkbSdt ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC8a4BKF7ASjxX/ +5pZU78y5S33abwrRS3icLaA6+mMyN/yaFJJ/op+fE+SWwXA/h93I86M6JfAKx/fV +A7l+NWvy2jeIZMeETJmnNFxGqbDV5gkLuIOHcGq1gsBPfRH4qroyT5/i1cHkun/a +NeB2LTCyFZqAI+Ak7cK2LAbITxdJr5DoQFjDOCHc0VuBh0mZrjH5Lzpj/lZ+Zc/M +X/9SKmwWniAVSrAa6PqQms302cDXEKK47ELI3gm4U0x8z+2R6HbqMCnQ4eEkaxOz +diJSb0Om3tGzujSyj2i/0r6GAMW5DD0dlbdYgkj30zlr1BnhkRCoqkAG1gGX81tU +9dyv5Pd9AgMBAAECggEAAifx6dZKIeNkQ8OaNp5V2IKIPSqBOV4/h/xKMkUZXisV +eDmTCf8du0PR7hfLqrt9xYsGDv+6FQ1/8K231l8qR0tP/6CTl/0ynM4qqEAGeFXN +3h2LvM4liFbdjImechrcwcnVaNKg/DogT5zHUYSMtB/rokaG0VBO3IX/+SGz0aXi +LOLAx6SPaLOVX9GYUCiigTSEDwaQA+F3F6J2fR4u8PrXo+OQUqxjQ/fGXWp+4IfA +6djlpvzO2849/WPB1tL20iLXJlL2OL0UgQNtbKWTjexMe+wgCR5BzCwTyPsQvMwX +YOQrTOwgF3b6O+gLks5wSRT0ivq1sKgzA534+X4M+wKBgQDirPTLlrYobOO8KUpV +LOJU8x9leiRNU9CZWrW/mOw/BXGXikqNWvgL595vvADsjYciuRxSqEE7lClB8Pp9 +20TMlES9orx7gdoQJCodpNV1BuBJhE9YtUiXzWAj+7m3D9LsXM1ewW/2A7Vvopj3 +4zKY7uHAFlo3nXwLOfChG5/i9wKBgQDUy5fPFa58xmn7Elb6x4vmUDHg6P4pf75E +XHRQvNA8I7DTrpqfcsF1N4WuJ3Lm//RSpw7bnyqP20GoEfGHu/iCUPf29B7CuXhO +vvD+I8uPdn8EcKUBWV+V0xNQN/gCe0TzrEjAkZcO2Lq0j93R8HVl3BbowxgRvQV9 +GmxQG/boKwKBgFeV8uSzsGEAaiKrZbBxrmaappgEUQCcES8gULfes/JJ/TFL2zCx +ZMTc7CMKZuUAbqXpFtuNbd9CiYqUPYXh8ryF0eXgeqnSa9ruzmMz7NLSPFnLyQkC +yzD0x2BABOuKLrrrxOMHJWbO2g1vq2GlJUjYjNw3BtcUf/iqg6MM1IPTAoGAWYWJ +SSqS7JVAcsrFYt1eIrdsNHVwr565OeM3X9v/Mr3FH1jeXeQWNSz1hU29Ticx7y+u +1YBBlKGmHoHl/bd7lb9ggjkzU7JZRa+YjSIb+i/cwc5t7IJf7xUMk/vnz4tyd5zs +Qm89gJZ2/Y1kwXSKvx53WNbyokvGKlpaZN1O418CgYACliGux77pe4bWeXSFFd9N +50ipxDLVghw1c5AiZn25GR5YHJZaV4R0wmFcHdZvogLKi0jDMPvU69PaiT8eX/A1 +COkxv7jY1vtKlEtb+gugMjMN8wvb2va4kyFamjqnleiZlBSqIF/Y17wBoMvaWgZ0 +bEPCN//ts5hBwgb1TwGrrg== +-----END PRIVATE KEY----- diff --git a/test/emqx_crl_cache_SUITE_data/emqx_crl_cache_http_server.erl b/test/emqx_crl_cache_SUITE_data/emqx_crl_cache_http_server.erl index cceee7333..925ac3742 100644 --- a/test/emqx_crl_cache_SUITE_data/emqx_crl_cache_http_server.erl +++ b/test/emqx_crl_cache_SUITE_data/emqx_crl_cache_http_server.erl @@ -3,8 +3,11 @@ -behaviour(gen_server). -compile([nowarn_export_all, export_all]). +set_crl(CRLPem) -> + ets:insert(?MODULE, {crl, CRLPem}). + %%-------------------------------------------------------------------- -%% APIs +%% `gen_server' APIs %%-------------------------------------------------------------------- start_link(Parent, BasePort, CRLPem, Opts) -> @@ -14,9 +17,11 @@ start_link(Parent, BasePort, CRLPem, Opts) -> gen_server:start_link(?MODULE, {Parent, BasePort, CRLPem, Opts}, []). init({Parent, BasePort, CRLPem, Opts}) -> - ok = start_http(Parent, CRLPem, [{port, BasePort} | Opts]), + Tab = ets:new(?MODULE, [named_table, ordered_set, public]), + ets:insert(Tab, {crl, CRLPem}), + ok = start_http(Parent, [{port, BasePort} | Opts]), Parent ! {self(), ready}, - {ok, #{parent => Parent, crl_pem => CRLPem}}. + {ok, #{parent => Parent}}. handle_call(_Request, _From, State) -> {reply, ignored, State}. @@ -40,9 +45,9 @@ stop(Pid) -> %% Callbacks %%-------------------------------------------------------------------- -start_http(Parent, CRLPem, Opts) -> +start_http(Parent, Opts) -> {ok, _Pid1} = cowboy:start_clear(http, Opts, #{ - env => #{dispatch => compile_router(Parent, CRLPem)} + env => #{dispatch => compile_router(Parent)} }), ok. @@ -50,15 +55,16 @@ stop_http() -> cowboy:stop_listener(http), ok. -compile_router(Parent, CRLPem) -> +compile_router(Parent) -> {ok, _} = application:ensure_all_started(cowboy), cowboy_router:compile([ - {'_', [{'_', ?MODULE, #{parent => Parent, crl_pem => CRLPem}}]} + {'_', [{'_', ?MODULE, #{parent => Parent}}]} ]). -init(Req, #{parent := Parent, crl_pem := CRLPem} = State) -> +init(Req, #{parent := Parent} = State) -> %% assert <<"GET">> = cowboy_req:method(Req), + [{crl, CRLPem}] = ets:lookup(?MODULE, crl), Parent ! http_get, Reply = reply(Req, CRLPem), {ok, Reply, State}. diff --git a/test/emqx_crl_cache_SUITE_data/intermediate-not-revoked.crl.pem b/test/emqx_crl_cache_SUITE_data/intermediate-not-revoked.crl.pem new file mode 100644 index 000000000..e484b44c0 --- /dev/null +++ b/test/emqx_crl_cache_SUITE_data/intermediate-not-revoked.crl.pem @@ -0,0 +1,19 @@ +-----BEGIN X509 CRL----- +MIIDJTCCAQ0CAQEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0UxEjAQBgNV +BAgMCVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMRkwFwYDVQQLDBBNeUlu +dGVybWVkaWF0ZUNBMRkwFwYDVQQDDBBNeUludGVybWVkaWF0ZUNBFw0yMzAxMTIx +MzA4MTZaFw0zMzAxMDkxMzA4MTZaoG4wbDAfBgNVHSMEGDAWgBRMcIY7FVKJurUP +kqqusTFBE75z8zA8BgNVHRwENTAzoC6gLIYqaHR0cDovL2xvY2FsaG9zdDo5ODc4 +L2ludGVybWVkaWF0ZS5jcmwucGVthAH/MAsGA1UdFAQEAgIQADANBgkqhkiG9w0B +AQsFAAOCAgEAJGOZuqZL4m7zUaRyBrxeT6Tqo+XKz7HeD5zvO4BTNX+0E0CRyki4 +HhIGbxjv2NKWoaUv0HYbGAiZdO4TaPu3w3tm4+pGEDBclBj2KTdbB+4Hlzv956gD +KXZ//ziNwx1SCoxxkxB+TALxReN0shE7Mof9GlB5HPskhLorZgg/pmgJtIykEpsq +QAjJo4aq+f2/L+9dzRM205fVFegtsHvgEVNKz6iK6skt+kDhj/ks9BKsnfCDIGr+ +XnPYwS9yDnnhFdoJ40AQQDtomxggAjfgcSnqtHCxZwKJohuztbSWUgD/4yxzlrwP +Dk1cT/Ajjjqb2dXVOfTLK1VB2168uuouArxZ7KYbXwBjHduYWGGkA6FfkNJO/jpF +SL9qhX3oxcRF3hDhWigN1ZRD7NpDKwVal3Y9tmvO5bWhb5VF+3qv0HGeSGp6V0dp +sjwhIj+78bkUrcXxrivACLAXgSTGonx1uXD+T4P4NCt148dgRAbgd8sUXK5FcgU2 +cdBl8Kv2ZUjEaod5gUzDtf22VGSoO9lHvfHdpG9o2H3wC7s4tyLTidNrduIguJff +IIgc44Y252iV0sOmZ5S0jjTRiF1YUUPy9qA/6bOnr2LohbwbNZv9tDlNj8cdhxUz +cKiS+c7Qsz+YCcrp19QRiJoQae/gUqz7kmUZQgyPmDd+ArE0V+kDZEE= +-----END X509 CRL----- diff --git a/test/emqx_crl_cache_SUITE_data/intermediate-revoked.crl.pem b/test/emqx_crl_cache_SUITE_data/intermediate-revoked.crl.pem new file mode 100644 index 000000000..4c5cdd441 --- /dev/null +++ b/test/emqx_crl_cache_SUITE_data/intermediate-revoked.crl.pem @@ -0,0 +1,20 @@ +-----BEGIN X509 CRL----- +MIIDPDCCASQCAQEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0UxEjAQBgNV +BAgMCVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMRkwFwYDVQQLDBBNeUlu +dGVybWVkaWF0ZUNBMRkwFwYDVQQDDBBNeUludGVybWVkaWF0ZUNBFw0yMzAxMTIx +MzA4MTZaFw0zMzAxMDkxMzA4MTZaMBUwEwICEAIXDTIzMDExMjEzMDgxNlqgbjBs +MB8GA1UdIwQYMBaAFExwhjsVUom6tQ+Sqq6xMUETvnPzMDwGA1UdHAQ1MDOgLqAs +hipodHRwOi8vbG9jYWxob3N0Ojk4NzgvaW50ZXJtZWRpYXRlLmNybC5wZW2EAf8w +CwYDVR0UBAQCAhABMA0GCSqGSIb3DQEBCwUAA4ICAQCPadbaehEqLv4pwqF8em8T +CW8TOQ4Vjz02uiVk9Bo0za1dQqQmwCBA6UE1BcOh+aWzQxBRz56NeUcfhgDxTntG +xLs896N9MHIG6UxpqJH8cH+DXKHsQjvvCjXtiObmBQR1RiG5C1vEMkfzTt/WSrq5 +7blowLDs4NP6YbtqXEyyUkF7DQSUEUuIDWPQdx1f++nSpVaHWW4xpoO4umesaJco +FuxaXQnZpTHHQfqUJVIL2Mmzvez9thgfKTV3vgkYrGiSLW2m2+Tfga30pUc0qaVI +RrBVORVbcu9m1sV0aJyk96b2T/+i2FRR/np4TOcLgckBpHKeK2FH69lHFr0W/71w +CErNTxahoh82Yi8POenu+S1m2sDnrF1FMf+ZG/i2wr0nW6/+zVGQsEOw77Spbmei +dbEchu3iWF1XEO/n4zVBzl6a1o2RyVg+1pItYd5C5bPwcrfZnBrm4WECPxO+6rbW +2/wz9Iku4XznTLqLEpXLAtenAdo73mLGC7riviX7mhcxfN2UjNfLuVGHmG8XwIsM +Lgpr6DKaxHwpHgW3wA3SGJrY5dj0TvGWaoInrNt1cOMnIpoxRNy5+ko71Ubx3yrV +RhbUMggd1GG1ct9uZn82v74RYF6J8Xcxn9vDFJu5LLT5kvfy414kdJeTXKqfKXA/ +atdUgFa0otoccn5FzyUuzg== +-----END X509 CRL----- diff --git a/test/emqx_crl_cache_SUITE_data/intermediate.crl.pem b/test/emqx_crl_cache_SUITE_data/intermediate.crl.pem deleted file mode 100644 index a119cede2..000000000 --- a/test/emqx_crl_cache_SUITE_data/intermediate.crl.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN X509 CRL----- -MIIDPDCCASQCAQEwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0UxEjAQBgNV -BAgMCVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMRkwFwYDVQQLDBBNeUlu -dGVybWVkaWF0ZUNBMRkwFwYDVQQDDBBNeUludGVybWVkaWF0ZUNBFw0yMjA3MjAy -MDIzNTNaFw0zMjEwMjUyMDIzNTNaMBUwEwICEAIXDTIyMDYxMzEyNDIwNVqgbjBs -MB8GA1UdIwQYMBaAFCuv1TkzC1fSgTfzE1m1u5pRCJsVMDwGA1UdHAQ1MDOgLqAs -hipodHRwOi8vbG9jYWxob3N0Ojk4NzgvaW50ZXJtZWRpYXRlLmNybC5wZW2EAf8w -CwYDVR0UBAQCAhADMA0GCSqGSIb3DQEBCwUAA4ICAQBbWdqRFsIrG6coL6ln1RL+ -uhgW9l3XMmjNlyiYHHNzOgnlBok9xu9UdaVCOKC6GEthWSzSlBY1AZugje57DQQd -RkIJol9am94lKMTjF/qhzFLiSjho8fwZGDGyES5YeZXkLqNMOf6m/drKaI3iofWf -l63qU9jY8dnSrVDkwgCguUL2FTx60v5H9NPxSctQ3VDxDvDj0sTAcHFknQcZbfvY -ZWpOYNS0FAJlQPVK9wUoDxI0LhrWDq5h/T1jcGO34fPT8RUA5HRtFVUevqSuOLWx -WTfTx5oDeMZPJTvHWUcg4yMElHty4tEvtkFxLSYbZqj7qTU+mi/LAN3UKBH/gBEN -y2OsJvFhVRgHf+zPYegf3WzBSoeaXNAJZ4UnRo34P9AL3Mrh+4OOUP++oYRKjWno -pYtAmTrIwEYoLyisEhhZ6aD92f/Op3dIYsxwhHt0n0lKrbTmUfiJUAe7kUZ4PMn4 -Gg/OHlbEDaDxW1dCymjyRGl+3/8kjy7bkYUXCf7w6JBeL2Hw2dFp1Gh13NRjre93 -PYlSOvI6QNisYGscfuYPwefXogVrNjf/ttCksMa51tUk+ylw7ZMZqQjcPPSzmwKc -5CqpnQHfolvRuN0xIVZiAn5V6/MdHm7ocrXxOkzWQyaoNODTq4js8h8eYXgAkt1w -p1PTEFBucGud7uBDE6Ub6A== ------END X509 CRL----- diff --git a/test/emqx_crl_cache_SUITE_data/server.cert.pem b/test/emqx_crl_cache_SUITE_data/server.cert.pem index 41f04044a..38cc63534 100644 --- a/test/emqx_crl_cache_SUITE_data/server.cert.pem +++ b/test/emqx_crl_cache_SUITE_data/server.cert.pem @@ -2,34 +2,34 @@ MIIGCTCCA/GgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCU0Ux EjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UECgwJTXlPcmdOYW1lMRkwFwYDVQQL DBBNeUludGVybWVkaWF0ZUNBMRkwFwYDVQQDDBBNeUludGVybWVkaWF0ZUNBMB4X -DTIyMDYxMzEyNDIwNVoXDTIzMDYyMzEyNDIwNVoweDELMAkGA1UEBhMCU0UxEjAQ +DTIzMDExMjEzMDgxNloXDTMzMDQxOTEzMDgxNloweDELMAkGA1UEBhMCU0UxEjAQ BgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMRIwEAYDVQQKDAlN eU9yZ05hbWUxGTAXBgNVBAsMEE15SW50ZXJtZWRpYXRlQ0ExEjAQBgNVBAMMCWxv -Y2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOpBaUId5ga7 -NzIXvSvnzqLAsyejjEZYcSVwWQinAH3il/Y/NbUOakPbDCQbb3U7p3oD6H0R0pVx -x0nQyhh2XlSNRc8ORAcrZlfS6/Su5o07htSKL7FZ0ySYbia2EQ6ZRFpke/+UPwr3 -eXSQUhdOX+iA0Uf5gN3fUtgGorCuT2POGemGjBvYiPoA3aD1MxHyV7PnI7CoTw8Y -cvFiXIW0Jqp69ZgSuzrmfIiMyum94pfkB1ljxao9TBSFqJTn2A3ysNZAXpGPyfP+ -1zPznxiMSvAFLihUVjKwE+glSNKvdhUgl3yAxaFI9+IeoAytPNmQU+E+o4YCuRHT -TCM1Tch95/ECAwEAAaOCAagwggGkMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQD +Y2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdU9FaA/n0Z +TXkd10XA9l+UV9xKR65ZTy2ApCFlw2gGWLiUh96a6hX+GQZFUV7ECIDDf+7nC85o +xo1Xyf0rHGABQ0uHlhqSemc12F9APIzRLlQkhtV4vMBBbGQFekje4F9bhY9JQtGd +XJGmwsR+XWo6SUY7K5l9FuSSSRXC0kSYYQfSTPR/LrF6efdHf+ZN4huP7lM2qIFd +afX+qBOI1/Y2LtITo2TaU/hXyKh9wEiuynoq0RZ2KkYQll5cKD9fSD+pW3Xm0XWX +TQy4RZEe3WoYEQsklNw3NC92ocA/PQB9BGNO1fKhzDn6kW2HxDxruDKOuO/meGek +ApCayu3e/I0CAwEAAaOCAagwggGkMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQD AgZAMDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2Vy -dGlmaWNhdGUwHQYDVR0OBBYEFAPF2lui5EhHG8lTbpglZ3BZYj2kMIGaBgNVHSME -gZIwgY+AFCuv1TkzC1fSgTfzE1m1u5pRCJsVoXOkcTBvMQswCQYDVQQGEwJTRTES +dGlmaWNhdGUwHQYDVR0OBBYEFGy5LQPzIelruJl7mL0mtUXM57XhMIGaBgNVHSME +gZIwgY+AFExwhjsVUom6tQ+Sqq6xMUETvnPzoXOkcTBvMQswCQYDVQQGEwJTRTES MBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xEjAQBgNVBAoM CU15T3JnTmFtZTERMA8GA1UECwwITXlSb290Q0ExETAPBgNVBAMMCE15Um9vdENB ggIQADAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwOwYDVR0f BDQwMjAwoC6gLIYqaHR0cDovL2xvY2FsaG9zdDo5ODc4L2ludGVybWVkaWF0ZS5j cmwucGVtMDEGCCsGAQUFBwEBBCUwIzAhBggrBgEFBQcwAYYVaHR0cDovL2xvY2Fs -aG9zdDo5ODc3MA0GCSqGSIb3DQEBCwUAA4ICAQCCTuM+KXLH2EuUn+TB78LgYrzl -/dlPj5UWPTDgiF+93fQSNvkg2uWVKPkckKNKttg+VyoRnRX87vI/bZp+dzvHfp5v -hXZuv2TkvA8ZMnJ6QUbAmiQlNTqNh0esftfXbmZAo+VvtwC/NZfevH08SO1+3R4S -PMC/Bnqmv/G3mR2qWqLu4X1ikpkgNGj4DTEkkqZFerlRyaeZHZLSVRNt6x3u4lXa -KQKbTPYP+yYpJfi0eBFy6t0hdN63BZDao3z9fulpxfjWfL32gt+TQLMf/6aJugs+ -+2BS0LAWXr9mP89Ljzo4V0G6pMBQ84/oK+mYtkFCNjRaAT+b4xGE1Ttp9H40xRZY -hm2xzVH05PgXw+IJdfnvH+245vtPUTtrnysy9FEfF7px3tAAZCiT4ogrgr52+VK6 -vGliEIxZq2ICWCK1Wy0i9zZFk3lQCFF3bWjKQCapCAFPE0naZZv7g10HkXl8+5Gc -1aSyP2LcroUyDfYx8VwKw1sLi1KtO71hs/TOTeoAPzFBmZA8h325mU5krpQtuNPg -TRxAPLztWltHR3T+WKOUMq+YZx0IiUvS6VZaCeoQeXTSZZTX5j6BXz8ffmyAcXMZ -tNATxIgDyGUfw0V6fiKQrnZCqP+fF/tdks5LKeU6tYE4JKWDarIzNNnPmhPQnJOI -YeW1Ts3aExER9EorUw== +aG9zdDo5ODc3MA0GCSqGSIb3DQEBCwUAA4ICAQCX3EQgiCVqLhnCNd0pmptxXPxo +l1KyZkpdrFa/NgSqRhkuZSAkszwBDDS/gzkHFKEUhmqs6/UZwN4+Rr3LzrHonBiN +aQ6GeNNXZ/3xAQfUCwjjGmz9Sgw6kaX19Gnk2CjI6xP7T+O5UmsMI9hHUepC9nWa +XX2a0hsO/KOVu5ZZckI16Ek/jxs2/HEN0epYdvjKFAaVmzZZ5PATNjrPQXvPmq2r +x++La+3bXZsrH8P2FhPpM5t/IxKKW/Tlpgz92c2jVSIHF5khSA/MFDC+dk80OFmm +v4ZTPIMuZ//Q+wo0f9P48rsL9D27qS7CA+8pn9wu+cfnBDSt7JD5Yipa1gHz71fy +YTa9qRxIAPpzW2v7TFZE8eSKFUY9ipCeM2BbdmCQGmq4+v36b5TZoyjH4k0UVWGo +Gclos2cic5Vxi8E6hb7b7yZpjEfn/5lbCiGMfAnI6aoOyrWg6keaRA33kaLUEZiK +OgFNbPkjiTV0ZQyLXf7uK9YFhpVzJ0dv0CFNse8rZb7A7PLn8VrV/ZFnJ9rPoawn +t7ZGxC0d5BRSEyEeEgsQdxuY4m8OkE18zwhCkt2Qs3uosOWlIrYmqSEa0i/sPSQP +jiwB4nEdBrf8ZygzuYjT5T9YRSwhVox4spS/Av8Ells5JnkuKAhCVv9gHxYwbj0c +CzyLJgE1z9Tq63m+gQ== -----END CERTIFICATE----- diff --git a/test/emqx_crl_cache_SUITE_data/server.key.pem b/test/emqx_crl_cache_SUITE_data/server.key.pem index ab62ccffa..d456ece72 100644 --- a/test/emqx_crl_cache_SUITE_data/server.key.pem +++ b/test/emqx_crl_cache_SUITE_data/server.key.pem @@ -1,27 +1,28 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA6kFpQh3mBrs3Mhe9K+fOosCzJ6OMRlhxJXBZCKcAfeKX9j81 -tQ5qQ9sMJBtvdTunegPofRHSlXHHSdDKGHZeVI1Fzw5EBytmV9Lr9K7mjTuG1Iov -sVnTJJhuJrYRDplEWmR7/5Q/Cvd5dJBSF05f6IDRR/mA3d9S2AaisK5PY84Z6YaM -G9iI+gDdoPUzEfJXs+cjsKhPDxhy8WJchbQmqnr1mBK7OuZ8iIzK6b3il+QHWWPF -qj1MFIWolOfYDfKw1kBekY/J8/7XM/OfGIxK8AUuKFRWMrAT6CVI0q92FSCXfIDF -oUj34h6gDK082ZBT4T6jhgK5EdNMIzVNyH3n8QIDAQABAoIBABG/NN86bqPR6SOV -YtKBtEjmOmxlWoo1xxSkB0q9hC8FTKfuL/5wgiJz5N6TaYVDKLP4udNH12FVBlkU -RUtHJGxZa5F9LjAw3IcIxrF50qOef994PJa+DF34YlfycSZe/Cuw8yfwrjoBd6Ua -De4QFPoDUFeYkme8tIUDM64Y9pDD9llfS/ZOQiCAgn+8mk99uCnJVIFo19Umof5N -009Cn6PElDKOw40Pz8s4ZJ9bpXH/YPKLeNRn0wlgFzYGhJ1z74YBmXF3CUHU6WEy -pVbJkPDAwnFScuAjpwJmzO4TDBfTBd5L/CJy4nsLpY06UOm1PHuUpAhPAgiwuADR -TM3100ECgYEA/F5Glpb0ROR38UTgCSOT8xvxyzNV84YMaQrWzGMUxqJpWWyVaKEy -k/jzUxUKbkUrJDz/Y+bcGElVCI+g8x0yekpcLn1mtB8XwltpmCSBhNBTMgUHnI9v -M+PadQhyZiJFrE/eoXo0V/K30Xv8jokWhWGTIkCdhiVSks/0eWSzPzkCgYEA7aBo -d/0e0R2Y2wXDsfGqxcKFs4IMHnzNl0isycakLOoZwinKPvb1MSg1zxW0mU+I1c/n -18rftcS8/siai26iXErDeZnvtlj+OKzQboRQf5JvDHp+rXBjGpZSmI2Nb+kAQ71S -JeIkglfBHGCKAMJQjE3N3U9YMBqCB1xdJ/TnNnkCgYA4PJnmPMU6BN9leD+kSbVS -W0vKSCpDFf/1+GBdM0cR7GclcjjpE+K9bqBqRyoH4In4jU8r5+nrz4uPWNI42qzA -64kXIwKb6MHWoaAqMxhZjEK9xrknfh79pSytH7C+aay09SdbPGwlnQSxPbvN12aZ -WmD7JQL1PaPk60pDMtluoQKBgDYJLxhyB+r3twW/VtQFJ5dW975tSUI5kSrgzOIJ -eNX52iesByCwWet2wF26Ctp+Gpi8cXVB3gNgnLW3emVQoD0qhy8E0Vz++bh7m941 -2nRYIUaOKHZaQz8NhfTI46vaKUQ+LgsNVM4LFI/WaCtqBJUTMEguPdiafo0b9Ncc -OuPJAoGBAPSYfuXinT9IAVwzIjc1TkfdN3G39ckBFQtNSvIoynBro+dlh3us+QJi -i24MtpUiBbCKmFZrrk5WrddxNLbE/JSa40+O+s1RaP3SfNuDGTWMe3HGMh+PVH8D -yte7L8pWouXSQPLVXUb3SmPboxBvXwPZMB54gkbKcSB2Gg7CjfCS ------END RSA PRIVATE KEY----- +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCnVPRWgP59GU15 +HddFwPZflFfcSkeuWU8tgKQhZcNoBli4lIfemuoV/hkGRVFexAiAw3/u5wvOaMaN +V8n9KxxgAUNLh5YaknpnNdhfQDyM0S5UJIbVeLzAQWxkBXpI3uBfW4WPSULRnVyR +psLEfl1qOklGOyuZfRbkkkkVwtJEmGEH0kz0fy6xenn3R3/mTeIbj+5TNqiBXWn1 +/qgTiNf2Ni7SE6Nk2lP4V8iofcBIrsp6KtEWdipGEJZeXCg/X0g/qVt15tF1l00M +uEWRHt1qGBELJJTcNzQvdqHAPz0AfQRjTtXyocw5+pFth8Q8a7gyjrjv5nhnpAKQ +msrt3vyNAgMBAAECggEABnWvIQ/Fw0qQxRYz00uJt1LguW5cqgxklBsdOvTUwFVO +Y4HIZP2R/9tZV/ahF4l10pK5g52DxSoiUB6Ne6qIY+RolqfbUZdKBmX7vmGadM02 +fqUSV3dbwghEiO/1Mo74FnZQB6IKZFEw26aWakN+k7VAUufB3SEJGzXSgHaO63ru +dFGSiYI8U+q+YnhUJjCnmI12fycNfy451TdUQtGZb6pNmm5HRUF6hpAV8Le9LojP +Ql9eacPpsrzU15X5ElCQZ/f9iNh1bplcISuhrULgKUKOvAVrBlEK67uRVy6g98xA +c/rgNLkbL/jZEsAc3/vHAyFgd3lABfwpBGLHej3QgQKBgQDFNYmfBNQr89HC5Zc+ +M6jXcAT/R+0GNczBTfC4iyNemwqsumSSRelNZ748UefKuS3F6Mvb2CBqE2LbB61G +hrnCffG2pARjZ491SefRwghhWWVGLP1p8KliLgOGBehA1REgJb+XULncjuHZuh4O +LVn3HVnWGxeBGg+yKa6Z4YQi3QKBgQDZN0O8ZcZY74lRJ0UjscD9mJ1yHlsssZag +njkX/f0GR/iVpfaIxQNC3gvWUy2LsU0He9sidcB0cfej0j/qZObQyFsCB0+utOgy ++hX7gokV2pes27WICbNWE2lJL4QZRJgvf82OaEy57kfDrm+eK1XaSZTZ10P82C9u +gAmMnontcQKBgGu29lhY9tqa7jOZ26Yp6Uri8JfO3XPK5u+edqEVvlfqL0Zw+IW8 +kdWpmIqx4f0kcA/tO4v03J+TvycLZmVjKQtGZ0PvCkaRRhY2K9yyMomZnmtaH4BB +5wKtR1do2pauyg/ZDnDDswD5OfsGYWw08TK8YVlEqu3lIjWZ9rguKVIxAoGAZYUk +zVqr10ks3pcCA2rCjkPT4lA5wKvHgI4ylPoKVfMxRY/pp4acvZXV5ne9o7pcDBFh +G7v5FPNnEFPlt4EtN4tMragJH9hBZgHoYEJkG6islweg0lHmVWaBIMlqbfzXO+v5 +gINSyNuLAvP2CvCqEXmubhnkFrpbgMOqsuQuBqECgYB3ss2PDhBF+5qoWgqymFof +1ovRPuQ9sPjWBn5IrCdoYITDnbBzBZERx7GLs6A/PUlWgST7jkb1PY/TxYSUfXzJ +SNd47q0mCQ+IUdqUbHgpK9b1ncwLMsnexpYZdHJWRLgnUhOx7OMjJc/4iLCAFCoN +3KJ7/V1keo7GBHOwnsFcCA== +-----END PRIVATE KEY----- From e8ceb379110160501a21b846055e7d098c33052a Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 16 Jan 2023 12:24:04 +0800 Subject: [PATCH 04/57] chore: update ehttpc to 0.4.4 --- rebar.config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rebar.config b/rebar.config index fbb49ce9d..f06591381 100644 --- a/rebar.config +++ b/rebar.config @@ -41,7 +41,7 @@ [ {gpb, "4.11.2"} %% gpb only used to build, but not for release, pin it here to avoid fetching a wrong version due to rebar plugins scattered in all the deps , {redbug, "2.0.7"} , {covertool, {git, "https://github.com/zmstone/covertool", {tag, "2.0.4.1"}}} - , {ehttpc, {git, "https://github.com/emqx/ehttpc", {tag, "0.4.2"}}} + , {ehttpc, {git, "https://github.com/emqx/ehttpc", {tag, "0.4.4"}}} , {gun, {git, "https://github.com/emqx/gun", {tag, "1.3.8"}}} , {eredis_cluster, {git, "https://github.com/emqx/eredis_cluster", {tag, "0.7.4"}}} , {gproc, {git, "https://github.com/uwiger/gproc", {tag, "0.9.0"}}} From e8abaf6a242df5c1c374ba71cfb24924711edc85 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 16 Jan 2023 16:35:08 +0800 Subject: [PATCH 05/57] chore: update mysql-otp to 1.7.2 --- apps/emqx_auth_mysql/rebar.config | 5 +---- rebar.config | 1 + 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/apps/emqx_auth_mysql/rebar.config b/apps/emqx_auth_mysql/rebar.config index b86500e8f..99456c76d 100644 --- a/apps/emqx_auth_mysql/rebar.config +++ b/apps/emqx_auth_mysql/rebar.config @@ -1,7 +1,4 @@ -{deps, - [ - {mysql, {git, "https://github.com/emqx/mysql-otp", {tag, "1.7.1"}}} - ]}. +{deps, []}. {edoc_opts, [{preprocess, true}]}. {erl_opts, [warn_unused_vars, diff --git a/rebar.config b/rebar.config index fbb49ce9d..bfb1fa2a8 100644 --- a/rebar.config +++ b/rebar.config @@ -63,6 +63,7 @@ , {snabbkaffe, {git, "https://github.com/kafka4beam/snabbkaffe.git", {tag, "1.0.3"}}} , {lc, {git, "https://github.com/emqx/lc.git", {tag, "0.3.2"}}} , {mongodb, {git,"https://github.com/emqx/mongodb-erlang", {tag, "v3.0.17"}}} + , {mysql, {git, "https://github.com/emqx/mysql-otp", {tag, "1.7.2"}}} , {epgsql, {git, "https://github.com/emqx/epgsql.git", {tag, "4.6.0"}}} , {grpc, {git, "https://github.com/emqx/grpc-erl", {tag, "0.6.7"}}} ]}. From fc6052fe8d836a98abcab47dd68c763831ade047 Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Mon, 16 Jan 2023 10:44:12 +0100 Subject: [PATCH 06/57] chore: update codeowners - set @emqx/emqx-review-board as default reviewer - move default to the top according to specification - remove @zmstone as reviewer for lib-extra --- .github/CODEOWNERS | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e2631f3ac..ff4dcf632 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,6 @@ +## Default +* @emqx/emqx-review-board + ## MQTT & Core /src/ @qzhuyan /include/ @qzhuyan @@ -5,13 +8,13 @@ /test/ @qzhuyan ## CI -/.github/ @id -/.ci/ @id -/scripts/ @id -/build @id -/deploy/ @id +/.github/ @emqx/emqx-review-board @id +/.ci/ @emqx/emqx-review-board @id +/scripts/ @emqx/emqx-review-board @id +/build @emqx/emqx-review-board @id +/deploy/ @emqx/emqx-review-board @id -## Authenticatio & ACL +## Authentication & ACL /apps/emqx_auth_*/ @savonarola /apps/emqx_psk_file/ @savonarola /apps/emqx_retainer/ @savonarola @@ -31,13 +34,6 @@ /apps/emqx_prometheus/ @zhongwencool /apps/emqx_recon/ @zhongwencool - ## Data integration /apps/emqx_rule_engine/ @thalesmg /apps/emqx_web_hook/ @thalesmg - -## External Plugins -/lib-extra/ @zmstone - -## Default -* @zmstone From c3e494c73566b0e910ab7fa8b6fb96a59accbe6a Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Thu, 19 Jan 2023 10:02:46 +0800 Subject: [PATCH 07/57] chore: update esockd to 5.8.8 --- apps/emqx_sn/rebar.config | 3 +-- rebar.config | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/apps/emqx_sn/rebar.config b/apps/emqx_sn/rebar.config index 295751b23..4cb27511d 100644 --- a/apps/emqx_sn/rebar.config +++ b/apps/emqx_sn/rebar.config @@ -2,8 +2,7 @@ {plugins, [rebar3_proper]}. {deps, - [{esockd, {git, "https://github.com/emqx/esockd", {tag, "5.8.7"}}}, - {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.0.0"}}} + [{cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.0.0"}}} ]}. {edoc_opts, [{preprocess, true}]}. diff --git a/rebar.config b/rebar.config index 695a3a0cf..7888852a2 100644 --- a/rebar.config +++ b/rebar.config @@ -47,7 +47,7 @@ , {gproc, {git, "https://github.com/uwiger/gproc", {tag, "0.9.0"}}} , {jiffy, {git, "https://github.com/emqx/jiffy", {tag, "1.0.5"}}} , {cowboy, {git, "https://github.com/emqx/cowboy", {tag, "2.9.0"}}} - , {esockd, {git, "https://github.com/emqx/esockd", {tag, "5.8.7"}}} + , {esockd, {git, "https://github.com/emqx/esockd", {tag, "5.8.8"}}} , {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.8.1.11"}}} , {gen_rpc, {git, "https://github.com/emqx/gen_rpc", {tag, "3.0.1"}}} , {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.3.6"}}} From c072edc3aa9578f708e4365e007d5ea7baaf72fe Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Thu, 19 Jan 2023 10:12:10 +0800 Subject: [PATCH 08/57] chore: update the change logs for #9810 --- changes/v4.4.15-en.md | 8 ++++++++ changes/v4.4.15-zh.md | 8 ++++++++ 2 files changed, 16 insertions(+) create mode 100644 changes/v4.4.15-en.md create mode 100644 changes/v4.4.15-zh.md diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md new file mode 100644 index 000000000..49c28ef11 --- /dev/null +++ b/changes/v4.4.15-en.md @@ -0,0 +1,8 @@ +# v4.4.14 + +## Enhancements + +## Bug fixes + +- Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). + For more detailed information please see: [emqx/esockd#170](https://github.com/emqx/esockd/pull/170). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md new file mode 100644 index 000000000..8431494a1 --- /dev/null +++ b/changes/v4.4.15-zh.md @@ -0,0 +1,8 @@ +# v4.4.14 + +## 增强 + +## 修复 + +- 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 + 详情见:[emqx/esockd#170](https://github.com/emqx/esockd/pull/170) From ae4745ffd75350522014bc8bf2054fcc62b19b13 Mon Sep 17 00:00:00 2001 From: Rory Z Date: Thu, 19 Jan 2023 14:47:12 +0800 Subject: [PATCH 09/57] feat(helm): user can define service account by userself --- deploy/charts/emqx/README.md | 3 +++ deploy/charts/emqx/templates/StatefulSet.yaml | 4 +-- deploy/charts/emqx/templates/_helpers.tpl | 11 ++++++++ deploy/charts/emqx/templates/rbac.yaml | 25 ++++++++++++++++--- deploy/charts/emqx/values.yaml | 10 ++++++++ 5 files changed, 47 insertions(+), 6 deletions(-) diff --git a/deploy/charts/emqx/README.md b/deploy/charts/emqx/README.md index 2882f9e0d..89b06616a 100644 --- a/deploy/charts/emqx/README.md +++ b/deploy/charts/emqx/README.md @@ -40,6 +40,9 @@ Parameter | Description | Default Value `image.pullPolicy` | The image pull policy | `IfNotPresent` `image.pullSecrets ` | The image pull secrets (does not add image pull secrets to deployed pods) |``[]`` `recreatePods` | Forces the recreation of pods during upgrades, which can be useful to always apply the most recent configuration. | `false` +`serviceAccount.create` | If `true`, create a new service account | `true` +`serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | +`serviceAccount.annotations` | Annotations to add to the service account | `podAnnotations ` | Annotations for pod | `{}` `podManagementPolicy`| To redeploy a chart with existing PVC(s), the value must be set to Parallel to avoid deadlock | `Parallel` `persistence.enabled` | Enable EMQX persistence using PVC | `false` diff --git a/deploy/charts/emqx/templates/StatefulSet.yaml b/deploy/charts/emqx/templates/StatefulSet.yaml index 3234fb85a..91f93d2c5 100644 --- a/deploy/charts/emqx/templates/StatefulSet.yaml +++ b/deploy/charts/emqx/templates/StatefulSet.yaml @@ -64,6 +64,7 @@ spec: checksum/config: {{ $configData | sha256sum | quote }} {{- end }} spec: + serviceAccountName: {{ include "emqx.serviceAccountName" . }} volumes: {{- if .Values.emqxLoadedPlugins }} - name: emqx-loaded-plugins @@ -107,9 +108,6 @@ spec: secret: secretName: {{ $licenseSecretName }} {{- end }} - {{- if eq (.Values.emqxConfig.EMQX_CLUSTER__DISCOVERY | default "k8s") "k8s" }} - serviceAccountName: {{ include "emqx.fullname" . }} - {{- end }} {{- if .Values.podSecurityContext.enabled }} securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }} {{- end }} diff --git a/deploy/charts/emqx/templates/_helpers.tpl b/deploy/charts/emqx/templates/_helpers.tpl index ad01d5862..3f6d055e4 100644 --- a/deploy/charts/emqx/templates/_helpers.tpl +++ b/deploy/charts/emqx/templates/_helpers.tpl @@ -30,3 +30,14 @@ Create chart name and version as used by the chart label. {{- define "emqx.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "emqx.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "emqx.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/deploy/charts/emqx/templates/rbac.yaml b/deploy/charts/emqx/templates/rbac.yaml index cbd3b4f7b..b35666f44 100644 --- a/deploy/charts/emqx/templates/rbac.yaml +++ b/deploy/charts/emqx/templates/rbac.yaml @@ -1,10 +1,23 @@ -{{- if eq (.Values.emqxConfig.EMQX_CLUSTER__DISCOVERY | default "k8s") "k8s" }} +{{- if .Values.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount metadata: namespace: {{ .Release.Namespace }} - name: {{ include "emqx.fullname" . }} + name: {{ include "emqx.serviceAccountName" . }} + labels: + app.kubernetes.io/name: {{ include "emqx.name" . }} + helm.sh/chart: {{ include "emqx.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} + --- +{{- if .Values.serviceAccount.create }} +{{- if eq (.Values.emqxConfig.EMQX_CLUSTER__DISCOVERY | default "k8s") "k8s" }} kind: Role {{- if semverCompare ">=1.17-0" .Capabilities.KubeVersion.GitVersion }} apiVersion: rbac.authorization.k8s.io/v1 @@ -23,7 +36,12 @@ rules: - get - watch - list +{{- end }} +{{- end }} + --- +{{- if .Values.serviceAccount.create }} +{{- if eq (.Values.emqxConfig.EMQX_CLUSTER__DISCOVERY | default "k8s") "k8s" }} kind: RoleBinding {{- if semverCompare ">=1.17-0" .Capabilities.KubeVersion.GitVersion }} apiVersion: rbac.authorization.k8s.io/v1 @@ -35,10 +53,11 @@ metadata: name: {{ include "emqx.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "emqx.fullname" . }} + name: {{ include "emqx.serviceAccountName" . }} namespace: {{ .Release.Namespace }} roleRef: kind: Role name: {{ include "emqx.fullname" . }} apiGroup: rbac.authorization.k8s.io {{- end }} +{{- end }} diff --git a/deploy/charts/emqx/values.yaml b/deploy/charts/emqx/values.yaml index 1df94e42d..64a74cff5 100644 --- a/deploy/charts/emqx/values.yaml +++ b/deploy/charts/emqx/values.yaml @@ -14,6 +14,16 @@ image: # pullSecrets: # - myRegistryKeySecretName +serviceAccount: + # Specifies whether a service account should be created + # If set false, means you need create service account by yourself + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + # Annotations to add to the service account + annotations: {} + ## Forces the recreation of pods during helm upgrades. This can be useful to update configuration values even if the container image did not change. recreatePods: false From 2b407cf0fa4a20bf4c94514a0f5b919efffa7b53 Mon Sep 17 00:00:00 2001 From: Stefan Strigler Date: Wed, 18 Jan 2023 17:15:01 +0100 Subject: [PATCH 10/57] feat: support HAProxy protocol for mgmt API --- apps/emqx_management/priv/emqx_management.schema | 14 +++++++++++++- apps/emqx_management/src/emqx_management.app.src | 2 +- apps/emqx_management/src/emqx_mgmt_http.erl | 8 ++++++-- rebar.config | 2 +- 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/apps/emqx_management/priv/emqx_management.schema b/apps/emqx_management/priv/emqx_management.schema index 0b91509f1..42f63b7bf 100644 --- a/apps/emqx_management/priv/emqx_management.schema +++ b/apps/emqx_management/priv/emqx_management.schema @@ -90,6 +90,11 @@ {datatype, {enum, [true, false]}} ]}. +{mapping, "management.listener.http.proxy_header", "emqx_management.listeners", [ + {default, false}, + {datatype, {enum, [true, false]}} +]}. + {mapping, "management.listener.https", "emqx_management.listeners", [ {datatype, [integer, ip]} ]}. @@ -186,6 +191,11 @@ {datatype, {enum, [true, false]}} ]}. +{mapping, "management.listener.https.proxy_header", "emqx_management.listeners", [ + {default, false}, + {datatype, {enum, [true, false]}} +]}. + {translation, "emqx_management.application", fun(Conf) -> Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end, Opts = fun(Prefix) -> @@ -202,7 +212,9 @@ end}. Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end, Opts = fun(Prefix) -> Filter([{num_acceptors, cuttlefish:conf_get(Prefix ++ ".acceptors", Conf)}, - {max_connections, cuttlefish:conf_get(Prefix ++ ".max_clients", Conf)}]) + {max_connections, cuttlefish:conf_get(Prefix ++ ".max_clients", Conf)}, + {proxy_header, cuttlefish:conf_get(Prefix ++ ".proxy_header", Conf)} + ]) end, TcpOpts = fun(Prefix) -> Filter([{backlog, cuttlefish:conf_get(Prefix ++ ".backlog", Conf, undefined)}, diff --git a/apps/emqx_management/src/emqx_management.app.src b/apps/emqx_management/src/emqx_management.app.src index fe927c097..b505e2c69 100644 --- a/apps/emqx_management/src/emqx_management.app.src +++ b/apps/emqx_management/src/emqx_management.app.src @@ -1,6 +1,6 @@ {application, emqx_management, [{description, "EMQ X Management API and CLI"}, - {vsn, "4.4.12"}, % strict semver, bump manually! + {vsn, "4.4.13"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_management_sup]}, {applications, [kernel,stdlib,emqx_plugin_libs,minirest]}, diff --git a/apps/emqx_management/src/emqx_mgmt_http.erl b/apps/emqx_management/src/emqx_mgmt_http.erl index 444e0ce25..7f571ee70 100644 --- a/apps/emqx_management/src/emqx_mgmt_http.erl +++ b/apps/emqx_management/src/emqx_mgmt_http.erl @@ -52,12 +52,12 @@ stop_listeners() -> start_listener({Proto, Port, Options}) when Proto == http -> Dispatch = [{"/status", emqx_mgmt_http, []}, {"/api/v4/[...]", minirest, http_handlers()}], - minirest:start_http(listener_name(Proto), ranch_opts(Port, Options), Dispatch); + minirest:start_http(listener_name(Proto), ranch_opts(Port, Options), Dispatch, proto_opts(Options)); start_listener({Proto, Port, Options}) when Proto == https -> Dispatch = [{"/status", emqx_mgmt_http, []}, {"/api/v4/[...]", minirest, http_handlers()}], - minirest:start_https(listener_name(Proto), ranch_opts(Port, Options), Dispatch). + minirest:start_https(listener_name(Proto), ranch_opts(Port, Options), Dispatch, proto_opts(Options)). ranch_opts(Port, Options0) -> NumAcceptors = proplists:get_value(num_acceptors, Options0, 4), @@ -68,6 +68,7 @@ ranch_opts(Port, Options0) -> ({inet6, false}, Acc) -> Acc; ({ipv6_v6only, true}, Acc) -> [{ipv6_v6only, true} | Acc]; ({ipv6_v6only, false}, Acc) -> Acc; + ({proxy_header, _}, Acc) -> Acc; ({K, V}, Acc)-> [{K, V} | Acc] end, [], Options0), @@ -77,6 +78,9 @@ ranch_opts(Port, Options0) -> socket_opts => [{port, Port} | Options]}, Res. +proto_opts(Options) -> + maps:with([proxy_header], maps:from_list(Options)). + stop_listener({Proto, Port, _}) -> io:format("Stop http:management listener on ~s successfully.~n",[format(Port)]), minirest:stop_http(listener_name(Proto)). diff --git a/rebar.config b/rebar.config index 695a3a0cf..d839d7404 100644 --- a/rebar.config +++ b/rebar.config @@ -51,7 +51,7 @@ , {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.8.1.11"}}} , {gen_rpc, {git, "https://github.com/emqx/gen_rpc", {tag, "3.0.1"}}} , {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.3.6"}}} - , {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.10"}}} + , {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.11"}}} , {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.2"}}} , {replayq, {git, "https://github.com/emqx/replayq", {tag, "0.3.4"}}} , {pbkdf2, {git, "https://github.com/emqx/erlang-pbkdf2.git", {branch, "2.0.4"}}} From 1d83f640fc30b7ba9981bdd33cf604329e6654a4 Mon Sep 17 00:00:00 2001 From: Stefan Strigler Date: Thu, 19 Jan 2023 14:45:57 +0100 Subject: [PATCH 11/57] chore: add changelog --- changes/v4.4.15.en.md | 5 +++++ changes/v4.4.15.zh.md | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 changes/v4.4.15.en.md create mode 100644 changes/v4.4.15.zh.md diff --git a/changes/v4.4.15.en.md b/changes/v4.4.15.en.md new file mode 100644 index 000000000..cca435877 --- /dev/null +++ b/changes/v4.4.15.en.md @@ -0,0 +1,5 @@ +# v4.4.15 + +## Enhancements + +- Support HAProxy protocol for dashboard API [9803](https://github.com/emqx/emqx/pull/9803). diff --git a/changes/v4.4.15.zh.md b/changes/v4.4.15.zh.md new file mode 100644 index 000000000..25beb836b --- /dev/null +++ b/changes/v4.4.15.zh.md @@ -0,0 +1,5 @@ +# v4.4.15 + +## 增强 + +- 现在 dashboard 增加了对 `HAProxy` 协议的支持 [9803](https://github.com/emqx/emqx/pull/9803)。 From 91903ef8693b1c7c134ab070334277e22387525d Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Mon, 23 Jan 2023 13:34:21 +0100 Subject: [PATCH 12/57] ci: build ubuntu 22.04 packages --- .github/workflows/apps_version_check.yaml | 2 +- .github/workflows/build_packages.yaml | 7 ++++--- .github/workflows/build_slim_packages.yaml | 3 ++- .github/workflows/check_deps_integrity.yaml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/run_acl_migration_tests.yaml | 2 +- .github/workflows/run_fvt_tests.yaml | 6 +++--- .github/workflows/run_test_cases.yaml | 8 ++++---- 8 files changed, 17 insertions(+), 15 deletions(-) diff --git a/.github/workflows/apps_version_check.yaml b/.github/workflows/apps_version_check.yaml index 80759fc56..be34593f9 100644 --- a/.github/workflows/apps_version_check.yaml +++ b/.github/workflows/apps_version_check.yaml @@ -13,7 +13,7 @@ jobs: os: - ubuntu20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:${{ matrix.erl_otp }}-${{ matrix.os }} + container: ghcr.io/emqx/emqx-builder/4.4-24:${{ matrix.erl_otp }}-${{ matrix.os }} steps: - uses: actions/checkout@v3 diff --git a/.github/workflows/build_packages.yaml b/.github/workflows/build_packages.yaml index cc4f59438..bb7cd82cf 100644 --- a/.github/workflows/build_packages.yaml +++ b/.github/workflows/build_packages.yaml @@ -157,6 +157,7 @@ jobs: - amd64 - arm64 os: + - ubuntu22.04 - ubuntu20.04 - ubuntu18.04 - ubuntu16.04 @@ -195,7 +196,7 @@ jobs: --profile "${PROFILE}" \ --pkgtype "${PACKAGE}" \ --arch "${ARCH}" \ - --builder "ghcr.io/emqx/emqx-builder/4.4-23:${OTP}-${SYSTEM}" + --builder "ghcr.io/emqx/emqx-builder/4.4-24:${OTP}-${SYSTEM}" - uses: actions/upload-artifact@v3 with: name: ${{ matrix.profile }} @@ -271,7 +272,7 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | - BUILD_FROM=ghcr.io/emqx/emqx-builder/4.4-23:${{ matrix.otp }}-alpine3.15.1 + BUILD_FROM=ghcr.io/emqx/emqx-builder/4.4-24:${{ matrix.otp }}-alpine3.15.1 RUN_FROM=alpine:3.15.1 EMQX_NAME=${{ matrix.profile }} file: source/deploy/docker/Dockerfile @@ -287,7 +288,7 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | - BUILD_FROM=ghcr.io/emqx/emqx-builder/4.4-23:${{ matrix.otp }}-alpine3.15.1 + BUILD_FROM=ghcr.io/emqx/emqx-builder/4.4-24:${{ matrix.otp }}-alpine3.15.1 RUN_FROM=alpine:3.15.1 EMQX_NAME=${{ matrix.profile }} file: source/deploy/docker/Dockerfile.enterprise diff --git a/.github/workflows/build_slim_packages.yaml b/.github/workflows/build_slim_packages.yaml index 355128e32..bb1fca468 100644 --- a/.github/workflows/build_slim_packages.yaml +++ b/.github/workflows/build_slim_packages.yaml @@ -19,6 +19,7 @@ jobs: otp: - 24.3.4.2-1 os: + - ubuntu22.04 - ubuntu20.04 - el7 runs-on: @@ -32,7 +33,7 @@ jobs: - runs-on: aws-amd64 use-self-hosted: false - container: ghcr.io/emqx/emqx-builder/4.4-23:${{ matrix.otp }}-${{ matrix.os }} + container: ghcr.io/emqx/emqx-builder/4.4-24:${{ matrix.otp }}-${{ matrix.os }} steps: - uses: AutoModality/action-clean@v1 diff --git a/.github/workflows/check_deps_integrity.yaml b/.github/workflows/check_deps_integrity.yaml index 8c478e265..3b97b5d47 100644 --- a/.github/workflows/check_deps_integrity.yaml +++ b/.github/workflows/check_deps_integrity.yaml @@ -5,7 +5,7 @@ on: [pull_request] jobs: check_deps_integrity: runs-on: ubuntu-20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 steps: - uses: actions/checkout@v3 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cd163888d..20661aee9 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -7,7 +7,7 @@ on: jobs: prepare: runs-on: ubuntu-20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 outputs: profiles: ${{ steps.detect-profiles.outputs.profiles}} diff --git a/.github/workflows/run_acl_migration_tests.yaml b/.github/workflows/run_acl_migration_tests.yaml index 8545faa0f..230e208ae 100644 --- a/.github/workflows/run_acl_migration_tests.yaml +++ b/.github/workflows/run_acl_migration_tests.yaml @@ -5,7 +5,7 @@ on: workflow_dispatch jobs: test: runs-on: ubuntu-20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 strategy: fail-fast: true env: diff --git a/.github/workflows/run_fvt_tests.yaml b/.github/workflows/run_fvt_tests.yaml index 8f9825600..b0545045f 100644 --- a/.github/workflows/run_fvt_tests.yaml +++ b/.github/workflows/run_fvt_tests.yaml @@ -200,7 +200,7 @@ jobs: relup_test_plan: runs-on: ubuntu-20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 outputs: profile: ${{ steps.profile-and-versions.outputs.profile }} vsn: ${{ steps.profile-and-versions.outputs.vsn }} @@ -251,7 +251,7 @@ jobs: otp: - 24.3.4.2-1 runs-on: ubuntu-20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 defaults: run: shell: bash @@ -288,7 +288,7 @@ jobs: - relup_test_plan - relup_test_build runs-on: ubuntu-20.04 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 strategy: fail-fast: false matrix: diff --git a/.github/workflows/run_test_cases.yaml b/.github/workflows/run_test_cases.yaml index 5612562a6..38cd2f9bb 100644 --- a/.github/workflows/run_test_cases.yaml +++ b/.github/workflows/run_test_cases.yaml @@ -12,7 +12,7 @@ on: jobs: prepare: runs-on: aws-amd64 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 outputs: fast_ct_apps: ${{ steps.run_find_apps.outputs.fast_ct_apps }} docker_ct_apps: ${{ steps.run_find_apps.outputs.docker_ct_apps }} @@ -58,7 +58,7 @@ jobs: eunit_and_proper: needs: prepare runs-on: aws-amd64 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 strategy: fail-fast: false matrix: @@ -86,7 +86,7 @@ jobs: fast_ct: needs: prepare runs-on: ${{ matrix.runs-on }} - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 strategy: fail-fast: false matrix: @@ -249,7 +249,7 @@ jobs: - fast_ct - docker_ct runs-on: aws-amd64 - container: ghcr.io/emqx/emqx-builder/4.4-23:24.3.4.2-1-ubuntu20.04 + container: ghcr.io/emqx/emqx-builder/4.4-24:24.3.4.2-1-ubuntu20.04 steps: - uses: AutoModality/action-clean@v1 - uses: actions/download-artifact@v3 From 87cd40acca5f561d05789927652cfdd22e273e8f Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Wed, 25 Jan 2023 15:26:25 +0100 Subject: [PATCH 13/57] chore: skip relup on ubuntu22.04 for earlier versions --- build | 8 ++++++++ scripts/relup-base-vsns.escript | 5 +++++ 2 files changed, 13 insertions(+) diff --git a/build b/build index 9cc68e531..59a237c46 100755 --- a/build +++ b/build @@ -205,6 +205,14 @@ make_zip() { ;; esac ;; + ubuntu22) + case "$PKG_VSN" in + 4.4.15*) + # this is the first version for amzn2, no relup + has_relup='no' + ;; + esac + ;; macos*) case "$PKG_VSN" in 4.4.12*) diff --git a/scripts/relup-base-vsns.escript b/scripts/relup-base-vsns.escript index e99c88a9f..5a4a0483d 100755 --- a/scripts/relup-base-vsns.escript +++ b/scripts/relup-base-vsns.escript @@ -176,6 +176,11 @@ filter_froms(Froms0, AvailableVersionsIndex) -> {"amzn2", _} -> Excluded = [list_to_binary(["4.4.", integer_to_list(X)]) || X <- lists:seq(0,11)], lists:filter(fun(Vsn) -> not lists:member(Vsn, Excluded) end, Froms0); + %% ubuntu22.04 is introduced since v4.4.15 and e4.4.15 + %% exclude tags before them + {"ubuntu22.04", _} -> + Excluded = [list_to_binary(["4.4.", integer_to_list(X)]) || X <- lists:seq(0,14)], + lists:filter(fun(Vsn) -> not lists:member(Vsn, Excluded) end, Froms0); %% macos arm64 (M1/M2) packages are introduced since v4.4.12 and e4.4.12 %% exclude tags before them {"macos" ++ _, "aarch64" ++ _} -> From d111a64672cced8c3e6acbda78b7e191beed164a Mon Sep 17 00:00:00 2001 From: Ivan Dyachkov Date: Wed, 25 Jan 2023 15:31:44 +0100 Subject: [PATCH 14/57] chore: update changelog --- changes/v4.4.15-en.md | 4 +++- changes/v4.4.15-zh.md | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 49c28ef11..800992cd0 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -1,7 +1,9 @@ -# v4.4.14 +# v4.4.15 ## Enhancements +- Added Ubuntu 22.04 package release [#9831](https://github.com/emqx/emqx/pull/9831). + ## Bug fixes - Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index 8431494a1..cb29bcfaa 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -1,7 +1,9 @@ -# v4.4.14 +# v4.4.15 ## 增强 +- 发布 Ubuntu 22.04 安装包 [#9831](https://github.com/emqx/emqx/pull/9831)。 + ## 修复 - 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 From 763dac04908b17d63e250499f5579f39f64812a2 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Sun, 29 Jan 2023 13:45:59 +0800 Subject: [PATCH 15/57] fix: log format of printing MQTT packets --- src/emqx.appup.src | 26 ++++++++++++++++++++++++++ src/emqx_packet.erl | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/emqx.appup.src b/src/emqx.appup.src index ebb567dbd..d25adf12f 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -3,21 +3,27 @@ {VSN, [{"4.4.14", [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, + {load_module,emqx_relup,brutal_purge,soft_purge,[]}, + {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -27,6 +33,7 @@ {load_module,emqx_channel,brutal_purge,soft_purge,[]}]}, {"4.4.10", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -48,6 +55,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.9", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -75,6 +83,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.8", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -103,6 +112,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.7", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -131,6 +141,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.6", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -159,6 +170,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.5", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -189,6 +201,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.4", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -418,21 +431,27 @@ {<<".*">>,[]}], [{"4.4.14", [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, + {load_module,emqx_relup,brutal_purge,soft_purge,[]}, + {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -442,6 +461,7 @@ {delete_module,emqx_cover}]}, {"4.4.10", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_access_rule,brutal_purge,soft_purge,[]}, @@ -460,6 +480,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.9", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_access_rule,brutal_purge,soft_purge,[]}, @@ -483,6 +504,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.8", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_access_rule,brutal_purge,soft_purge,[]}, @@ -507,6 +529,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.7", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_access_rule,brutal_purge,soft_purge,[]}, @@ -531,6 +554,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.6", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_access_rule,brutal_purge,soft_purge,[]}, @@ -555,6 +579,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.5", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_access_rule,brutal_purge,soft_purge,[]}, @@ -581,6 +606,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.4", [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_hooks,brutal_purge,soft_purge,[]}, diff --git a/src/emqx_packet.erl b/src/emqx_packet.erl index 080126e5d..d91ac6f44 100644 --- a/src/emqx_packet.erl +++ b/src/emqx_packet.erl @@ -430,7 +430,7 @@ format_header(#mqtt_packet_header{type = Type, Header = io_lib:format("~s(Q~p, R~p, D~p", [type_name(Type), QoS, i(Retain), i(Dup)]), case S == undefined of true -> [Header, ")"]; - false -> [Header, S, ")"] + false -> [Header, ", ", S, ")"] end. format_variable(undefined, _) -> From 7eea1252cb439f99cea92839a4f90e8a07a07f87 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Sun, 29 Jan 2023 14:13:32 +0800 Subject: [PATCH 16/57] chore: update the change logs --- changes/v4.4.15-en.md | 7 +++++++ changes/v4.4.15-zh.md | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 800992cd0..88ad61ca6 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -8,3 +8,10 @@ - Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). For more detailed information please see: [emqx/esockd#170](https://github.com/emqx/esockd/pull/170). + +- Fix a problem in the log message format of MQTT packets [#9858](https://github.com/emqx/emqx/pull/9858). + Before this fix, a comma was missing between the flags (DUP) of the fixed header + and the fields (ClientId) of the variable header: + ``` + 2023-01-29T13:40:36.567692+08:00 [debug] 127.0.0.1:50393 [MQTT] RECV CONNECT(Q0, R0, D0ClientId=test_client, ... Password=undefined) + ``` diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index cb29bcfaa..6d2859e82 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -8,3 +8,9 @@ - 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 详情见:[emqx/esockd#170](https://github.com/emqx/esockd/pull/170) + +- 修复 MQTT 报文的日志打印格式的问题 [#9858](https://github.com/emqx/emqx/pull/9858)。 + 在此修复之前,固定报文头的标志位(DUP)和后面的可变报文头的字段(ClientId)之间漏掉了一个逗号做分隔: + ``` + 2023-01-29T13:40:36.567692+08:00 [debug] 127.0.0.1:50393 [MQTT] RECV CONNECT(Q0, R0, D0ClientId=test_client, ... Password=undefined) + ``` From 9d6efeaea82d4caa88f362ff18ad93591dd181bb Mon Sep 17 00:00:00 2001 From: firest Date: Tue, 17 Jan 2023 17:31:48 +0800 Subject: [PATCH 17/57] feat: improve the integration of the `banned` and the `delayed` feature --- lib-ce/emqx_modules/src/emqx_mod_delayed.erl | 16 ++++++- .../test/emqx_mod_delayed_SUITE.erl | 44 +++++++++++++++++++ src/emqx_banned.erl | 5 ++- 3 files changed, 63 insertions(+), 2 deletions(-) diff --git a/lib-ce/emqx_modules/src/emqx_mod_delayed.erl b/lib-ce/emqx_modules/src/emqx_mod_delayed.erl index 14d91f4b3..8f2a816ba 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_delayed.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_delayed.erl @@ -21,6 +21,7 @@ -include_lib("emqx/include/emqx.hrl"). -include_lib("emqx/include/logger.hrl"). +-include_lib("snabbkaffe/include/snabbkaffe.hrl"). -logger_header("[Delayed]"). @@ -228,7 +229,20 @@ do_publish(Key = {Ts, _Id}, Now, Acc) when Ts =< Now -> case mnesia:dirty_read(?TAB, Key) of [] -> ok; [#delayed_message{msg = Msg}] -> - emqx_pool:async_submit(fun emqx:publish/1, [Msg]) + case emqx_banned:look_up({clientid, Msg#message.from}) of + [] -> + emqx_pool:async_submit(fun emqx:publish/1, [Msg]); + _ -> + ?tp( + notice, + ignore_delayed_message_publish, + #{ + reason => "client is banned", + clienid => Msg#message.from + } + ), + ok + end end, do_publish(mnesia:dirty_next(?TAB, Key), Now, [Key|Acc]). diff --git a/lib-ce/emqx_modules/test/emqx_mod_delayed_SUITE.erl b/lib-ce/emqx_modules/test/emqx_mod_delayed_SUITE.erl index 306a1a03d..715e541f0 100644 --- a/lib-ce/emqx_modules/test/emqx_mod_delayed_SUITE.erl +++ b/lib-ce/emqx_modules/test/emqx_mod_delayed_SUITE.erl @@ -26,6 +26,7 @@ -include_lib("common_test/include/ct.hrl"). -include_lib("eunit/include/eunit.hrl"). -include_lib("emqx/include/emqx.hrl"). +-include_lib("snabbkaffe/include/snabbkaffe.hrl"). %%-------------------------------------------------------------------- %% Setups @@ -78,3 +79,46 @@ t_delayed_message(_) -> EmptyKey = mnesia:dirty_all_keys(emqx_mod_delayed), ?assertEqual([], EmptyKey), ok = emqx_mod_delayed:unload([]). + +t_banned_delayed(_) -> + ok = emqx_mod_delayed:load([]), + ClientId1 = <<"bc1">>, + ClientId2 = <<"bc2">>, + + Now = erlang:system_time(second), + Who = {clientid, ClientId2}, + emqx_banned:create(#{ + who => Who, + by => <<"test">>, + reason => <<"test">>, + at => Now, + until => Now + 120 + }), + + snabbkaffe:start_trace(), + + {ok, SubRef} = + snabbkaffe_collector:subscribe(?match_event(#{?snk_kind := ignore_delayed_message_publish}), + _NEvents = 2, + _Timeout = 10000, + 0), + + lists:foreach( + fun(ClientId) -> + Msg = emqx_message:make(ClientId, <<"$delayed/1/bc">>, <<"payload">>), + emqx_mod_delayed:on_message_publish(Msg) + end, + [ClientId1, ClientId1, ClientId1, ClientId2, ClientId2] + ), + + ?assertMatch({ok, [#{?snk_kind := ignore_delayed_message_publish}, + #{?snk_kind := ignore_delayed_message_publish} + ]}, + snabbkaffe_collector:receive_events(SubRef)), + + snabbkaffe:stop(), + + emqx_banned:delete(Who), + EmptyKey = mnesia:dirty_all_keys(emqx_mod_delayed), + ?assertEqual([], EmptyKey), + ok = emqx_mod_delayed:unload([]). diff --git a/src/emqx_banned.erl b/src/emqx_banned.erl index 6cc1580be..ba5259c52 100644 --- a/src/emqx_banned.erl +++ b/src/emqx_banned.erl @@ -36,6 +36,7 @@ , create/1 , delete/1 , info/1 + , look_up/1 ]). %% gen_server callbacks @@ -111,6 +112,9 @@ delete(Who) -> info(InfoKey) -> mnesia:table_info(?BANNED_TAB, InfoKey). +look_up(Who) -> + mnesia:dirty_read(?BANNED_TAB, Who). + %%-------------------------------------------------------------------- %% gen_server callbacks %%-------------------------------------------------------------------- @@ -158,4 +162,3 @@ expire_banned_items(Now) -> mnesia:delete_object(?BANNED_TAB, B, sticky_write); (_, _Acc) -> ok end, ok, ?BANNED_TAB). - From 7fd7cfc665f20b864e340f7ae88d504b9be6a540 Mon Sep 17 00:00:00 2001 From: firest Date: Wed, 18 Jan 2023 16:39:42 +0800 Subject: [PATCH 18/57] feat: filter out messages which the source client is banned when delivering the retained message --- apps/emqx_retainer/src/emqx_retainer.erl | 28 +++++++++-- .../test/emqx_retainer_SUITE.erl | 48 +++++++++++++++++++ 2 files changed, 72 insertions(+), 4 deletions(-) diff --git a/apps/emqx_retainer/src/emqx_retainer.erl b/apps/emqx_retainer/src/emqx_retainer.erl index 3bafc6a1d..84e49c5be 100644 --- a/apps/emqx_retainer/src/emqx_retainer.erl +++ b/apps/emqx_retainer/src/emqx_retainer.erl @@ -22,6 +22,7 @@ -include_lib("emqx/include/emqx.hrl"). -include_lib("emqx/include/logger.hrl"). -include_lib("stdlib/include/ms_transform.hrl"). +-include_lib("snabbkaffe/include/snabbkaffe.hrl"). -logger_header("[Retainer]"). @@ -74,11 +75,12 @@ on_session_subscribed(_, Topic, #{rh := Rh, is_new := IsNew}) -> %% @private dispatch(Pid, Topic) -> - Msgs = case emqx_topic:wildcard(Topic) of - false -> read_messages(Topic); - true -> match_messages(Topic) - end, + MsgsT = case emqx_topic:wildcard(Topic) of + false -> read_messages(Topic); + true -> match_messages(Topic) + end, Now = erlang:system_time(millisecond), + Msgs = drop_banned_messages(MsgsT), [Pid ! {deliver, Topic, refresh_timestamp_expiry(Msg, Now)} || Msg <- sort_retained(Msgs)]. %% RETAIN flag set to 1 and payload containing zero bytes @@ -332,3 +334,21 @@ refresh_timestamp_expiry(Msg = #message{headers = refresh_timestamp_expiry(Msg, Now) -> Msg#message{timestamp = Now}. + +drop_banned_messages(Msgs) -> + lists:filter(fun(Msg) -> + case emqx_banned:look_up({clientid, Msg#message.from}) of + [] -> + true; + _ -> + ?tp( + notice, + ignore_retained_message_deliver, + #{ + reason => "client is banned", + clientid => Msg#message.from + } + ), + false + end + end, Msgs). diff --git a/apps/emqx_retainer/test/emqx_retainer_SUITE.erl b/apps/emqx_retainer/test/emqx_retainer_SUITE.erl index 787c49bcb..6e2f7b1ca 100644 --- a/apps/emqx_retainer/test/emqx_retainer_SUITE.erl +++ b/apps/emqx_retainer/test/emqx_retainer_SUITE.erl @@ -23,6 +23,7 @@ -include_lib("eunit/include/eunit.hrl"). -include_lib("common_test/include/ct.hrl"). +-include_lib("snabbkaffe/include/snabbkaffe.hrl"). all() -> emqx_ct:all(?MODULE). @@ -189,6 +190,53 @@ t_stop_publish_clear_msg(_) -> ok = emqtt:disconnect(C1). +t_deliver_when_banned(_) -> + Client1 = <<"c1">>, + Client2 = <<"c2">>, + + {ok, C1} = emqtt:start_link([{clientid, Client1}, {clean_start, true}, {proto_ver, v5}]), + {ok, _} = emqtt:connect(C1), + + lists:foreach( + fun(I) -> + Topic = erlang:list_to_binary(io_lib:format("retained/~p", [I])), + Msg = emqx_message:make(Client2, 0, Topic, <<"this is a retained message">>), + Msg2 = emqx_message:set_flag(retain, Msg), + emqx:publish(Msg2) + end, + lists:seq(1, 3) + ), + + Now = erlang:system_time(second), + Who = {clientid, Client2}, + + emqx_banned:create(#{ + who => Who, + by => <<"test">>, + reason => <<"test">>, + at => Now, + until => Now + 120 + }), + timer:sleep(100), + + snabbkaffe:start_trace(), + + {ok, SubRef} = + snabbkaffe_collector:subscribe(?match_event(#{?snk_kind := ignore_retained_message_deliver}), + _NEvents = 3, + _Timeout = 10000, + 0), + + {ok, #{}, [0]} = emqtt:subscribe(C1, <<"retained/+">>, [{qos, 0}, {rh, 0}]), + {ok, Trace} = snabbkaffe_collector:receive_events(SubRef), + ?assertEqual(3, length(?of_kind(ignore_retained_message_deliver, Trace))), + + snabbkaffe:stop(), + + emqx_banned:delete(Who), + {ok, #{}, [0]} = emqtt:unsubscribe(C1, <<"retained/+">>), + ok = emqtt:disconnect(C1). + %%-------------------------------------------------------------------- %% Helper functions %%-------------------------------------------------------------------- From 482952e951508a59526b9e8d4ef13fa15aad8489 Mon Sep 17 00:00:00 2001 From: firest Date: Sun, 29 Jan 2023 20:29:14 +0800 Subject: [PATCH 19/57] chore: bump app version --- apps/emqx_retainer/src/emqx_retainer.app.src | 2 +- .../emqx_retainer/src/emqx_retainer.appup.src | 26 +++++-- lib-ce/emqx_modules/src/emqx_modules.app.src | 2 +- .../emqx_modules/src/emqx_modules.appup.src | 8 +- src/emqx.appup.src | 78 ++++++++++++------- 5 files changed, 79 insertions(+), 37 deletions(-) diff --git a/apps/emqx_retainer/src/emqx_retainer.app.src b/apps/emqx_retainer/src/emqx_retainer.app.src index 27baf5e88..941038d73 100644 --- a/apps/emqx_retainer/src/emqx_retainer.app.src +++ b/apps/emqx_retainer/src/emqx_retainer.app.src @@ -1,6 +1,6 @@ {application, emqx_retainer, [{description, "EMQ X Retainer"}, - {vsn, "4.4.3"}, % strict semver, bump manually! + {vsn, "4.4.4"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_retainer_sup]}, {applications, [kernel,stdlib]}, diff --git a/apps/emqx_retainer/src/emqx_retainer.appup.src b/apps/emqx_retainer/src/emqx_retainer.appup.src index 045afb570..54413bfa2 100644 --- a/apps/emqx_retainer/src/emqx_retainer.appup.src +++ b/apps/emqx_retainer/src/emqx_retainer.appup.src @@ -1,15 +1,27 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.2",[{load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}]}, - {"4.4.1",[{load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}]}, + [{"4.4.3",[{load_module,emqx_retainer,brutal_purge,soft_purge,[]}]}, + {"4.4.2",[{load_module,emqx_retainer,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]} + ]}, + {"4.4.1",[{load_module,emqx_retainer,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]} + ]}, {"4.4.0", - [{load_module,emqx_retainer_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_retainer,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.4.2",[{load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}]}, - {"4.4.1",[{load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}]}, + [{"4.4.3",[{load_module,emqx_retainer,brutal_purge,soft_purge,[]}]}, + {"4.4.2",[{load_module,emqx_retainer,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]} + ]}, + {"4.4.1",[{load_module,emqx_retainer,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]} + ]}, {"4.4.0", - [{load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}, - {load_module,emqx_retainer_cli,brutal_purge,soft_purge,[]}]}, + [{load_module,emqx_retainer,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_cli,brutal_purge,soft_purge,[]}, + {load_module,emqx_retainer_sup,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}]}. diff --git a/lib-ce/emqx_modules/src/emqx_modules.app.src b/lib-ce/emqx_modules/src/emqx_modules.app.src index 05c9a73ec..a2694a5e6 100644 --- a/lib-ce/emqx_modules/src/emqx_modules.app.src +++ b/lib-ce/emqx_modules/src/emqx_modules.app.src @@ -1,6 +1,6 @@ {application, emqx_modules, [{description, "EMQ X Module Management"}, - {vsn, "4.4.8"}, + {vsn, "4.4.9"}, {modules, []}, {applications, [kernel,stdlib]}, {mod, {emqx_modules_app, []}}, diff --git a/lib-ce/emqx_modules/src/emqx_modules.appup.src b/lib-ce/emqx_modules/src/emqx_modules.appup.src index 0abd3a3e9..3f43fd093 100644 --- a/lib-ce/emqx_modules/src/emqx_modules.appup.src +++ b/lib-ce/emqx_modules/src/emqx_modules.appup.src @@ -1,7 +1,9 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.7",[{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}]}, + [{"4.4.8",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, + {"4.4.7",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}]}, {"4.4.6", [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, @@ -40,7 +42,9 @@ {load_module,emqx_mod_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.4.7",[{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}]}, + [{"4.4.8",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, + {"4.4.7",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}]}, {"4.4.6", [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, diff --git a/src/emqx.appup.src b/src/emqx.appup.src index d25adf12f..cf5bdafd9 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -2,27 +2,31 @@ %% Unless you know what you are doing, DO NOT edit manually!! {VSN, [{"4.4.14", - [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", - [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", - [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, @@ -32,7 +36,8 @@ {load_module,emqx_session,brutal_purge,soft_purge,[]}, {load_module,emqx_channel,brutal_purge,soft_purge,[]}]}, {"4.4.10", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -54,7 +59,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.9", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -82,7 +88,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.8", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -111,7 +118,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.7", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -140,7 +148,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.6", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -169,7 +178,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.5", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -200,7 +210,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.4", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -238,7 +249,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.3", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -282,7 +294,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.2", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -430,27 +443,31 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {<<".*">>,[]}], [{"4.4.14", - [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", - [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", - [{load_module,emqx_misc,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, @@ -460,7 +477,8 @@ {load_module,emqx_session,brutal_purge,soft_purge,[]}, {delete_module,emqx_cover}]}, {"4.4.10", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -479,7 +497,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.9", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -503,7 +522,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.8", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -528,7 +548,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.7", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -553,7 +574,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.6", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -578,7 +600,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.5", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -605,7 +628,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.4", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -639,7 +663,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.3", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_hooks,brutal_purge,soft_purge,[]}, @@ -678,7 +703,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.2", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_router_helper,brutal_purge,soft_purge,[]}, From 2b647e112bf04edbba04aacf3dc883a3244a28cc Mon Sep 17 00:00:00 2001 From: firest Date: Sun, 29 Jan 2023 20:30:19 +0800 Subject: [PATCH 20/57] chore: update changes --- changes/v4.4.15-en.md | 6 ++++++ changes/v4.4.15-zh.md | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 88ad61ca6..f0cd4dad6 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -4,6 +4,12 @@ - Added Ubuntu 22.04 package release [#9831](https://github.com/emqx/emqx/pull/9831). +- Improve the integration of the `banned` and the `delayed` feature [#9790](https://github.com/emqx/emqx/pull/9790). + Now when publishing a delayed message will check first if its source client is banned, if true, this publish will be ignored. + +- Security enhancement for retained messages [#9790](https://github.com/emqx/emqx/pull/9790). + The retained messages will not be published if the publisher client is banned. + ## Bug fixes - Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index 6d2859e82..a08c3d8db 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -4,6 +4,12 @@ - 发布 Ubuntu 22.04 安装包 [#9831](https://github.com/emqx/emqx/pull/9831)。 +- 增强 `封禁` 和 `延迟消息` 这两个功能的集成性 [#9790](https://github.com/emqx/emqx/pull/9790)。 + 现在发送延迟消息前,会先检查消息的来源客户端是否被封禁了,如果是,这条延迟消息将会被忽略。 + +- 增强 `保留消息` 的安全性 [#9790](https://github.com/emqx/emqx/pull/9790)。 + 现在投递保留消息前,会先过滤掉来源客户端被封禁了的那些消息。 + ## 修复 - 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 From e45918001555fb06fd5b10e487bfc26afb0ea99c Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 30 Jan 2023 14:53:20 +0800 Subject: [PATCH 21/57] fix: restart oracle resources at relup --- .../src/emqx_rule_engine.appup.src | 17 ++++++++---- .../emqx_rule_engine/src/emqx_rule_engine.erl | 27 ++++++++++++------- src/emqx_relup.erl | 25 +++++++++++++++++ 3 files changed, 55 insertions(+), 14 deletions(-) diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src index e9578168d..4ae9d3966 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src +++ b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src @@ -1,10 +1,13 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.14",[{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}]}, - {"4.4.13",[{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}]}, + [{<<"4\\.4\\.1[3-4]">>, + [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} + ]}, {"4.4.12", [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}]}, @@ -16,7 +19,8 @@ {load_module,emqx_rule_engine_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_api,brutal_purge,soft_purge,[]}, {apply,{emqx_rule_engine_sup,ensure_api_delegator_started,[]}}, - {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}]}, + {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} + ]}, {"4.4.10", [{add_module,emqx_rule_engine_jwt}, {add_module,emqx_rule_engine_jwt_worker}, @@ -222,10 +226,13 @@ {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_runtime,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.4.14",[{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}]}, - {"4.4.13",[{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}]}, + [{<<"4\\.4\\.1[3-4]">>, + [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} + ]}, {"4.4.12", [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}]}, diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.erl b/apps/emqx_rule_engine/src/emqx_rule_engine.erl index 8f7e6bdbb..5b3570cf2 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_engine.erl +++ b/apps/emqx_rule_engine/src/emqx_rule_engine.erl @@ -36,6 +36,7 @@ , create_resource/1 , test_resource/1 , start_resource/1 + , start_all_resources_of_type/1 , get_resource_status/1 , is_resource_alive/1 , is_resource_alive/2 @@ -354,19 +355,27 @@ do_check_and_update_resource(#{id := Id, type := Type, description := NewDescrip -spec(start_resource(resource_id()) -> ok | {error, Reason :: term()}). start_resource(ResId) -> case emqx_rule_registry:find_resource(ResId) of - {ok, #resource{type = ResType, config = Config}} -> - {ok, #resource_type{on_create = {Mod, Create}}} - = emqx_rule_registry:find_resource_type(ResType), - try - init_resource_with_retrier(Mod, Create, ResId, Config), - refresh_actions_of_a_resource(ResId) - catch - throw:Reason -> {error, Reason} - end; + {ok, Res} -> + do_start_resource(Res); not_found -> {error, {resource_not_found, ResId}} end. +do_start_resource(#resource{id = ResId, type = ResType, config = Config}) -> + {ok, #resource_type{on_create = {Mod, Create}}} + = emqx_rule_registry:find_resource_type(ResType), + try + init_resource_with_retrier(Mod, Create, ResId, Config), + refresh_actions_of_a_resource(ResId) + catch + throw:Reason -> {error, Reason} + end. + +-spec(start_all_resources_of_type(resource_type_name()) -> [{resource_id(), ok | {error, term()}}]). +start_all_resources_of_type(Type) -> + [{ResId, do_start_resource(Res)} + || #resource{id = ResId} = Res <- emqx_rule_registry:get_resources_by_type(Type)]. + -spec(test_resource(#{type := _, config := _, _ => _}) -> ok | {error, Reason :: term()}). test_resource(#{type := Type} = Params) -> case emqx_rule_registry:find_resource_type(Type) of diff --git a/src/emqx_relup.erl b/src/emqx_relup.erl index b26129828..dc453e7ff 100644 --- a/src/emqx_relup.erl +++ b/src/emqx_relup.erl @@ -32,6 +32,7 @@ post_release_upgrade(FromRelVsn, _) -> {_, CurrRelVsn} = ?EMQX_RELEASE, ?INFO("emqx has been upgraded from ~s to ~s!", [FromRelVsn, CurrRelVsn]), maybe_refresh_jwt_module(FromRelVsn), + _ = maybe_restart_oracle_resources(FromRelVsn), reload_components(). %% What to do after downgraded to an old release vsn. @@ -93,3 +94,27 @@ maybe_refresh_jwt_module(_) -> ok. -endif. + + +-ifdef(EMQX_ENTERPRISE). +maybe_restart_oracle_resources("4.4." ++ PatchVsn0) -> + try + case list_to_integer(PatchVsn0) of + PatchVsn when PatchVsn =< 14 -> + emqx_rule_engine:start_all_resources_of_type(backend_oracle); + _ -> ok + end + catch + Err:Reason:ST -> + ?INFO("maybe_restart_oracle_resources failed: ~p", [{Err, Reason, ST}]), + ok + end; +maybe_restart_oracle_resources(_) -> + ok. + +-else. + +maybe_restart_oracle_resources(_) -> + ok. + +-endif. From 5e111e44d76600fa2c7a29ace56f780fbf273910 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 30 Jan 2023 17:01:01 +0800 Subject: [PATCH 22/57] chore: improve the log format when printing raw binary --- src/emqx.appup.src | 16 ++++++++++++++++ src/emqx_connection.erl | 2 +- src/emqx_ws_connection.erl | 2 +- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/src/emqx.appup.src b/src/emqx.appup.src index cf5bdafd9..8f5a51133 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -4,6 +4,8 @@ [{"4.4.14", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, @@ -11,6 +13,8 @@ {"4.4.13", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, @@ -19,6 +23,8 @@ {"4.4.12", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, @@ -27,6 +33,8 @@ {"4.4.11", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, @@ -445,6 +453,8 @@ [{"4.4.14", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, @@ -452,6 +462,8 @@ {"4.4.13", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, @@ -460,6 +472,8 @@ {"4.4.12", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, @@ -468,6 +482,8 @@ {"4.4.11", [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + {load_module,emqx_connection,brutal_purge,soft_purge,[]}, + {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, diff --git a/src/emqx_connection.erl b/src/emqx_connection.erl index f31be4310..35ae98331 100644 --- a/src/emqx_connection.erl +++ b/src/emqx_connection.erl @@ -434,7 +434,7 @@ handle_msg({'$gen_cast', Req}, State) -> {ok, NewState}; handle_msg({Inet, _Sock, Data}, State) when Inet == tcp; Inet == ssl -> - ?LOG(debug, "RECV ~0p", [Data]), + ?LOG(debug, "RECV ~w", [Data]), Oct = iolist_size(Data), inc_counter(incoming_bytes, Oct), ok = emqx_metrics:inc('bytes.received', Oct), diff --git a/src/emqx_ws_connection.erl b/src/emqx_ws_connection.erl index 4696b37d9..1597c9b71 100644 --- a/src/emqx_ws_connection.erl +++ b/src/emqx_ws_connection.erl @@ -336,7 +336,7 @@ websocket_handle({binary, Data}, State) when is_list(Data) -> websocket_handle({binary, iolist_to_binary(Data)}, State); websocket_handle({binary, Data}, State) -> - ?LOG(debug, "RECV ~0p", [Data]), + ?LOG(debug, "RECV ~w", [Data]), ok = inc_recv_stats(1, iolist_size(Data)), NState = ensure_stats_timer(State), return(parse_incoming(Data, NState)); From c3e1c8a0546c15fbb4192fd34806184a15786ce4 Mon Sep 17 00:00:00 2001 From: JianBo He Date: Sun, 9 Oct 2022 10:31:26 +0800 Subject: [PATCH 23/57] chore(coap): update gen_coap to v0.4.3 --- apps/emqx_coap/rebar.config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/emqx_coap/rebar.config b/apps/emqx_coap/rebar.config index e1da2c197..3ec4e9fdb 100644 --- a/apps/emqx_coap/rebar.config +++ b/apps/emqx_coap/rebar.config @@ -1,4 +1,4 @@ {deps, [ - {gen_coap, {git, "https://github.com/emqx/gen_coap", {tag, "v0.4.2"}}} + {gen_coap, {git, "https://github.com/emqx/gen_coap", {tag, "v0.4.3"}}} ]}. From cbdd648df1f3afa5673b055d1170a822dd530a0a Mon Sep 17 00:00:00 2001 From: JianBo He Date: Tue, 31 Jan 2023 15:18:23 +0800 Subject: [PATCH 24/57] chore: update changes --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index f0cd4dad6..56f107a95 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -21,3 +21,5 @@ ``` 2023-01-29T13:40:36.567692+08:00 [debug] 127.0.0.1:50393 [MQTT] RECV CONNECT(Q0, R0, D0ClientId=test_client, ... Password=undefined) ``` + +- Avoid crash logs in CoAP gateway when receiving liveness checking packets from Load Balancer [#9869](https://github.com/emqx/emqx/pull/9869). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index a08c3d8db..e23e71977 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -20,3 +20,5 @@ ``` 2023-01-29T13:40:36.567692+08:00 [debug] 127.0.0.1:50393 [MQTT] RECV CONNECT(Q0, R0, D0ClientId=test_client, ... Password=undefined) ``` + +- 修复 CoAP 网关在收到负载均衡的心跳检查报文时产生的崩溃日志 [#9869](https://github.com/emqx/emqx/pull/9869)。 From 3973fff23f686f5d0e63c7fa4ce14e242c02306a Mon Sep 17 00:00:00 2001 From: firest Date: Tue, 31 Jan 2023 14:39:29 +0800 Subject: [PATCH 25/57] fix: the exclusive topics aren't removed when the session has already been cleaned --- src/emqx_broker.erl | 10 +- test/emqx_exclusive_sub_SUITE.erl | 170 ++++++++++++++++++++++++++++++ 2 files changed, 176 insertions(+), 4 deletions(-) create mode 100644 test/emqx_exclusive_sub_SUITE.erl diff --git a/src/emqx_broker.erl b/src/emqx_broker.erl index 0fc9975cc..76e0997a1 100644 --- a/src/emqx_broker.erl +++ b/src/emqx_broker.erl @@ -183,8 +183,7 @@ do_unsubscribe(Topic, SubPid, SubOpts) -> true = ets:delete(?SUBOPTION, {SubPid, Topic}), true = ets:delete_object(?SUBSCRIPTION, {SubPid, Topic}), Group = maps:get(share, SubOpts, undefined), - do_unsubscribe(Group, Topic, SubPid, SubOpts), - emqx_exclusive_subscription:unsubscribe(Topic, SubOpts). + do_unsubscribe(Group, Topic, SubPid, SubOpts). do_unsubscribe(undefined, Topic, SubPid, SubOpts) -> clean_subscribe(SubOpts, Topic, SubPid); @@ -344,9 +343,12 @@ subscriber_down(SubPid) -> clean_subscribe(SubOpts, Topic, SubPid) -> case maps:get(shard, SubOpts, 0) of - 0 -> true = ets:delete_object(?SUBSCRIBER, {Topic, SubPid}), + 0 -> + true = ets:delete_object(?SUBSCRIBER, {Topic, SubPid}), + ok = emqx_exclusive_subscription:unsubscribe(Topic, SubOpts), ok = cast(pick(Topic), {unsubscribed, Topic}); - I -> true = ets:delete_object(?SUBSCRIBER, {{shard, Topic, I}, SubPid}), + I -> + true = ets:delete_object(?SUBSCRIBER, {{shard, Topic, I}, SubPid}), ok = cast(pick({Topic, I}), {unsubscribed, Topic, I}) end. diff --git a/test/emqx_exclusive_sub_SUITE.erl b/test/emqx_exclusive_sub_SUITE.erl new file mode 100644 index 000000000..e5eec83e9 --- /dev/null +++ b/test/emqx_exclusive_sub_SUITE.erl @@ -0,0 +1,170 @@ +%%-------------------------------------------------------------------- +%% Copyright (c) 2018-2023 EMQ Technologies Co., Ltd. All Rights Reserved. +%% +%% Licensed under the Apache License, Version 2.0 (the "License"); +%% you may not use this file except in compliance with the License. +%% You may obtain a copy of the License at +%% +%% http://www.apache.org/licenses/LICENSE-2.0 +%% +%% Unless required by applicable law or agreed to in writing, software +%% distributed under the License is distributed on an "AS IS" BASIS, +%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +%% See the License for the specific language governing permissions and +%% limitations under the License. +%%-------------------------------------------------------------------- + +-module(emqx_exclusive_sub_SUITE). + +-compile(export_all). +-compile(nowarn_export_all). + +-include_lib("emqx/include/emqx.hrl"). +-include_lib("emqx/include/emqx_mqtt.hrl"). +-include_lib("eunit/include/eunit.hrl"). + +-define(TAB, emqx_exclusive_subscription). +-define(EXCLUSIVE_TOPIC, <<"$exclusive/t/1">>). +-define(NORMAL_TOPIC, <<"t/1">>). + +-define(CHECK_SUB(Client, Code), ?CHECK_SUB(Client, ?EXCLUSIVE_TOPIC, Code)). +-define(CHECK_SUB(Client, Topic, Code), + {ok, _, [Code]} = emqtt:subscribe(Client, Topic, []) +). + +all() -> emqx_ct:all(?MODULE). + +init_per_suite(Config) -> + emqx_ct_helpers:start_apps([]), + enable_exclusive_sub(true), + Config. + +end_per_suite(_Config) -> + reset_zone_env(), + emqx_ct_helpers:stop_apps([]). + +end_per_testcase(_TestCase, _Config) -> + mnesia:clear_table(?TAB). + +%% test that this feature is working during the whole session life cycle +t_exclusive_sub(_) -> + {ok, C1} = emqtt:start_link([ + {clientid, <<"client1">>}, + {clean_start, false}, + {proto_ver, v5}, + {properties, #{'Session-Expiry-Interval' => 100}} + ]), + {ok, _} = emqtt:connect(C1), + ?CHECK_SUB(C1, 0), + + {ok, C2} = emqtt:start_link([ + {clientid, <<"client2">>}, + {clean_start, false}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C2), + ?CHECK_SUB(C2, ?RC_QUOTA_EXCEEDED), + + %% keep exclusive even disconnected + ok = emqtt:disconnect(C1), + timer:sleep(1000), + + ?CHECK_SUB(C2, ?RC_QUOTA_EXCEEDED), + + ok = emqtt:disconnect(C2). + +%% test this feature does not interfere with normal subs +t_allow_normal_sub(_) -> + {ok, C1} = emqtt:start_link([ + {clientid, <<"client1">>}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C1), + ?CHECK_SUB(C1, 0), + + {ok, C2} = emqtt:start_link([ + {clientid, <<"client2">>}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C2), + ?CHECK_SUB(C2, ?NORMAL_TOPIC, 0), + + ok = emqtt:disconnect(C1), + ok = emqtt:disconnect(C2). + +%% test the exclusive topics can be released correctly +t_unsub(_) -> + {ok, C1} = emqtt:start_link([ + {clientid, <<"client1">>}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C1), + ?CHECK_SUB(C1, 0), + + {ok, C2} = emqtt:start_link([ + {clientid, <<"client2">>}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C2), + ?CHECK_SUB(C2, ?RC_QUOTA_EXCEEDED), + + {ok, #{}, [0]} = emqtt:unsubscribe(C1, ?EXCLUSIVE_TOPIC), + + ?CHECK_SUB(C2, 0), + + ok = emqtt:disconnect(C1), + ok = emqtt:disconnect(C2). + +%% test whether the exclusive topics would auto-clean after the session was cleaned +t_clean_session(_) -> + erlang:process_flag(trap_exit, true), + {ok, C1} = emqtt:start_link([ + {clientid, <<"client1">>}, + {clean_start, true}, + {proto_ver, v5}, + {properties, #{'Session-Expiry-Interval' => 0}} + ]), + {ok, _} = emqtt:connect(C1), + ?CHECK_SUB(C1, 0), + + {ok, C2} = emqtt:start_link([ + {clientid, <<"client2">>}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C2), + ?CHECK_SUB(C2, ?RC_QUOTA_EXCEEDED), + + %% auto clean when session was cleand + ok = emqtt:disconnect(C1), + + timer:sleep(1000), + + ?CHECK_SUB(C2, 0), + + ok = emqtt:disconnect(C2). + +%% test the feature switch +t_feat_disabled(_) -> + enable_exclusive_sub(false), + + {ok, C1} = emqtt:start_link([ + {clientid, <<"client1">>}, + {proto_ver, v5} + ]), + {ok, _} = emqtt:connect(C1), + ?CHECK_SUB(C1, ?RC_TOPIC_FILTER_INVALID), + ok = emqtt:disconnect(C1), + + enable_exclusive_sub(true). + +enable_exclusive_sub(Enable) -> + emqx_zone:set_env( + external, + '$mqtt_sub_caps', + #{exclusive_subscription => Enable} + ), + timer:sleep(50). + +reset_zone_env() -> + emqx_zone:unset_env(external, '$mqtt_sub_caps'), + timer:sleep(50). From e051df440acc9918c6292d0dd081836c2947b85c Mon Sep 17 00:00:00 2001 From: firest Date: Tue, 31 Jan 2023 23:34:28 +0800 Subject: [PATCH 26/57] chore: bump version && update changes --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ src/emqx.appup.src | 60 ++++++++++++++++++++++++++++--------------- 3 files changed, 44 insertions(+), 20 deletions(-) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 56f107a95..1dfe74aac 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -23,3 +23,5 @@ ``` - Avoid crash logs in CoAP gateway when receiving liveness checking packets from Load Balancer [#9869](https://github.com/emqx/emqx/pull/9869). + +- Fix the exclusive topics aren't removed when the session has already been cleaned [#9868](https://github.com/emqx/emqx/pull/9868). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index e23e71977..a4bb0a50d 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -22,3 +22,5 @@ ``` - 修复 CoAP 网关在收到负载均衡的心跳检查报文时产生的崩溃日志 [#9869](https://github.com/emqx/emqx/pull/9869)。 + +- 修复会话关闭后,其持有的排他订阅主题没有被释放的问题 [#9868](https://github.com/emqx/emqx/pull/9868)。 diff --git a/src/emqx.appup.src b/src/emqx.appup.src index 8f5a51133..1770bce7c 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -2,7 +2,8 @@ %% Unless you know what you are doing, DO NOT edit manually!! {VSN, [{"4.4.14", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -11,7 +12,8 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -21,7 +23,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -31,7 +34,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -44,7 +48,8 @@ {load_module,emqx_session,brutal_purge,soft_purge,[]}, {load_module,emqx_channel,brutal_purge,soft_purge,[]}]}, {"4.4.10", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -67,7 +72,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.9", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -96,7 +102,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.8", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -126,7 +133,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.7", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -156,7 +164,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.6", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -186,7 +195,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.5", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -451,7 +461,8 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {<<".*">>,[]}], [{"4.4.14", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -460,7 +471,8 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -470,7 +482,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -480,7 +493,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -493,7 +507,8 @@ {load_module,emqx_session,brutal_purge,soft_purge,[]}, {delete_module,emqx_cover}]}, {"4.4.10", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -513,7 +528,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.9", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -538,7 +554,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.8", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -564,7 +581,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.7", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -590,7 +608,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.6", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -616,7 +635,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.5", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, From d4df2ddf251107e3952e46fab75ddca35ce670d6 Mon Sep 17 00:00:00 2001 From: firest Date: Fri, 3 Feb 2023 15:30:37 +0800 Subject: [PATCH 27/57] feat(banned): session will be kicked when client is banned by `clientid` --- src/emqx_banned.erl | 33 +++++++++++++++++++++++++++------ test/emqx_banned_SUITE.erl | 30 +++++++++++++++++++++++++++--- 2 files changed, 54 insertions(+), 9 deletions(-) diff --git a/src/emqx_banned.erl b/src/emqx_banned.erl index ba5259c52..ce5c9c2be 100644 --- a/src/emqx_banned.erl +++ b/src/emqx_banned.erl @@ -21,6 +21,7 @@ -include("emqx.hrl"). -include("logger.hrl"). -include("types.hrl"). +-include_lib("snabbkaffe/include/snabbkaffe.hrl"). -logger_header("[Banned]"). @@ -95,13 +96,15 @@ create(#{who := Who, reason := Reason, at := At, until := Until}) -> - mnesia:dirty_write(?BANNED_TAB, #banned{who = Who, - by = By, - reason = Reason, - at = At, - until = Until}); + insert_banned(#banned{ + who = Who, + by = By, + reason = Reason, + at = At, + until = Until + }); create(Banned) when is_record(Banned, banned) -> - mnesia:dirty_write(?BANNED_TAB, Banned). + insert_banned(Banned). -spec(delete({clientid, emqx_types:clientid()} | {username, emqx_types:username()} @@ -162,3 +165,21 @@ expire_banned_items(Now) -> mnesia:delete_object(?BANNED_TAB, B, sticky_write); (_, _Acc) -> ok end, ok, ?BANNED_TAB). + +insert_banned(Banned) -> + mnesia:dirty_write(?BANNED_TAB, Banned), + on_banned(Banned). + +on_banned(#banned{who = {clientid, ClientId}}) -> + %% kick the session if the client is banned by clientid + ?tp( + warning, + kick_session_due_to_banned, + #{ + clientid => ClientId + } + ), + emqx_cm:kick_session(ClientId), + ok; +on_banned(_) -> + ok. diff --git a/test/emqx_banned_SUITE.erl b/test/emqx_banned_SUITE.erl index 3630b7516..f409b1f96 100644 --- a/test/emqx_banned_SUITE.erl +++ b/test/emqx_banned_SUITE.erl @@ -21,11 +21,12 @@ -include_lib("emqx/include/emqx.hrl"). -include_lib("eunit/include/eunit.hrl"). +-include_lib("snabbkaffe/include/snabbkaffe.hrl"). all() -> emqx_ct:all(?MODULE). init_per_suite(Config) -> - application:load(emqx), + emqx_ct_helpers:start_apps([]), ok = ekka:start(), %% for coverage ok = emqx_banned:mnesia(copy), @@ -34,7 +35,8 @@ init_per_suite(Config) -> end_per_suite(_Config) -> ekka:stop(), ekka_mnesia:ensure_stopped(), - ekka_mnesia:delete_schema(). + ekka_mnesia:delete_schema(), + emqx_ct_helpers:stop_apps([]). t_add_delete(_) -> Banned = #banned{who = {clientid, <<"TestClient">>}, @@ -84,7 +86,10 @@ t_check(_) -> ?assertEqual(0, emqx_banned:info(size)). t_unused(_) -> - {ok, Banned} = emqx_banned:start_link(), + Banned = case emqx_banned:start_link() of + {ok, Pid} -> Pid; + {error, {already_started, Pid}} -> Pid + end, ok = emqx_banned:create(#banned{who = {clientid, <<"BannedClient">>}, until = erlang:system_time(second)}), ?assertEqual(ignored, gen_server:call(Banned, unexpected_req)), @@ -93,3 +98,22 @@ t_unused(_) -> timer:sleep(500), %% expiry timer ok = emqx_banned:stop(). +t_kick(_) -> + ClientId = <<"client">>, + snabbkaffe:start_trace(), + + Now = erlang:system_time(second), + Who = {clientid, ClientId}, + + emqx_banned:create(#{ + who => Who, + by => <<"test">>, + reason => <<"test">>, + at => Now, + until => Now + 120 + }), + + Trace = snabbkaffe:collect_trace(), + snabbkaffe:stop(), + emqx_banned:delete(Who), + ?assertEqual(1, length(?of_kind(kick_session_due_to_banned, Trace))). From 9140f50456f0c1f383c982d9c8ae1c6075c75054 Mon Sep 17 00:00:00 2001 From: firest Date: Fri, 3 Feb 2023 15:36:25 +0800 Subject: [PATCH 28/57] chore: update changes --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 1dfe74aac..49024bdd5 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -10,6 +10,8 @@ - Security enhancement for retained messages [#9790](https://github.com/emqx/emqx/pull/9790). The retained messages will not be published if the publisher client is banned. +- Now the corresponding session will be kicked when client is banned by `clientid` [#9904](https://github.com/emqx/emqx/pull/9904). + ## Bug fixes - Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index a4bb0a50d..4a0a6cf74 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -10,6 +10,8 @@ - 增强 `保留消息` 的安全性 [#9790](https://github.com/emqx/emqx/pull/9790)。 现在投递保留消息前,会先过滤掉来源客户端被封禁了的那些消息。 +- 现在客户端通过 `clientid` 被封禁时将会踢掉对应的会话 [#9904](https://github.com/emqx/emqx/pull/9904)。 + ## 修复 - 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 From 6a7b0bd1f869a69f36025d28463e5c94bbe0b7a7 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Sat, 4 Feb 2023 11:36:19 +0800 Subject: [PATCH 29/57] fix: update cowboy to 2.9.1 --- rebar.config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rebar.config b/rebar.config index 20531703e..397963151 100644 --- a/rebar.config +++ b/rebar.config @@ -46,7 +46,7 @@ , {eredis_cluster, {git, "https://github.com/emqx/eredis_cluster", {tag, "0.7.4"}}} , {gproc, {git, "https://github.com/uwiger/gproc", {tag, "0.9.0"}}} , {jiffy, {git, "https://github.com/emqx/jiffy", {tag, "1.0.5"}}} - , {cowboy, {git, "https://github.com/emqx/cowboy", {tag, "2.9.0"}}} + , {cowboy, {git, "https://github.com/emqx/cowboy", {tag, "2.9.1"}}} , {esockd, {git, "https://github.com/emqx/esockd", {tag, "5.8.8"}}} , {ekka, {git, "https://github.com/emqx/ekka", {tag, "0.8.1.11"}}} , {gen_rpc, {git, "https://github.com/emqx/gen_rpc", {tag, "3.0.1"}}} From c22e2a0d185d108ad5f1b0f86ec700df753d6987 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Sat, 4 Feb 2023 12:48:12 +0800 Subject: [PATCH 30/57] fix: add retry for rules --- .../emqx_rule_engine/src/emqx_rule_engine.erl | 30 ++++--- .../src/emqx_rule_monitor.erl | 83 ++++++++++++++----- .../test/emqx_rule_monitor_SUITE.erl | 4 +- 3 files changed, 82 insertions(+), 35 deletions(-) diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.erl b/apps/emqx_rule_engine/src/emqx_rule_engine.erl index 5b3570cf2..b7467a81f 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_engine.erl +++ b/apps/emqx_rule_engine/src/emqx_rule_engine.erl @@ -529,19 +529,27 @@ refresh_resource(#resource{id = ResId, type = Type, config = Config}) -> refresh_rules_when_boot() -> lists:foreach(fun (#rule{enabled = true} = Rule) -> - try refresh_rule(Rule) - catch _:_ -> - %% We set the enable = false when rule init failed to avoid bad rules running - %% without actions created properly. - %% The init failure might be caused by a disconnected resource, in this case the - %% actions can not be created, so the rules won't work. - %% After the user fixed the problem he can enable it manually, - %% doing so will also recreate the actions. - emqx_rule_registry:add_rule(Rule#rule{enabled = false, state = refresh_failed_at_bootup}) - end; - (_) -> ok + ensure_rule_retrier(Rule); + (#rule{enabled = false, state = refresh_failed_at_bootup} = Rule) -> + %% the rule was previously disabled by emqx so we need to retry it + ensure_rule_retrier(Rule); + (#rule{enabled = false, id = RuleId}) -> + ?LOG(warning, "rule ~s was disabled by the user, won't re-enable it", [RuleId]) end, emqx_rule_registry:get_rules()). +ensure_rule_retrier(#rule{id = RuleId} = Rule) -> + try refresh_rule(Rule) + catch _:_ -> + %% We set the enable = false when rule init failed to avoid bad rules running + %% without actions created properly. + %% The init failure might be caused by a disconnected resource, in this case the + %% actions can not be created, so the rules won't work. + %% After the user fixed the problem he can enable it manually, + %% doing so will also recreate the actions. + emqx_rule_registry:add_rule(Rule#rule{enabled = false, state = refresh_failed_at_bootup}), + emqx_rule_monitor:ensure_rule_retrier(RuleId) + end. + refresh_rule(#rule{id = RuleId, for = Topics, actions = Actions}) -> ok = emqx_rule_metrics:create_rule_metrics(RuleId), lists:foreach(fun emqx_rule_events:load/1, Topics), diff --git a/apps/emqx_rule_engine/src/emqx_rule_monitor.erl b/apps/emqx_rule_engine/src/emqx_rule_monitor.erl index f45684053..4e4d4ebe1 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_monitor.erl +++ b/apps/emqx_rule_engine/src/emqx_rule_monitor.erl @@ -33,16 +33,21 @@ , stop/0 , async_refresh_resources_rules/0 , ensure_resource_retrier/1 + , ensure_rule_retrier/1 + , retry_loop/2 , retry_loop/3 ]). -%% fot test --export([ put_retry_interval/1 - , get_retry_interval/0 - , erase_retry_interval/0 +-export([ put_resource_retry_interval/1 + , put_rule_retry_interval/1 + , get_resource_retry_interval/0 + , get_rule_retry_interval/0 + , erase_resource_retry_interval/0 + , erase_rule_retry_interval/0 ]). --define(T_RETRY, 60000). +-define(T_RESOURCE_RETRY, 15000). +-define(T_RULE_RETRY, 20000). start_link() -> gen_server:start_link({local, ?MODULE}, ?MODULE, [], []). @@ -54,23 +59,33 @@ init([]) -> _ = erlang:process_flag(trap_exit, true), {ok, #{retryers => #{}}}. -put_retry_interval(I) when is_integer(I) andalso I >= 10 -> +put_resource_retry_interval(I) when is_integer(I) andalso I >= 10 -> _ = persistent_term:put({?MODULE, resource_restart_interval}, I), ok. - -erase_retry_interval() -> - _ = persistent_term:erase({?MODULE, resource_restart_interval}), +put_rule_retry_interval(I) when is_integer(I) andalso I >= 10 -> + _ = persistent_term:put({?MODULE, rule_restart_interval}, I), ok. -get_retry_interval() -> - persistent_term:get({?MODULE, resource_restart_interval}, ?T_RETRY). +erase_resource_retry_interval() -> + _ = persistent_term:erase({?MODULE, resource_restart_interval}), + ok. +erase_rule_retry_interval() -> + _ = persistent_term:erase({?MODULE, rule_restart_interval}), + ok. + +get_resource_retry_interval() -> + persistent_term:get({?MODULE, resource_restart_interval}, ?T_RESOURCE_RETRY). +get_rule_retry_interval() -> + persistent_term:get({?MODULE, rule_restart_interval}, ?T_RULE_RETRY). async_refresh_resources_rules() -> gen_server:cast(?MODULE, async_refresh). ensure_resource_retrier(ResId) -> - Interval = get_retry_interval(), - gen_server:cast(?MODULE, {create_restart_handler, resource, ResId, Interval}). + gen_server:cast(?MODULE, {create_restart_handler, resource, ResId}). + +ensure_rule_retrier(RuleId) -> + gen_server:cast(?MODULE, {create_restart_handler, rule, RuleId}). handle_call(_Msg, _From, State) -> {reply, ok, State}. @@ -82,12 +97,12 @@ handle_cast(async_refresh, State) -> Pid = spawn_link(fun do_async_refresh/0), {noreply, State#{boot_refresh_pid => Pid}}; -handle_cast({create_restart_handler, Tag, Obj, Interval}, State) -> +handle_cast({create_restart_handler, Tag, Obj}, State) -> Objects = maps:get(Tag, State, #{}), NewState = case maps:find(Obj, Objects) of error -> update_object(Tag, Obj, - create_restart_handler(Tag, Obj, Interval), State); + create_restart_handler(Tag, Obj), State); {ok, _Pid} -> State end, @@ -130,13 +145,17 @@ update_object(Tag, Obj, Retryer, State) -> retryers => Retryers#{Retryer => {Tag, Obj}} }. -create_restart_handler(Tag, Obj, Interval) -> - ?LOG(info, "starting_a_retry_loop for ~p ~p, with delay interval: ~p", [Tag, Obj, Interval]), +create_restart_handler(Tag, Obj) -> + ?LOG(warning, "starting_a_retry_loop for ~p ~p", [Tag, Obj]), %% spawn a dedicated process to handle the restarting asynchronously - spawn_link(?MODULE, retry_loop, [Tag, Obj, Interval]). + spawn_link(?MODULE, retry_loop, [Tag, Obj]). -retry_loop(resource, ResId, Interval) -> - timer:sleep(Interval), +%% retry_loop/3 is to avoid crashes during relup +retry_loop(Tag, ResId, _Interval) -> + retry_loop(Tag, ResId). + +retry_loop(resource, ResId) -> + timer:sleep(get_resource_retry_interval()), case emqx_rule_registry:find_resource(ResId) of {ok, #resource{type = Type, config = Config}} -> try @@ -154,10 +173,30 @@ retry_loop(resource, ResId, Interval) -> end, ?LOG_SENSITIVE(warning, "init_resource_retry_failed ~p, ~0p", [ResId, LogContext]), %% keep looping - ?MODULE:retry_loop(resource, ResId, Interval) + ?MODULE:retry_loop(resource, ResId) end; not_found -> ok + end; + +retry_loop(rule, RuleId) -> + timer:sleep(get_rule_retry_interval()), + case emqx_rule_registry:get_rule(RuleId) of + {ok, #rule{enabled = false, state = refresh_failed_at_bootup} = Rule} -> + try + emqx_rule_engine:refresh_rule(Rule), + emqx_rule_registry:add_rule(Rule#rule{enabled = true, state = normal}), + ?LOG(warning, "rule ~s has been refreshed and re-enabled", [RuleId]) + catch + Err:Reason:ST -> + ?LOG(warning, "init_rule failed: ~p, ~0p", + [{Err, Reason}, ST]), + ?MODULE:retry_loop(rule, RuleId) + end; + {ok, #rule{enabled = false, state = State}} when State =/= refresh_failed_at_bootup -> + ?LOG(warning, "rule ~s was disabled by the user, won't re-enable it", [RuleId]); + _ -> + ok end. do_async_refresh() -> @@ -171,6 +210,6 @@ refresh_and_enable_rules_of_resource(ResId) -> fun (#rule{id = Id, enabled = false, state = refresh_failed_at_bootup} = Rule) -> emqx_rule_engine:refresh_rule(Rule), emqx_rule_registry:add_rule(Rule#rule{enabled = true, state = normal}), - ?LOG(info, "rule ~s is refreshed and re-enabled", [Id]); + ?LOG(warning, "rule ~s is refreshed and re-enabled", [Id]); (_) -> ok end, emqx_rule_registry:find_rules_depends_on_resource(ResId)). diff --git a/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl index 2bab6c4d8..1c478fb63 100644 --- a/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl +++ b/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl @@ -48,7 +48,7 @@ end_per_suite(_Config) -> ok. init_per_testcase(t_restart_resource, Config) -> - emqx_rule_monitor:put_retry_interval(100), + emqx_rule_monitor:put_resource_retry_interval(100), Opts = [public, named_table, set, {read_concurrency, true}], _ = ets:new(?RES_PARAMS_TAB, [{keypos, #resource_params.id}|Opts]), ets:new(t_restart_resource, [named_table, public]), @@ -95,7 +95,7 @@ common_init_per_testcase() -> common_end_per_testcases() -> ok = emqx_alarm:stop(), - emqx_rule_monitor:erase_retry_interval(), + emqx_rule_monitor:erase_resource_retry_interval(), emqx_rule_monitor:stop(). t_restart_resource(_) -> From 5f0d570ab9cb757c936eb83f888abc9dc1604b51 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Sat, 4 Feb 2023 12:49:09 +0800 Subject: [PATCH 31/57] chore: udpate change logs --- changes/v4.4.15-en.md | 6 ++++++ changes/v4.4.15-zh.md | 6 ++++++ changes/v4.4.15.en.md | 5 ----- changes/v4.4.15.zh.md | 5 ----- 4 files changed, 12 insertions(+), 10 deletions(-) delete mode 100644 changes/v4.4.15.en.md delete mode 100644 changes/v4.4.15.zh.md diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 1dfe74aac..1dc3623fa 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -2,6 +2,8 @@ ## Enhancements +- Support HAProxy protocol for dashboard API [9803](https://github.com/emqx/emqx/pull/9803). + - Added Ubuntu 22.04 package release [#9831](https://github.com/emqx/emqx/pull/9831). - Improve the integration of the `banned` and the `delayed` feature [#9790](https://github.com/emqx/emqx/pull/9790). @@ -25,3 +27,7 @@ - Avoid crash logs in CoAP gateway when receiving liveness checking packets from Load Balancer [#9869](https://github.com/emqx/emqx/pull/9869). - Fix the exclusive topics aren't removed when the session has already been cleaned [#9868](https://github.com/emqx/emqx/pull/9868). + +- fix the emqx reports `{case_clause,{error,closed}}` error log message when websocket connections interrupted [](). + +- fix sometimes rules can be enabled automatically after emqx is restarted [](). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index a4bb0a50d..cf4a2d9c0 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -2,6 +2,8 @@ ## 增强 +- 现在 dashboard 支持 `HAProxy` 协议了 [9803](https://github.com/emqx/emqx/pull/9803)。 + - 发布 Ubuntu 22.04 安装包 [#9831](https://github.com/emqx/emqx/pull/9831)。 - 增强 `封禁` 和 `延迟消息` 这两个功能的集成性 [#9790](https://github.com/emqx/emqx/pull/9790)。 @@ -24,3 +26,7 @@ - 修复 CoAP 网关在收到负载均衡的心跳检查报文时产生的崩溃日志 [#9869](https://github.com/emqx/emqx/pull/9869)。 - 修复会话关闭后,其持有的排他订阅主题没有被释放的问题 [#9868](https://github.com/emqx/emqx/pull/9868)。 + +- 修复 Websocket 连接中断时日志报 `{case_clause,{error,closed}}` 错误的问题 []()。 + +- 修复某些情况下,重启 emqx 后规则无法自动启用的问题 []()。 diff --git a/changes/v4.4.15.en.md b/changes/v4.4.15.en.md deleted file mode 100644 index cca435877..000000000 --- a/changes/v4.4.15.en.md +++ /dev/null @@ -1,5 +0,0 @@ -# v4.4.15 - -## Enhancements - -- Support HAProxy protocol for dashboard API [9803](https://github.com/emqx/emqx/pull/9803). diff --git a/changes/v4.4.15.zh.md b/changes/v4.4.15.zh.md deleted file mode 100644 index 25beb836b..000000000 --- a/changes/v4.4.15.zh.md +++ /dev/null @@ -1,5 +0,0 @@ -# v4.4.15 - -## 增强 - -- 现在 dashboard 增加了对 `HAProxy` 协议的支持 [9803](https://github.com/emqx/emqx/pull/9803)。 From 73c6275788f69d35b7ace60f12273317c86721b2 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Sat, 4 Feb 2023 12:53:29 +0800 Subject: [PATCH 32/57] chore: update emqx_rule_engine.appup.src --- apps/emqx_rule_engine/src/emqx_rule_engine.appup.src | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src index 4ae9d3966..e6951e980 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src +++ b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src @@ -3,16 +3,19 @@ {VSN, [{<<"4\\.4\\.1[3-4]">>, [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} ]}, {"4.4.12", [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, @@ -228,16 +231,19 @@ {<<".*">>,[]}], [{<<"4\\.4\\.1[3-4]">>, [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} ]}, {"4.4.12", [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, From e1418cd0386c571dd48a9364cea0a4fd642135f6 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 6 Feb 2023 10:05:54 +0800 Subject: [PATCH 33/57] fix: typos in change logs --- changes/v4.4.15-en.md | 4 ++-- changes/v4.4.15-zh.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 1dc3623fa..a0f319ccd 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -28,6 +28,6 @@ - Fix the exclusive topics aren't removed when the session has already been cleaned [#9868](https://github.com/emqx/emqx/pull/9868). -- fix the emqx reports `{case_clause,{error,closed}}` error log message when websocket connections interrupted [](). +- fix the emqx reports `{case_clause,{error,closed}}` error log message when websocket connections interrupted [emqx/cowboy#8](https://github.com/emqx/cowboy/pull/8). -- fix sometimes rules can be enabled automatically after emqx is restarted [](). +- fix sometimes the rules cannot be enabled automatically after emqx is restarted [#9911](https://github.com/emqx/emqx/pull/9911). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index cf4a2d9c0..169af461e 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -27,6 +27,6 @@ - 修复会话关闭后,其持有的排他订阅主题没有被释放的问题 [#9868](https://github.com/emqx/emqx/pull/9868)。 -- 修复 Websocket 连接中断时日志报 `{case_clause,{error,closed}}` 错误的问题 []()。 +- 修复 Websocket 连接中断时日志报 `{case_clause,{error,closed}}` 错误的问题 [emqx/cowboy#8](https://github.com/emqx/cowboy/pull/8)。 -- 修复某些情况下,重启 emqx 后规则无法自动启用的问题 []()。 +- 修复某些情况下,重启 emqx 后规则无法自动启用的问题 [#9911](https://github.com/emqx/emqx/pull/9911)。 From 0c66f2fec39dc5e04e04f94faf45cf9e83814b6a Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 6 Feb 2023 14:50:06 +0800 Subject: [PATCH 34/57] fix: update replayq to 0.3.5 --- rebar.config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rebar.config b/rebar.config index 397963151..25bd69b6e 100644 --- a/rebar.config +++ b/rebar.config @@ -53,7 +53,7 @@ , {cuttlefish, {git, "https://github.com/emqx/cuttlefish", {tag, "v3.3.6"}}} , {minirest, {git, "https://github.com/emqx/minirest", {tag, "0.3.11"}}} , {ecpool, {git, "https://github.com/emqx/ecpool", {tag, "0.5.2"}}} - , {replayq, {git, "https://github.com/emqx/replayq", {tag, "0.3.4"}}} + , {replayq, {git, "https://github.com/emqx/replayq", {tag, "0.3.5"}}} , {pbkdf2, {git, "https://github.com/emqx/erlang-pbkdf2.git", {branch, "2.0.4"}}} , {emqtt, {git, "https://github.com/emqx/emqtt", {tag, "1.2.3.1"}}} , {rulesql, {git, "https://github.com/emqx/rulesql", {tag, "0.1.5"}}} From 1f4869fba3b1782faffca4bcbf4138b05fd54274 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 6 Feb 2023 21:22:10 +0800 Subject: [PATCH 35/57] fix: the application stop order is wrong after ekka:join/1 --- src/emqx.erl | 58 ++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 50 insertions(+), 8 deletions(-) diff --git a/src/emqx.erl b/src/emqx.erl index a9a378080..85d154023 100644 --- a/src/emqx.erl +++ b/src/emqx.erl @@ -65,6 +65,8 @@ %% Troubleshooting -export([ set_debug_secret/1 + , default_started_applications/0 + , expand_apps/1 ]). -define(APP, ?MODULE). @@ -252,14 +254,6 @@ is_application_running(App) -> StartedApps = proplists:get_value(started, application:info()), proplists:is_defined(App, StartedApps). --ifdef(EMQX_ENTERPRISE). -default_started_applications() -> - [gproc, esockd, ranch, cowboy, ekka, emqx]. --else. -default_started_applications() -> - [gproc, esockd, ranch, cowboy, ekka, emqx, emqx_modules]. --endif. - -ifdef(EMQX_ENTERPRISE). on_reboot() -> try @@ -290,6 +284,54 @@ on_shutdown(_) -> %%-------------------------------------------------------------------- %% Internal functions %%-------------------------------------------------------------------- +-ifdef(EMQX_ENTERPRISE). +applications_need_restart() -> + [gproc, esockd, ranch, cowboy, ekka, emqx]. +-else. +applications_need_restart() -> + [gproc, esockd, ranch, cowboy, ekka, emqx, emqx_modules]. +-endif. + +-define(PK_START_APPS, {?MODULE, default_started_applications}). +default_started_applications() -> + case persistent_term:get(?PK_START_APPS, undefined) of + undefined -> + AppNames = expand_apps(applications_need_restart()), + ok = persistent_term:put(?PK_START_APPS, AppNames), + AppNames; + AppNames -> + AppNames + end. + +%% expand the application list with dependent apps. +expand_apps(AppNames) -> + AllApps = application:which_applications(), + remove_duplicated( + lists:flatmap(fun(AppName) -> + expand_an_app(AppName, AllApps) + end, AppNames)). + +expand_an_app(AppNameA, AllApps) -> + expand_an_app(AppNameA, AllApps, [AppNameA]). + +expand_an_app(_AppNameA, [], Acc) -> + Acc; +expand_an_app(AppNameA, [{AppNameB, _Descr, _Vsn} | AllApps], Acc) -> + {ok, DepAppNames} = application:get_key(AppNameB, applications), + case lists:member(AppNameA, DepAppNames) of + true -> %% AppNameB depends on AppNameA + NewAcc = Acc ++ expand_an_app(AppNameB, AllApps), + expand_an_app(AppNameA, AllApps, NewAcc); + false -> + expand_an_app(AppNameA, AllApps, Acc) + end. + +remove_duplicated([]) -> []; +remove_duplicated([E | Elems]) -> + case lists:member(E, Elems) of + true -> remove_duplicated(Elems); + false -> [E] ++ remove_duplicated(Elems) + end. reload_config(ConfFile) -> {ok, [Conf]} = file:consult(ConfFile), From 79c8b69e362c4ad4f7bd2cb619e24a90e38ece43 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 6 Feb 2023 21:42:44 +0800 Subject: [PATCH 36/57] chore: add change logs --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index a0f319ccd..35e170b27 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -31,3 +31,5 @@ - fix the emqx reports `{case_clause,{error,closed}}` error log message when websocket connections interrupted [emqx/cowboy#8](https://github.com/emqx/cowboy/pull/8). - fix sometimes the rules cannot be enabled automatically after emqx is restarted [#9911](https://github.com/emqx/emqx/pull/9911). + +- fix the `{badarg,[{ets,lookup,[gproc,{shared, ...` error logs during shutdown [#9919](https://github.com/emqx/emqx/pull/9919). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index 169af461e..dc8a14f82 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -30,3 +30,5 @@ - 修复 Websocket 连接中断时日志报 `{case_clause,{error,closed}}` 错误的问题 [emqx/cowboy#8](https://github.com/emqx/cowboy/pull/8)。 - 修复某些情况下,重启 emqx 后规则无法自动启用的问题 [#9911](https://github.com/emqx/emqx/pull/9911)。 + +- 修复停止 emqx 的时候,日志出现 `{badarg,[{ets,lookup,[gproc,{shared, ...` 错误的问题 [#9919](https://github.com/emqx/emqx/pull/9919)。 From a75e8b93c06bce280479e7a4f309bdb8186f65f2 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Mon, 6 Feb 2023 21:44:51 +0800 Subject: [PATCH 37/57] chore: update src/emqx.appup.src --- src/emqx.appup.src | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/emqx.appup.src b/src/emqx.appup.src index 1770bce7c..ac216c43e 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -8,6 +8,7 @@ {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, @@ -20,6 +21,7 @@ {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", @@ -31,6 +33,7 @@ {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", @@ -41,6 +44,7 @@ {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, @@ -467,6 +471,7 @@ {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, @@ -479,6 +484,7 @@ {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", @@ -490,6 +496,7 @@ {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_cm,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", @@ -499,6 +506,7 @@ {load_module,emqx_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, + {load_module,emqx,brutal_purge,soft_purge,[]}, {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, From 5b518eedb87336e673fddb95bdf166b1abae03a4 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Tue, 7 Feb 2023 16:18:59 +0800 Subject: [PATCH 38/57] fix(http-api): using a fixed order when cluster query nodes --- apps/emqx_management/src/emqx_mgmt_api.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/emqx_management/src/emqx_mgmt_api.erl b/apps/emqx_management/src/emqx_mgmt_api.erl index b9f8aeab1..99d8f8172 100644 --- a/apps/emqx_management/src/emqx_mgmt_api.erl +++ b/apps/emqx_management/src/emqx_mgmt_api.erl @@ -167,7 +167,7 @@ cluster_query(Params, {Tab, QsSchema}, QueryFun) -> Start = if Page > 1 -> (Page-1) * Limit; true -> 0 end, - Nodes = ekka_mnesia:running_nodes(), + Nodes = lists:sort(ekka_mnesia:running_nodes()), Rows = do_cluster_query(Nodes, Qs, QueryFun, Start, Limit+1, []), Meta = #{page => Page, limit => Limit}, NMeta = case CodCnt =:= 0 of From b9a80903e3dc84d81be869187617268a097767ea Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Tue, 7 Feb 2023 17:13:35 +0800 Subject: [PATCH 39/57] fix: update change logs --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 35e170b27..c7813ccbb 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -14,6 +14,8 @@ ## Bug fixes +- The returned client lists of HTTP query `GET /api/v4/clients?_page=2&_limit=20` to different nodes might be inconsistent [#9926](https://github.com/emqx/emqx/pull/9926). + - Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). For more detailed information please see: [emqx/esockd#170](https://github.com/emqx/esockd/pull/170). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index dc8a14f82..3ea2c0298 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -14,6 +14,8 @@ ## 修复 +- 使用 HTTP API `GET /api/v4/clients?_page=2&_limit=20` 请求客户端列表时,请求发送到不同的 emqx 节点,返回的客户端列表可能不一致 [#9926](https://github.com/emqx/emqx/pull/9926)。 + - 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 详情见:[emqx/esockd#170](https://github.com/emqx/esockd/pull/170) From 2cbc7a6b8f039e7324fac5c7c257d6e260c3eed5 Mon Sep 17 00:00:00 2001 From: "Zaiming (Stone) Shi" Date: Tue, 7 Feb 2023 10:34:51 +0100 Subject: [PATCH 40/57] fix(emqx_vm): OTP vsn from system_info when not able to locate BUILT_ON --- src/emqx.appup.src | 90 ++++++++++++++++++++++++++++++---------------- src/emqx_vm.erl | 13 ++++--- 2 files changed, 69 insertions(+), 34 deletions(-) diff --git a/src/emqx.appup.src b/src/emqx.appup.src index ac216c43e..daf18aff5 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -2,7 +2,8 @@ %% Unless you know what you are doing, DO NOT edit manually!! {VSN, [{"4.4.14", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -13,7 +14,8 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -25,7 +27,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -37,7 +40,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -52,7 +56,8 @@ {load_module,emqx_session,brutal_purge,soft_purge,[]}, {load_module,emqx_channel,brutal_purge,soft_purge,[]}]}, {"4.4.10", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -76,7 +81,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.9", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -106,7 +112,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.8", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -137,7 +144,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.7", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -168,7 +176,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.6", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -199,7 +208,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.5", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -232,7 +242,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.4", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -271,7 +282,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.3", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -316,7 +328,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.2", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -362,7 +375,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.1", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -412,7 +426,8 @@ {apply,{application,set_env, [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.0", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, {add_module,emqx_crl_cache}, @@ -465,7 +480,8 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {<<".*">>,[]}], [{"4.4.14", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -476,7 +492,8 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -488,7 +505,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -500,7 +518,8 @@ {load_module,emqx_relup,brutal_purge,soft_purge,[]}, {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_connection,brutal_purge,soft_purge,[]}, @@ -515,7 +534,8 @@ {load_module,emqx_session,brutal_purge,soft_purge,[]}, {delete_module,emqx_cover}]}, {"4.4.10", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -536,7 +556,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.9", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -562,7 +583,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.8", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -589,7 +611,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.7", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -616,7 +639,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.6", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -643,7 +667,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.5", - [{load_module,emqx_broker,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -672,7 +697,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.4", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -707,7 +733,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.3", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -747,7 +774,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.2", - [{load_module,emqx_banned,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, @@ -788,7 +816,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.1", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_router_helper,brutal_purge,soft_purge,[]}, {load_module,emqx_ws_connection,brutal_purge,soft_purge,[]}, @@ -833,7 +862,8 @@ {delete_module,emqx_crl_cache}, {delete_module,emqx_ocsp_cache}]}, {"4.4.0", - [{load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, + [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_router_helper,brutal_purge,soft_purge,[]}, {load_module,emqx_router,brutal_purge,soft_purge,[]}, diff --git a/src/emqx_vm.erl b/src/emqx_vm.erl index 9d5558370..b62dba96a 100644 --- a/src/emqx_vm.erl +++ b/src/emqx_vm.erl @@ -380,14 +380,19 @@ read_otp_version() -> Filename = filename:join([ReleasesDir, emqx_app:get_release(), "BUILT_ON"]), case file:read_file(Filename) of {ok, BuiltOn} -> - %% running on EQM X release + %% running on EQMX release BuiltOn; {error, enoent} -> - %% running tests etc. OtpMajor = erlang:system_info(otp_release), OtpVsnFile = filename:join([ReleasesDir, OtpMajor, "OTP_VERSION"]), - {ok, Vsn} = file:read_file(OtpVsnFile), - Vsn + case file:read_file(OtpVsnFile) of + {ok, Vsn} -> + %% this happens when running in test where system's OTP is in use + Vsn; + _ -> + %% when the code is cover-compiled + iolist_to_binary(OtpMajor) + end end. parse_built_on(BuiltOn) -> From f7e6783402424279fa488c2d03ce1358833e0917 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 13:49:35 +0800 Subject: [PATCH 41/57] fix: typos in some rule-action's descriptions --- .../src/emqx_bridge_mqtt_actions.erl | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl index b5d43f5f4..fa6a14c6d 100644 --- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl +++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl @@ -111,11 +111,11 @@ zh => <<"桥接挂载点"/utf8>>}, description => #{ en => <<"MountPoint for bridge topic:
" - "Example: The topic of messages sent to `topic1` on local node " - "will be transformed to `bridge/aws/${node}/topic1`">>, + "Example: The topic of messages sent to topic1 on local node " + "will be transformed to bridge/aws/${node}/topic1">>, zh => <<"桥接主题的挂载点:
" - "示例: 本地节点向 `topic1` 发消息,远程桥接节点的主题" - "会变换为 `bridge/aws/${node}/topic1`"/utf8>> + "示例: 本地节点向 topic1 发消息,远程桥接节点的主题" + "会变换为 bridge/aws/${node}/topic1"/utf8>> } }, disk_cache => #{ @@ -280,11 +280,11 @@ title => #{en => <<"Bridge MountPoint">>, zh => <<"桥接挂载点"/utf8>>}, description => #{en => <<"MountPoint for bridge topic
" - "Example: The topic of messages sent to `topic1` on local node " - "will be transformed to `bridge/aws/${node}/topic1`">>, + "Example: The topic of messages sent to topic1 on local node " + "will be transformed to bridge/emqx/${node}/topic1">>, zh => <<"桥接主题的挂载点
" - "示例: 本地节点向 `topic1` 发消息,远程桥接节点的主题" - "会变换为 `bridge/aws/${node}/topic1`"/utf8>>} + "示例: 本地节点向 topic1 发消息,远程桥接节点的主题" + "会变换为 bridge/emqx/${node}/topic1"/utf8>>} }, pool_size => #{ order => 3, From 2528eb07b5a765e8b985105e9575dba8c2faf83d Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 13:50:19 +0800 Subject: [PATCH 42/57] chore: bump emqx_bridge_mqtt to 4.3.8 --- apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.app.src | 2 +- apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.app.src b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.app.src index a3bf1e914..b58be5d2e 100644 --- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.app.src +++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.app.src @@ -1,6 +1,6 @@ {application, emqx_bridge_mqtt, [{description, "EMQ X Bridge to MQTT Broker"}, - {vsn, "4.3.7"}, % strict semver, bump manually! + {vsn, "4.3.8"}, % strict semver, bump manually! {modules, []}, {registered, []}, {applications, [kernel,stdlib,replayq,emqtt]}, diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src index a6ca580f1..013371592 100644 --- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src +++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt.appup.src @@ -1,7 +1,9 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.6", + [{"4.3.7", + [{load_module,emqx_bridge_mqtt_actions,brutal_purge,soft_purge,[]}]}, + {"4.3.6", [{load_module,emqx_bridge_connect,brutal_purge,soft_purge,[]}, {load_module,emqx_bridge_mqtt_actions,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[4-5]">>, @@ -21,7 +23,9 @@ {load_module,emqx_bridge_worker,brutal_purge,soft_purge,[]}, {load_module,emqx_bridge_mqtt_actions,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.3.6", + [{"4.3.7", + [{load_module,emqx_bridge_mqtt_actions,brutal_purge,soft_purge,[]}]}, + {"4.3.6", [{load_module,emqx_bridge_connect,brutal_purge,soft_purge,[]}, {load_module,emqx_bridge_mqtt_actions,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[4-5]">>, From 231f591dd83f209a7895a94bf4eb1292076a4f88 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 15:00:53 +0800 Subject: [PATCH 43/57] fix: print warning logs when request JWKS server failed --- apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src | 2 +- .../emqx_auth_jwt/src/emqx_auth_jwt.appup.src | 32 +++---------------- apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl | 14 ++++---- 3 files changed, 12 insertions(+), 36 deletions(-) diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src b/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src index 8b66965b1..ab6dd53e7 100644 --- a/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src +++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_jwt, [{description, "EMQ X Authentication with JWT"}, - {vsn, "4.4.8"}, % strict semver, bump manually! + {vsn, "4.4.9"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_jwt_sup]}, {applications, [kernel,stdlib,jose]}, diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src b/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src index 0c2c0e58f..9f6ac4b9b 100644 --- a/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src +++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src @@ -1,38 +1,14 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.7",[{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, - {"4.4.6", - [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, - {"4.4.5", - [{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, - {"4.4.4", - [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, - {"4.4.3", - [{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, - {"4.4.2", + [{"4.4.8",[{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, + {<<"4\\.4\\.[2-7]">>, [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[0-1]">>,[{restart_application,emqx_auth_jwt}]}, {<<".*">>,[]}], - [{"4.4.7",[{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, - {"4.4.6", - [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, - {"4.4.5", - [{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, - {"4.4.4", - [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, - {"4.4.3", - [{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}, - {load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, - {"4.4.2", + [{"4.4.8",[{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, + {<<"4\\.4\\.[2-7]">>, [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[0-1]">>,[{restart_application,emqx_auth_jwt}]}, diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl b/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl index 3713e74f3..30a3fa19d 100644 --- a/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl +++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt_svr.erl @@ -99,13 +99,13 @@ handle_cast(_Msg, State) -> {noreply, State}. handle_info({timeout, _TRef, refresh}, State = #state{addr = Addr}) -> - NState = try - true = ets:insert(?TAB, {remote, request_jwks(Addr)}), - State - catch _:_ -> - State - end, - {noreply, reset_timer(NState)}; + try + true = ets:insert(?TAB, {remote, request_jwks(Addr)}) + catch Err:Reason -> + ?LOG_SENSITIVE(warning, "Request JWKS failed, jwks_addr: ~p, reason: ~p", + [Addr, {Err, Reason}]) + end, + {noreply, reset_timer(State)}; handle_info({request_jwks, Options}, State) -> Remote = key2jwt_value(jwks_addr, fun request_jwks/1, Options), From 82c2ea980db7092585a85d93cb91a4e57aa6ad74 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 15:01:53 +0800 Subject: [PATCH 44/57] fix: change EMQ X -> EMQX --- apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl | 10 +++++----- lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_delayed.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_presence.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_rewrite.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_slow_subs.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_subscription.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_topic_metrics.erl | 2 +- lib-ce/emqx_modules/src/emqx_mod_trace.erl | 2 +- 9 files changed, 13 insertions(+), 13 deletions(-) diff --git a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl index fa6a14c6d..b43d44eac 100644 --- a/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl +++ b/apps/emqx_bridge_mqtt/src/emqx_bridge_mqtt_actions.erl @@ -267,10 +267,10 @@ type => string, required => true, default => <<"emqx2@127.0.0.1">>, - title => #{en => <<"EMQ X Node Name">>, - zh => <<"EMQ X 节点名称"/utf8>>}, - description => #{en => <<"EMQ X Remote Node Name">>, - zh => <<"远程 EMQ X 节点名称 "/utf8>>} + title => #{en => <<"EMQX Node Name">>, + zh => <<"EMQX 节点名称"/utf8>>}, + description => #{en => <<"EMQX Remote Node Name">>, + zh => <<"远程 EMQX 节点名称 "/utf8>>} }, mountpoint => #{ order => 2, @@ -358,7 +358,7 @@ destroy => on_resource_destroy, params => ?RESOURCE_CONFIG_SPEC_RPC, title => #{en => <<"EMQX Bridge">>, zh => <<"EMQX Bridge"/utf8>>}, - description => #{en => <<"EMQ X RPC Bridge">>, zh => <<"EMQ X RPC 消息桥接"/utf8>>} + description => #{en => <<"EMQX RPC Bridge">>, zh => <<"EMQX RPC 消息桥接"/utf8>>} }). -rule_action(#{ diff --git a/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl b/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl index 044a4e80d..e36b056f9 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_acl_internal.erl @@ -57,7 +57,7 @@ reload(Env) -> unload(Env), load(Env). description() -> - "EMQ X Internal ACL Module". + "EMQX Internal ACL Module". %%-------------------------------------------------------------------- %% ACL callbacks %%-------------------------------------------------------------------- diff --git a/lib-ce/emqx_modules/src/emqx_mod_delayed.erl b/lib-ce/emqx_modules/src/emqx_mod_delayed.erl index 8f2a816ba..62c0c5132 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_delayed.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_delayed.erl @@ -95,7 +95,7 @@ unload(_Env) -> emqx_mod_sup:stop_child(?MODULE). description() -> - "EMQ X Delayed Publish Module". + "EMQX Delayed Publish Module". %%-------------------------------------------------------------------- %% Hooks %%-------------------------------------------------------------------- diff --git a/lib-ce/emqx_modules/src/emqx_mod_presence.erl b/lib-ce/emqx_modules/src/emqx_mod_presence.erl index eb1019a76..b73a2b8d1 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_presence.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_presence.erl @@ -46,7 +46,7 @@ unload(_Env) -> emqx_hooks:del('client.disconnected', {?MODULE, on_client_disconnected}). description() -> - "EMQ X Presence Module". + "EMQX Presence Module". %%-------------------------------------------------------------------- %% Callbacks %%-------------------------------------------------------------------- diff --git a/lib-ce/emqx_modules/src/emqx_mod_rewrite.erl b/lib-ce/emqx_modules/src/emqx_mod_rewrite.erl index e40c1f3b9..c21211d78 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_rewrite.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_rewrite.erl @@ -71,7 +71,7 @@ unload(_) -> emqx_hooks:del('message.publish', {?MODULE, rewrite_publish}). description() -> - "EMQ X Topic Rewrite Module". + "EMQX Topic Rewrite Module". %%-------------------------------------------------------------------- %% Internal functions %%-------------------------------------------------------------------- diff --git a/lib-ce/emqx_modules/src/emqx_mod_slow_subs.erl b/lib-ce/emqx_modules/src/emqx_mod_slow_subs.erl index 199f130f0..cb6d55509 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_slow_subs.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_slow_subs.erl @@ -46,4 +46,4 @@ unload(_Env) -> ok. description() -> - "EMQ X Slow Subscribers Statistics Module". + "EMQX Slow Subscribers Statistics Module". diff --git a/lib-ce/emqx_modules/src/emqx_mod_subscription.erl b/lib-ce/emqx_modules/src/emqx_mod_subscription.erl index 8b8851ea9..2fc5048a5 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_subscription.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_subscription.erl @@ -71,7 +71,7 @@ unload(_) -> emqx_hooks:del('client.connected', {?MODULE, on_client_connected}). description() -> - "EMQ X Subscription Module". + "EMQX Subscription Module". %%-------------------------------------------------------------------- %% Internal functions %%-------------------------------------------------------------------- diff --git a/lib-ce/emqx_modules/src/emqx_mod_topic_metrics.erl b/lib-ce/emqx_modules/src/emqx_mod_topic_metrics.erl index f28b9bce0..71ad1cb80 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_topic_metrics.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_topic_metrics.erl @@ -113,7 +113,7 @@ unload(_Env) -> emqx_mod_sup:stop_child(?MODULE). description() -> - "EMQ X Topic Metrics Module". + "EMQX Topic Metrics Module". on_message_publish(#message{topic = Topic, qos = QoS}) -> case is_registered(Topic) of diff --git a/lib-ce/emqx_modules/src/emqx_mod_trace.erl b/lib-ce/emqx_modules/src/emqx_mod_trace.erl index d57296136..012dc9e73 100644 --- a/lib-ce/emqx_modules/src/emqx_mod_trace.erl +++ b/lib-ce/emqx_modules/src/emqx_mod_trace.erl @@ -28,7 +28,7 @@ -spec description() -> string(). description() -> - "EMQ X Trace Module". + "EMQX Trace Module". -spec load(any()) -> ok. load(_Env) -> From 1140026c15541855566364761e37bef840d324be Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 15:35:29 +0800 Subject: [PATCH 45/57] chore: update emqx_modules.appup.src --- .../emqx_modules/src/emqx_modules.appup.src | 142 ++++++++---------- 1 file changed, 66 insertions(+), 76 deletions(-) diff --git a/lib-ce/emqx_modules/src/emqx_modules.appup.src b/lib-ce/emqx_modules/src/emqx_modules.appup.src index 3f43fd093..3e1f7fb5d 100644 --- a/lib-ce/emqx_modules/src/emqx_modules.appup.src +++ b/lib-ce/emqx_modules/src/emqx_modules.appup.src @@ -1,85 +1,75 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.8",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, - {"4.4.7",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}]}, - {"4.4.6", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, - {"4.4.5", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}]}, - {"4.4.4", - [{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, - {"4.4.3", - [{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, - {"4.4.2", - [{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}]}, - {"4.4.1", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, - {"4.4.0", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + [{<<"4\\.4\\.[6-8]">>, + [{load_module,emqx_mod_acl_internal,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_presence,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_sup,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_slow_subs,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_topic_metrics,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace,brutal_purge,soft_purge,[]} + ]}, + {<<"4\\.4\\.[1-5]">>, + [{load_module,emqx_mod_acl_internal,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_presence,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_slow_subs,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_topic_metrics,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, + {load_module,emqx_modules,brutal_purge,soft_purge,[]} + ]}, + {"4.4.0", + [{load_module,emqx_mod_acl_internal,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_presence,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_slow_subs,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_topic_metrics,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, + {load_module,emqx_modules,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_sup,brutal_purge,soft_purge,[]} + ]}, {<<".*">>,[]}], - [{"4.4.8",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, - {"4.4.7",[{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}]}, - {"4.4.6", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, - {"4.4.5", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}]}, - {"4.4.4", - [{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, - {"4.4.3", - [{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, - {"4.4.2", - [{load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}]}, - {"4.4.1", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}]}, - {"4.4.0", - [{load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, - {load_module,emqx_modules,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + [{<<"4\\.4\\.[6-8]">>, + [{load_module,emqx_mod_acl_internal,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, {load_module,emqx_mod_presence,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_sup,brutal_purge,soft_purge,[]}, - {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_slow_subs,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_topic_metrics,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace,brutal_purge,soft_purge,[]} + ]}, + {<<"4\\.4\\.[1-5]">>, + [{load_module,emqx_mod_acl_internal,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_presence,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_slow_subs,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_topic_metrics,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, + {load_module,emqx_modules,brutal_purge,soft_purge,[]} + ]}, + {"4.4.0", + [{load_module,emqx_mod_acl_internal,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_delayed,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_presence,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_rewrite,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_slow_subs,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_subscription,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_topic_metrics,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_trace_api,brutal_purge,soft_purge,[]}, + {load_module,emqx_modules,brutal_purge,soft_purge,[]}, + {load_module,emqx_mod_sup,brutal_purge,soft_purge,[]} + ]}, {<<".*">>,[]}]}. From 1ea3fdf0e6df6c99594a21f76c05bf165e11d58e Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 15:42:53 +0800 Subject: [PATCH 46/57] chore: update change logs --- changes/v4.4.15-en.md | 4 ++++ changes/v4.4.15-zh.md | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 5836b24b1..a225eb3bb 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -16,6 +16,10 @@ ## Bug fixes +- fix some issues in descriptions of the actions, resources amd emqx-modules [#9931](https://github.com/emqx/emqx/pull/9931). + +- fix there's no error logs when query the JWKS server failed [#9931](https://github.com/emqx/emqx/pull/9931). + - The returned client lists of HTTP query `GET /api/v4/clients?_page=2&_limit=20` to different nodes might be inconsistent [#9926](https://github.com/emqx/emqx/pull/9926). - Fix the problem that new MQTT TLS connections failed to establish after release hot upgrade [#9810](https://github.com/emqx/emqx/pull/9810). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index dd2471888..2d5fe953a 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -16,6 +16,10 @@ ## 修复 +- 修复资源、动作以及模块里的一些描述错误 [#9931](https://github.com/emqx/emqx/pull/9931)。 + +- 修复请求 JWKS 服务失败的时候,没有日志打印的问题 [#9931](https://github.com/emqx/emqx/pull/9931)。 + - 使用 HTTP API `GET /api/v4/clients?_page=2&_limit=20` 请求客户端列表时,请求发送到不同的 emqx 节点,返回的客户端列表可能不一致 [#9926](https://github.com/emqx/emqx/pull/9926)。 - 修复版本热升级之后,新的 MQTT TLS 连接建立失败的问题 [#9810](https://github.com/emqx/emqx/pull/9810)。 From c8d4ebfc4509243dd5a7895eaf75e8e145cc785e Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 8 Feb 2023 16:57:45 +0800 Subject: [PATCH 47/57] fix: don't crash when connecting via keepalive=0 --- .../test/emqx_mgmt_api_SUITE.erl | 25 +++++++++++----- src/emqx.appup.src | 30 +++++++++++++++++++ src/emqx_keepalive.erl | 10 +++++-- 3 files changed, 55 insertions(+), 10 deletions(-) diff --git a/apps/emqx_management/test/emqx_mgmt_api_SUITE.erl b/apps/emqx_management/test/emqx_mgmt_api_SUITE.erl index 1e315f8d0..57ab5d0f5 100644 --- a/apps/emqx_management/test/emqx_mgmt_api_SUITE.erl +++ b/apps/emqx_management/test/emqx_mgmt_api_SUITE.erl @@ -794,13 +794,7 @@ t_keepalive(_Config) -> Path = api_path(["clients", ClientId, "keepalive"]), {ok, NotFound} = request_api(put, Path, "interval=5", AuthHeader, [#{}]), ?assertEqual("{\"message\":\"not_found\",\"code\":112}", NotFound), - {ok, C1} = emqtt:start_link(#{username => Username, clientid => ClientId}), - {ok, _} = emqtt:connect(C1), - {ok, Ok} = request_api(put, Path, "interval=5", AuthHeader, [#{}]), - ?assertEqual("{\"code\":0}", Ok), - [Pid] = emqx_cm:lookup_channels(list_to_binary(ClientId)), - #{conninfo := #{keepalive := Keepalive}} = emqx_connection:info(Pid), - ?assertEqual(5, Keepalive), + C1 = keepalive_ok(61, 0, Username, ClientId, Path, AuthHeader), {ok, Error1} = request_api(put, Path, "interval=-1", AuthHeader, [#{}]), {ok, Error2} = request_api(put, Path, "interval=65536", AuthHeader, [#{}]), ErrMsg = #{<<"code">> => 102, @@ -808,9 +802,26 @@ t_keepalive(_Config) -> ?assertEqual(ErrMsg, jiffy:decode(Error1, [return_maps])), ?assertEqual(Error1, Error2), emqtt:disconnect(C1), + %% test change keepalive from 0 to 60 + C2 = keepalive_ok(0, 60, Username, ClientId, Path, AuthHeader), + emqtt:disconnect(C2), + %% test change keepalive from 60 to 0 + C3 = keepalive_ok(60, 0, Username, ClientId, Path, AuthHeader), + emqtt:disconnect(C3), application:stop(emqx_dashboard), ok. +keepalive_ok(InitSec, UpdateSec, Username, ClientId, Path, AuthHeader) -> + {ok, C1} = emqtt:start_link(#{username => Username, clientid => ClientId, keepalive => InitSec}), + {ok, _} = emqtt:connect(C1), + Qs = "interval=" ++ integer_to_list(UpdateSec), + {ok, Ok} = request_api(put, Path, Qs, AuthHeader, [#{}]), + ?assertEqual("{\"code\":0}", Ok), + [Pid] = emqx_cm:lookup_channels(list_to_binary(ClientId)), + #{conninfo := #{keepalive := Keepalive}} = emqx_connection:info(Pid), + ?assertEqual(UpdateSec, Keepalive), + C1. + t_status_ok(_Config) -> {ok, #{ body := Resp , status_code := StatusCode diff --git a/src/emqx.appup.src b/src/emqx.appup.src index daf18aff5..3711c84d5 100644 --- a/src/emqx.appup.src +++ b/src/emqx.appup.src @@ -3,6 +3,7 @@ {VSN, [{"4.4.14", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -15,6 +16,7 @@ {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -28,6 +30,7 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -41,6 +44,7 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -57,6 +61,7 @@ {load_module,emqx_channel,brutal_purge,soft_purge,[]}]}, {"4.4.10", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -82,6 +87,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.9", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -113,6 +119,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.8", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -145,6 +152,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.7", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -177,6 +185,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.6", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -209,6 +218,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.5", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -243,6 +253,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.4", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -283,6 +294,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.3", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -329,6 +341,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.2", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, @@ -376,6 +389,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.1", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -427,6 +441,7 @@ [gen_rpc,insecure_auth_fallback_allowed,true]}}]}, {"4.4.0", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {add_module,emqx_cover}, {add_module,emqx_ocsp_cache}, @@ -481,6 +496,7 @@ {<<".*">>,[]}], [{"4.4.14", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -493,6 +509,7 @@ {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}]}, {"4.4.13", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -506,6 +523,7 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.12", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_misc,brutal_purge,soft_purge,[]}, @@ -519,6 +537,7 @@ {load_module,emqx_app,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -535,6 +554,7 @@ {delete_module,emqx_cover}]}, {"4.4.10", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -557,6 +577,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.9", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -584,6 +605,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.8", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -612,6 +634,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.7", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -640,6 +663,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.6", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -668,6 +692,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.5", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_broker,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, @@ -698,6 +723,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.4", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_packet,brutal_purge,soft_purge,[]}, @@ -734,6 +760,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.3", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -775,6 +802,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.2", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_banned,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_listeners,brutal_purge,soft_purge,[]}, @@ -817,6 +845,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.1", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_router_helper,brutal_purge,soft_purge,[]}, @@ -863,6 +892,7 @@ {delete_module,emqx_ocsp_cache}]}, {"4.4.0", [{load_module,emqx_vm,brutal_purge,soft_purge,[]}, + {load_module,emqx_keepalive,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_actions_trans,brutal_purge,soft_purge,[]}, {load_module,emqx_kernel_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_router_helper,brutal_purge,soft_purge,[]}, diff --git a/src/emqx_keepalive.erl b/src/emqx_keepalive.erl index 69ae5d699..d8a63e60f 100644 --- a/src/emqx_keepalive.erl +++ b/src/emqx_keepalive.erl @@ -73,6 +73,7 @@ check(NewVal, KeepAlive = #keepalive{statval = OldVal, true -> {error, timeout} end. +-define(IS_KEEPALIVE(Interval), Interval >= 0 andalso Interval =< 65535000). %% from mqtt-v3.1.1 specific %% A Keep Alive value of zero (0) has the effect of turning off the keep alive mechanism. %% This means that, in this case, the Server is not required @@ -85,7 +86,10 @@ check(NewVal, KeepAlive = #keepalive{statval = OldVal, %% typically this is a few minutes. %% The maximum value is (65535s) 18 hours 12 minutes and 15 seconds. -%% @doc Update keepalive's interval --spec(set(interval, non_neg_integer(), keepalive()) -> keepalive()). -set(interval, Interval, KeepAlive) when Interval >= 0 andalso Interval =< 65535000 -> +%% @doc Update keepalive interval +%% The keepalive() is undefined when connecting via keepalive=0. +-spec(set(interval, non_neg_integer(), keepalive() | undefined) -> keepalive()). +set(interval, Interval, undefined) when ?IS_KEEPALIVE(Interval) -> + init(Interval); +set(interval, Interval, KeepAlive) when ?IS_KEEPALIVE(Interval) -> KeepAlive#keepalive{interval = Interval}. From 0ed4a2fa49237d18e92beadf7315dab3ba6ef9ea Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 8 Feb 2023 17:26:12 +0800 Subject: [PATCH 48/57] chore: add keepalive changelog --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 5836b24b1..b0ed35756 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -37,3 +37,5 @@ - fix sometimes the rules cannot be enabled automatically after emqx is restarted [#9911](https://github.com/emqx/emqx/pull/9911). - fix the `{badarg,[{ets,lookup,[gproc,{shared, ...` error logs during shutdown [#9919](https://github.com/emqx/emqx/pull/9919). + +- Fix crash when updating a client's keepalive via the HTTP API if it connects with keepalive disabled [#9933](https://github.com/emqx/emqx/pull/9933). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index dd2471888..dc895e0cb 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -36,3 +36,5 @@ - 修复某些情况下,重启 emqx 后规则无法自动启用的问题 [#9911](https://github.com/emqx/emqx/pull/9911)。 - 修复停止 emqx 的时候,日志出现 `{badarg,[{ets,lookup,[gproc,{shared, ...` 错误的问题 [#9919](https://github.com/emqx/emqx/pull/9919)。 + +- 修复当客户端连接禁用 keepalive时, 通过 HTTP API 更新其 keepalive 会崩溃的问题 [#9933](https://github.com/emqx/emqx/pull/9933)。 From 04cae4ef6051dea283297bb46771d812a3c0b774 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 18:44:46 +0800 Subject: [PATCH 49/57] fix: republish MQTT msgs with properties crash --- .../emqx_rule_engine/src/emqx_rule_events.erl | 18 ++++++- .../test/emqx_rule_events_SUITE.erl | 52 ++++++++++++++----- .../test/emqx_rule_monitor_SUITE.erl | 1 + 3 files changed, 57 insertions(+), 14 deletions(-) diff --git a/apps/emqx_rule_engine/src/emqx_rule_events.erl b/apps/emqx_rule_engine/src/emqx_rule_events.erl index f64e389d0..5406845d8 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_events.erl +++ b/apps/emqx_rule_engine/src/emqx_rule_events.erl @@ -853,9 +853,25 @@ printable_maps(Headers) -> value => Value } || {Key, Value} <- V0] }; + (K, V, AccIn) when is_map(V) -> + AccIn#{K => printable_maps(V)}; + (K, V, AccIn) when is_list(V) -> + AccIn#{K => printable_list(V)}; (_K, V, AccIn) when is_tuple(V) -> - %% internal header + %% internal header, remove it AccIn; (K, V, AccIn) -> AccIn#{K => V} end, #{}, Headers). + +printable_list(L) -> + lists:filtermap(fun printable_element/1, L). + +printable_element(E) when is_map(E) -> + {true, printable_maps(E)}; +printable_element(E) when is_tuple(E) -> + false; +printable_element(E) when is_list(E) -> + {true, printable_list(E)}; +printable_element(E) -> + {true, E}. diff --git a/apps/emqx_rule_engine/test/emqx_rule_events_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_events_SUITE.erl index 14376c91d..ec9fccab2 100644 --- a/apps/emqx_rule_engine/test/emqx_rule_events_SUITE.erl +++ b/apps/emqx_rule_engine/test/emqx_rule_events_SUITE.erl @@ -36,18 +36,44 @@ t_mod_hook_fun(_) -> ]]. t_printable_maps(_) -> - Headers = #{peerhost => {127,0,0,1}, - peername => {{127,0,0,1}, 9980}, - sockname => {{127,0,0,1}, 1883}, - redispatch_to => {<<"group">>, <<"sub/topic/+">>}, - shared_dispatch_ack => {self(), ref} - }, + TestMap = #{ + peerhost => {127,0,0,1}, + peername => {{127,0,0,1}, 9980}, + sockname => {{127,0,0,1}, 1883}, + redispatch_to => {<<"group">>, <<"sub/topic/+">>}, + shared_dispatch_ack => {self(), ref}, + string => <<"abc">>, + atom => abc, + integer => 1, + float => 1.0, + simple_list => [1, 1.0, a, "abc", <<"abc">>, {a,b}] + }, + Headers = TestMap#{ + map => TestMap, + map_list => [ + TestMap#{ + map => TestMap + } + ] + }, Converted = emqx_rule_events:printable_maps(Headers), - ?assertMatch( - #{peerhost := <<"127.0.0.1">>, - peername := <<"127.0.0.1:9980">>, - sockname := <<"127.0.0.1:1883">> - }, Converted), - ?assertNot(maps:is_key(redispatch_to, Converted)), - ?assertNot(maps:is_key(shared_dispatch_ack, Converted)), + Verify = fun(Result) -> + ?assertMatch( + #{peerhost := <<"127.0.0.1">>, + peername := <<"127.0.0.1:9980">>, + sockname := <<"127.0.0.1:1883">>, + string := <<"abc">>, + atom := abc, + integer := 1, + float := 1.0, + simple_list := [1, 1.0, a, "abc", <<"abc">>] %% {a,b} is removed + }, Result), + ?assertNot(maps:is_key(redispatch_to, Result)), + ?assertNot(maps:is_key(shared_dispatch_ack, Result)), + %% make sure the result is jsonable + _ = emqx_json:encode(Result) + end, + Verify(maps:get(map, Converted)), + Verify(maps:get(map, lists:nth(1, maps:get(map_list, Converted)))), + Verify(Converted), ok. diff --git a/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl b/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl index 1c478fb63..646f2644f 100644 --- a/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl +++ b/apps/emqx_rule_engine/test/emqx_rule_monitor_SUITE.erl @@ -90,6 +90,7 @@ end_per_testcase(_, Config) -> common_init_per_testcase() -> AlarmOpts = [{actions, [log, publish]}, {size_limit, 1000}, {validity_period, 86400}], + _ = emqx_alarm:mnesia(boot), {ok, _} = emqx_alarm:start_link(AlarmOpts), {ok, _} = emqx_rule_monitor:start_link(). From 8c478fd7f32bea9033cf44bf06f46a4f4796c1c0 Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Wed, 8 Feb 2023 18:46:49 +0800 Subject: [PATCH 50/57] chore: update emqx_rule_engine.appup.src --- apps/emqx_rule_engine/src/emqx_rule_engine.appup.src | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src index e6951e980..cdf8fb959 100644 --- a/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src +++ b/apps/emqx_rule_engine/src/emqx_rule_engine.appup.src @@ -3,11 +3,13 @@ {VSN, [{<<"4\\.4\\.1[3-4]">>, [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_events,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} ]}, {"4.4.12", [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_events,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, @@ -15,6 +17,7 @@ {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_events,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}, @@ -231,11 +234,13 @@ {<<".*">>,[]}], [{<<"4\\.4\\.1[3-4]">>, [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_events,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]} ]}, {"4.4.12", [{load_module,emqx_rule_registry,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_events,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, @@ -243,6 +248,7 @@ {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}]}, {"4.4.11", [{load_module,emqx_rule_engine_jwt_worker,brutal_purge,soft_purge,[]}, + {load_module,emqx_rule_events,brutal_purge,soft_purge,[]}, {load_module,emqx_rule_monitor,brutal_purge,soft_purge,[]}, {update,emqx_rule_engine_jwt_sup,supervisor}, {load_module,emqx_rule_engine_jwt,brutal_purge,soft_purge,[]}, From 56156aa097508b4124853f488193b49e05ee6e4a Mon Sep 17 00:00:00 2001 From: Shawn <506895667@qq.com> Date: Thu, 9 Feb 2023 13:53:07 +0800 Subject: [PATCH 51/57] fix: update change logs --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index a225eb3bb..e7aa73f50 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -16,6 +16,8 @@ ## Bug fixes +- Fixed an error when forward MQTT messages with User-Property using the `republish` action [#9942](https://github.com/emqx/emqx/pull/9942). + - fix some issues in descriptions of the actions, resources amd emqx-modules [#9931](https://github.com/emqx/emqx/pull/9931). - fix there's no error logs when query the JWKS server failed [#9931](https://github.com/emqx/emqx/pull/9931). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index 2d5fe953a..5ef25c74f 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -16,6 +16,8 @@ ## 修复 +- 修复使用 `消息重发布` 动作转发带 User-Property 的 MQTT 消息时出错的问题 [#9942](https://github.com/emqx/emqx/pull/9942)。 + - 修复资源、动作以及模块里的一些描述错误 [#9931](https://github.com/emqx/emqx/pull/9931)。 - 修复请求 JWKS 服务失败的时候,没有日志打印的问题 [#9931](https://github.com/emqx/emqx/pull/9931)。 From 3314d9616dc636ee61dd3e33c976236aa8c6cda7 Mon Sep 17 00:00:00 2001 From: firest Date: Thu, 9 Feb 2023 14:08:42 +0800 Subject: [PATCH 52/57] fix(auth): add more detailed logs for auth/acl --- apps/emqx_auth_http/src/emqx_acl_http.erl | 6 ++++-- apps/emqx_auth_http/src/emqx_auth_http.erl | 5 +++-- apps/emqx_auth_jwt/src/emqx_auth_jwt.erl | 6 ++++++ apps/emqx_auth_ldap/src/emqx_acl_ldap.erl | 12 ++++++++++-- apps/emqx_auth_ldap/src/emqx_auth_ldap.erl | 3 +++ apps/emqx_auth_mnesia/src/emqx_acl_mnesia.erl | 7 +++++++ apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl | 3 +++ apps/emqx_auth_mongo/src/emqx_acl_mongo.erl | 12 ++++++++++-- apps/emqx_auth_mongo/src/emqx_auth_mongo.erl | 3 +++ apps/emqx_auth_mysql/src/emqx_acl_mysql.erl | 12 ++++++++++-- apps/emqx_auth_mysql/src/emqx_auth_mysql.erl | 3 +++ apps/emqx_auth_pgsql/src/emqx_acl_pgsql.erl | 15 +++++++++++---- apps/emqx_auth_pgsql/src/emqx_auth_pgsql.erl | 3 +++ apps/emqx_auth_redis/src/emqx_acl_redis.erl | 13 ++++++++++--- 14 files changed, 86 insertions(+), 17 deletions(-) diff --git a/apps/emqx_auth_http/src/emqx_acl_http.erl b/apps/emqx_auth_http/src/emqx_acl_http.erl index 3decdbf6d..e18527179 100644 --- a/apps/emqx_auth_http/src/emqx_acl_http.erl +++ b/apps/emqx_auth_http/src/emqx_acl_http.erl @@ -44,7 +44,10 @@ check_acl(ClientInfo, PubSub, Topic, _AclResult, #{acl := ACLParams = #{path := Username = maps:get(username, ClientInfo1, undefined), case check_acl_request(ACLParams, ClientInfo1) of {ok, 200, <<"ignore">>} -> ok; - {ok, 200, _Body} -> {stop, allow}; + {ok, 200, _Body} -> + ?LOG(debug, "Allow ~s to topic ~ts, username: ~ts", + [PubSub, Topic, Username]), + {stop, allow}; {ok, Code, _Body} -> ?LOG(warning, "Deny ~s to topic ~ts, username: ~ts, http response code: ~p", [PubSub, Topic, Username, Code]), @@ -74,4 +77,3 @@ check_acl_request(ACLParams = access(subscribe) -> 1; access(publish) -> 2. - diff --git a/apps/emqx_auth_http/src/emqx_auth_http.erl b/apps/emqx_auth_http/src/emqx_auth_http.erl index aad08e7b6..c7710ae94 100644 --- a/apps/emqx_auth_http/src/emqx_auth_http.erl +++ b/apps/emqx_auth_http/src/emqx_auth_http.erl @@ -41,19 +41,20 @@ check(ClientInfo, AuthResult, #{auth := AuthParms = #{path := Path}, {ok, 200, <<"ignore">>} -> ok; {ok, 200, Body} -> + ?LOG(debug, "Auth succeeded from path: ~ts, username: ~ts", [Path, Username]), IsSuperuser = is_superuser(SuperParams, ClientInfo), {stop, AuthResult#{is_superuser => IsSuperuser, auth_result => success, anonymous => false, mountpoint => mountpoint(Body, ClientInfo)}}; {ok, Code, _Body} -> - ?LOG(warning, "Deny connection from path: ~s, username: ~ts, http " + ?LOG(warning, "Deny connection from path: ~ts, username: ~ts, http " "response code: ~p", [Path, Username, Code]), {stop, AuthResult#{auth_result => http_to_connack_error(Code), anonymous => false}}; {error, Error} -> - ?LOG_SENSITIVE(warning, "Deny connection from path: ~s, username: ~ts, due to " + ?LOG_SENSITIVE(warning, "Deny connection from path: ~ts, username: ~ts, due to " "request http-server failed: ~0p", [Path, Username, Error]), %%FIXME later: server_unavailable is not right. {stop, AuthResult#{auth_result => server_unavailable, diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl b/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl index 63a59b5ec..dd3b2dbc9 100644 --- a/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl +++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.erl @@ -51,8 +51,14 @@ check_auth(ClientInfo, AuthResult, #{from := From, checklists := Checklists}) -> {error, not_token} -> ok; {error, Reason} -> + ?LOG_SENSITIVE(debug, + "Auth from JWT failed, Client: ~p, Reason: ~p", + [ClientInfo, Reason]), {stop, AuthResult#{auth_result => Reason, anonymous => false}}; {ok, Claims} -> + ?LOG_SENSITIVE(debug, + "Auth from JWT succeeded, Client: ~p", + [ClientInfo]), {stop, maps:merge(AuthResult, verify_claims(Checklists, Claims, ClientInfo))} end end. diff --git a/apps/emqx_auth_ldap/src/emqx_acl_ldap.erl b/apps/emqx_auth_ldap/src/emqx_acl_ldap.erl index d01eace21..8faeed913 100644 --- a/apps/emqx_auth_ldap/src/emqx_acl_ldap.erl +++ b/apps/emqx_auth_ldap/src/emqx_acl_ldap.erl @@ -29,8 +29,16 @@ check_acl(ClientInfo, PubSub, Topic, NoMatchAction, State) -> case do_check_acl(ClientInfo, PubSub, Topic, NoMatchAction, State) of ok -> ok; - {stop, allow} -> {stop, allow}; - {stop, deny} -> {stop, deny} + {stop, allow} -> + ?LOG_SENSITIVE(debug, + "[LDAP] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, allow}; + {stop, deny} -> + ?LOG_SENSITIVE(debug, + "[LDAP] Deny Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, deny} end. do_check_acl(#{username := <<$$, _/binary>>}, _PubSub, _Topic, _NoMatchAction, _State) -> diff --git a/apps/emqx_auth_ldap/src/emqx_auth_ldap.erl b/apps/emqx_auth_ldap/src/emqx_auth_ldap.erl index 33fa91618..d1d73784d 100644 --- a/apps/emqx_auth_ldap/src/emqx_auth_ldap.erl +++ b/apps/emqx_auth_ldap/src/emqx_auth_ldap.erl @@ -58,6 +58,9 @@ check(ClientInfo = #{username := Username, password := Password}, AuthResult, end, case CheckResult of ok -> + ?LOG_SENSITIVE(debug, + "[LDAP] Auth from ldap succeeded, Client: ~p", + [ClientInfo]), {stop, AuthResult#{auth_result => success, anonymous => false}}; {error, not_found} -> ok; diff --git a/apps/emqx_auth_mnesia/src/emqx_acl_mnesia.erl b/apps/emqx_auth_mnesia/src/emqx_acl_mnesia.erl index 576977ec1..928dcc608 100644 --- a/apps/emqx_auth_mnesia/src/emqx_acl_mnesia.erl +++ b/apps/emqx_auth_mnesia/src/emqx_acl_mnesia.erl @@ -17,6 +17,7 @@ -module(emqx_acl_mnesia). -include("emqx_auth_mnesia.hrl"). +-include_lib("emqx/include/logger.hrl"). %% ACL Callbacks -export([ init/0 @@ -43,8 +44,14 @@ check_acl(ClientInfo = #{ clientid := Clientid }, PubSub, Topic, _NoMatchAction, case match(ClientInfo, PubSub, Topic, Acls) of allow -> + ?LOG_SENSITIVE(debug, + "[Mnesia] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), {stop, allow}; deny -> + ?LOG_SENSITIVE(debug, + "[Mnesia] Deny Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), {stop, deny}; _ -> ok diff --git a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl index 5a36be59b..35bea5fde 100644 --- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl +++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.erl @@ -70,6 +70,9 @@ check(ClientInfo = #{ clientid := Clientid ?LOG(info, "[Mnesia] Auth from mnesia failed: ~p", [Info]), {stop, AuthResult#{anonymous => false, auth_result => password_error}}; _ -> + ?LOG_SENSITIVE(debug, + "[Mnesia] Auth from mnesia succeeded, Client: ~p", + [ClientInfo]), {stop, AuthResult#{anonymous => false, auth_result => success}} end end. diff --git a/apps/emqx_auth_mongo/src/emqx_acl_mongo.erl b/apps/emqx_auth_mongo/src/emqx_acl_mongo.erl index a7487dd07..2f069478b 100644 --- a/apps/emqx_auth_mongo/src/emqx_acl_mongo.erl +++ b/apps/emqx_auth_mongo/src/emqx_acl_mongo.erl @@ -38,8 +38,16 @@ check_acl(ClientInfo, PubSub, Topic, _AclResult, Env = #{aclquery := AclQuery}) [] -> ok; Rows -> try match(ClientInfo, Topic, topics(PubSub, Rows)) of - matched -> {stop, allow}; - nomatch -> {stop, deny} + matched -> + ?LOG_SENSITIVE(debug, + "[MongoDB] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, allow}; + nomatch -> + ?LOG_SENSITIVE(debug, + "[MongoDB] Deny Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, deny} catch _Err:Reason-> ?LOG(error, "[MongoDB] Check mongo ~p ACL failed, got ACL config: ~p, error: :~p", diff --git a/apps/emqx_auth_mongo/src/emqx_auth_mongo.erl b/apps/emqx_auth_mongo/src/emqx_auth_mongo.erl index 1c8c18ce3..9ca272c65 100644 --- a/apps/emqx_auth_mongo/src/emqx_auth_mongo.erl +++ b/apps/emqx_auth_mongo/src/emqx_auth_mongo.erl @@ -68,6 +68,9 @@ check(ClientInfo = #{password := Password}, AuthResult, case Result of ok -> ?tp(emqx_auth_mongo_superuser_check_authn_ok, #{}), + ?LOG_SENSITIVE(debug, + "[MongoDB] Auth from mongo succeeded, Client: ~p", + [ClientInfo]), {stop, AuthResult#{is_superuser => is_superuser(Pool, SuperQuery, ClientInfo), anonymous => false, auth_result => success}}; diff --git a/apps/emqx_auth_mysql/src/emqx_acl_mysql.erl b/apps/emqx_auth_mysql/src/emqx_acl_mysql.erl index 436c69d5f..a5b0f86b2 100644 --- a/apps/emqx_auth_mysql/src/emqx_acl_mysql.erl +++ b/apps/emqx_auth_mysql/src/emqx_acl_mysql.erl @@ -29,8 +29,16 @@ check_acl(ClientInfo, PubSub, Topic, NoMatchAction, #{pool := Pool} = State) -> case do_check_acl(Pool, ClientInfo, PubSub, Topic, NoMatchAction, State) of ok -> ok; - {stop, allow} -> {stop, allow}; - {stop, deny} -> {stop, deny} + {stop, allow} -> + ?LOG_SENSITIVE(debug, + "[MySQL] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, allow}; + {stop, deny} -> + ?LOG_SENSITIVE(debug, + "[MySQL] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, deny} end. do_check_acl(_Pool, #{username := <<$$, _/binary>>}, _PubSub, _Topic, _NoMatchAction, _State) -> diff --git a/apps/emqx_auth_mysql/src/emqx_auth_mysql.erl b/apps/emqx_auth_mysql/src/emqx_auth_mysql.erl index ac35e6ce6..94045e1ad 100644 --- a/apps/emqx_auth_mysql/src/emqx_auth_mysql.erl +++ b/apps/emqx_auth_mysql/src/emqx_auth_mysql.erl @@ -46,6 +46,9 @@ check(ClientInfo = #{password := Password}, AuthResult, end, case CheckPass of ok -> + ?LOG_SENSITIVE(debug, + "[MySQL] Auth from mysql succeeded, Client: ~p", + [ClientInfo]), {stop, AuthResult#{is_superuser => is_superuser(Pool, SuperQuery, ClientInfo), anonymous => false, auth_result => success}}; diff --git a/apps/emqx_auth_pgsql/src/emqx_acl_pgsql.erl b/apps/emqx_auth_pgsql/src/emqx_acl_pgsql.erl index ee385cd16..1afb93975 100644 --- a/apps/emqx_auth_pgsql/src/emqx_acl_pgsql.erl +++ b/apps/emqx_auth_pgsql/src/emqx_acl_pgsql.erl @@ -36,9 +36,17 @@ do_check_acl(Pool, ClientInfo, PubSub, Topic, _NoMatchAction, #{acl_query := {Ac {ok, _, Rows} -> Rules = filter(PubSub, compile(Rows)), case match(ClientInfo, Topic, Rules) of - {matched, allow} -> {stop, allow}; - {matched, deny} -> {stop, deny}; - nomatch -> ok + {matched, allow} -> + ?LOG_SENSITIVE(debug, + "[Postgres] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, allow}; + {matched, deny} -> + ?LOG_SENSITIVE(debug, + "[Postgres] Deny Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, deny}; + nomatch -> ok end; {error, Reason} -> ?LOG(error, "[Postgres] do_check_acl error: ~p~n", [Reason]), @@ -105,4 +113,3 @@ empty(null) -> true; empty("") -> true; empty(<<>>) -> true; empty(_) -> false. - diff --git a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.erl b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.erl index 6bdc53941..8f75c1279 100644 --- a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.erl +++ b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.erl @@ -45,6 +45,9 @@ check(ClientInfo = #{password := Password}, AuthResult, end, case CheckPass of ok -> + ?LOG_SENSITIVE(debug, + "[Postgres] Auth from pgsql succeeded, Client: ~p", + [ClientInfo]), {stop, AuthResult#{is_superuser => is_superuser(Pool, SuperQuery, ClientInfo), anonymous => false, auth_result => success}}; diff --git a/apps/emqx_auth_redis/src/emqx_acl_redis.erl b/apps/emqx_auth_redis/src/emqx_acl_redis.erl index 2fcdb9592..74a68905c 100644 --- a/apps/emqx_auth_redis/src/emqx_acl_redis.erl +++ b/apps/emqx_auth_redis/src/emqx_acl_redis.erl @@ -33,8 +33,16 @@ check_acl(ClientInfo, PubSub, Topic, _AclResult, {ok, []} -> ok; {ok, Rules} -> case match(ClientInfo, PubSub, Topic, Rules) of - allow -> {stop, allow}; - nomatch -> {stop, deny} + allow -> + ?LOG_SENSITIVE(debug, + "[Redis] Allow Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, allow}; + nomatch -> + ?LOG_SENSITIVE(debug, + "[Redis] Deny Topic: ~p, Action: ~p for Client: ~p", + [Topic, PubSub, ClientInfo]), + {stop, deny} end; {error, Reason} -> ?LOG(error, "[Redis] do_check_acl error: ~p", [Reason]), @@ -71,4 +79,3 @@ feed_var(Str, Var, Val) -> b2i(Bin) -> list_to_integer(binary_to_list(Bin)). description() -> "Redis ACL Module". - From a6c6ae620657fdcd854a47a91775cee807cac522 Mon Sep 17 00:00:00 2001 From: firest Date: Thu, 9 Feb 2023 14:35:04 +0800 Subject: [PATCH 53/57] chore: bump versions && update appup --- .../emqx_auth_http/src/emqx_auth_http.app.src | 2 +- .../src/emqx_auth_http.appup.src | 16 +++++++- .../emqx_auth_jwt/src/emqx_auth_jwt.appup.src | 8 +++- .../emqx_auth_ldap/src/emqx_auth_ldap.app.src | 2 +- .../src/emqx_auth_ldap.appup.src | 10 ++++- .../src/emqx_auth_mnesia.app.src | 2 +- .../src/emqx_auth_mnesia.appup.src | 40 +++++++++++++++---- .../src/emqx_auth_mongo.app.src | 2 +- .../src/emqx_auth_mongo.appup.src | 28 +++++++++---- .../src/emqx_auth_mysql.app.src | 2 +- .../src/emqx_auth_mysql.appup.src | 24 ++++++++--- .../src/emqx_auth_pgsql.app.src | 2 +- .../src/emqx_auth_pgsql.appup.src | 23 +++++++---- .../src/emqx_auth_redis.app.src | 2 +- .../src/emqx_auth_redis.appup.src | 20 +++++++--- 15 files changed, 136 insertions(+), 47 deletions(-) diff --git a/apps/emqx_auth_http/src/emqx_auth_http.app.src b/apps/emqx_auth_http/src/emqx_auth_http.app.src index 7f05e6c7e..a870575ce 100644 --- a/apps/emqx_auth_http/src/emqx_auth_http.app.src +++ b/apps/emqx_auth_http/src/emqx_auth_http.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_http, [{description, "EMQ X Authentication/ACL with HTTP API"}, - {vsn, "4.3.10"}, % strict semver, bump manually! + {vsn, "4.3.11"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_http_sup]}, {applications, [kernel,stdlib,ehttpc]}, diff --git a/apps/emqx_auth_http/src/emqx_auth_http.appup.src b/apps/emqx_auth_http/src/emqx_auth_http.appup.src index 6de6453d8..3f167d768 100644 --- a/apps/emqx_auth_http/src/emqx_auth_http.appup.src +++ b/apps/emqx_auth_http/src/emqx_auth_http.appup.src @@ -1,7 +1,13 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.9",[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}]}, + [{"4.3.10", + [{load_module,emqx_auth_http,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_http,brutal_purge,soft_purge,[]}]}, + {"4.3.9", + [{load_module,emqx_auth_http,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_http,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}]}, {"4.3.8", [{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_http,brutal_purge,soft_purge,[]}, @@ -39,7 +45,13 @@ {load_module,emqx_auth_http_cli,brutal_purge,soft_purge,[]}]}, {<<"4.3.[0-1]">>,[{restart_application,emqx_auth_http}]}, {<<".*">>,[]}], - [{"4.3.9",[{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}]}, + [{"4.3.10", + [{load_module,emqx_auth_http,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_http,brutal_purge,soft_purge,[]}]}, + {"4.3.9", + [{load_module,emqx_auth_http,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_http,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}]}, {"4.3.8", [{load_module,emqx_auth_http_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_http,brutal_purge,soft_purge,[]}, diff --git a/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src b/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src index 9f6ac4b9b..1407592b0 100644 --- a/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src +++ b/apps/emqx_auth_jwt/src/emqx_auth_jwt.appup.src @@ -1,13 +1,17 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.8",[{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, + [{"4.4.8", + [{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[2-7]">>, [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[0-1]">>,[{restart_application,emqx_auth_jwt}]}, {<<".*">>,[]}], - [{"4.4.8",[{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, + [{"4.4.8", + [{load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[2-7]">>, [{load_module,emqx_auth_jwt_svr,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_jwt,brutal_purge,soft_purge,[]}]}, diff --git a/apps/emqx_auth_ldap/src/emqx_auth_ldap.app.src b/apps/emqx_auth_ldap/src/emqx_auth_ldap.app.src index 48dc39bc9..4bee1aefa 100644 --- a/apps/emqx_auth_ldap/src/emqx_auth_ldap.app.src +++ b/apps/emqx_auth_ldap/src/emqx_auth_ldap.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_ldap, [{description, "EMQ X Authentication/ACL with LDAP"}, - {vsn, "4.3.6"}, % strict semver, bump manually! + {vsn, "4.3.7"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_ldap_sup]}, {applications, [kernel,stdlib,eldap2,ecpool]}, diff --git a/apps/emqx_auth_ldap/src/emqx_auth_ldap.appup.src b/apps/emqx_auth_ldap/src/emqx_auth_ldap.appup.src index 632067873..01b29895f 100644 --- a/apps/emqx_auth_ldap/src/emqx_auth_ldap.appup.src +++ b/apps/emqx_auth_ldap/src/emqx_auth_ldap.appup.src @@ -1,7 +1,10 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.5", + [{"4.3.6", + [{load_module,emqx_acl_ldap,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_ldap,brutal_purge,soft_purge,[]}]}, + {"4.3.5", [{load_module,emqx_acl_ldap,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_ldap,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_ldap_cli,brutal_purge,soft_purge,[]}]}, @@ -21,7 +24,10 @@ {load_module,emqx_acl_ldap,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_ldap_cli,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.3.5", + [{"4.3.6", + [{load_module,emqx_acl_ldap,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_ldap,brutal_purge,soft_purge,[]}]}, + {"4.3.5", [{load_module,emqx_acl_ldap,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_ldap,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_ldap_cli,brutal_purge,soft_purge,[]}]}, diff --git a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.app.src b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.app.src index 3bce055f6..c8298c146 100644 --- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.app.src +++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_mnesia, [{description, "EMQ X Authentication with Mnesia"}, - {vsn, "4.3.10"}, % strict semver, bump manually + {vsn, "4.3.11"}, % strict semver, bump manually {modules, []}, {registered, []}, {applications, [kernel,stdlib,mnesia]}, diff --git a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.appup.src b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.appup.src index 82bff332d..36e4437fd 100644 --- a/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.appup.src +++ b/apps/emqx_auth_mnesia/src/emqx_auth_mnesia.appup.src @@ -1,13 +1,25 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.9",[{load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, - {"4.3.8",[{load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, + [{"4.3.10", + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}]}, + {"4.3.9", + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, + {"4.3.8", + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, {"4.3.7", - [{load_module,emqx_auth_mnesia_api,brutal_purge,soft_purge,[]}, + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mnesia_api,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[5-6]">>, - [{load_module,emqx_auth_mnesia_app,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mnesia_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mnesia_api,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mnesia_db,brutal_purge,soft_purge,[]}, @@ -35,13 +47,25 @@ {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mnesia_app,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.3.9",[{load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, - {"4.3.8",[{load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, + [{"4.3.10", + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}]}, + {"4.3.9", + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, + {"4.3.8", + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, {"4.3.7", - [{load_module,emqx_auth_mnesia_api,brutal_purge,soft_purge,[]}, + [{load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mnesia_api,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mnesia_cli,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[5-6]">>, - [{load_module,emqx_auth_mnesia_app,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mnesia,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mnesia_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mnesia,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mnesia_api,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mnesia_db,brutal_purge,soft_purge,[]}, diff --git a/apps/emqx_auth_mongo/src/emqx_auth_mongo.app.src b/apps/emqx_auth_mongo/src/emqx_auth_mongo.app.src index 2849fe0a8..0677f118b 100644 --- a/apps/emqx_auth_mongo/src/emqx_auth_mongo.app.src +++ b/apps/emqx_auth_mongo/src/emqx_auth_mongo.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_mongo, [{description, "EMQ X Authentication/ACL with MongoDB"}, - {vsn, "4.4.5"}, % strict semver, bump manually! + {vsn, "4.4.6"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_mongo_sup]}, {applications, [kernel,stdlib,mongodb,ecpool]}, diff --git a/apps/emqx_auth_mongo/src/emqx_auth_mongo.appup.src b/apps/emqx_auth_mongo/src/emqx_auth_mongo.appup.src index eb62a4a57..b3c2b92ef 100644 --- a/apps/emqx_auth_mongo/src/emqx_auth_mongo.appup.src +++ b/apps/emqx_auth_mongo/src/emqx_auth_mongo.appup.src @@ -1,12 +1,19 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.4",[{load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, + [{"4.4.5", + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, + {"4.4.4", + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[2-3]">>, - [{load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, {"4.4.1", - [{load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mongo_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, {"4.4.0", @@ -15,12 +22,19 @@ {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.4.4",[{load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, - {<<"4\\.4\\.[2-3]">>, - [{load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, + [{"4.4.5", + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, + {"4.4.4", + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, + {<<"4\\.4\\.[2-3]">>, + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, {"4.4.1", - [{load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mongo,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mongo_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mongo_sup,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mongo,brutal_purge,soft_purge,[]}]}, {"4.4.0", diff --git a/apps/emqx_auth_mysql/src/emqx_auth_mysql.app.src b/apps/emqx_auth_mysql/src/emqx_auth_mysql.app.src index b6d1ef811..abfa86c5f 100644 --- a/apps/emqx_auth_mysql/src/emqx_auth_mysql.app.src +++ b/apps/emqx_auth_mysql/src/emqx_auth_mysql.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_mysql, [{description, "EMQ X Authentication/ACL with MySQL"}, - {vsn, "4.3.4"}, % strict semver, bump manually! + {vsn, "4.3.5"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_mysql_sup]}, {applications, [kernel,stdlib,mysql,ecpool]}, diff --git a/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src b/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src index 5cc4fbc7b..a0a6b036d 100644 --- a/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src +++ b/apps/emqx_auth_mysql/src/emqx_auth_mysql.appup.src @@ -1,10 +1,17 @@ %% -*- mode: erlang -*- +%% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.3", + [{"4.3.4", [{load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}]}, + {"4.3.3", + [{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[1-2]">>, - [{load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}]}, {"4.3.0", @@ -13,11 +20,17 @@ {load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.3.3", + [{"4.3.4", [{load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}]}, + {"4.3.3", + [{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[1-2]">>, - [{load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_mysql_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}]}, {"4.3.0", @@ -25,5 +38,4 @@ {load_module,emqx_auth_mysql_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_mysql,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_mysql,brutal_purge,soft_purge,[]}]}, - {<<".*">>,[]}] -}. + {<<".*">>,[]}]}. diff --git a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.app.src b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.app.src index 47929bc65..96a810d7c 100644 --- a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.app.src +++ b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_pgsql, [{description, "EMQ X Authentication/ACL with PostgreSQL"}, - {vsn, "4.4.4"}, % strict semver, bump manually! + {vsn, "4.4.5"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_pgsql_sup]}, {applications, [kernel,stdlib,epgsql,ecpool]}, diff --git a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src index d5a641a66..98826f918 100644 --- a/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src +++ b/apps/emqx_auth_pgsql/src/emqx_auth_pgsql.appup.src @@ -1,20 +1,29 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.4.3", - [{load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, + [{"4.4.4", + [{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_pgsql,brutal_purge,soft_purge,[]}]}, + {"4.4.3", + [{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_pgsql,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[0-2]">>, - [{load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_pgsql,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_pgsql_app,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.4.3", - [{load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, + [{"4.4.4", + [{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_pgsql,brutal_purge,soft_purge,[]}]}, + {"4.4.3", + [{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_pgsql,brutal_purge,soft_purge,[]}]}, {<<"4\\.4\\.[0-2]">>, - [{load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_pgsql,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_pgsql_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_pgsql,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_pgsql_app,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}]}. - diff --git a/apps/emqx_auth_redis/src/emqx_auth_redis.app.src b/apps/emqx_auth_redis/src/emqx_auth_redis.app.src index 80827507b..0fb0ecaff 100644 --- a/apps/emqx_auth_redis/src/emqx_auth_redis.app.src +++ b/apps/emqx_auth_redis/src/emqx_auth_redis.app.src @@ -1,6 +1,6 @@ {application, emqx_auth_redis, [{description, "EMQ X Authentication/ACL with Redis"}, - {vsn, "4.3.4"}, % strict semver, bump manually! + {vsn, "4.3.5"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_auth_redis_sup]}, {applications, [kernel,stdlib,eredis,eredis_cluster,ecpool]}, diff --git a/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src b/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src index 8ce75dbeb..c3c25571a 100644 --- a/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src +++ b/apps/emqx_auth_redis/src/emqx_auth_redis.appup.src @@ -1,11 +1,15 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.3", - [{load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}, + [{"4.3.4", + [{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]}, + {"4.3.3", + [{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_redis_cli,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[1-2]">>, - [{load_module,emqx_auth_redis_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_redis_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_redis_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}]}, {"4.3.0", @@ -14,11 +18,15 @@ {load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}, {load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.3.3", - [{load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}, + [{"4.3.4", + [{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}]}, + {"4.3.3", + [{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_redis_cli,brutal_purge,soft_purge,[]}]}, {<<"4\\.3\\.[1-2]">>, - [{load_module,emqx_auth_redis_cli,brutal_purge,soft_purge,[]}, + [{load_module,emqx_acl_redis,brutal_purge,soft_purge,[]}, + {load_module,emqx_auth_redis_cli,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_redis_app,brutal_purge,soft_purge,[]}, {load_module,emqx_auth_redis,brutal_purge,soft_purge,[]}]}, {"4.3.0", From 6129d1dd4f85665838f909c3b3e6719e367efe27 Mon Sep 17 00:00:00 2001 From: firest Date: Thu, 9 Feb 2023 15:07:25 +0800 Subject: [PATCH 54/57] chore: update changes --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 3bba0eb7b..dd4e0343d 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -14,6 +14,8 @@ - Now the corresponding session will be kicked when client is banned by `clientid` [#9904](https://github.com/emqx/emqx/pull/9904). +- Add more debug logs for authentication and ACL [#9943](https://github.com/emqx/emqx/pull/9943). + ## Bug fixes - fix some issues in descriptions of the actions, resources amd emqx-modules [#9931](https://github.com/emqx/emqx/pull/9931). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index b3495f235..efdc597a2 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -14,6 +14,8 @@ - 现在客户端通过 `clientid` 被封禁时将会踢掉对应的会话 [#9904](https://github.com/emqx/emqx/pull/9904)。 +- 为认证和授权添加了更多调试日志 [#9943](https://github.com/emqx/emqx/pull/9943)。 + ## 修复 - 修复资源、动作以及模块里的一些描述错误 [#9931](https://github.com/emqx/emqx/pull/9931)。 From c4c2f570ff06ae0d1942781e8e1b3af3fd45f084 Mon Sep 17 00:00:00 2001 From: Erik Timan Date: Tue, 7 Feb 2023 14:23:04 +0100 Subject: [PATCH 55/57] feat(emqx_prometheus): expose live_connections stats to prometheus --- apps/emqx_prometheus/src/emqx_prometheus.erl | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apps/emqx_prometheus/src/emqx_prometheus.erl b/apps/emqx_prometheus/src/emqx_prometheus.erl index b58c4cc5f..5342a6d71 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus.erl +++ b/apps/emqx_prometheus/src/emqx_prometheus.erl @@ -185,6 +185,10 @@ emqx_collect(emqx_connections_count, Stats) -> gauge_metric(?C('connections.count', Stats)); emqx_collect(emqx_connections_max, Stats) -> gauge_metric(?C('connections.max', Stats)); +emqx_collect(emqx_live_connections_count, Stats) -> + gauge_metric(?C('live_connections.count', Stats)); +emqx_collect(emqx_live_connections_max, Stats) -> + gauge_metric(?C('live_connections.max', Stats)); %% sessions emqx_collect(emqx_sessions_count, Stats) -> @@ -471,6 +475,8 @@ emqx_collect(emqx_cluster_nodes_stopped, ClusterData) -> emqx_stats() -> [ emqx_connections_count , emqx_connections_max + , emqx_live_connections_count + , emqx_live_connections_max , emqx_sessions_count , emqx_sessions_max , emqx_topics_count From 8f4e3908404be41ab3d3ac28de845f29e2a880da Mon Sep 17 00:00:00 2001 From: Erik Timan Date: Tue, 7 Feb 2023 15:17:37 +0100 Subject: [PATCH 56/57] chore: bump VSN and appup --- apps/emqx_prometheus/src/emqx_prometheus.app.src | 2 +- apps/emqx_prometheus/src/emqx_prometheus.appup.src | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/emqx_prometheus/src/emqx_prometheus.app.src b/apps/emqx_prometheus/src/emqx_prometheus.app.src index ded1bf46d..6e7d7400f 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus.app.src +++ b/apps/emqx_prometheus/src/emqx_prometheus.app.src @@ -1,6 +1,6 @@ {application, emqx_prometheus, [{description, "Prometheus for EMQ X"}, - {vsn, "4.3.1"}, % strict semver, bump manually! + {vsn, "4.3.2"}, % strict semver, bump manually! {modules, []}, {registered, [emqx_prometheus_sup]}, {applications, [kernel,stdlib,prometheus]}, diff --git a/apps/emqx_prometheus/src/emqx_prometheus.appup.src b/apps/emqx_prometheus/src/emqx_prometheus.appup.src index a06d65fe1..1234d5395 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus.appup.src +++ b/apps/emqx_prometheus/src/emqx_prometheus.appup.src @@ -1,9 +1,9 @@ %% -*- mode: erlang -*- %% Unless you know what you are doing, DO NOT edit manually!! {VSN, - [{"4.3.0", - [{load_module,emqx_prometheus,brutal_purge,soft_purge,[]}]}, + [{"4.3.1",[{load_module,emqx_prometheus,brutal_purge,soft_purge,[]}]}, + {"4.3.0",[{load_module,emqx_prometheus,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}], - [{"4.3.0", - [{load_module,emqx_prometheus,brutal_purge,soft_purge,[]}]}, + [{"4.3.1",[{load_module,emqx_prometheus,brutal_purge,soft_purge,[]}]}, + {"4.3.0",[{load_module,emqx_prometheus,brutal_purge,soft_purge,[]}]}, {<<".*">>,[]}]}. From 3d41e58d80f0c6c74bc08c3d93cd8a7b155dd876 Mon Sep 17 00:00:00 2001 From: Erik Timan Date: Tue, 7 Feb 2023 15:05:09 +0100 Subject: [PATCH 57/57] chore: update changes --- changes/v4.4.15-en.md | 2 ++ changes/v4.4.15-zh.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/changes/v4.4.15-en.md b/changes/v4.4.15-en.md index 260166da2..d8ccfefdd 100644 --- a/changes/v4.4.15-en.md +++ b/changes/v4.4.15-en.md @@ -16,6 +16,8 @@ - Add more debug logs for authentication and ACL [#9943](https://github.com/emqx/emqx/pull/9943). +- Expose the stats `live_connections.count` and `live_connections.max` to Prometheus [#9929](https://github.com/emqx/emqx/pull/9929). + ## Bug fixes - Fixed an error when forward MQTT messages with User-Property using the `republish` action [#9942](https://github.com/emqx/emqx/pull/9942). diff --git a/changes/v4.4.15-zh.md b/changes/v4.4.15-zh.md index a382e0c94..03eb31522 100644 --- a/changes/v4.4.15-zh.md +++ b/changes/v4.4.15-zh.md @@ -16,6 +16,8 @@ - 为认证和授权添加了更多调试日志 [#9943](https://github.com/emqx/emqx/pull/9943)。 +- 将统计数据 `live_connections.count` 和 `live_connections.max` 公开给 Prometheus [#9929](https://github.com/emqx/emqx/pull/9929). + ## 修复 - 修复使用 `消息重发布` 动作转发带 User-Property 的 MQTT 消息时出错的问题 [#9942](https://github.com/emqx/emqx/pull/9942)。