From 5006dbba6e769b4fa1309b446de893763b0b0cf9 Mon Sep 17 00:00:00 2001 From: HeeeJianBo Date: Fri, 1 Dec 2017 22:12:27 +0800 Subject: [PATCH 01/37] Add ws/wss proxy cofingurations for getting client original ip address --- etc/emq.conf | 8 ++++++++ priv/emq.schema | 32 ++++++++++++++++++++++++++++++-- src/emqttd_ws_client.erl | 33 +++++++++++++++++++++++++++++++-- src/emqttd_ws_client_sup.erl | 19 ++++++++++++++++++- 4 files changed, 87 insertions(+), 5 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 60e9c421f..779cb899b 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -496,6 +496,10 @@ listener.ws.external.max_clients = 64 listener.ws.external.access.1 = allow all +listener.ws.external.proxy_ipaddress_header = x-forwarded-for + +listener.ws.external.proxy_port_header = x-remote-port + ## TCP Options listener.ws.external.backlog = 1024 @@ -518,6 +522,10 @@ listener.wss.external.max_clients = 64 listener.wss.external.access.1 = allow all +listener.wss.external.proxy_ipaddress_header = x-forwarded-for + +listener.wss.external.proxy_port_header = x-remote-port + ## SSL Options listener.wss.external.handshake_timeout = 15s diff --git a/priv/emq.schema b/priv/emq.schema index d05cc79cf..7d756b434 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -987,6 +987,16 @@ end}. {datatype, string} ]}. +{mapping, "listener.ws.$name.proxy_port_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + +{mapping, "listener.ws.$name.proxy_ipaddress_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + {mapping, "listener.ws.$name.access.$id", "emqttd.listeners", [ {datatype, string} ]}. @@ -1050,6 +1060,16 @@ end}. {datatype, string} ]}. +{mapping, "listener.wss.$name.proxy_port_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + +{mapping, "listener.wss.$name.proxy_ipaddress_header", "emqttd.listeners", [ + {datatype, string}, + hidden +]}. + {mapping, "listener.wss.$name.access.$id", "emqttd.listeners", [ {datatype, string} ]}. @@ -1127,6 +1147,13 @@ end}. end end, + WsProxyOpts = fun(Prefix) when Prefix =:= "listener.ws.external" orelse + Prefix =:= "listener.wss.external" -> + Filter([{proxy_port_header, cuttlefish:conf_get(Prefix ++ ".proxy_port_header", Conf, undefined)}, + {proxy_ipaddress_header, cuttlefish:conf_get(Prefix ++ ".proxy_ipaddress_header", Conf, undefined)}]); + (_) -> [] + end, + MountPoint = fun(undefined) -> undefined; (S) -> list_to_binary(S) end, ConnOpts = fun(Prefix) -> @@ -1178,7 +1205,8 @@ end}. undefined -> []; ListenOn -> - [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, {sockopts, TcpOpts(Prefix)} | LisOpts(Prefix)]}] + [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, + {sockopts, TcpOpts(Prefix)} | LisOpts(Prefix) ++ WsProxyOpts(Prefix)]}] end end, @@ -1190,7 +1218,7 @@ end}. ListenOn -> [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, {sockopts, TcpOpts(Prefix)}, - {sslopts, SslOpts(Prefix)} | LisOpts(Prefix)]}] + {sslopts, SslOpts(Prefix)} | LisOpts(Prefix) ++ WsProxyOpts(Prefix)]}] end end, diff --git a/src/emqttd_ws_client.erl b/src/emqttd_ws_client.erl index b9d25ad3e..7a66dff3c 100644 --- a/src/emqttd_ws_client.erl +++ b/src/emqttd_ws_client.erl @@ -28,7 +28,7 @@ -include("emqttd_internal.hrl"). --import(proplists, [get_value/3]). +-import(proplists, [get_value/3, get_value/2]). %% API Exports -export([start_link/4]). @@ -93,7 +93,7 @@ init([Env, WsPid, Req, ReplyChannel]) -> process_flag(trap_exit, true), Conn = Req:get(connection), true = link(WsPid), - case Req:get(peername) of + case peername(Env, Req) of {ok, Peername} -> Headers = mochiweb_headers:to_list( mochiweb_request:get(headers, Req)), @@ -321,3 +321,32 @@ gc(State) -> Cb = fun() -> emit_stats(State) end, emqttd_gc:maybe_force_gc(#wsclient_state.force_gc_count, State, Cb). +peername(Env, Req) -> + Conn = Req:get(connection), + case Conn:peername() of + {ok, Peername} -> + % return original address, if existed + case last_forwarded(get_value(Conn:type(), Env, []), Req) of + undefined -> {ok, Peername}; + Forwarded -> {ok, Forwarded} + end; + {error, Reason} -> {error, Reason} + end. + +last_forwarded([], _) -> undefined; +last_forwarded(Conf, Req) -> + HostHeader = get_value(proxy_ipaddress_header, Conf), + PortHeader = get_value(proxy_port_header, Conf), + case tune_host(Req:get_header_value(HostHeader)) of + undefined -> undefined; + Host -> {Host, tune_port(Req:get_header_value(PortHeader))} + end. + +tune_host(undefined) -> undefined; +tune_host(Hosts) -> + {ok, Last} = inet:parse_address(string:strip(lists:last(string:tokens(Hosts, ",")))), + Last. + +tune_port(undefined) -> undefined; +tune_port(Port) -> list_to_integer(Port). + diff --git a/src/emqttd_ws_client_sup.erl b/src/emqttd_ws_client_sup.erl index 21f683eaa..ec46b8714 100644 --- a/src/emqttd_ws_client_sup.erl +++ b/src/emqttd_ws_client_sup.erl @@ -39,8 +39,25 @@ start_client(WsPid, Req, ReplyChannel) -> %%-------------------------------------------------------------------- init([]) -> - Env = lists:append(emqttd:env(client, []), emqttd:env(protocol, [])), + Env = lists:append(emqttd:env(client, []), + emqttd:env(protocol, []) ++ forwarded_header()), {ok, {{simple_one_for_one, 0, 1}, [{ws_client, {emqttd_ws_client, start_link, [Env]}, temporary, 5000, worker, [emqttd_ws_client]}]}}. +forwarded_header() -> + Env = [{Proto, Opts} || {Proto, _, Opts} <- emqttd:env(listeners, []), Proto == ws orelse Proto == wss], + lists:foldl(fun({Proto, Opts}, Acc) -> + Proto1 = case Proto of + ws -> tcp; + wss -> ssl + end, + case {proplists:get_value(proxy_ipaddress_header, Opts), + proplists:get_value(proxy_port_header, Opts)} of + {undefined, _} -> Acc; + {AddrHeader, undefined} -> [{Proto1, [{proxy_ipaddress_header, AddrHeader}]} | Acc]; + {AddrHeader, PortHeader} -> [{Proto1, [{proxy_ipaddress_header, AddrHeader}, + {proxy_port_header, PortHeader}]} | Acc] + end + end, [], Env). + From 4915195b1e1f1e5a06a0cdd7b450251aaa9d2f90 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Sat, 2 Dec 2017 17:59:16 +0800 Subject: [PATCH 02/37] Fix issue #1335 - Forward real client IP using a reverse proxy for websocket --- src/emqttd_ws_client.erl | 33 ++------------------------------- src/emqttd_ws_client_sup.erl | 19 +------------------ 2 files changed, 3 insertions(+), 49 deletions(-) diff --git a/src/emqttd_ws_client.erl b/src/emqttd_ws_client.erl index 7a66dff3c..b9d25ad3e 100644 --- a/src/emqttd_ws_client.erl +++ b/src/emqttd_ws_client.erl @@ -28,7 +28,7 @@ -include("emqttd_internal.hrl"). --import(proplists, [get_value/3, get_value/2]). +-import(proplists, [get_value/3]). %% API Exports -export([start_link/4]). @@ -93,7 +93,7 @@ init([Env, WsPid, Req, ReplyChannel]) -> process_flag(trap_exit, true), Conn = Req:get(connection), true = link(WsPid), - case peername(Env, Req) of + case Req:get(peername) of {ok, Peername} -> Headers = mochiweb_headers:to_list( mochiweb_request:get(headers, Req)), @@ -321,32 +321,3 @@ gc(State) -> Cb = fun() -> emit_stats(State) end, emqttd_gc:maybe_force_gc(#wsclient_state.force_gc_count, State, Cb). -peername(Env, Req) -> - Conn = Req:get(connection), - case Conn:peername() of - {ok, Peername} -> - % return original address, if existed - case last_forwarded(get_value(Conn:type(), Env, []), Req) of - undefined -> {ok, Peername}; - Forwarded -> {ok, Forwarded} - end; - {error, Reason} -> {error, Reason} - end. - -last_forwarded([], _) -> undefined; -last_forwarded(Conf, Req) -> - HostHeader = get_value(proxy_ipaddress_header, Conf), - PortHeader = get_value(proxy_port_header, Conf), - case tune_host(Req:get_header_value(HostHeader)) of - undefined -> undefined; - Host -> {Host, tune_port(Req:get_header_value(PortHeader))} - end. - -tune_host(undefined) -> undefined; -tune_host(Hosts) -> - {ok, Last} = inet:parse_address(string:strip(lists:last(string:tokens(Hosts, ",")))), - Last. - -tune_port(undefined) -> undefined; -tune_port(Port) -> list_to_integer(Port). - diff --git a/src/emqttd_ws_client_sup.erl b/src/emqttd_ws_client_sup.erl index ec46b8714..21f683eaa 100644 --- a/src/emqttd_ws_client_sup.erl +++ b/src/emqttd_ws_client_sup.erl @@ -39,25 +39,8 @@ start_client(WsPid, Req, ReplyChannel) -> %%-------------------------------------------------------------------- init([]) -> - Env = lists:append(emqttd:env(client, []), - emqttd:env(protocol, []) ++ forwarded_header()), + Env = lists:append(emqttd:env(client, []), emqttd:env(protocol, [])), {ok, {{simple_one_for_one, 0, 1}, [{ws_client, {emqttd_ws_client, start_link, [Env]}, temporary, 5000, worker, [emqttd_ws_client]}]}}. -forwarded_header() -> - Env = [{Proto, Opts} || {Proto, _, Opts} <- emqttd:env(listeners, []), Proto == ws orelse Proto == wss], - lists:foldl(fun({Proto, Opts}, Acc) -> - Proto1 = case Proto of - ws -> tcp; - wss -> ssl - end, - case {proplists:get_value(proxy_ipaddress_header, Opts), - proplists:get_value(proxy_port_header, Opts)} of - {undefined, _} -> Acc; - {AddrHeader, undefined} -> [{Proto1, [{proxy_ipaddress_header, AddrHeader}]} | Acc]; - {AddrHeader, PortHeader} -> [{Proto1, [{proxy_ipaddress_header, AddrHeader}, - {proxy_port_header, PortHeader}]} | Acc] - end - end, [], Env). - From bceb72853dff279efc14dd5bbc051b5a38264beb Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Sat, 2 Dec 2017 17:59:29 +0800 Subject: [PATCH 03/37] Fix issue #1335 - Forward real client IP using a reverse proxy for websocket --- etc/emq.conf | 8 ++++---- priv/emq.schema | 19 +++++++------------ 2 files changed, 11 insertions(+), 16 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 53f070f2d..e1f31e843 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -496,9 +496,9 @@ listener.ws.external.max_clients = 64 listener.ws.external.access.1 = allow all -listener.ws.external.proxy_ipaddress_header = x-forwarded-for +## listener.ws.external.proxy_address_header = x-forwarded-for -listener.ws.external.proxy_port_header = x-remote-port +## listener.ws.external.proxy_port_header = x-remote-port ## TCP Options listener.ws.external.backlog = 1024 @@ -522,9 +522,9 @@ listener.wss.external.max_clients = 64 listener.wss.external.access.1 = allow all -listener.wss.external.proxy_ipaddress_header = x-forwarded-for +## listener.wss.external.proxy_address_header = x-forwarded-for -listener.wss.external.proxy_port_header = x-remote-port +## listener.wss.external.proxy_port_header = x-remote-port ## SSL Options listener.wss.external.handshake_timeout = 15s diff --git a/priv/emq.schema b/priv/emq.schema index 7d756b434..7aba5304c 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -992,7 +992,7 @@ end}. hidden ]}. -{mapping, "listener.ws.$name.proxy_ipaddress_header", "emqttd.listeners", [ +{mapping, "listener.ws.$name.proxy_address_header", "emqttd.listeners", [ {datatype, string}, hidden ]}. @@ -1065,7 +1065,7 @@ end}. hidden ]}. -{mapping, "listener.wss.$name.proxy_ipaddress_header", "emqttd.listeners", [ +{mapping, "listener.wss.$name.proxy_address_header", "emqttd.listeners", [ {datatype, string}, hidden ]}. @@ -1147,13 +1147,6 @@ end}. end end, - WsProxyOpts = fun(Prefix) when Prefix =:= "listener.ws.external" orelse - Prefix =:= "listener.wss.external" -> - Filter([{proxy_port_header, cuttlefish:conf_get(Prefix ++ ".proxy_port_header", Conf, undefined)}, - {proxy_ipaddress_header, cuttlefish:conf_get(Prefix ++ ".proxy_ipaddress_header", Conf, undefined)}]); - (_) -> [] - end, - MountPoint = fun(undefined) -> undefined; (S) -> list_to_binary(S) end, ConnOpts = fun(Prefix) -> @@ -1162,7 +1155,9 @@ end}. {proxy_protocol, cuttlefish:conf_get(Prefix ++ ".proxy_protocol", Conf, undefined)}, {proxy_protocol_timeout, cuttlefish:conf_get(Prefix ++ ".proxy_protocol_timeout", Conf, undefined)}, {mountpoint, MountPoint(cuttlefish:conf_get(Prefix ++ ".mountpoint", Conf, undefined))}, - {peer_cert_as_username, cuttlefish:conf_get(Prefix ++ ".peer_cert_as_username", Conf, undefined)}]) + {peer_cert_as_username, cuttlefish:conf_get(Prefix ++ ".peer_cert_as_username", Conf, undefined)}, + {proxy_port_header, cuttlefish:conf_get(Prefix ++ ".proxy_port_header", Conf, undefined)}, + {proxy_address_header, cuttlefish:conf_get(Prefix ++ ".proxy_address_header", Conf, undefined)}]) end, LisOpts = fun(Prefix) -> @@ -1206,7 +1201,7 @@ end}. []; ListenOn -> [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, - {sockopts, TcpOpts(Prefix)} | LisOpts(Prefix) ++ WsProxyOpts(Prefix)]}] + {sockopts, TcpOpts(Prefix)} | LisOpts(Prefix)]}] end end, @@ -1218,7 +1213,7 @@ end}. ListenOn -> [{Atom(Type), ListenOn, [{connopts, ConnOpts(Prefix)}, {sockopts, TcpOpts(Prefix)}, - {sslopts, SslOpts(Prefix)} | LisOpts(Prefix) ++ WsProxyOpts(Prefix)]}] + {sslopts, SslOpts(Prefix)} | LisOpts(Prefix)]}] end end, From 0fe530a50263f9119ef38810b493145d9a4f3388 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Sat, 2 Dec 2017 18:00:56 +0800 Subject: [PATCH 04/37] Depends on the develop branch of mochiweb --- Makefile | 4 ++-- src/emqttd.app.src | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index de2827e23..6923c8b5d 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ PROJECT = emqttd PROJECT_DESCRIPTION = Erlang MQTT Broker -PROJECT_VERSION = 2.3.0 +PROJECT_VERSION = 2.3.1 DEPS = goldrush gproc lager esockd ekka mochiweb pbkdf2 lager_syslog bcrypt clique jsx @@ -10,7 +10,7 @@ dep_getopt = git https://github.com/jcomellas/getopt v0.8.2 dep_lager = git https://github.com/basho/lager master dep_esockd = git https://github.com/emqtt/esockd master dep_ekka = git https://github.com/emqtt/ekka master -dep_mochiweb = git https://github.com/emqtt/mochiweb master +dep_mochiweb = git https://github.com/emqtt/mochiweb develop dep_pbkdf2 = git https://github.com/emqtt/pbkdf2 2.0.1 dep_lager_syslog = git https://github.com/basho/lager_syslog dep_bcrypt = git https://github.com/smarkets/erlang-bcrypt master diff --git a/src/emqttd.app.src b/src/emqttd.app.src index 269601bb8..67af8854e 100644 --- a/src/emqttd.app.src +++ b/src/emqttd.app.src @@ -1,6 +1,6 @@ {application,emqttd, [{description,"Erlang MQTT Broker"}, - {vsn,"2.3.0"}, + {vsn,"2.3.1"}, {modules,[]}, {registered,[emqttd_sup]}, {applications,[kernel,stdlib,gproc,lager,esockd,mochiweb, From 985ab723dfb48ff053570e8de8aca3b54b0c8608 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 26 Dec 2017 21:01:03 +0800 Subject: [PATCH 05/37] Support for zone configuration --- etc/emq.conf | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index db62e1d49..68cf8b6b7 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1,6 +1,6 @@ -##=================================================================== +##==================================================================== ## EMQ Configuration R2.3.0 -##=================================================================== +##==================================================================== ##-------------------------------------------------------------------- ## Cluster @@ -327,6 +327,9 @@ listener.tcp.external.acceptors = 16 ## Maximum number of concurrent clients listener.tcp.external.max_clients = 102400 +## TODO: +## listener.tcp.external.zone = external + #listener.tcp.external.mountpoint = external/ ## Rate Limit. Format is 'burst,rate', Unit is KB/Sec @@ -370,6 +373,8 @@ listener.tcp.internal.acceptors = 16 ## Maximum number of concurrent clients listener.tcp.internal.max_clients = 102400 +#listener.tcp.internal.zone = internal + #listener.tcp.external.mountpoint = internal/ ## Rate Limit. Format is 'burst,rate', Unit is KB/Sec @@ -404,6 +409,9 @@ listener.ssl.external.acceptors = 16 ## Maximum number of concurrent clients listener.ssl.external.max_clients = 1024 +## Authentication Zone +## listener.ssl.external.zone = external + ## listener.ssl.external.mountpoint = inbound/ ## Rate Limit. Format is 'burst,rate', Unit is KB/Sec @@ -509,6 +517,8 @@ listener.ws.external.acceptors = 4 listener.ws.external.max_clients = 64 +## listener.ws.external.zone = external + listener.ws.external.access.1 = allow all ## Proxy Protocol V1/2 @@ -539,6 +549,8 @@ listener.wss.external.acceptors = 4 listener.wss.external.max_clients = 64 +## listener.wss.external.zone = external + listener.wss.external.access.1 = allow all ## Proxy Protocol V1/2 From 013cc9705e1e1953d873e8cb637c581cfbec8e9a Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 26 Dec 2017 22:15:09 +0800 Subject: [PATCH 06/37] Depends on ekka v0.2.1 --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 233f542d7..b0fac24b8 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ dep_gproc = git https://github.com/uwiger/gproc dep_getopt = git https://github.com/jcomellas/getopt v0.8.2 dep_lager = git https://github.com/basho/lager master dep_esockd = git https://github.com/emqtt/esockd v5.2 -dep_ekka = git https://github.com/emqtt/ekka master +dep_ekka = git https://github.com/emqtt/ekka v0.2.1 dep_mochiweb = git https://github.com/emqtt/mochiweb develop dep_pbkdf2 = git https://github.com/emqtt/pbkdf2 2.0.1 dep_lager_syslog = git https://github.com/basho/lager_syslog From d5c54276e212e14128002a803e96c365874548d1 Mon Sep 17 00:00:00 2001 From: HeeeJianBo Date: Wed, 27 Dec 2017 14:55:36 +0800 Subject: [PATCH 07/37] Fix issue #1398 --- src/emqttd_topic.erl | 8 ++++---- test/emqttd_topic_SUITE.erl | 16 ++++++++++------ 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/src/emqttd_topic.erl b/src/emqttd_topic.erl index 458a41f7d..934362499 100644 --- a/src/emqttd_topic.erl +++ b/src/emqttd_topic.erl @@ -61,18 +61,18 @@ wildcard([_H|T]) -> -spec(match(Name, Filter) -> boolean() when Name :: topic() | words(), Filter :: topic() | words()). +match(<<"$", _/binary>>, <<"+", _/binary>>) -> + false; +match(<<"$", _/binary>>, <<"#", _/binary>>) -> + false; match(Name, Filter) when is_binary(Name) and is_binary(Filter) -> match(words(Name), words(Filter)); match([], []) -> true; match([H|T1], [H|T2]) -> match(T1, T2); -match([<<$$, _/binary>>|_], ['+'|_]) -> - false; match([_H|T1], ['+'|T2]) -> match(T1, T2); -match([<<$$, _/binary>>|_], ['#']) -> - false; match(_, ['#']) -> true; match([_H1|_], [_H2|_]) -> diff --git a/test/emqttd_topic_SUITE.erl b/test/emqttd_topic_SUITE.erl index b1ea4d8ed..9ec7736bd 100644 --- a/test/emqttd_topic_SUITE.erl +++ b/test/emqttd_topic_SUITE.erl @@ -73,10 +73,10 @@ t_match2(_) -> t_match3(_) -> true = match(<<"device/60019423a83c/fw">>, <<"device/60019423a83c/#">>), - false = match(<<"device/60019423a83c/$fw">>, <<"device/60019423a83c/#">>), + true = match(<<"device/60019423a83c/$fw">>, <<"device/60019423a83c/#">>), true = match(<<"device/60019423a83c/$fw/fw">>, <<"device/60019423a83c/$fw/#">>), true = match(<<"device/60019423a83c/fw/checksum">>, <<"device/60019423a83c/#">>), - false = match(<<"device/60019423a83c/$fw/checksum">>, <<"device/60019423a83c/#">>), + true = match(<<"device/60019423a83c/$fw/checksum">>, <<"device/60019423a83c/#">>), true = match(<<"device/60019423a83c/dust/type">>, <<"device/60019423a83c/#">>). t_sigle_level_match(_) -> @@ -86,7 +86,9 @@ t_sigle_level_match(_) -> true = match(<<"sport/">>, <<"sport/+">>), true = match(<<"/finance">>, <<"+/+">>), true = match(<<"/finance">>, <<"/+">>), - false = match(<<"/finance">>, <<"+">>). + false = match(<<"/finance">>, <<"+">>), + true = match(<<"/devices/$dev1">>, <<"/devices/+">>), + true = match(<<"/devices/$dev1/online">>, <<"/devices/+/online">>). t_sys_match(_) -> true = match(<<"$SYS/broker/clients/testclient">>, <<"$SYS/#">>), @@ -95,9 +97,11 @@ t_sys_match(_) -> false = match(<<"$SYS/broker">>, <<"#">>). 't_#_match'(_) -> - true = match(<<"a/b/c">>, <<"#">>), - true = match(<<"a/b/c">>, <<"+/#">>), - false = match(<<"$SYS/brokers">>, <<"#">>). + true = match(<<"a/b/c">>, <<"#">>), + true = match(<<"a/b/c">>, <<"+/#">>), + false = match(<<"$SYS/brokers">>, <<"#">>), + true = match(<<"a/b/$c">>, <<"a/b/#">>), + true = match(<<"a/b/$c">>, <<"a/#">>). t_match_perf(_) -> true = match(<<"a/b/ccc">>, <<"a/#">>), From 4c8b43e05d2c2666a079f3b385606f11544cbf61 Mon Sep 17 00:00:00 2001 From: HeeeJianBo Date: Wed, 27 Dec 2017 15:11:55 +0800 Subject: [PATCH 08/37] Improve impletament of emqttd_topic:match/2 --- src/emqttd_topic.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/emqttd_topic.erl b/src/emqttd_topic.erl index 934362499..91cd0ff08 100644 --- a/src/emqttd_topic.erl +++ b/src/emqttd_topic.erl @@ -61,9 +61,9 @@ wildcard([_H|T]) -> -spec(match(Name, Filter) -> boolean() when Name :: topic() | words(), Filter :: topic() | words()). -match(<<"$", _/binary>>, <<"+", _/binary>>) -> +match(<<$$, _/binary>>, <<$+, _/binary>>) -> false; -match(<<"$", _/binary>>, <<"#", _/binary>>) -> +match(<<$$, _/binary>>, <<$#, _/binary>>) -> false; match(Name, Filter) when is_binary(Name) and is_binary(Filter) -> match(words(Name), words(Filter)); From ed5e4d185763977b17bd95094d579fac85c2c115 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Wed, 27 Dec 2017 21:30:17 +0800 Subject: [PATCH 09/37] Change the default value of mqtt.keepalive_backoff to 0.75 --- etc/emq.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 68cf8b6b7..677eca905 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1,5 +1,5 @@ ##==================================================================== -## EMQ Configuration R2.3.0 +## EMQ Configuration R2.3.3 ##==================================================================== ##-------------------------------------------------------------------- @@ -196,7 +196,7 @@ mqtt.max_packet_size = 64KB mqtt.websocket_protocol_header = on ## The Keepalive timeout: Keepalive * backoff * 2 -mqtt.keepalive_backoff = 1.25 +mqtt.keepalive_backoff = 0.75 ##-------------------------------------------------------------------- ## MQTT Connection From 953a7628a305c8745fed2a1445dac51ee71a6148 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 28 Dec 2017 11:34:29 +0800 Subject: [PATCH 10/37] Version 2.3.3 --- Makefile | 8 ++++---- src/emqttd.app.src | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index b0fac24b8..8ad0dbe5b 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ PROJECT = emqttd PROJECT_DESCRIPTION = Erlang MQTT Broker -PROJECT_VERSION = 2.3.2 +PROJECT_VERSION = 2.3.3 DEPS = goldrush gproc lager esockd ekka mochiweb pbkdf2 lager_syslog bcrypt clique jsx @@ -8,14 +8,14 @@ dep_goldrush = git https://github.com/basho/goldrush 0.1.9 dep_gproc = git https://github.com/uwiger/gproc dep_getopt = git https://github.com/jcomellas/getopt v0.8.2 dep_lager = git https://github.com/basho/lager master -dep_esockd = git https://github.com/emqtt/esockd v5.2 -dep_ekka = git https://github.com/emqtt/ekka v0.2.1 +dep_esockd = git https://github.com/emqtt/esockd develop +dep_ekka = git https://github.com/emqtt/ekka develop dep_mochiweb = git https://github.com/emqtt/mochiweb develop dep_pbkdf2 = git https://github.com/emqtt/pbkdf2 2.0.1 dep_lager_syslog = git https://github.com/basho/lager_syslog dep_bcrypt = git https://github.com/smarkets/erlang-bcrypt master dep_clique = git https://github.com/emqtt/clique -dep_jsx = git https://github.com/talentdeficit/jsx +dep_jsx = git https://github.com/talentdeficit/jsx ERLC_OPTS += +debug_info ERLC_OPTS += +'{parse_transform, lager_transform}' diff --git a/src/emqttd.app.src b/src/emqttd.app.src index e321b73f1..4ff79090a 100644 --- a/src/emqttd.app.src +++ b/src/emqttd.app.src @@ -1,6 +1,6 @@ {application,emqttd, [{description,"Erlang MQTT Broker"}, - {vsn,"2.3.2"}, + {vsn,"2.3.3"}, {modules,[]}, {registered,[emqttd_sup]}, {applications,[kernel,stdlib,gproc,lager,esockd,mochiweb, From 5fbbff46b1e3bd68e89f086b8c48167ea8d3a09f Mon Sep 17 00:00:00 2001 From: HeeeJianBo Date: Thu, 28 Dec 2017 17:57:32 +0800 Subject: [PATCH 11/37] Fix issue #1216, redeliver pubrel packet now --- src/emqttd_session.erl | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/emqttd_session.erl b/src/emqttd_session.erl index 854dee0a5..aa1a027a4 100644 --- a/src/emqttd_session.erl +++ b/src/emqttd_session.erl @@ -453,6 +453,8 @@ handle_cast({pubrel, PacketId}, State = #state{awaiting_rel = AwaitingRel}) -> {noreply, case maps:take(PacketId, AwaitingRel) of {Msg, AwaitingRel1} -> + %% Implement Qos2 by method A [MQTT 4.33] + %% Dispatch to subscriber when received PUBREL spawn(emqttd_server, publish, [Msg]), %%:) gc(State#state{awaiting_rel = AwaitingRel1}); error -> @@ -628,8 +630,10 @@ retry_delivery(Force, [{Type, Msg, Ts} | Msgs], Now, redeliver(Msg, State), Inflight1 = Inflight:update(PacketId, {publish, Msg, Now}), retry_delivery(Force, Msgs, Now, State#state{inflight = Inflight1}); - {pubrel, PacketId} -> %% remove 'pubrel' directly? - retry_delivery(Force, Msgs, Now, State#state{inflight = Inflight:delete(PacketId)}) + {pubrel, PacketId} -> + redeliver({pubrel, PacketId}, State), + Inflight1 = Inflight:update(PacketId, {pubrel, PacketId, Now}), + retry_delivery(Force, Msgs, Now, State#state{inflight = Inflight1}) end; true -> State#state{retry_timer = start_timer(Interval - Diff, retry_delivery)} @@ -649,11 +653,13 @@ expire_awaiting_rel(State = #state{awaiting_rel = AwaitingRel}) -> expire_awaiting_rel([], _Now, State) -> State#state{await_rel_timer = undefined}; -expire_awaiting_rel([{PacketId, #mqtt_message{timestamp = TS}} | Msgs], +expire_awaiting_rel([{PacketId, Msg = #mqtt_message{timestamp = TS}} | Msgs], Now, State = #state{awaiting_rel = AwaitingRel, await_rel_timeout = Timeout}) -> case (timer:now_diff(Now, TS) div 1000) of Diff when Diff >= Timeout -> + ?LOG(warning, "Dropped Qos2 Message for await_rel_timeout: ~p", [Msg], State), + emqttd_metrics:inc('messages/qos2/dropped'), expire_awaiting_rel(Msgs, Now, State#state{awaiting_rel = maps:remove(PacketId, AwaitingRel)}); Diff -> State#state{await_rel_timer = start_timer(Timeout - Diff, check_awaiting_rel)} @@ -714,7 +720,10 @@ enqueue_msg(Msg, State = #state{mqueue = Q}) -> %%-------------------------------------------------------------------- redeliver(Msg = #mqtt_message{qos = QoS}, State) -> - deliver(Msg#mqtt_message{dup = if QoS =:= ?QOS2 -> false; true -> true end}, State). + deliver(Msg#mqtt_message{dup = if QoS =:= ?QOS2 -> false; true -> true end}, State); + +redeliver({pubrel, PacketId}, #state{client_pid = Pid}) -> + Pid ! {redeliver, {?PUBREL, PacketId}}. deliver(Msg, #state{client_pid = Pid}) -> inc_stats(deliver_msg), From 10ed4219dbd1f5dcdbe7f5a80b8b6a53070115a0 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Sun, 31 Dec 2017 15:10:45 +0800 Subject: [PATCH 12/37] Update documentation for R2 configurations --- etc/emq.conf | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 677eca905..898a94576 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1,5 +1,5 @@ ##==================================================================== -## EMQ Configuration R2.3.3 +## EMQ Configuration R2 ##==================================================================== ##-------------------------------------------------------------------- @@ -9,7 +9,17 @@ ## Cluster name cluster.name = emqcl -## Cluster discovery strategy: manual | static | mcast | dns | etcd | k8s +## Cluster auto-discovery strategy. +## +## Enum Values: +## - manual: Manual join command +## - static: Static node list +## - mcast: IP Multicast +## - dns: DNS A Record +## - etcd: etcd +## - k8s: Kubernates +## +## Default: manual cluster.discovery = manual ## Cluster Autoheal: on | off @@ -557,7 +567,9 @@ listener.wss.external.access.1 = allow all ## listener.wss.external.proxy_protocol = on ## listener.wss.external.proxy_protocol_timeout = 3s -## SSL Options +## SSL Option +### SSL Options. See http://erlang.org/doc/man/ssl.html + listener.wss.external.handshake_timeout = 15s listener.wss.external.keyfile = {{ platform_etc_dir }}/certs/key.pem From 052f9638cb907d58c786a953a50de73ed312a50f Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 2 Jan 2018 20:47:25 +0800 Subject: [PATCH 13/37] Add more documentation for emq.conf --- etc/emq.conf | 367 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 292 insertions(+), 75 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 898a94576..74f2b8a88 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -6,12 +6,12 @@ ## Cluster ##-------------------------------------------------------------------- -## Cluster name +## Cluster name. cluster.name = emqcl ## Cluster auto-discovery strategy. ## -## Enum Values: +## Value: Enum ## - manual: Manual join command ## - static: Static node list ## - mcast: IP Multicast @@ -22,106 +22,229 @@ cluster.name = emqcl ## Default: manual cluster.discovery = manual -## Cluster Autoheal: on | off +## Enable cluster autoheal from network partition. +## +## Value: on | off +## +## Default: on cluster.autoheal = on -## Clean down node of the cluster +## AutoClean down node after this duration. +## +## Value: time duration with units +## -h: hour, e.g. '2h' for 2 hours +## -m: minute, e.g. '5m' for 5 minutes +## -s: second, e.g. '30s' for 30 seconds +## +## Default: 5m cluster.autoclean = 5m ##-------------------------------------------------------------------- -## Cluster with static node list +## Cluster using static node list +## Node list of the cluster. +## +## Value: String ## cluster.static.seeds = emq1@127.0.0.1,emq2@127.0.0.1 ##-------------------------------------------------------------------- -## Cluster with multicast +## Cluster using IP Multicast. +## IP Multicast Address. +## +## Value: IP Address ## cluster.mcast.addr = 239.192.0.1 +## Multicast Ports. +## +## Value: Port List ## cluster.mcast.ports = 4369,4370 +## Multicast Iface. +## +## Value: Iface Address +## +## Default: 0.0.0.0 ## cluster.mcast.iface = 0.0.0.0 +## Multicast Ttl. +## +## Value: 0-255 +## +## Default: 255 ## cluster.mcast.ttl = 255 +## Multicast loop. +## +## Value: on | off ## cluster.mcast.loop = on ##-------------------------------------------------------------------- -## Cluster with DNS +## Cluster using DNS A records. +## DNS name. +## +## Value: String ## cluster.dns.name = localhost +## The App name is used to build 'node.name' with IP address. +## +## Value: String ## cluster.dns.app = emq ##-------------------------------------------------------------------- -## Cluster with Etcd +## Cluster using etcd +## Etcd server list, seperated by ','. +## +## Value: String ## cluster.etcd.server = http://127.0.0.1:2379 +## The prefix helps build nodes path in etcd. Each node in the cluster +## will create a path in etcd: v2/keys/{prefix}/{cluster.name}/{node.name} +## +## Value: String ## cluster.etcd.prefix = emqcl +## The TTL for node's path in etcd. +## +## Value: Duration +## +## Default: 1m, 1 minute ## cluster.etcd.node_ttl = 1m ##-------------------------------------------------------------------- -## Cluster with k8s +## Cluster using Kubernates +## Kubernates API server list, seperated by ','. +## +## Value: String ## cluster.k8s.apiserver = http://10.110.111.204:8080 +## The service name helps build node name: {service_name}@{ip} +## +## Value: String ## cluster.k8s.service_name = emq -## Address Type: ip | dns +## The address type is used to extract host from k8s service. +## +## Value: ip | dns ## cluster.k8s.address_type = ip -## The Erlang application name +## The app name helps build 'node.name'. +## +## Value: String ## cluster.k8s.app_name = emq ##-------------------------------------------------------------------- ## Node Args ##-------------------------------------------------------------------- -## Node name +## Node name. +## +## Value: {name}@{host} +## +## Default: emq@127.0.0.1 node.name = emq@127.0.0.1 -## Cookie for distributed node +## Cookie for distributed node communication. +## +## Value: String node.cookie = emqsecretcookie -## SMP support: enable, auto, disable +## Enable SMP support of Erlang VM. +## +## Value: enable | auto | disable node.smp = auto +## Heartbeat monitoring of an Erlang runtime system. Comment the line to disable +## heartbeat, or set the value as 'on' +## or the line comment. +## +## Value: on +## ## vm.args: -heart -## Heartbeat monitoring of an Erlang runtime system -## Value should be 'on' or comment the line ## node.heartbeat = on -## Enable kernel poll +## Enable Kernel Poll. +## +## Value: on | off +## +## Default: on node.kernel_poll = on -## async thread pool +## Sets the number of threads in async thread pool. Valid range is 0-1024. +## More information at: http://erlang.org/doc/man/erl.html +## +## Value: 0-1024 +## +## vm.args: +A Number node.async_threads = 32 -## Erlang Process Limit +## Sets the maximum number of simultaneously existing processes for this +## system if a Number is passed as value. +## More information at: http://erlang.org/doc/man/erl.html +## +## Value: Number [1024-134217727] +## +## vm.args: +P Number node.process_limit = 256000 ## Sets the maximum number of simultaneously existing ports for this system +## if a Number is passed as value. +## More information at: http://erlang.org/doc/man/erl.html +## +## Value: Number [1024-134217727] +## +## vm.args: +Q Number node.max_ports = 65536 -## Set the distribution buffer busy limit (dist_buf_busy_limit) -node.dist_buffer_size = 32MB +## Set the distribution buffer busy limit (dist_buf_busy_limit). +## More information at: http://erlang.org/doc/man/erl.html +## +## Value: Number [1KB-2GB] +## +## vm.args: +zdbbl size +node.dist_buffer_size = 16MB -## Max ETS Tables. -## Note that mnesia and SSL will create temporary ets tables. +## Sets the maximum number of ETS tables. Note that mnesia and SSL +## will create temporary ETS tables. +## +## Value: Number +## +## vm.args: +e Number node.max_ets_tables = 256000 -## Tweak GC to run more often +## Tweak GC to run more often. +## +## Value: Number [0-65535] +## +## vm.args: -env ERL_FULLSWEEP_AFTER Number node.fullsweep_after = 1000 -## Crash dump +## Crash dump log file. +## +## Value: Log file node.crash_dump = {{ platform_log_dir }}/crash.dump -## Distributed node ticktime +## Specifies the net_kernel tick time. TickTime is specified in seconds. +## Notice that all communicating nodes are to have the same TickTime +## value specified. +## +## More information at: http://www.erlang.org/doc/man/kernel_app.html#net_ticktime +## +## Value: Number +## +## vm.args: -kernel net_ticktime Number node.dist_net_ticktime = 60 -## Distributed node port range +## Sets the port range for the listener socket of a distributed Erlang node. +## Note that if there is a firewall between clustered nodes, this port segment +## for nodes’ communication should be allowed. +## +## More information at: http://www.erlang.org/doc/man/kernel_app.html +## +## Value: Port [1024-65535] node.dist_listen_min = 6369 node.dist_listen_max = 6379 @@ -129,150 +252,244 @@ node.dist_listen_max = 6379 ## Log ##-------------------------------------------------------------------- -## Set the log dir +## Sets the log dir. +## +## Value: Folder log.dir = {{ platform_log_dir }} -## Console log. Enum: off, file, console, both +## Where to emit the console logs. +## +## Value: off | file | console | both +## - off: disabled +## - file: write to file +## - console: write to stdout +## - both: file and stdout log.console = console -## Console log level. Enum: debug, info, notice, warning, error, critical, alert, emergency +## Sets the severity level of console log. +## +## Value: debug | info | notice | warning | error | critical | alert | emergency +## +## Default: error log.console.level = error -## Console log file +## The file where console logs will be writed to, when 'log.console' is set to 'file'. +## +## Value: File Name ## log.console.file = {{ platform_log_dir }}/console.log -## Console log file size +## Maximum file size for console log. +## +## Value: Number(bytes) ## log.console.size = 10485760 -## Console log count size +## The rotation count for console log. +## +## Value: Number ## log.console.count = 5 -## Info log file +## The file where info logs will be writed to. +## +## Value: File Name ## log.info.file = {{ platform_log_dir }}/info.log -## Info log file size +## Maximum file size for info log. +## +## Value: Number(bytes) ## log.info.size = 10485760 -## Info log file count +## The rotation count for info log. +## +## Value: Number ## log.info.count = 5 -## Error log file +## The file where error logs will be writed to. +## +## Value: File Name log.error.file = {{ platform_log_dir }}/error.log -## Error log file size +## Maximum file size for error log. +## +## Value: Number(bytes) log.error.size = 10485760 -## Error log file count +## The rotation count for error log. +## +## Value: Number log.error.count = 5 -## Enable the crash log. Enum: on, off +## Enable the crash log. +## +## Value: on | off log.crash = on +## The file for crash log. +## +## Value: File Name log.crash.file = {{ platform_log_dir }}/crash.log -## Syslog. Enum: on, off +## Enable Syslog. +## +## Values: on | off log.syslog = on -## syslog level. Enum: debug, info, notice, warning, error, critical, alert, emergency +## The severity level for syslog. +## +## Value: debug | info | notice | warning | error | critical | alert | emergency log.syslog.level = error ##-------------------------------------------------------------------- -## Allow Anonymous and Default ACL +## Allow Anonymous Authentication and Default ACL ##-------------------------------------------------------------------- -## Allow Anonymous authentication +## Allow Anonymous Authentication. +## !!! Notice: Should disable the config for production deployment. +## +## Value: true | false mqtt.allow_anonymous = true -## ACL nomatch +## Default behaviour when ACL nomatch. +## +## Value: allow | deny mqtt.acl_nomatch = allow -## Default ACL File +## Default ACL File. +## +## Value: File Name mqtt.acl_file = {{ platform_etc_dir }}/acl.conf -## Cache ACL for PUBLISH +## Cache ACL for PUBLISH Messages. +## +## Value: true | false mqtt.cache_acl = true ##-------------------------------------------------------------------- ## MQTT Protocol ##-------------------------------------------------------------------- -## Max ClientId Length Allowed. +## Maximum MQTT clientId length allowed. +## +## Value: Number [23-65535] mqtt.max_clientid_len = 1024 -## Max Packet Size Allowed, 64K by default. +## Maximum MQTT packet size allowed. +## +## Value: Bytes +## +## Default: 64K mqtt.max_packet_size = 64KB -## Check Websocket Protocol Header. Enum: on, off +## Check if the websocket protocol header is valid. +## Turn off the config when developing WeChat App. +## +## Value: on | off mqtt.websocket_protocol_header = on -## The Keepalive timeout: Keepalive * backoff * 2 +## The backoff for MQTT keepalive timeout. +## The broker will kick a MQTT connection out until 'Keepalive * backoff * 2' timeout. +## +## Value: Float > 0.5 mqtt.keepalive_backoff = 0.75 ##-------------------------------------------------------------------- ## MQTT Connection ##-------------------------------------------------------------------- -## Force GC: integer. Value 0 disabled the Force GC. +## Force GC the MQTT connection. Value 0 will disable the Force GC. +## +## Value: Number >= 0 mqtt.conn.force_gc_count = 100 ##-------------------------------------------------------------------- ## MQTT Client ##-------------------------------------------------------------------- -## Client Idle Timeout (Second) +## MQTT client idle timeout, specified in seconds. +## +## Value: Duration mqtt.client.idle_timeout = 30s -## Max publish rate of Messages +## Maximum publish rate of MQTT messages per second. +## TODO: R2.4 release +## +## Value: Number ## mqtt.client.max_publish_rate = 5 -## Enable client Stats: on | off +## Enable per client statistics. +## +## Value: on | off mqtt.client.enable_stats = off ##-------------------------------------------------------------------- ## MQTT Session ##-------------------------------------------------------------------- -## Max Number of Subscriptions, 0 means no limit. +## Maximum number of subscriptions allowed, 0 means no limit. +## +## Value: Number mqtt.session.max_subscriptions = 0 -## Upgrade QoS? +## Force to upgrade QoS according to subscription. +## +## Value: on | off mqtt.session.upgrade_qos = off -## Max Size of the Inflight Window for QoS1 and QoS2 messages -## 0 means no limit +## Maximum size of the Inflight Window storing QoS1/2 messages delivered but unacked. +## +## Value: Number mqtt.session.max_inflight = 32 -## Retry Interval for redelivering QoS1/2 messages. +## Retry interval for QoS1/2 message redelivering. +## +## Value: Duration mqtt.session.retry_interval = 20s -## Client -> Broker: Max Packets Awaiting PUBREL, 0 means no limit -mqtt.session.max_awaiting_rel = 100 +## Maximum QoS2 packets (Client -> Broker) awaiting PUBREL, 0 means no limit. +## +## Value: Number +mqtt.session.max_awaiting_rel = 1000 -## Awaiting PUBREL Timeout -mqtt.session.await_rel_timeout = 20s +## The QoS2 messages (Client -> Broker) will be dropped if awaiting PUBREL timeout. +## +## Value: Duration +mqtt.session.await_rel_timeout = 30s -## Enable Statistics: on | off +## Enable per session statistics. +## +## Value: on | off mqtt.session.enable_stats = on -## Expired after 1 day: -## w - week -## d - day -## h - hour -## m - minute -## s - second +## Session expiration time. +## +## Value: Duration +## -d: day +## -h: hour +## -m: minute +## -s: second +## +## Default: 2h, 2 hours mqtt.session.expiry_interval = 2h -## Ignore message from self publish +## Ignore loop delivery of messages. +## +## Value: true | false +## +## Default: false mqtt.session.ignore_loop_deliver = false ##-------------------------------------------------------------------- ## MQTT Message Queue ##-------------------------------------------------------------------- -## Type: simple | priority +## Message Queue Type. +## +## Value: simple | priority mqtt.mqueue.type = simple -## Topic Priority: 0~255, Default is 0 +## Topic Priority. Default is 0. +## +## Value: Number [0-255] +## ## mqtt.mqueue.priority = topic/1=10,topic/2=8 ## Max queue length. Enqueued messages when persistent client disconnected, @@ -474,7 +691,7 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ### algorithm and the message digest algorithm. Selecting a good cipher suite is critical ### for the application’s data security, confidentiality and performance. ### The cipher list above offers: -### +### ### A good balance between compatibility with older browsers. It can get stricter for Machine-To-Machine scenarios. ### Perfect Forward Secrecy. ### No old/insecure encryption and HMAC algorithms From ad26eff4215e9ab9ce66fa34a59c0c2a8fe9b552 Mon Sep 17 00:00:00 2001 From: turtled Date: Wed, 3 Jan 2018 10:27:51 +0800 Subject: [PATCH 14/37] Format print log --- src/emqttd_ws.erl | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/emqttd_ws.erl b/src/emqttd_ws.erl index 35a7f9852..798c4d69b 100644 --- a/src/emqttd_ws.erl +++ b/src/emqttd_ws.erl @@ -45,14 +45,22 @@ handle_request('GET', "/mqtt", Req) -> Proto = check_protocol_header(Req), case {is_websocket(Upgrade), Proto} of {true, "mqtt" ++ _Vsn} -> - {ok, ProtoEnv} = emqttd:env(protocol), - PacketSize = get_value(max_packet_size, ProtoEnv, ?MAX_PACKET_SIZE), - Parser = emqttd_parser:initial_state(PacketSize), - %% Upgrade WebSocket. - {ReentryWs, ReplyChannel} = mochiweb_websocket:upgrade_connection(Req, fun ?MODULE:ws_loop/3), - {ok, ClientPid} = emqttd_ws_client_sup:start_client(self(), Req, ReplyChannel), - ReentryWs(#wsocket_state{peername = Req:get(peername), parser = Parser, - max_packet_size = PacketSize, client_pid = ClientPid}); + case Req:get(peername) of + {ok, Peername} -> + {ok, ProtoEnv} = emqttd:env(protocol), + PacketSize = get_value(max_packet_size, ProtoEnv, ?MAX_PACKET_SIZE), + Parser = emqttd_parser:initial_state(PacketSize), + %% Upgrade WebSocket. + {ReentryWs, ReplyChannel} = mochiweb_websocket:upgrade_connection(Req, fun ?MODULE:ws_loop/3), + {ok, ClientPid} = emqttd_ws_client_sup:start_client(self(), Req, ReplyChannel), + ReentryWs(#wsocket_state{peername = Peername, + parser = Parser, + max_packet_size = PacketSize, + client_pid = ClientPid}); + {error, Reason} -> + lager:error("Get peername with error ~s", [Reason]), + Req:respond({400, [], <<"Bad Request">>}) + end; {false, _} -> lager:error("Not WebSocket: Upgrade = ~s", [Upgrade]), Req:respond({400, [], <<"Bad Request">>}); From 0a7e93ea9076719c112990a14b3871935060f8fb Mon Sep 17 00:00:00 2001 From: turtled Date: Wed, 3 Jan 2018 10:29:51 +0800 Subject: [PATCH 15/37] Export funtion fix #1428 --- src/emqttd_mgmt.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/emqttd_mgmt.erl b/src/emqttd_mgmt.erl index 01dd50b1e..1a608968e 100644 --- a/src/emqttd_mgmt.erl +++ b/src/emqttd_mgmt.erl @@ -45,7 +45,7 @@ -export([publish/1, subscribe/1, unsubscribe/1]). --export([kick_client/1, clean_acl_cache/2]). +-export([kick_client/1, kick_client/2, clean_acl_cache/2, clean_acl_cache/3]). -export([modify_config/2, modify_config/3, modify_config/4, get_configs/0, get_config/1, get_plugin_config/1, get_plugin_config/2, modify_plugin_config/2, modify_plugin_config/3]). From a17fae30e2fe58ad2cbc42d75b09fa95a5c62c6c Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Wed, 3 Jan 2018 22:44:54 +0800 Subject: [PATCH 16/37] Add more documentation for MQTT listeners --- etc/emq.conf | 375 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 299 insertions(+), 76 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 74f2b8a88..4cb8fc04b 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -492,50 +492,76 @@ mqtt.mqueue.type = simple ## ## mqtt.mqueue.priority = topic/1=10,topic/2=8 -## Max queue length. Enqueued messages when persistent client disconnected, +## Maximum queue length. Enqueued messages when persistent client disconnected, ## or inflight window is full. 0 means no limit. +## +## Value: Number >= 0 mqtt.mqueue.max_length = 1000 -## Low-water mark of queued messages +## Low-water mark of queued messages. +## +## Value: Percent mqtt.mqueue.low_watermark = 20% -## High-water mark of queued messages +## High-water mark of queued messages. +## +## Value: Percent mqtt.mqueue.high_watermark = 60% ## Queue Qos0 messages? +## +## Value: false | true mqtt.mqueue.store_qos0 = true ##-------------------------------------------------------------------- ## MQTT Broker and PubSub ##-------------------------------------------------------------------- -## System Interval of publishing broker $SYS Messages -mqtt.broker.sys_interval = 60 +## System Interval of publishing $SYS Messages. +## +## Value: Duration +## +## Default: 1m, 1 minute +mqtt.broker.sys_interval = 1m -## PubSub Pool Size. Default should be scheduler numbers. +## The PubSub pool size. Default value should be scheduler numbers. +## +## Value: Number > 1 mqtt.pubsub.pool_size = 8 -## Subscribe Asynchronously +## TODO: Subscribe Asynchronously. +## +## Value: true | false mqtt.pubsub.async = true ##-------------------------------------------------------------------- ## MQTT Bridge ##-------------------------------------------------------------------- -## Bridge Queue Size +## The pending message queue size of bridge. +## +## Value: Number mqtt.bridge.max_queue_len = 10000 -## Ping Interval of bridge node. Unit: Second -mqtt.bridge.ping_down_interval = 1 +## Ping interval of bridge node. +## +## Value: Duration +## +## Default: 1s, 1 second +mqtt.bridge.ping_down_interval = 1s ##------------------------------------------------------------------- ## MQTT Plugins ##------------------------------------------------------------------- -## Dir of plugins' config +## The etc dir for plugins' config. +## +## Value: Folder mqtt.plugins.etc_dir ={{ platform_etc_dir }}/plugins/ -## File to store loaded plugin names. +## The file to store loaded plugin names. +## +## Value: File mqtt.plugins.loaded_file = {{ platform_data_dir }}/loaded_plugins ##-------------------------------------------------------------------- @@ -543,134 +569,276 @@ mqtt.plugins.loaded_file = {{ platform_data_dir }}/loaded_plugins ##-------------------------------------------------------------------- ##-------------------------------------------------------------------- -## External TCP Listener +## MQTT/TCP - External TCP Listener for MQTT Protocol -## External TCP Listener: 1883, 127.0.0.1:1883, ::1:1883 +## listener.tcp. is the IP address and port that the MQTT/TCP +## listener will bind. +## +## Value: IP:Port | Port +## +## Examples: 1883, 127.0.0.1:1883, ::1:1883 listener.tcp.external = 0.0.0.0:1883 -## Size of acceptor pool +## The acceptor pool for external MQTT/TCP listener. +## +## Value: Number listener.tcp.external.acceptors = 16 -## Maximum number of concurrent clients +## Maximum number of concurrent MQTT/TCP connections. +## +## Value: Number listener.tcp.external.max_clients = 102400 -## TODO: +## TODO: Zone of the external MQTT/TCP listener belonged to. +## +## Value: String ## listener.tcp.external.zone = external -#listener.tcp.external.mountpoint = external/ +## Mountpoint of the MQTT/TCP Listener. All the topics of this +## listener will be prefixed with the mount point if this option +## is enabled. +## +## Value: String +## listener.tcp.external.mountpoint = external/ -## Rate Limit. Format is 'burst,rate', Unit is KB/Sec -#listener.tcp.external.rate_limit = 100,10 - -#listener.tcp.external.access.1 = allow 192.168.0.0/24 +## Rate limit for the external MQTT/TCP connections. +## Format is 'burst,rate'. +## +## Value: burst,rate +## Unit: KB/sec +## listener.tcp.external.rate_limit = 100,10 +## The access control rules for the MQTT/TCP listener. +## More information at: https://github.com/emqtt/esockd#allowdeny +## +## Value: ACL Rule +## listener.tcp.external.access.1 = allow 192.168.0.0/24 listener.tcp.external.access.2 = allow all -## Proxy Protocol V1/2 +## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind +## HAProxy or Nginx. +## More information at: https://www.haproxy.com/blog/haproxy/proxy-protocol/ +## +## Value: on | off ## listener.tcp.external.proxy_protocol = on + +## Sets the timeout for proxy protocol. EMQ will close the TCP connection +## if no proxy protocol packet recevied within the timeout. +## +## Value: Duration ## listener.tcp.external.proxy_protocol_timeout = 3s -### Use the PP2_SUBTYPE_SSL_CN field from Proxy Protocol V2 as a username. +## Enable the option for X.509 certificate based authentication. +## EMQ will Use the PP2_SUBTYPE_SSL_CN field in Proxy Protocol V2 +## as MQTT username. +## +## Value: cn ## listener.tcp.external.peer_cert_as_username = cn -## TCP Socket Options +## TCP socket options for the MQTT listener. + +## The TCP backlog defines the maximum length that the queue of pending +## connections can grow to. +## +## Value: Number >= 0 listener.tcp.external.backlog = 1024 +## The TCP send timeout for external MQTT connections. +## +## Value: Duration listener.tcp.external.send_timeout = 15s +## Close the TCP connection if send timeout. +## +## Value: on | off listener.tcp.external.send_timeout_close = on -#listener.tcp.external.recbuf = 4KB +## The TCP receive buffer(os kernel) for MQTT connections. +## More information at: http://erlang.org/doc/man/inet.html +## +## Value: Bytes +## listener.tcp.external.recbuf = 4KB -#listener.tcp.external.sndbuf = 4KB +## The TCP send buffer(os kernel) for MQTT connections. +## More information at: http://erlang.org/doc/man/inet.html +## +## Value: Bytes +## listener.tcp.external.sndbuf = 4KB -listener.tcp.external.buffer = 4KB +## The size of the user-level software buffer used by the driver. +## Not to be confused with options sndbuf and recbuf, which correspond +## to the Kernel socket buffers. It is recommended to have val(buffer) +## >= max(val(sndbuf),val(recbuf)) to avoid performance issues because +## of unnecessary copying. val(buffer) is automatically set to the above +## maximum when values sndbuf or recbuf are set. +## More information at: http://erlang.org/doc/man/inet.html +## +## Value: Bytes +## listener.tcp.external.buffer = 4KB +## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled. +## +## Value: on | off +listener.tcp.external.tune_buffer = on + +## The TCP_NODELAY flag for MQTT connections. Small amounts of data are +## sent immediately if the option is enabled. +## +## Value: true | false listener.tcp.external.nodelay = true ##-------------------------------------------------------------------- -## Internal TCP Listener +## Internal TCP Listener for MQTT Protocol -## Internal TCP Listener: 11883, 127.0.0.1:11883, ::1:11883 +## The IP address and port that the internal MQTT/TCP protocol listener will +## bind. +## +## Value: IP:Port, Port +## +## Examples: 11883, 127.0.0.1:11883, ::1:11883 listener.tcp.internal = 127.0.0.1:11883 -## Size of acceptor pool -listener.tcp.internal.acceptors = 16 +## The acceptor pool for internal MQTT/TCP listener. +## +## Value: Number +listener.tcp.internal.acceptors = 4 -## Maximum number of concurrent clients +## Maximum number of concurrent MQTT/TCP connections. +## +## Value: Number listener.tcp.internal.max_clients = 102400 -#listener.tcp.internal.zone = internal +## TODO: Zone of the internal MQTT/TCP listener belonged to. +## +## Value: String +## listener.tcp.internal.zone = internal -#listener.tcp.external.mountpoint = internal/ +## Mountpoint of the MQTT/TCP Listener. All the topics will +## be prefixed with the mount point if this option is enabled. +## +## Value: String +## listener.tcp.external.mountpoint = internal/ -## Rate Limit. Format is 'burst,rate', Unit is KB/Sec +## Rate limit for the internal MQTT/TCP connections. +## Format is 'burst,rate'. +## +## Value: burst,rate +## Unit: KB/sec ## listener.tcp.internal.rate_limit = 1000,100 -## TCP Socket Options +## The TCP backlog defines the maximum length that the queue of +## pending connections can grow to. +## +## Value: Number >= 0 listener.tcp.internal.backlog = 512 -listener.tcp.internal.send_timeout = 15s +## The TCP send timeout for internal MQTT connections. +## +## Value: Duration +listener.tcp.internal.send_timeout = 5s +## Close the MQTT/TCP connection if send timeout. +## +## Value: on | off listener.tcp.external.send_timeout_close = on +## The TCP receive buffer(os kernel) for MQTT connections. +## More information at: http://erlang.org/doc/man/inet.html +## +## Value: Bytes +listener.tcp.internal.recbuf = 16KB + +## The TCP send buffer(os kernel) for MQTT connections. +## More information at: http://erlang.org/doc/man/inet.html +## +## Value: Bytes +listener.tcp.internal.sndbuf = 16KB + +## The size of the user-level software buffer used by the driver. +## See: listener.tcp.external.buffer +## +## Value: Bytes +listener.tcp.internal.buffer = 16KB + +## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled. +## +## Value: on | off listener.tcp.internal.tune_buffer = on -listener.tcp.internal.buffer = 1MB - -listener.tcp.internal.recbuf = 4KB - -listener.tcp.internal.sndbuf = 1MB - -listener.tcp.internal.nodelay = true +## The TCP_NODELAY flag for MQTT connections. +## See: listener.tcp.external.nodelay +# +## Value: true | false +listener.tcp.internal.nodelay = false ##-------------------------------------------------------------------- -## External SSL Listener +## MQTT/SSL - External SSL Listener for MQTT Protocol -## SSL Listener: 8883, 127.0.0.1:8883, ::1:8883 +## listener.ssl. is the IP address and port that the MQTT/SSL +## listener will bind. +## +## Value: IP:Port | Port +## +## Examples: 8883, 127.0.0.1:8883, ::1:8883 listener.ssl.external = 8883 -## Size of acceptor pool +## The acceptor pool for external MQTT/SSL listener. +## +## Value: Number listener.ssl.external.acceptors = 16 -## Maximum number of concurrent clients +## Maximum number of concurrent MQTT/SSL connections. +## +## Value: Number listener.ssl.external.max_clients = 1024 -## Authentication Zone +## TODO: Zone of the external MQTT/SSL listener belonged to. +## +## Value: String ## listener.ssl.external.zone = external +## Mountpoint of the MQTT/SSL Listener. All the topics of this +## listener will be prefixed with the mount point if this option +## is enabled. +## +## Value: String ## listener.ssl.external.mountpoint = inbound/ -## Rate Limit. Format is 'burst,rate', Unit is KB/Sec +## Rate limit for the external MQTT/SSL connections. +## Format is 'burst,rate'. +## +## Value: burst,rate +## Unit: KB/sec ## listener.ssl.external.rate_limit = 100,10 -## Proxy Protocol V1/2 +## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind +## HAProxy or Nginx. +## More information at: https://www.haproxy.com/blog/haproxy/proxy-protocol/ +## +## Value: on | off ## listener.ssl.external.proxy_protocol = on + +## Sets the timeout for proxy protocol. EMQ will close the TCP connection +## if no proxy protocol packet recevied within the timeout. +## +## Value: Duration ## listener.ssl.external.proxy_protocol_timeout = 3s +## The access control rules for the MQTT/SSL listener. +## More information at: https://github.com/emqtt/esockd#allowdeny +## +## Value: ACL Rule listener.ssl.external.access.1 = allow all -### SSL Options. See http://erlang.org/doc/man/ssl.html - -## Configuring SSL Options. See http://erlang.org/doc/man/ssl.html -### TLS only for POODLE attack +## TLS versions only to protect from POODLE attack. +## See http://erlang.org/doc/man/ssl.html +## +## Value: String ## listener.ssl.external.tls_versions = tlsv1.2,tlsv1.1,tlsv1 -### The Ephemeral Diffie-Helman key exchange is a very effective way of -### ensuring Forward Secrecy by exchanging a set of keys that never hit -### the wire. Since the DH key is effectively signed by the private key, -### it needs to be at least as strong as the private key. In addition, -### the default DH groups that most of the OpenSSL installations have -### are only a handful (since they are distributed with the OpenSSL -### package that has been built for the operating system it’s running on) -### and hence predictable (not to mention, 1024 bits only). - -### In order to escape this situation, first we need to generate a fresh, -### strong DH group, store it in a file and then use the option above, -### to force our SSL application to use the new DH group. Fortunately, -### OpenSSL provides us with a tool to do that. Simply run: -### openssl dhparam -out dh-params.pem 2048 - +## TLS Handshake timeout. +## +## Value: Duration listener.ssl.external.handshake_timeout = 15s listener.ssl.external.keyfile = {{ platform_etc_dir }}/certs/key.pem @@ -679,6 +847,19 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## listener.ssl.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem +## The Ephemeral Diffie-Helman key exchange is a very effective way of +## ensuring Forward Secrecy by exchanging a set of keys that never hit +## the wire. Since the DH key is effectively signed by the private key, +## it needs to be at least as strong as the private key. In addition, +## the default DH groups that most of the OpenSSL installations have +## are only a handful (since they are distributed with the OpenSSL +## package that has been built for the operating system it’s running on) +## and hence predictable (not to mention, 1024 bits only). +## In order to escape this situation, first we need to generate a fresh, +## strong DH group, store it in a file and then use the option above, +## to force our SSL application to use the new DH group. Fortunately, +## OpenSSL provides us with a tool to do that. Simply run: +## openssl dhparam -out dh-params.pem 2048 ## listener.ssl.external.dhfile = {{ platform_etc_dir }}/certs/dh-params.pem ## listener.ssl.external.verify = verify_peer @@ -816,37 +997,79 @@ listener.wss.external.send_timeout_close = on ##-------------------------------------------------------------------- ## HTTP Management API Listener +## The IP Address and Port that the EMQ HTTP API will bind. +## +## Value: IP:Port | Port +## +## Default: 0.0.0.0:8080 listener.api.mgmt = 0.0.0.0:8080 +## The TCP Acceptor pool size. +## +## Value: Number listener.api.mgmt.acceptors = 4 +## Maximum concurrent HTTP clients allowed. +## +## Value: Number listener.api.mgmt.max_clients = 64 +## The access control rules for the listener. +## More information at: https://github.com/emqtt/esockd#allowdeny +## +## Value: ACL Rule listener.api.mgmt.access.1 = allow all +## The TCP backlog defines the maximum length that the queue of pending +## connections can grow to. +## +## Value: Number >= 0 listener.api.mgmt.backlog = 512 +## The TCP send timeout. +## +## Value: Duration listener.api.mgmt.send_timeout = 15s +## Close the TCP connection if send timeout. +## +## Value: on | off listener.api.mgmt.send_timeout_close = on ##------------------------------------------------------------------- ## System Monitor ##------------------------------------------------------------------- -## Long GC, don't monitor in production mode for: +## Enable Long GC monitoring. +## Notice: don't enable the monitor in production for: ## https://github.com/erlang/otp/blob/feb45017da36be78d4c5784d758ede619fa7bfd3/erts/emulator/beam/erl_gc.c#L421 +## +## Value: true | false sysmon.long_gc = false -## Long Schedule(ms) +## Enable Long Schedule(ms) monitoring. +## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## Value: Number sysmon.long_schedule = 240 -## 8M words. 32MB on 32-bit VM, 64MB on 64-bit VM. +## Enable Large Heap monitoring. +## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## Value: bytes +## +## Default: 8M words. 32MB on 32-bit VM, 64MB on 64-bit VM. sysmon.large_heap = 8MB -## Busy Port +## Enable Busy Port monitoring. +## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## Value: true | false sysmon.busy_port = false -## Busy Dist Port +## Enable Busy Dist Port monitoring. +## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## Value: true | false sysmon.busy_dist_port = true From 00760328157634a88cdc90ac87bc37fff7d17c99 Mon Sep 17 00:00:00 2001 From: "mingchun.or" Date: Thu, 4 Jan 2018 11:36:33 +0800 Subject: [PATCH 17/37] fix wrong link in emq-retainer --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 83fe86177..e0ecc1fe1 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ Plugin | Descrip -----------------------------------------------------------------------|-------------------------------------- [emq_plugin_template](https://github.com/emqtt/emq_plugin_template) | Plugin template and demo [emq_dashboard](https://github.com/emqtt/emq_dashboard) | Web Dashboard -[emq_retainer](https://github.com/emqtt/emq_retainer) | Store MQTT Retained Messages +[emq_retainer](https://github.com/emqtt/emq-retainer) | Store MQTT Retained Messages [emq_modules](https://github.com/emqtt/emq-modules) | Presence, Subscription and Rewrite Modules [emq_auth_username](https://github.com/emqtt/emq_auth_username) | Username/Password Authentication Plugin [emq_auth_clientid](https://github.com/emqtt/emq_auth_clientid) | ClientId Authentication Plugin From b2b78c178cd73583c1d3760c38de39d04084f10c Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 4 Jan 2018 12:25:05 +0800 Subject: [PATCH 18/37] Add documenation for SSL configurations --- etc/emq.conf | 220 ++++++++++++++++++++++++++++++++++++++++-------- priv/emq.schema | 8 +- 2 files changed, 188 insertions(+), 40 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 4cb8fc04b..ef16ecc6b 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -841,10 +841,21 @@ listener.ssl.external.access.1 = allow all ## Value: Duration listener.ssl.external.handshake_timeout = 15s +## Path to the file containing the user's private PEM-encoded key. +## More information at: http://erlang.org/doc/man/ssl.html +## +## Value: File listener.ssl.external.keyfile = {{ platform_etc_dir }}/certs/key.pem +## Path to a file containing the user certificate. +## +## Value: File listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem +## Path to a file containing PEM-encoded CA certificates. The CA certificates +## are used during server authentication and when building the client certificate chain. +## +## Value: File ## listener.ssl.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem ## The Ephemeral Diffie-Helman key exchange is a very effective way of @@ -860,114 +871,238 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## to force our SSL application to use the new DH group. Fortunately, ## OpenSSL provides us with a tool to do that. Simply run: ## openssl dhparam -out dh-params.pem 2048 +## +## Value: File ## listener.ssl.external.dhfile = {{ platform_etc_dir }}/certs/dh-params.pem +## A server only does x509-path validation in mode verify_peer, +## as it then sends a certificate request to the client (this +## message is not sent if the verify option is verify_none). +## You can then also want to specify option fail_if_no_peer_cert. +## More information at: http://erlang.org/doc/man/ssl.html +## +## Value: verify_peer | verify_none ## listener.ssl.external.verify = verify_peer +## Used together with {verify, verify_peer} by an SSL server. If set to true, +## the server fails if the client does not have a certificate to send, that is, +## sends an empty certificate. +## +## Value: true | false ## listener.ssl.external.fail_if_no_peer_cert = true -### This is the single most important configuration option of an Erlang SSL application. -### Ciphers (and their ordering) define the way the client and server encrypt information -### over the wire, from the initial Diffie-Helman key exchange, the session key encryption -### algorithm and the message digest algorithm. Selecting a good cipher suite is critical -### for the application’s data security, confidentiality and performance. -### The cipher list above offers: -### -### A good balance between compatibility with older browsers. It can get stricter for Machine-To-Machine scenarios. -### Perfect Forward Secrecy. -### No old/insecure encryption and HMAC algorithms -### -### Most of it was copied from Mozilla’s Server Side TLS article +## This is the single most important configuration option of an Erlang SSL application. +## Ciphers (and their ordering) define the way the client and server encrypt information +## over the wire, from the initial Diffie-Helman key exchange, the session key encryption +## algorithm and the message digest algorithm. Selecting a good cipher suite is critical +## for the application’s data security, confidentiality and performance. +## The cipher list above offers: +## +## A good balance between compatibility with older browsers. It can get stricter for Machine-To-Machine scenarios. +## Perfect Forward Secrecy. +## No old/insecure encryption and HMAC algorithms +## +## Most of it was copied from Mozilla’s Server Side TLS article +## +## Value: Ciphers ## listener.ssl.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA -### SSL parameter renegotiation is a feature that allows a client and -### a server to renegotiate the parameters of the SSL connection on the fly. -### RFC 5746 defines a more secure way of doing this. By enabling secure renegotiation, -### you drop support for the insecure renegotiation, prone to MitM attacks. +## SSL parameter renegotiation is a feature that allows a client and +## a server to renegotiate the parameters of the SSL connection on the fly. +## RFC 5746 defines a more secure way of doing this. By enabling secure renegotiation, +## you drop support for the insecure renegotiation, prone to MitM attacks. +## +## Value: on | off ## listener.ssl.external.secure_renegotiate = off -### A performance optimization setting, it allows clients to reuse -### pre-existing sessions, instead of initializing new ones. -### Read more about it here. +## A performance optimization setting, it allows clients to reuse +## pre-existing sessions, instead of initializing new ones. +## Read more about it here. +## More information at: http://erlang.org/doc/man/ssl.html +## +## Value: on | off ## listener.ssl.external.reuse_sessions = on -### An important security setting, it forces the cipher to be set based on -### the server-specified order instead of the client-specified order, -### hence enforcing the (usually more properly configured) security -### ordering of the server administrator. +## An important security setting, it forces the cipher to be set based +## on the server-specified order instead of the client-specified order, +## hence enforcing the (usually more properly configured) security +## ordering of the server administrator. +## +## Value: on | off ## listener.ssl.external.honor_cipher_order = on -### Use the CN or DN value from the client certificate as a username. -### Notice: 'verify' should be configured as 'verify_peer' +## Use the CN or DN value from the client certificate as a username. +## Notice that 'verify' should be set as 'verify_peer'. +## +## Value: cn | dn ## listener.ssl.external.peer_cert_as_username = cn -## SSL Socket Options +## TCP backlog for the SSL connection. +## See 'listener.tcp.external.backlog' +## +## Value: Number >= 0 ## listener.ssl.external.backlog = 1024 +## The TCP send timeout for the SSL connection. +## See 'listener.tcp.external.send_timeout' +## +## Value: Duration ## listener.ssl.external.send_timeout = 15s +## See 'listener.tcp.external.send_timeout_close' +## +## Value: on | off ## listener.ssl.external.send_timeout_close = on +## See 'listener.tcp.external.recbuf' +## +## Value: Bytes ## listener.ssl.external.recbuf = 4KB +## See 'listener.tcp.external.sndbuf' +## +## Value: Bytes ## listener.ssl.external.sndbuf = 4KB +## See 'listener.tcp.external.buffer' +## +## Value: Bytes ## listener.ssl.external.buffer = 4KB +## See 'listener.tcp.external.nodelay' +## +## Value: true | false ## listener.ssl.external.nodelay = true ##-------------------------------------------------------------------- -## External MQTT/WebSocket Listener +## External WebSocket Listener for MQTT Protocol +## listener.ws. is the IP address and port that the MQTT/Websocket +## listener will bind. +## +## Value: IP:Port | Port +## +## Examples: 8083, 127.0.0.1:8083, ::1:8083 listener.ws.external = 8083 +## The acceptor pool for external MQTT/Websocket listener. +## +## Value: Number listener.ws.external.acceptors = 4 +## Maximum number of concurrent MQTT/Websocket connections. +## +## Value: Number listener.ws.external.max_clients = 64 +## TODO: Zone of the external MQTT/Websocket listener belonged to. +## +## Value: String ## listener.ws.external.zone = external +## Mountpoint of the MQTT/Websocket Listener. All the topics of +## this listener will be prefixed with the mount point if this +## option is enabled. +## +## Value: String +## listener.ws.external.mountpoint = external/ + +## The access control rules for the MQTT/Websocket listener. +## +## Value: ACL Rule listener.ws.external.access.1 = allow all -## Proxy Protocol V1/2 +## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind +## HAProxy or Nginx. +## +## Value: on | off ## listener.ws.external.proxy_protocol = on + +## See 'listener.tcp.external.proxy_protocol_timeout' +## +## Value: Duration ## listener.ws.external.proxy_protocol_timeout = 3s ## TCP Options listener.ws.external.backlog = 1024 +## See 'listener.tcp.external.send_timeout' +## +## Value: Duration listener.ws.external.send_timeout = 15s +## See 'listener.tcp.external.send_timeout_close' +## +## Value: on | off listener.ws.external.send_timeout_close = on -listener.ws.external.recbuf = 4KB +## See 'listener.tcp.external.recbuf' +## +## Value: Bytes +## listener.ws.external.recbuf = 4KB -listener.ws.external.sndbuf = 4KB +## See 'listener.tcp.external.sndbuf' +## +## Value: Bytes +## listener.ws.external.sndbuf = 4KB -listener.ws.external.buffer = 4KB +## See 'listener.tcp.external.buffer' +## +## Value: Bytes +## listener.ws.external.buffer = 4KB +## See 'listener.tcp.external.nodelay' +## +## Value: true | false listener.ws.external.nodelay = true ##-------------------------------------------------------------------- -## External MQTT/WebSocket/SSL Listener +## External WebSocket/SSL listener for MQTT Protocol +## listener.wss. is the IP address and port that the MQTT/Websocket/SSL +## listener will bind. +## +## Value: IP:Port | Port +## +## Examples: 8084, 127.0.0.1:8084, ::1:8084 listener.wss.external = 8084 +## The acceptor pool for external MQTT/Websocket/SSL listener. +## +## Value: Number listener.wss.external.acceptors = 4 +## Maximum number of concurrent MQTT/Webwocket/SSL connections. +## +## Value: Number listener.wss.external.max_clients = 64 +## TODO: Zone of the external MQTT/Websocket/SSL listener belonged to. +## +## Value: String ## listener.wss.external.zone = external +## See 'listener.ssl.external.mountpoint' +## +## Value: String +## listener.wss.external.mountpoint = inbound/ + +## See 'listener.ssl.external.acess.1' +## +## Value: ACL Rule listener.wss.external.access.1 = allow all -## Proxy Protocol V1/2 +## See 'listener.ssl.external.proxy_protocol' +## +## Value: on | off ## listener.wss.external.proxy_protocol = on + +## See 'listener.ssl.external.proxy_protocol_timeout' +## +## Value: Duration ## listener.wss.external.proxy_protocol_timeout = 3s -## SSL Option -### SSL Options. See http://erlang.org/doc/man/ssl.html - +## SSL Options. Same to 'listener.ssl.*' listener.wss.external.handshake_timeout = 15s listener.wss.external.keyfile = {{ platform_etc_dir }}/certs/key.pem @@ -976,10 +1111,23 @@ listener.wss.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## listener.wss.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem +## listener.ssl.external.dhfile = {{ platform_etc_dir }}/certs/dh-params.pem + ## listener.wss.external.verify = verify_peer ## listener.wss.external.fail_if_no_peer_cert = true +## listener.wss.external.ciphers = + +## listener.wss.external.secure_renegotiate = off + +## listener.wss.external.reuse_sessions = on + +## listener.wss.external.honor_cipher_order = on + +## listener.wss.external.peer_cert_as_username = cn + +## TCP Options. Same to 'listener.tcp.*' listener.wss.external.backlog = 1024 listener.wss.external.send_timeout = 15s diff --git a/priv/emq.schema b/priv/emq.schema index aaefce4c2..ca242c4c7 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -702,8 +702,8 @@ end}. %%-------------------------------------------------------------------- {mapping, "mqtt.broker.sys_interval", "emqttd.broker_sys_interval", [ - {default, 60}, - {datatype, integer} + {datatype, {duration, ms}}, + {default, "1m"} ]}. %%-------------------------------------------------------------------- @@ -735,8 +735,8 @@ end}. ]}. {mapping, "mqtt.bridge.ping_down_interval", "emqttd.bridge", [ - {default, 1}, - {datatype, integer} + {datatype, {duration, ms}}, + {default, "1s"} ]}. {translation, "emqttd.bridge", fun(Conf) -> From b98a320124f4053a47b16ce03ae993abdd4d8e6c Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 4 Jan 2018 15:32:21 +0800 Subject: [PATCH 19/37] Improve documentation for all options --- etc/emq.conf | 442 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 303 insertions(+), 139 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index ef16ecc6b..4d37515aa 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -29,9 +29,10 @@ cluster.discovery = manual ## Default: on cluster.autoheal = on -## AutoClean down node after this duration. +## Autoclean down node. A down node will be removed from the cluster +## if this value > 0. ## -## Value: time duration with units +## Value: Duration ## -h: hour, e.g. '2h' for 2 hours ## -m: minute, e.g. '5m' for 5 minutes ## -s: second, e.g. '30s' for 30 seconds @@ -70,8 +71,6 @@ cluster.autoclean = 5m ## Multicast Ttl. ## ## Value: 0-255 -## -## Default: 255 ## cluster.mcast.ttl = 255 ## Multicast loop. @@ -101,7 +100,7 @@ cluster.autoclean = 5m ## cluster.etcd.server = http://127.0.0.1:2379 ## The prefix helps build nodes path in etcd. Each node in the cluster -## will create a path in etcd: v2/keys/{prefix}/{cluster.name}/{node.name} +## will create a path in etcd: v2/keys/// ## ## Value: String ## cluster.etcd.prefix = emqcl @@ -121,7 +120,7 @@ cluster.autoclean = 5m ## Value: String ## cluster.k8s.apiserver = http://10.110.111.204:8080 -## The service name helps build node name: {service_name}@{ip} +## The service name helps lookup EMQ nodes in the cluster. ## ## Value: String ## cluster.k8s.service_name = emq @@ -142,7 +141,9 @@ cluster.autoclean = 5m ## Node name. ## -## Value: {name}@{host} +## See: http://erlang.org/doc/reference_manual/distributed.html +## +## Value: @ ## ## Default: emq@127.0.0.1 node.name = emq@127.0.0.1 @@ -159,14 +160,13 @@ node.smp = auto ## Heartbeat monitoring of an Erlang runtime system. Comment the line to disable ## heartbeat, or set the value as 'on' -## or the line comment. ## ## Value: on ## ## vm.args: -heart ## node.heartbeat = on -## Enable Kernel Poll. +## Enable kernel poll. ## ## Value: on | off ## @@ -174,7 +174,8 @@ node.smp = auto node.kernel_poll = on ## Sets the number of threads in async thread pool. Valid range is 0-1024. -## More information at: http://erlang.org/doc/man/erl.html +## +## See: http://erlang.org/doc/man/erl.html ## ## Value: 0-1024 ## @@ -183,7 +184,8 @@ node.async_threads = 32 ## Sets the maximum number of simultaneously existing processes for this ## system if a Number is passed as value. -## More information at: http://erlang.org/doc/man/erl.html +## +## See: http://erlang.org/doc/man/erl.html ## ## Value: Number [1024-134217727] ## @@ -192,7 +194,8 @@ node.process_limit = 256000 ## Sets the maximum number of simultaneously existing ports for this system ## if a Number is passed as value. -## More information at: http://erlang.org/doc/man/erl.html +## +## See: http://erlang.org/doc/man/erl.html ## ## Value: Number [1024-134217727] ## @@ -200,15 +203,16 @@ node.process_limit = 256000 node.max_ports = 65536 ## Set the distribution buffer busy limit (dist_buf_busy_limit). -## More information at: http://erlang.org/doc/man/erl.html +## +## See: http://erlang.org/doc/man/erl.html ## ## Value: Number [1KB-2GB] ## ## vm.args: +zdbbl size -node.dist_buffer_size = 16MB +node.dist_buffer_size = 8MB -## Sets the maximum number of ETS tables. Note that mnesia and SSL -## will create temporary ETS tables. +## Sets the maximum number of ETS tables. Note that mnesia and SSL will +## create temporary ETS tables. ## ## Value: Number ## @@ -227,11 +231,11 @@ node.fullsweep_after = 1000 ## Value: Log file node.crash_dump = {{ platform_log_dir }}/crash.dump -## Specifies the net_kernel tick time. TickTime is specified in seconds. +## Sets the net_kernel tick time. TickTime is specified in seconds. ## Notice that all communicating nodes are to have the same TickTime ## value specified. ## -## More information at: http://www.erlang.org/doc/man/kernel_app.html#net_ticktime +## See: http://www.erlang.org/doc/man/kernel_app.html#net_ticktime ## ## Value: Number ## @@ -239,10 +243,10 @@ node.crash_dump = {{ platform_log_dir }}/crash.dump node.dist_net_ticktime = 60 ## Sets the port range for the listener socket of a distributed Erlang node. -## Note that if there is a firewall between clustered nodes, this port segment +## Note that if there are firewalls between clustered nodes, this port segment ## for nodes’ communication should be allowed. ## -## More information at: http://www.erlang.org/doc/man/kernel_app.html +## See: http://www.erlang.org/doc/man/kernel_app.html ## ## Value: Port [1024-65535] node.dist_listen_min = 6369 @@ -273,7 +277,7 @@ log.console = console ## Default: error log.console.level = error -## The file where console logs will be writed to, when 'log.console' is set to 'file'. +## The file where console logs will be writed to, when 'log.console' is set as 'file'. ## ## Value: File Name ## log.console.file = {{ platform_log_dir }}/console.log @@ -328,12 +332,12 @@ log.crash = on ## Value: File Name log.crash.file = {{ platform_log_dir }}/crash.log -## Enable Syslog. +## Enable syslog. ## ## Values: on | off log.syslog = on -## The severity level for syslog. +## Sets the severity level for syslog. ## ## Value: debug | info | notice | warning | error | critical | alert | emergency log.syslog.level = error @@ -343,7 +347,8 @@ log.syslog.level = error ##-------------------------------------------------------------------- ## Allow Anonymous Authentication. -## !!! Notice: Should disable the config for production deployment. +## +## Notice: Disable the option for production deployment. ## ## Value: true | false mqtt.allow_anonymous = true @@ -358,7 +363,7 @@ mqtt.acl_nomatch = allow ## Value: File Name mqtt.acl_file = {{ platform_etc_dir }}/acl.conf -## Cache ACL for PUBLISH Messages. +## Whether to cache ACL for publish messages. ## ## Value: true | false mqtt.cache_acl = true @@ -367,7 +372,7 @@ mqtt.cache_acl = true ## MQTT Protocol ##-------------------------------------------------------------------- -## Maximum MQTT clientId length allowed. +## Maximum length of MQTT clientId allowed. ## ## Value: Number [23-65535] mqtt.max_clientid_len = 1024 @@ -380,13 +385,13 @@ mqtt.max_clientid_len = 1024 mqtt.max_packet_size = 64KB ## Check if the websocket protocol header is valid. -## Turn off the config when developing WeChat App. +## Turn off the option when developing WeChat App. ## ## Value: on | off mqtt.websocket_protocol_header = on ## The backoff for MQTT keepalive timeout. -## The broker will kick a MQTT connection out until 'Keepalive * backoff * 2' timeout. +## EMQ will kick a MQTT connection out until 'Keepalive * backoff * 2' timeout. ## ## Value: Float > 0.5 mqtt.keepalive_backoff = 0.75 @@ -395,7 +400,7 @@ mqtt.keepalive_backoff = 0.75 ## MQTT Connection ##-------------------------------------------------------------------- -## Force GC the MQTT connection. Value 0 will disable the Force GC. +## Force GC the MQTT connections. Value 0 will disable the Force GC. ## ## Value: Number >= 0 mqtt.conn.force_gc_count = 100 @@ -409,8 +414,7 @@ mqtt.conn.force_gc_count = 100 ## Value: Duration mqtt.client.idle_timeout = 30s -## Maximum publish rate of MQTT messages per second. -## TODO: R2.4 release +## TODO: Maximum publish rate of MQTT messages per second. ## ## Value: Number ## mqtt.client.max_publish_rate = 5 @@ -439,7 +443,7 @@ mqtt.session.upgrade_qos = off ## Value: Number mqtt.session.max_inflight = 32 -## Retry interval for QoS1/2 message redelivering. +## Retry interval for QoS1/2 message delivering. ## ## Value: Duration mqtt.session.retry_interval = 20s @@ -470,7 +474,7 @@ mqtt.session.enable_stats = on ## Default: 2h, 2 hours mqtt.session.expiry_interval = 2h -## Ignore loop delivery of messages. +## Whether to ignore loop delivery of messages. ## ## Value: true | false ## @@ -481,12 +485,12 @@ mqtt.session.ignore_loop_deliver = false ## MQTT Message Queue ##-------------------------------------------------------------------- -## Message Queue Type. +## Message queue type. ## ## Value: simple | priority mqtt.mqueue.type = simple -## Topic Priority. Default is 0. +## Topic priority. Default is 0. ## ## Value: Number [0-255] ## @@ -508,7 +512,7 @@ mqtt.mqueue.low_watermark = 20% ## Value: Percent mqtt.mqueue.high_watermark = 60% -## Queue Qos0 messages? +## Whether to enqueue Qos0 messages. ## ## Value: false | true mqtt.mqueue.store_qos0 = true @@ -517,19 +521,19 @@ mqtt.mqueue.store_qos0 = true ## MQTT Broker and PubSub ##-------------------------------------------------------------------- -## System Interval of publishing $SYS Messages. +## System interval of publishing $SYS messages. ## ## Value: Duration ## ## Default: 1m, 1 minute mqtt.broker.sys_interval = 1m -## The PubSub pool size. Default value should be scheduler numbers. +## The PubSub pool size. Default value should be same as scheduler numbers. ## ## Value: Number > 1 mqtt.pubsub.pool_size = 8 -## TODO: Subscribe Asynchronously. +## TODO: Subscribe asynchronously. ## ## Value: true | false mqtt.pubsub.async = true @@ -609,15 +613,18 @@ listener.tcp.external.max_clients = 102400 ## listener.tcp.external.rate_limit = 100,10 ## The access control rules for the MQTT/TCP listener. -## More information at: https://github.com/emqtt/esockd#allowdeny +## +## See: https://github.com/emqtt/esockd#allowdeny ## ## Value: ACL Rule -## listener.tcp.external.access.1 = allow 192.168.0.0/24 -listener.tcp.external.access.2 = allow all +## +## Example: allow 192.168.0.0/24 +listener.tcp.external.access.1 = allow all -## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind -## HAProxy or Nginx. -## More information at: https://www.haproxy.com/blog/haproxy/proxy-protocol/ +## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed +## behind HAProxy or Nginx. +## +## See: https://www.haproxy.com/blog/haproxy/proxy-protocol/ ## ## Value: on | off ## listener.tcp.external.proxy_protocol = on @@ -635,8 +642,6 @@ listener.tcp.external.access.2 = allow all ## Value: cn ## listener.tcp.external.peer_cert_as_username = cn -## TCP socket options for the MQTT listener. - ## The TCP backlog defines the maximum length that the queue of pending ## connections can grow to. ## @@ -654,13 +659,15 @@ listener.tcp.external.send_timeout = 15s listener.tcp.external.send_timeout_close = on ## The TCP receive buffer(os kernel) for MQTT connections. -## More information at: http://erlang.org/doc/man/inet.html +## +## See: http://erlang.org/doc/man/inet.html ## ## Value: Bytes ## listener.tcp.external.recbuf = 4KB ## The TCP send buffer(os kernel) for MQTT connections. -## More information at: http://erlang.org/doc/man/inet.html +## +## See: http://erlang.org/doc/man/inet.html ## ## Value: Bytes ## listener.tcp.external.sndbuf = 4KB @@ -671,7 +678,8 @@ listener.tcp.external.send_timeout_close = on ## >= max(val(sndbuf),val(recbuf)) to avoid performance issues because ## of unnecessary copying. val(buffer) is automatically set to the above ## maximum when values sndbuf or recbuf are set. -## More information at: http://erlang.org/doc/man/inet.html +## +## See: http://erlang.org/doc/man/inet.html ## ## Value: Bytes ## listener.tcp.external.buffer = 4KB @@ -690,8 +698,8 @@ listener.tcp.external.nodelay = true ##-------------------------------------------------------------------- ## Internal TCP Listener for MQTT Protocol -## The IP address and port that the internal MQTT/TCP protocol listener will -## bind. +## The IP address and port that the internal MQTT/TCP protocol listener +## will bind. ## ## Value: IP:Port, Port ## @@ -713,61 +721,73 @@ listener.tcp.internal.max_clients = 102400 ## Value: String ## listener.tcp.internal.zone = internal -## Mountpoint of the MQTT/TCP Listener. All the topics will -## be prefixed with the mount point if this option is enabled. +## Mountpoint of the MQTT/TCP Listener. +## +## See: listener.tcp..mountpoint ## ## Value: String -## listener.tcp.external.mountpoint = internal/ +## listener.tcp.internal.mountpoint = internal/ ## Rate limit for the internal MQTT/TCP connections. -## Format is 'burst,rate'. +## +## See: listener.tcp..rate_limit ## ## Value: burst,rate -## Unit: KB/sec ## listener.tcp.internal.rate_limit = 1000,100 -## The TCP backlog defines the maximum length that the queue of -## pending connections can grow to. +## The TCP backlog of internal MQTT/TCP Listener. +## +## See: listener.tcp..backlog ## ## Value: Number >= 0 listener.tcp.internal.backlog = 512 ## The TCP send timeout for internal MQTT connections. ## +## See: listener.tcp..send_timeout +## ## Value: Duration listener.tcp.internal.send_timeout = 5s ## Close the MQTT/TCP connection if send timeout. ## +## See: listener.tcp..send_timeout_close +## ## Value: on | off listener.tcp.external.send_timeout_close = on -## The TCP receive buffer(os kernel) for MQTT connections. -## More information at: http://erlang.org/doc/man/inet.html +## The TCP receive buffer(os kernel) for internal MQTT connections. +## +## See: listener.tcp..recbuf ## ## Value: Bytes listener.tcp.internal.recbuf = 16KB -## The TCP send buffer(os kernel) for MQTT connections. -## More information at: http://erlang.org/doc/man/inet.html +## The TCP send buffer(os kernel) for internal MQTT connections. +## +## See: http://erlang.org/doc/man/inet.html ## ## Value: Bytes listener.tcp.internal.sndbuf = 16KB ## The size of the user-level software buffer used by the driver. -## See: listener.tcp.external.buffer +## +## See: listener.tcp..buffer ## ## Value: Bytes listener.tcp.internal.buffer = 16KB ## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled. ## +## See: listener.tcp..tune_buffer +## ## Value: on | off listener.tcp.internal.tune_buffer = on -## The TCP_NODELAY flag for MQTT connections. -## See: listener.tcp.external.nodelay -# +## The TCP_NODELAY flag for internal MQTT connections. +## +## See: listener.tcp..nodelay +## ## Value: true | false listener.tcp.internal.nodelay = false @@ -797,43 +817,43 @@ listener.ssl.external.max_clients = 1024 ## Value: String ## listener.ssl.external.zone = external -## Mountpoint of the MQTT/SSL Listener. All the topics of this -## listener will be prefixed with the mount point if this option -## is enabled. +## Mountpoint of the MQTT/SSL Listener. ## ## Value: String ## listener.ssl.external.mountpoint = inbound/ -## Rate limit for the external MQTT/SSL connections. -## Format is 'burst,rate'. -## -## Value: burst,rate -## Unit: KB/sec -## listener.ssl.external.rate_limit = 100,10 - -## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind -## HAProxy or Nginx. -## More information at: https://www.haproxy.com/blog/haproxy/proxy-protocol/ -## -## Value: on | off -## listener.ssl.external.proxy_protocol = on - -## Sets the timeout for proxy protocol. EMQ will close the TCP connection -## if no proxy protocol packet recevied within the timeout. -## -## Value: Duration -## listener.ssl.external.proxy_protocol_timeout = 3s - ## The access control rules for the MQTT/SSL listener. -## More information at: https://github.com/emqtt/esockd#allowdeny +## +## See: listener.tcp..access ## ## Value: ACL Rule listener.ssl.external.access.1 = allow all -## TLS versions only to protect from POODLE attack. -## See http://erlang.org/doc/man/ssl.html +## Rate limit for the external MQTT/SSL connections. ## -## Value: String +## Value: burst,rate +## listener.ssl.external.rate_limit = 100,10 + +## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind +## HAProxy or Nginx. +## +## See: listener.tcp..proxy_protocol +## +## Value: on | off +## listener.ssl.external.proxy_protocol = on + +## Sets the timeout for proxy protocol. +## +## See: listener.tcp..proxy_protocol_timeout +## +## Value: Duration +## listener.ssl.external.proxy_protocol_timeout = 3s + +## TLS versions only to protect from POODLE attack. +## +## See: http://erlang.org/doc/man/ssl.html +## +## Value: String, seperated by ',' ## listener.ssl.external.tls_versions = tlsv1.2,tlsv1.1,tlsv1 ## TLS Handshake timeout. @@ -842,17 +862,20 @@ listener.ssl.external.access.1 = allow all listener.ssl.external.handshake_timeout = 15s ## Path to the file containing the user's private PEM-encoded key. -## More information at: http://erlang.org/doc/man/ssl.html +## +## See: http://erlang.org/doc/man/ssl.html ## ## Value: File listener.ssl.external.keyfile = {{ platform_etc_dir }}/certs/key.pem ## Path to a file containing the user certificate. ## +## See: http://erlang.org/doc/man/ssl.html +## ## Value: File listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem -## Path to a file containing PEM-encoded CA certificates. The CA certificates +## Path to the file containing PEM-encoded CA certificates. The CA certificates ## are used during server authentication and when building the client certificate chain. ## ## Value: File @@ -891,14 +914,17 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## Value: true | false ## listener.ssl.external.fail_if_no_peer_cert = true -## This is the single most important configuration option of an Erlang SSL application. -## Ciphers (and their ordering) define the way the client and server encrypt information -## over the wire, from the initial Diffie-Helman key exchange, the session key encryption -## algorithm and the message digest algorithm. Selecting a good cipher suite is critical -## for the application’s data security, confidentiality and performance. +## This is the single most important configuration option of an Erlang SSL +## application. Ciphers (and their ordering) define the way the client and +## server encrypt information over the wire, from the initial Diffie-Helman +## key exchange, the session key encryption ## algorithm and the message +## digest algorithm. Selecting a good cipher suite is critical for the +## application’s data security, confidentiality and performance. +## ## The cipher list above offers: ## -## A good balance between compatibility with older browsers. It can get stricter for Machine-To-Machine scenarios. +## A good balance between compatibility with older browsers. +## It can get stricter for Machine-To-Machine scenarios. ## Perfect Forward Secrecy. ## No old/insecure encryption and HMAC algorithms ## @@ -907,8 +933,8 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## Value: Ciphers ## listener.ssl.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-DES-CBC3-SHA,ECDH-ECDSA-AES256-GCM-SHA384,ECDH-RSA-AES256-GCM-SHA384,ECDH-ECDSA-AES256-SHA384,ECDH-RSA-AES256-SHA384,DHE-DSS-AES256-GCM-SHA384,DHE-DSS-AES256-SHA256,AES256-GCM-SHA384,AES256-SHA256,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,ECDH-ECDSA-AES128-GCM-SHA256,ECDH-RSA-AES128-GCM-SHA256,ECDH-ECDSA-AES128-SHA256,ECDH-RSA-AES128-SHA256,DHE-DSS-AES128-GCM-SHA256,DHE-DSS-AES128-SHA256,AES128-GCM-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA,ECDH-ECDSA-AES256-SHA,ECDH-RSA-AES256-SHA,AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-DSS-AES128-SHA,ECDH-ECDSA-AES128-SHA,ECDH-RSA-AES128-SHA,AES128-SHA -## SSL parameter renegotiation is a feature that allows a client and -## a server to renegotiate the parameters of the SSL connection on the fly. +## SSL parameter renegotiation is a feature that allows a client and a server +## to renegotiate the parameters of the SSL connection on the fly. ## RFC 5746 defines a more secure way of doing this. By enabling secure renegotiation, ## you drop support for the insecure renegotiation, prone to MitM attacks. ## @@ -918,7 +944,8 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## A performance optimization setting, it allows clients to reuse ## pre-existing sessions, instead of initializing new ones. ## Read more about it here. -## More information at: http://erlang.org/doc/man/ssl.html +## +## See: http://erlang.org/doc/man/ssl.html ## ## Value: on | off ## listener.ssl.external.reuse_sessions = on @@ -938,38 +965,57 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## listener.ssl.external.peer_cert_as_username = cn ## TCP backlog for the SSL connection. -## See 'listener.tcp.external.backlog' +## +## See listener.tcp..backlog ## ## Value: Number >= 0 ## listener.ssl.external.backlog = 1024 ## The TCP send timeout for the SSL connection. -## See 'listener.tcp.external.send_timeout' +## +## See listener.tcp..send_timeout ## ## Value: Duration ## listener.ssl.external.send_timeout = 15s -## See 'listener.tcp.external.send_timeout_close' +## Close the SSL connection if send timeout. +## +## See: listener.tcp..send_timeout_close ## ## Value: on | off ## listener.ssl.external.send_timeout_close = on -## See 'listener.tcp.external.recbuf' +## The TCP receive buffer(os kernel) for the SSL connections. +## +## See: listener.tcp..recbuf ## ## Value: Bytes ## listener.ssl.external.recbuf = 4KB -## See 'listener.tcp.external.sndbuf' +## The TCP send buffer(os kernel) for internal MQTT connections. +## +## See: listener.tcp..sndbuf ## ## Value: Bytes ## listener.ssl.external.sndbuf = 4KB -## See 'listener.tcp.external.buffer' +## The size of the user-level software buffer used by the driver. +## +## See: listener.tcp..buffer ## ## Value: Bytes ## listener.ssl.external.buffer = 4KB -## See 'listener.tcp.external.nodelay' +## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled. +## +## See: listener.tcp..tune_buffer +## +## Value: on | off +## listener.ssl.external.tune_buffer = on + +## The TCP_NODELAY flag for SSL connections. +## +## See: listener.tcp..nodelay ## ## Value: true | false ## listener.ssl.external.nodelay = true @@ -993,21 +1039,23 @@ listener.ws.external.acceptors = 4 ## Maximum number of concurrent MQTT/Websocket connections. ## ## Value: Number -listener.ws.external.max_clients = 64 +listener.ws.external.max_clients = 102400 ## TODO: Zone of the external MQTT/Websocket listener belonged to. ## ## Value: String ## listener.ws.external.zone = external -## Mountpoint of the MQTT/Websocket Listener. All the topics of -## this listener will be prefixed with the mount point if this -## option is enabled. +## Mountpoint of the MQTT/Websocket Listener. +## +## See: listener.tcp..mountpoint ## ## Value: String ## listener.ws.external.mountpoint = external/ -## The access control rules for the MQTT/Websocket listener. +## The access control for the MQTT/Websocket listener. +## +## See: listener.tcp..access ## ## Value: ACL Rule listener.ws.external.access.1 = allow all @@ -1015,43 +1063,70 @@ listener.ws.external.access.1 = allow all ## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind ## HAProxy or Nginx. ## +## See: listener.tcp..proxy_protocol +## ## Value: on | off ## listener.ws.external.proxy_protocol = on -## See 'listener.tcp.external.proxy_protocol_timeout' +## Sets the timeout for proxy protocol. +## +## See: listener.tcp..proxy_protocol_timeout ## ## Value: Duration ## listener.ws.external.proxy_protocol_timeout = 3s -## TCP Options +## The TCP backlog of external MQTT/Websocket Listener. +## +## See: listener.tcp..backlog +## +## Value: Number >= 0 listener.ws.external.backlog = 1024 -## See 'listener.tcp.external.send_timeout' +## The TCP send timeout for external MQTT/Websocket connections. +## +## See: listener.tcp..send_timeout ## ## Value: Duration listener.ws.external.send_timeout = 15s -## See 'listener.tcp.external.send_timeout_close' +## Close the MQTT/Websocket connection if send timeout. +## +## See: listener.tcp..send_timeout_close ## ## Value: on | off listener.ws.external.send_timeout_close = on -## See 'listener.tcp.external.recbuf' +## The TCP receive buffer(os kernel) for external MQTT/Websocket connections. +## +## See: listener.tcp..recbuf ## ## Value: Bytes ## listener.ws.external.recbuf = 4KB -## See 'listener.tcp.external.sndbuf' +## The TCP send buffer(os kernel) for external MQTT/Websocket connections. +## +## See 'listener.tcp..sndbuf' ## ## Value: Bytes ## listener.ws.external.sndbuf = 4KB -## See 'listener.tcp.external.buffer' +## The size of the user-level software buffer used by the driver. +## +## See: listener.tcp..buffer ## ## Value: Bytes ## listener.ws.external.buffer = 4KB -## See 'listener.tcp.external.nodelay' +## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled. +## +## See: listener.tcp..tune_buffer +## +## Value: on | off +listener.ws.external.tune_buffer = on + +## The TCP_NODELAY flag for external MQTT/Websocket connections. +## +## See: listener.tcp..nodelay ## ## Value: true | false listener.ws.external.nodelay = true @@ -1082,64 +1157,149 @@ listener.wss.external.max_clients = 64 ## Value: String ## listener.wss.external.zone = external -## See 'listener.ssl.external.mountpoint' +## Mountpoint of the MQTT/Websocket/SSL Listener. +## +## See 'listener.tcp..mountpoint' ## ## Value: String ## listener.wss.external.mountpoint = inbound/ -## See 'listener.ssl.external.acess.1' +## The access control rules for the MQTT/Websocket/SSL listener. +## +## See: listener.tcp..access. ## ## Value: ACL Rule listener.wss.external.access.1 = allow all -## See 'listener.ssl.external.proxy_protocol' +## Enable the Proxy Protocol V1/2 support. +## +## See: listener.tcp..proxy_protocol ## ## Value: on | off ## listener.wss.external.proxy_protocol = on -## See 'listener.ssl.external.proxy_protocol_timeout' +## Sets the timeout for proxy protocol. +## +## See: listener.tcp..proxy_protocol_timeout ## ## Value: Duration ## listener.wss.external.proxy_protocol_timeout = 3s -## SSL Options. Same to 'listener.ssl.*' +## TLS Handshake timeout. +## +## See: listener.ssl..handshake_timeout +## +## Value: Duration listener.wss.external.handshake_timeout = 15s +## Path to the file containing the user's private PEM-encoded key. +## +## See: listener.ssl..keyfile +## +## Value: File listener.wss.external.keyfile = {{ platform_etc_dir }}/certs/key.pem +## Path to a file containing the user certificate. +## +## See: listener.ssl..certfile +## +## Value: File listener.wss.external.certfile = {{ platform_etc_dir }}/certs/cert.pem +## Path to the file containing PEM-encoded CA certificates. +## +## See: listener.ssl..cacert +## +## Value: File ## listener.wss.external.cacertfile = {{ platform_etc_dir }}/certs/cacert.pem +## See: listener.ssl..dhfile +## +## Value: File ## listener.ssl.external.dhfile = {{ platform_etc_dir }}/certs/dh-params.pem +## See: listener.ssl..vefify +## +## Value: vefify_peer | verify_none ## listener.wss.external.verify = verify_peer +## See: listener.ssl..fail_if_no_peer_cert +## +## Value: false | true ## listener.wss.external.fail_if_no_peer_cert = true +## See: listener.ssl..ciphers +## +## Value: Ciphers ## listener.wss.external.ciphers = +## See: listener.ssl..secure_renegotiate +## +## Value: on | off ## listener.wss.external.secure_renegotiate = off +## See: listener.ssl..reuse_sessions +## +## Value: on | off ## listener.wss.external.reuse_sessions = on +## See: listener.ssl..honor_cipher_order +## +## Value: on | off ## listener.wss.external.honor_cipher_order = on +## See: listener.ssl..peer_cert_as_username +## +## Value: cn | dn ## listener.wss.external.peer_cert_as_username = cn -## TCP Options. Same to 'listener.tcp.*' +## TCP backlog for the Websocket/SSL connection. +## +## See 'listener.tcp..backlog' +## +## Value: Number >= 0 listener.wss.external.backlog = 1024 +## The TCP send timeout for the Websocket/SSL connection. +## +## See 'listener.tcp..send_timeout' +## +## Value: Duration listener.wss.external.send_timeout = 15s +## Close the Websocket/SSL connection if send timeout. +## +## See: listener.tcp..send_timeout_close +## +## Value: on | off listener.wss.external.send_timeout_close = on +## The TCP receive buffer(os kernel) for the Websocket/SSL connections. +## +## See: listener.tcp..recbuf +## +## Value: Bytes ## listener.wss.external.recbuf = 4KB +## The TCP send buffer(os kernel) for the Websocket/SSL connections. +## +## See: listener.tcp..sndbuf +## +## Value: Bytes ## listener.wss.external.sndbuf = 4KB +## The size of the user-level software buffer used by the driver. +## +## See: listener.tcp..buffer +## +## Value: Bytes ## listener.wss.external.buffer = 4KB +## The TCP_NODELAY flag for Websocket/SSL connections. +## +## See: listener.tcp..nodelay +## +## Value: true | false ## listener.wss.external.nodelay = true ##-------------------------------------------------------------------- @@ -1163,18 +1323,18 @@ listener.api.mgmt.acceptors = 4 listener.api.mgmt.max_clients = 64 ## The access control rules for the listener. -## More information at: https://github.com/emqtt/esockd#allowdeny +## +## See: https://github.com/emqtt/esockd#allowdeny ## ## Value: ACL Rule listener.api.mgmt.access.1 = allow all -## The TCP backlog defines the maximum length that the queue of pending -## connections can grow to. +## The TCP backlog for HTTP API. ## ## Value: Number >= 0 listener.api.mgmt.backlog = 512 -## The TCP send timeout. +## The TCP send timeout for HTTP API. ## ## Value: Duration listener.api.mgmt.send_timeout = 15s @@ -1196,13 +1356,15 @@ listener.api.mgmt.send_timeout_close = on sysmon.long_gc = false ## Enable Long Schedule(ms) monitoring. -## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## See: http://erlang.org/doc/man/erlang.html#system_monitor-2 ## ## Value: Number sysmon.long_schedule = 240 ## Enable Large Heap monitoring. -## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## See: http://erlang.org/doc/man/erlang.html#system_monitor-2 ## ## Value: bytes ## @@ -1210,13 +1372,15 @@ sysmon.long_schedule = 240 sysmon.large_heap = 8MB ## Enable Busy Port monitoring. -## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## See: http://erlang.org/doc/man/erlang.html#system_monitor-2 ## ## Value: true | false sysmon.busy_port = false ## Enable Busy Dist Port monitoring. -## More information at: http://erlang.org/doc/man/erlang.html#system_monitor-2 +## +## See: http://erlang.org/doc/man/erlang.html#system_monitor-2 ## ## Value: true | false sysmon.busy_dist_port = true From 3a39706d8402135b23470210262230b778e9d5ac Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 4 Jan 2018 16:05:44 +0800 Subject: [PATCH 20/37] Add more options for 'listener.wss.' --- priv/emq.schema | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/priv/emq.schema b/priv/emq.schema index ca242c4c7..11c45cecb 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -1007,6 +1007,10 @@ end}. {datatype, string} ]}. +{mapping, "listener.ws.$name.mountpoint", "emqttd.listeners", [ + {datatype, string} +]}. + {mapping, "listener.ws.$name.access.$id", "emqttd.listeners", [ {datatype, string} ]}. @@ -1140,6 +1144,14 @@ end}. hidden ]}. +{mapping, "listener.wss.$name.tls_versions", "emqttd.listeners", [ + {datatype, string} +]}. + +{mapping, "listener.wss.$name.ciphers", "emqttd.listeners", [ + {datatype, string} +]}. + {mapping, "listener.wss.$name.handshake_timeout", "emqttd.listeners", [ {default, "15s"}, {datatype, {duration, ms}} @@ -1165,6 +1177,23 @@ end}. {datatype, {enum, [true, false]}} ]}. +{mapping, "listener.wss.$name.secure_renegotiate", "emqttd.listeners", [ + {datatype, flag} +]}. + +{mapping, "listener.wss.$name.reuse_sessions", "emqttd.listeners", [ + {default, on}, + {datatype, flag} +]}. + +{mapping, "listener.wss.$name.honor_cipher_order", "emqttd.listeners", [ + {datatype, flag} +]}. + +{mapping, "listener.wss.$name.peer_cert_as_username", "emqttd.listeners", [ + {datatype, {enum, [cn, dn]}} +]}. + {translation, "emqttd.listeners", fun(Conf) -> Filter = fun(Opts) -> [{K, V} || {K, V} <- Opts, V =/= undefined] end, From 86fc80b9830ebae27d56ca7dabadf655e03aa9af Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 4 Jan 2018 16:09:10 +0800 Subject: [PATCH 21/37] Change the type of 'mqtt.broker.sys_interval' to ms duration --- src/emqttd_broker.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/emqttd_broker.erl b/src/emqttd_broker.erl index 0161720f2..9e78207ce 100644 --- a/src/emqttd_broker.erl +++ b/src/emqttd_broker.erl @@ -105,9 +105,9 @@ datetime() -> io_lib:format( "~4..0w-~2..0w-~2..0w ~2..0w:~2..0w:~2..0w", [Y, M, D, H, MM, S])). -%% @doc Start a tick timer +%% @doc Start a tick timer. start_tick(Msg) -> - start_tick(timer:seconds(emqttd:env(broker_sys_interval, 60)), Msg). + start_tick(emqttd:env(broker_sys_interval, 60000), Msg). start_tick(0, _Msg) -> undefined; From fdc55de5099b11b4f6cbd5519abe808c2cda9f58 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 4 Jan 2018 16:09:45 +0800 Subject: [PATCH 22/37] Change the type of 'mqtt.bridge.ping_down_interval' to ms duration --- src/emqttd_bridge.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/emqttd_bridge.erl b/src/emqttd_bridge.erl index 49b5a95d0..6c20290bd 100644 --- a/src/emqttd_bridge.erl +++ b/src/emqttd_bridge.erl @@ -92,7 +92,7 @@ parse_opts([{topic_prefix, Prefix} | Opts], State) -> parse_opts([{max_queue_len, Len} | Opts], State) -> parse_opts(Opts, State#state{max_queue_len = Len}); parse_opts([{ping_down_interval, Interval} | Opts], State) -> - parse_opts(Opts, State#state{ping_down_interval = Interval*1000}); + parse_opts(Opts, State#state{ping_down_interval = Interval}); parse_opts([_Opt | Opts], State) -> parse_opts(Opts, State). From a779c9f9cb743b82f5127f211153e1cd7db5d8d9 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 4 Jan 2018 20:25:26 +0800 Subject: [PATCH 23/37] Add 'listener.wss.external.tls_versions' option --- etc/emq.conf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/etc/emq.conf b/etc/emq.conf index 4d37515aa..b8c21dc40 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1185,6 +1185,13 @@ listener.wss.external.access.1 = allow all ## Value: Duration ## listener.wss.external.proxy_protocol_timeout = 3s +## TLS versions only to protect from POODLE attack. +## +## See: listener.ssl..tls_versions +## +## Value: String, seperated by ',' +## listener.wss.external.tls_versions = tlsv1.2,tlsv1.1,tlsv1 + ## TLS Handshake timeout. ## ## See: listener.ssl..handshake_timeout From 4e7a12a838ec44b8d507d28d7e5a6a3a62a55599 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Sat, 6 Jan 2018 15:46:43 +0800 Subject: [PATCH 24/37] Fix #1430 - update the link to emqx-lwm2m project --- README.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 83fe86177..96ed87f7c 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ Plugin | Descrip [emq_sn](https://github.com/emqtt/emq_sn) | MQTT-SN Protocol Plugin [emq_coap](https://github.com/emqtt/emq_coap) | CoAP Protocol Plugin [emq_stomp](https://github.com/emqtt/emq_stomp) | Stomp Protocol Plugin -[emq_lwm2m](https://github.com/emqtt/emq-lwm2m) | LWM2M Prototol Plugin +[emq_lwm2m](https://github.com/emqx/emqx-lwm2m) | LWM2M Prototol Plugin [emq_recon](https://github.com/emqtt/emq_recon) | Recon Plugin [emq_reloader](https://github.com/emqtt/emq_reloader) | Reloader Plugin [emq_sockjs](https://github.com/emqtt/emq_sockjs) | SockJS(Stomp) Plugin @@ -109,9 +109,7 @@ Plugin | Descrip * Issues: https://github.com/emqtt/emqttd/issues * QQ Group: 12222225 -## Partners - -[QingCloud](https://qingcloud.com) is the world’s first IaaS provider that can deliver any number of IT resources in seconds and adopts a second-based billing system. QingCloud is committed to providing a reliable, secure, on-demand and real-time IT resource platform with excellent performance, which includes all components of a complete IT infrastructure system: computing, storage, networking and security. +## Test Servers The **q.emqtt.com** hosts a public Four-Node *EMQ* cluster on [QingCloud](https://qingcloud.com): From 6ad7b46885a3fc9c7a997087e762aa25b8f3eadb Mon Sep 17 00:00:00 2001 From: HuangDan Date: Mon, 8 Jan 2018 13:39:52 +0800 Subject: [PATCH 25/37] Fix failed test --- test/emqttd_config_SUITE.erl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/emqttd_config_SUITE.erl b/test/emqttd_config_SUITE.erl index 04c957b75..744f7402e 100644 --- a/test/emqttd_config_SUITE.erl +++ b/test/emqttd_config_SUITE.erl @@ -115,9 +115,9 @@ run_connection_cmd(_Config) -> ?assertEqual(1000, E). run_broker_config(_Config) -> - emqttd_cli_config:run(["config", "set", "mqtt.broker.sys_interval=10", "--app=emqttd"]), + emqttd_cli_config:run(["config", "set", "mqtt.broker.sys_interval=6000ms", "--app=emqttd"]), {ok, E} = application:get_env(emqttd, broker_sys_interval), - ?assertEqual(10, E). + ?assertEqual(6000, E). env_value("client", {Key, Type}) -> case string:split(Key, "=") of From 56195670c61fa9035404e381296c342d9144e536 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Fri, 12 Jan 2018 10:45:36 +0800 Subject: [PATCH 26/37] Misc fix --- src/emqttd_session.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/emqttd_session.erl b/src/emqttd_session.erl index aa1a027a4..841a645a3 100644 --- a/src/emqttd_session.erl +++ b/src/emqttd_session.erl @@ -286,8 +286,8 @@ init([CleanSess, {ClientId, Username}, ClientPid]) -> {ok, QEnv} = emqttd:env(mqueue), MaxInflight = get_value(max_inflight, Env, 0), EnableStats = get_value(enable_stats, Env, false), - IgnoreLoopDeliver = get_value(ignore_loop_deliver, Env, false), ForceGcCount = emqttd_gc:conn_max_gc_count(), + IgnoreLoopDeliver = get_value(ignore_loop_deliver, Env, false), MQueue = ?MQueue:new(ClientId, QEnv, emqttd_alarm:alarm_fun()), State = #state{clean_sess = CleanSess, binding = binding(ClientPid), From a1cbdc51228ab9d7933932ccae8d847cfaf6ac4b Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Fri, 12 Jan 2018 10:46:35 +0800 Subject: [PATCH 27/37] Update emq.conf and emq.schema --- etc/emq.conf | 8 ++++---- priv/emq.schema | 3 +-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index b8c21dc40..ef05b70e2 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1105,7 +1105,7 @@ listener.ws.external.send_timeout_close = on ## The TCP send buffer(os kernel) for external MQTT/Websocket connections. ## -## See 'listener.tcp..sndbuf' +## See: listener.tcp..sndbuf ## ## Value: Bytes ## listener.ws.external.sndbuf = 4KB @@ -1159,7 +1159,7 @@ listener.wss.external.max_clients = 64 ## Mountpoint of the MQTT/Websocket/SSL Listener. ## -## See 'listener.tcp..mountpoint' +## See: listener.tcp..mountpoint ## ## Value: String ## listener.wss.external.mountpoint = inbound/ @@ -1262,14 +1262,14 @@ listener.wss.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## TCP backlog for the Websocket/SSL connection. ## -## See 'listener.tcp..backlog' +## See listener.tcp..backlog ## ## Value: Number >= 0 listener.wss.external.backlog = 1024 ## The TCP send timeout for the Websocket/SSL connection. ## -## See 'listener.tcp..send_timeout' +## See: listener.tcp..send_timeout ## ## Value: Duration listener.wss.external.send_timeout = 15s diff --git a/priv/emq.schema b/priv/emq.schema index 11c45cecb..a70a90f90 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -400,7 +400,7 @@ end}. {translation, "lager.handlers", fun(Conf) -> - ErrorHandler = case cuttlefish:conf_get("log.error.file", Conf) of + ErrorHandler = case cuttlefish:conf_get("log.error.file", Conf, undefined) of undefined -> []; ErrorFilename -> [{lager_file_backend, [{file, ErrorFilename}, {level, error}, @@ -442,7 +442,6 @@ end}. cuttlefish:conf_get("log.syslog.facility", Conf), cuttlefish:conf_get("log.syslog.level", Conf)]}] end, - ConsoleHandlers ++ ErrorHandler ++ InfoHandler ++ SyslogHandler end }. From a3e97f798b65e095bb6582f82551a74fd5c0a38d Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 16 Jan 2018 08:57:46 +0800 Subject: [PATCH 28/37] Update Copyright to 2018 --- include/emqttd.hrl | 4 ++-- include/emqttd_cli.hrl | 2 +- include/emqttd_internal.hrl | 2 +- include/emqttd_protocol.hrl | 2 +- include/emqttd_trie.hrl | 2 +- src/emqttd.erl | 2 +- src/emqttd_access_control.erl | 2 +- src/emqttd_access_rule.erl | 2 +- src/emqttd_acl_internal.erl | 2 +- src/emqttd_acl_mod.erl | 2 +- src/emqttd_alarm.erl | 2 +- src/emqttd_app.erl | 2 +- src/emqttd_auth_mod.erl | 2 +- src/emqttd_base62.erl | 2 +- src/emqttd_boot.erl | 2 +- src/emqttd_bridge.erl | 2 +- src/emqttd_bridge_sup.erl | 2 +- src/emqttd_bridge_sup_sup.erl | 2 +- src/emqttd_broker.erl | 2 +- src/emqttd_cli.erl | 2 +- src/emqttd_cli_config.erl | 2 +- src/emqttd_client.erl | 2 +- src/emqttd_cm.erl | 2 +- src/emqttd_cm_sup.erl | 2 +- src/emqttd_config.erl | 2 +- src/emqttd_ctl.erl | 2 +- src/emqttd_gc.erl | 2 +- src/emqttd_gen_mod.erl | 2 +- src/emqttd_guid.erl | 2 +- src/emqttd_hooks.erl | 2 +- src/emqttd_http.erl | 2 +- src/emqttd_inflight.erl | 2 +- src/emqttd_keepalive.erl | 2 +- src/emqttd_message.erl | 2 +- src/emqttd_metrics.erl | 2 +- src/emqttd_mgmt.erl | 2 +- src/emqttd_misc.erl | 2 +- src/emqttd_mod_sup.erl | 2 +- src/emqttd_mqueue.erl | 2 +- src/emqttd_net.erl | 2 +- src/emqttd_packet.erl | 2 +- src/emqttd_parser.erl | 2 +- src/emqttd_plugins.erl | 2 +- src/emqttd_pmon.erl | 2 +- src/emqttd_pool_sup.erl | 2 +- src/emqttd_pooler.erl | 2 +- src/emqttd_protocol.erl | 2 +- src/emqttd_pubsub.erl | 2 +- src/emqttd_pubsub_sup.erl | 2 +- src/emqttd_rest_api.erl | 2 +- src/emqttd_router.erl | 2 +- src/emqttd_serializer.erl | 2 +- src/emqttd_server.erl | 2 +- src/emqttd_session.erl | 2 +- src/emqttd_session_sup.erl | 2 +- src/emqttd_sm.erl | 2 +- src/emqttd_sm_helper.erl | 2 +- src/emqttd_sm_sup.erl | 2 +- src/emqttd_stats.erl | 2 +- src/emqttd_sup.erl | 2 +- src/emqttd_sysmon.erl | 2 +- src/emqttd_sysmon_sup.erl | 2 +- src/emqttd_time.erl | 2 +- src/emqttd_topic.erl | 2 +- src/emqttd_trace.erl | 2 +- src/emqttd_trace_sup.erl | 2 +- src/emqttd_trie.erl | 2 +- src/emqttd_vm.erl | 2 +- src/emqttd_ws.erl | 2 +- src/emqttd_ws_client.erl | 2 +- src/emqttd_ws_client_sup.erl | 2 +- src/lager_emqtt_backend.erl | 2 +- test/emqttd_SUITE.erl | 2 +- test/emqttd_access_SUITE.erl | 2 +- test/emqttd_acl_test_mod.erl | 2 +- test/emqttd_auth_anonymous_test_mod.erl | 2 +- test/emqttd_auth_dashboard.erl | 2 +- test/emqttd_cli_SUITE.erl | 2 +- test/emqttd_config_SUITE.erl | 2 +- test/emqttd_inflight_SUITE.erl | 2 +- test/emqttd_lib_SUITE.erl | 2 +- test/emqttd_mod_SUITE.erl | 2 +- test/emqttd_mqueue_SUITE.erl | 2 +- test/emqttd_net_SUITE.erl | 2 +- test/emqttd_protocol_SUITE.erl | 2 +- test/emqttd_router_SUITE.erl | 2 +- test/emqttd_topic_SUITE.erl | 2 +- test/emqttd_trie_SUITE.erl | 2 +- test/emqttd_vm_SUITE.erl | 2 +- 89 files changed, 90 insertions(+), 90 deletions(-) diff --git a/include/emqttd.hrl b/include/emqttd.hrl index 508712512..975b50dd4 100644 --- a/include/emqttd.hrl +++ b/include/emqttd.hrl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ %% Banner %%-------------------------------------------------------------------- --define(COPYRIGHT, "Copyright (c) 2013-2017 EMQ Enterprise, Inc."). +-define(COPYRIGHT, "Copyright (c) 2013-2018 EMQ Enterprise, Inc."). -define(LICENSE_MESSAGE, "Licensed under the Apache License, Version 2.0"). diff --git a/include/emqttd_cli.hrl b/include/emqttd_cli.hrl index bda88d801..b99038481 100644 --- a/include/emqttd_cli.hrl +++ b/include/emqttd_cli.hrl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/include/emqttd_internal.hrl b/include/emqttd_internal.hrl index 343be68e4..c2ae503de 100644 --- a/include/emqttd_internal.hrl +++ b/include/emqttd_internal.hrl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/include/emqttd_protocol.hrl b/include/emqttd_protocol.hrl index a6d6c06e6..8a0ad4478 100644 --- a/include/emqttd_protocol.hrl +++ b/include/emqttd_protocol.hrl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/include/emqttd_trie.hrl b/include/emqttd_trie.hrl index eb4e1390d..ffd2acebc 100644 --- a/include/emqttd_trie.hrl +++ b/include/emqttd_trie.hrl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd.erl b/src/emqttd.erl index 65739952f..ecea2ca18 100644 --- a/src/emqttd.erl +++ b/src/emqttd.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_access_control.erl b/src/emqttd_access_control.erl index 601fd263f..0b74e2dc2 100644 --- a/src/emqttd_access_control.erl +++ b/src/emqttd_access_control.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_access_rule.erl b/src/emqttd_access_rule.erl index 73718fd3a..f0bad6816 100644 --- a/src/emqttd_access_rule.erl +++ b/src/emqttd_access_rule.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_acl_internal.erl b/src/emqttd_acl_internal.erl index 5305985c4..9304b9208 100644 --- a/src/emqttd_acl_internal.erl +++ b/src/emqttd_acl_internal.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_acl_mod.erl b/src/emqttd_acl_mod.erl index 4ed07b369..66e5f098b 100644 --- a/src/emqttd_acl_mod.erl +++ b/src/emqttd_acl_mod.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_alarm.erl b/src/emqttd_alarm.erl index 1467797c7..d271cb425 100644 --- a/src/emqttd_alarm.erl +++ b/src/emqttd_alarm.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_app.erl b/src/emqttd_app.erl index 1e99cb951..f14229715 100644 --- a/src/emqttd_app.erl +++ b/src/emqttd_app.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_auth_mod.erl b/src/emqttd_auth_mod.erl index d413446ff..a33631b65 100644 --- a/src/emqttd_auth_mod.erl +++ b/src/emqttd_auth_mod.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_base62.erl b/src/emqttd_base62.erl index 481488fb9..707981e32 100644 --- a/src/emqttd_base62.erl +++ b/src/emqttd_base62.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_boot.erl b/src/emqttd_boot.erl index d7a6d311e..694b5248a 100644 --- a/src/emqttd_boot.erl +++ b/src/emqttd_boot.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_bridge.erl b/src/emqttd_bridge.erl index 6c20290bd..8349eeec1 100644 --- a/src/emqttd_bridge.erl +++ b/src/emqttd_bridge.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_bridge_sup.erl b/src/emqttd_bridge_sup.erl index 75138332f..29b68c199 100644 --- a/src/emqttd_bridge_sup.erl +++ b/src/emqttd_bridge_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_bridge_sup_sup.erl b/src/emqttd_bridge_sup_sup.erl index 11679aba8..fe5c33428 100644 --- a/src/emqttd_bridge_sup_sup.erl +++ b/src/emqttd_bridge_sup_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_broker.erl b/src/emqttd_broker.erl index 9e78207ce..798c94a6a 100644 --- a/src/emqttd_broker.erl +++ b/src/emqttd_broker.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_cli.erl b/src/emqttd_cli.erl index 280c050ee..49e2500bb 100644 --- a/src/emqttd_cli.erl +++ b/src/emqttd_cli.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_cli_config.erl b/src/emqttd_cli_config.erl index 1ce0de49c..3c69c8cbc 100644 --- a/src/emqttd_cli_config.erl +++ b/src/emqttd_cli_config.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_client.erl b/src/emqttd_client.erl index 5ca450bf5..f479d2253 100644 --- a/src/emqttd_client.erl +++ b/src/emqttd_client.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_cm.erl b/src/emqttd_cm.erl index 4edc155df..bcaf353ed 100644 --- a/src/emqttd_cm.erl +++ b/src/emqttd_cm.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_cm_sup.erl b/src/emqttd_cm_sup.erl index fc01ea649..ccaea00fb 100644 --- a/src/emqttd_cm_sup.erl +++ b/src/emqttd_cm_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_config.erl b/src/emqttd_config.erl index deaaa77d1..04d94b260 100644 --- a/src/emqttd_config.erl +++ b/src/emqttd_config.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_ctl.erl b/src/emqttd_ctl.erl index 77769e3c8..a32a40172 100644 --- a/src/emqttd_ctl.erl +++ b/src/emqttd_ctl.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_gc.erl b/src/emqttd_gc.erl index 75545a77f..6484a195d 100644 --- a/src/emqttd_gc.erl +++ b/src/emqttd_gc.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_gen_mod.erl b/src/emqttd_gen_mod.erl index f8d690024..012b610da 100644 --- a/src/emqttd_gen_mod.erl +++ b/src/emqttd_gen_mod.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_guid.erl b/src/emqttd_guid.erl index 24199fa01..805a128b6 100644 --- a/src/emqttd_guid.erl +++ b/src/emqttd_guid.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_hooks.erl b/src/emqttd_hooks.erl index 693a67ff7..4fc84f9e8 100644 --- a/src/emqttd_hooks.erl +++ b/src/emqttd_hooks.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_http.erl b/src/emqttd_http.erl index a41025294..2b484038b 100644 --- a/src/emqttd_http.erl +++ b/src/emqttd_http.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_inflight.erl b/src/emqttd_inflight.erl index bb9af390b..be7517197 100644 --- a/src/emqttd_inflight.erl +++ b/src/emqttd_inflight.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_keepalive.erl b/src/emqttd_keepalive.erl index a0458038a..abc6dbc50 100644 --- a/src/emqttd_keepalive.erl +++ b/src/emqttd_keepalive.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_message.erl b/src/emqttd_message.erl index 4c3bea0d8..86918e47a 100644 --- a/src/emqttd_message.erl +++ b/src/emqttd_message.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_metrics.erl b/src/emqttd_metrics.erl index 17e6e96d4..37d897b67 100644 --- a/src/emqttd_metrics.erl +++ b/src/emqttd_metrics.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_mgmt.erl b/src/emqttd_mgmt.erl index 1a608968e..2052d68fc 100644 --- a/src/emqttd_mgmt.erl +++ b/src/emqttd_mgmt.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_misc.erl b/src/emqttd_misc.erl index e60d27d4f..2224879ca 100644 --- a/src/emqttd_misc.erl +++ b/src/emqttd_misc.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_mod_sup.erl b/src/emqttd_mod_sup.erl index 749b84a42..b8335e6b3 100644 --- a/src/emqttd_mod_sup.erl +++ b/src/emqttd_mod_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_mqueue.erl b/src/emqttd_mqueue.erl index 08e620a37..92fda72f1 100644 --- a/src/emqttd_mqueue.erl +++ b/src/emqttd_mqueue.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_net.erl b/src/emqttd_net.erl index 1f246a315..9da9cd287 100644 --- a/src/emqttd_net.erl +++ b/src/emqttd_net.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_packet.erl b/src/emqttd_packet.erl index 6349e58b1..f269f3dbe 100644 --- a/src/emqttd_packet.erl +++ b/src/emqttd_packet.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_parser.erl b/src/emqttd_parser.erl index 91df07d77..e9277a7c6 100644 --- a/src/emqttd_parser.erl +++ b/src/emqttd_parser.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_plugins.erl b/src/emqttd_plugins.erl index 81ff61a4d..4491e26df 100644 --- a/src/emqttd_plugins.erl +++ b/src/emqttd_plugins.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_pmon.erl b/src/emqttd_pmon.erl index ebe691ad4..00cb9a4c3 100644 --- a/src/emqttd_pmon.erl +++ b/src/emqttd_pmon.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_pool_sup.erl b/src/emqttd_pool_sup.erl index 87654bcff..d5f408cd2 100644 --- a/src/emqttd_pool_sup.erl +++ b/src/emqttd_pool_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_pooler.erl b/src/emqttd_pooler.erl index a74e01fec..fdde12a66 100644 --- a/src/emqttd_pooler.erl +++ b/src/emqttd_pooler.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_protocol.erl b/src/emqttd_protocol.erl index d021c9e1f..c72f7172c 100644 --- a/src/emqttd_protocol.erl +++ b/src/emqttd_protocol.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_pubsub.erl b/src/emqttd_pubsub.erl index 994ef6230..17f5455ff 100644 --- a/src/emqttd_pubsub.erl +++ b/src/emqttd_pubsub.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_pubsub_sup.erl b/src/emqttd_pubsub_sup.erl index 09d08d110..6e18aa031 100644 --- a/src/emqttd_pubsub_sup.erl +++ b/src/emqttd_pubsub_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_rest_api.erl b/src/emqttd_rest_api.erl index 0eb6adc11..ecc8410cd 100644 --- a/src/emqttd_rest_api.erl +++ b/src/emqttd_rest_api.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_router.erl b/src/emqttd_router.erl index fa1a0c70c..f667f8ea0 100644 --- a/src/emqttd_router.erl +++ b/src/emqttd_router.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_serializer.erl b/src/emqttd_serializer.erl index 079cfbb3c..1b81a45be 100644 --- a/src/emqttd_serializer.erl +++ b/src/emqttd_serializer.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_server.erl b/src/emqttd_server.erl index 4e05c00aa..38e7be311 100644 --- a/src/emqttd_server.erl +++ b/src/emqttd_server.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_session.erl b/src/emqttd_session.erl index 841a645a3..dfba46b3e 100644 --- a/src/emqttd_session.erl +++ b/src/emqttd_session.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_session_sup.erl b/src/emqttd_session_sup.erl index bd9b34f02..506383834 100644 --- a/src/emqttd_session_sup.erl +++ b/src/emqttd_session_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_sm.erl b/src/emqttd_sm.erl index a46d56fa6..e2e332041 100644 --- a/src/emqttd_sm.erl +++ b/src/emqttd_sm.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_sm_helper.erl b/src/emqttd_sm_helper.erl index 0721339fd..7a1875be1 100644 --- a/src/emqttd_sm_helper.erl +++ b/src/emqttd_sm_helper.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_sm_sup.erl b/src/emqttd_sm_sup.erl index 1c2e7f31a..f26716e0d 100644 --- a/src/emqttd_sm_sup.erl +++ b/src/emqttd_sm_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_stats.erl b/src/emqttd_stats.erl index 6d84395e2..4471a2814 100644 --- a/src/emqttd_stats.erl +++ b/src/emqttd_stats.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_sup.erl b/src/emqttd_sup.erl index e38d20d65..0d0bf496c 100644 --- a/src/emqttd_sup.erl +++ b/src/emqttd_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_sysmon.erl b/src/emqttd_sysmon.erl index c94c1df54..8a9489c9e 100644 --- a/src/emqttd_sysmon.erl +++ b/src/emqttd_sysmon.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_sysmon_sup.erl b/src/emqttd_sysmon_sup.erl index 99e7a628d..884112a00 100644 --- a/src/emqttd_sysmon_sup.erl +++ b/src/emqttd_sysmon_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_time.erl b/src/emqttd_time.erl index 7e5940438..77459195e 100644 --- a/src/emqttd_time.erl +++ b/src/emqttd_time.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_topic.erl b/src/emqttd_topic.erl index 91cd0ff08..6623c730f 100644 --- a/src/emqttd_topic.erl +++ b/src/emqttd_topic.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_trace.erl b/src/emqttd_trace.erl index 05734c2d2..b87359416 100644 --- a/src/emqttd_trace.erl +++ b/src/emqttd_trace.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_trace_sup.erl b/src/emqttd_trace_sup.erl index 728e6818e..35264e017 100644 --- a/src/emqttd_trace_sup.erl +++ b/src/emqttd_trace_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_trie.erl b/src/emqttd_trie.erl index 0bb6ec63e..2dae6974a 100644 --- a/src/emqttd_trie.erl +++ b/src/emqttd_trie.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_vm.erl b/src/emqttd_vm.erl index 16fae60ae..368463d35 100644 --- a/src/emqttd_vm.erl +++ b/src/emqttd_vm.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_ws.erl b/src/emqttd_ws.erl index 798c4d69b..e2375e4a6 100644 --- a/src/emqttd_ws.erl +++ b/src/emqttd_ws.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_ws_client.erl b/src/emqttd_ws_client.erl index 206f461bb..0462e3220 100644 --- a/src/emqttd_ws_client.erl +++ b/src/emqttd_ws_client.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/emqttd_ws_client_sup.erl b/src/emqttd_ws_client_sup.erl index 21f683eaa..48f3b1193 100644 --- a/src/emqttd_ws_client_sup.erl +++ b/src/emqttd_ws_client_sup.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/src/lager_emqtt_backend.erl b/src/lager_emqtt_backend.erl index 69c1aece4..1ceb9785e 100644 --- a/src/lager_emqtt_backend.erl +++ b/src/lager_emqtt_backend.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_SUITE.erl b/test/emqttd_SUITE.erl index c5794e5b0..360905859 100644 --- a/test/emqttd_SUITE.erl +++ b/test/emqttd_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_access_SUITE.erl b/test/emqttd_access_SUITE.erl index 762ae6f40..c3529d935 100644 --- a/test/emqttd_access_SUITE.erl +++ b/test/emqttd_access_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_acl_test_mod.erl b/test/emqttd_acl_test_mod.erl index 08f1f9c94..9ed34c263 100644 --- a/test/emqttd_acl_test_mod.erl +++ b/test/emqttd_acl_test_mod.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_auth_anonymous_test_mod.erl b/test/emqttd_auth_anonymous_test_mod.erl index be6a14bf8..0f01be47f 100644 --- a/test/emqttd_auth_anonymous_test_mod.erl +++ b/test/emqttd_auth_anonymous_test_mod.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_auth_dashboard.erl b/test/emqttd_auth_dashboard.erl index 49f54c377..97ed17ea4 100644 --- a/test/emqttd_auth_dashboard.erl +++ b/test/emqttd_auth_dashboard.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_cli_SUITE.erl b/test/emqttd_cli_SUITE.erl index 273518b7f..024432d95 100644 --- a/test/emqttd_cli_SUITE.erl +++ b/test/emqttd_cli_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_config_SUITE.erl b/test/emqttd_config_SUITE.erl index 744f7402e..8b227b1b2 100644 --- a/test/emqttd_config_SUITE.erl +++ b/test/emqttd_config_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_inflight_SUITE.erl b/test/emqttd_inflight_SUITE.erl index de5391f1a..d3800fc72 100644 --- a/test/emqttd_inflight_SUITE.erl +++ b/test/emqttd_inflight_SUITE.erl @@ -1,5 +1,5 @@ %% -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% -module(emqttd_inflight_SUITE). diff --git a/test/emqttd_lib_SUITE.erl b/test/emqttd_lib_SUITE.erl index a808fbcc8..dac72e210 100644 --- a/test/emqttd_lib_SUITE.erl +++ b/test/emqttd_lib_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_mod_SUITE.erl b/test/emqttd_mod_SUITE.erl index 1fcf455d0..9935b7424 100644 --- a/test/emqttd_mod_SUITE.erl +++ b/test/emqttd_mod_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_mqueue_SUITE.erl b/test/emqttd_mqueue_SUITE.erl index 93ccc9833..f709f1478 100644 --- a/test/emqttd_mqueue_SUITE.erl +++ b/test/emqttd_mqueue_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_net_SUITE.erl b/test/emqttd_net_SUITE.erl index 78abb50c9..c6bb10c14 100644 --- a/test/emqttd_net_SUITE.erl +++ b/test/emqttd_net_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_protocol_SUITE.erl b/test/emqttd_protocol_SUITE.erl index 21428f0c7..3401860e6 100644 --- a/test/emqttd_protocol_SUITE.erl +++ b/test/emqttd_protocol_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_router_SUITE.erl b/test/emqttd_router_SUITE.erl index 415550ec3..b305d699d 100644 --- a/test/emqttd_router_SUITE.erl +++ b/test/emqttd_router_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_topic_SUITE.erl b/test/emqttd_topic_SUITE.erl index 9ec7736bd..984d0b299 100644 --- a/test/emqttd_topic_SUITE.erl +++ b/test/emqttd_topic_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_trie_SUITE.erl b/test/emqttd_trie_SUITE.erl index a81a132f5..629531934 100644 --- a/test/emqttd_trie_SUITE.erl +++ b/test/emqttd_trie_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. diff --git a/test/emqttd_vm_SUITE.erl b/test/emqttd_vm_SUITE.erl index ef0ac2946..49252c2ae 100644 --- a/test/emqttd_vm_SUITE.erl +++ b/test/emqttd_vm_SUITE.erl @@ -1,5 +1,5 @@ %%-------------------------------------------------------------------- -%% Copyright (c) 2013-2017 EMQ Enterprise, Inc. (http://emqtt.io) +%% Copyright (c) 2013-2018 EMQ Enterprise, Inc. (http://emqtt.io) %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. From 701c632e074505eef76f2d10d7656ae27be992f0 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 23 Jan 2018 11:09:42 +0800 Subject: [PATCH 29/37] Fix issue #1461 - keep the retain flag for new subscription --- src/emqttd_protocol.erl | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/emqttd_protocol.erl b/src/emqttd_protocol.erl index d021c9e1f..eaa81e092 100644 --- a/src/emqttd_protocol.erl +++ b/src/emqttd_protocol.erl @@ -563,8 +563,11 @@ sp(false) -> 0. %% The retained flag should be propagated for bridge. %%-------------------------------------------------------------------- -clean_retain(false, Msg = #mqtt_message{retain = true}) -> - Msg#mqtt_message{retain = false}; +clean_retain(false, Msg = #mqtt_message{retain = true, headers = Headers}) -> + case lists:member(retained, Headers) of + true -> Msg; + false -> Msg#mqtt_message{retain = false} + end; clean_retain(_IsBridge, Msg) -> Msg. From b9dcccd7f76d7538bcb71ce96063a1dbe96701d1 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 23 Jan 2018 15:20:35 +0800 Subject: [PATCH 30/37] Version 2.3.4 --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a7bb63edc..804123d2d 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ PROJECT = emqttd PROJECT_DESCRIPTION = Erlang MQTT Broker -PROJECT_VERSION = 2.3.3 +PROJECT_VERSION = 2.3.4 DEPS = goldrush gproc lager esockd ekka mochiweb pbkdf2 lager_syslog bcrypt clique jsx From 87ae76b6b4464ee591e453c8d2b685cec1771adc Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 23 Jan 2018 15:22:05 +0800 Subject: [PATCH 31/37] Fix issue #1460 - Add node.proto_dist option to support inet6_dist --- etc/emq.conf | 9 +++++++++ priv/emq.schema | 5 +++++ 2 files changed, 14 insertions(+) diff --git a/etc/emq.conf b/etc/emq.conf index ef05b70e2..a5cc7584a 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -231,6 +231,15 @@ node.fullsweep_after = 1000 ## Value: Log file node.crash_dump = {{ platform_log_dir }}/crash.dump +## Specify the erlang distributed protocol. +## +## Value: Enum +## - inet_tcp: the default; handles TCP streams with IPv4 addressing. +## - inet6_tcp: handles TCP with IPv6 addressing. +## +## vm.args: -proto_dist inet_tcp +## node.proto_dist = inet_tcp + ## Sets the net_kernel tick time. TickTime is specified in seconds. ## Notice that all communicating nodes are to have the same TickTime ## value specified. diff --git a/priv/emq.schema b/priv/emq.schema index a70a90f90..954f1bdea 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -168,6 +168,11 @@ end}. {default, "emq@127.0.0.1"} ]}. +%% @doc The erlang distributed protocol +{mapping, "node.proto_dist", "vm_args.-proto_dist", [ + %%{default, "inet_tcp"} +]}. + %% @doc Secret cookie for distributed erlang node {mapping, "node.cookie", "vm_args.-setcookie", [ {default, "emqsecretcookie"} From 94e1229abb162f51c2ed30188ca0c911a8be774c Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Tue, 23 Jan 2018 16:32:53 +0800 Subject: [PATCH 32/37] Uncomment the 'node.proto_dist' to support docker env --- etc/emq.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/emq.conf b/etc/emq.conf index a5cc7584a..681dc9b54 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -238,7 +238,7 @@ node.crash_dump = {{ platform_log_dir }}/crash.dump ## - inet6_tcp: handles TCP with IPv6 addressing. ## ## vm.args: -proto_dist inet_tcp -## node.proto_dist = inet_tcp +node.proto_dist = inet_tcp ## Sets the net_kernel tick time. TickTime is specified in seconds. ## Notice that all communicating nodes are to have the same TickTime From f70bf23440a7d3dbdaa1489d66a1f3312342b9fc Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Wed, 24 Jan 2018 09:48:06 +0800 Subject: [PATCH 33/37] Add 'listener...reuseaddr' option --- etc/emq.conf | 71 +++++++++++++++++++++++++++++++++---------------- priv/emq.schema | 28 ++++++++++++++++++- 2 files changed, 75 insertions(+), 24 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 681dc9b54..1042d880b 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -704,6 +704,11 @@ listener.tcp.external.tune_buffer = on ## Value: true | false listener.tcp.external.nodelay = true +## The SO_REUSEADDR flag for TCP listener. +## +## Value: true | false +listener.tcp.external.reuseaddr = true + ##-------------------------------------------------------------------- ## Internal TCP Listener for MQTT Protocol @@ -800,6 +805,11 @@ listener.tcp.internal.tune_buffer = on ## Value: true | false listener.tcp.internal.nodelay = false +## The SO_REUSEADDR flag for MQTT/TCP Listener. +## +## Value: true | false +listener.tcp.internal.reuseaddr = true + ##-------------------------------------------------------------------- ## MQTT/SSL - External SSL Listener for MQTT Protocol @@ -1029,10 +1039,15 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## Value: true | false ## listener.ssl.external.nodelay = true +## The SO_REUSEADDR flag for MQTT/SSL Listener. +## +## Value: true | false +listener.ssl.external.reuseaddr = true + ##-------------------------------------------------------------------- ## External WebSocket Listener for MQTT Protocol -## listener.ws. is the IP address and port that the MQTT/Websocket +## listener.ws. is the IP address and port that the MQTT/WebSocket ## listener will bind. ## ## Value: IP:Port | Port @@ -1040,29 +1055,29 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## Examples: 8083, 127.0.0.1:8083, ::1:8083 listener.ws.external = 8083 -## The acceptor pool for external MQTT/Websocket listener. +## The acceptor pool for external MQTT/WebSocket listener. ## ## Value: Number listener.ws.external.acceptors = 4 -## Maximum number of concurrent MQTT/Websocket connections. +## Maximum number of concurrent MQTT/WebSocket connections. ## ## Value: Number listener.ws.external.max_clients = 102400 -## TODO: Zone of the external MQTT/Websocket listener belonged to. +## TODO: Zone of the external MQTT/WebSocket listener belonged to. ## ## Value: String ## listener.ws.external.zone = external -## Mountpoint of the MQTT/Websocket Listener. +## Mountpoint of the MQTT/WebSocket Listener. ## ## See: listener.tcp..mountpoint ## ## Value: String ## listener.ws.external.mountpoint = external/ -## The access control for the MQTT/Websocket listener. +## The access control for the MQTT/WebSocket listener. ## ## See: listener.tcp..access ## @@ -1084,35 +1099,35 @@ listener.ws.external.access.1 = allow all ## Value: Duration ## listener.ws.external.proxy_protocol_timeout = 3s -## The TCP backlog of external MQTT/Websocket Listener. +## The TCP backlog of external MQTT/WebSocket Listener. ## ## See: listener.tcp..backlog ## ## Value: Number >= 0 listener.ws.external.backlog = 1024 -## The TCP send timeout for external MQTT/Websocket connections. +## The TCP send timeout for external MQTT/WebSocket connections. ## ## See: listener.tcp..send_timeout ## ## Value: Duration listener.ws.external.send_timeout = 15s -## Close the MQTT/Websocket connection if send timeout. +## Close the MQTT/WebSocket connection if send timeout. ## ## See: listener.tcp..send_timeout_close ## ## Value: on | off listener.ws.external.send_timeout_close = on -## The TCP receive buffer(os kernel) for external MQTT/Websocket connections. +## The TCP receive buffer(os kernel) for external MQTT/WebSocket connections. ## ## See: listener.tcp..recbuf ## ## Value: Bytes ## listener.ws.external.recbuf = 4KB -## The TCP send buffer(os kernel) for external MQTT/Websocket connections. +## The TCP send buffer(os kernel) for external MQTT/WebSocket connections. ## ## See: listener.tcp..sndbuf ## @@ -1133,17 +1148,22 @@ listener.ws.external.send_timeout_close = on ## Value: on | off listener.ws.external.tune_buffer = on -## The TCP_NODELAY flag for external MQTT/Websocket connections. +## The TCP_NODELAY flag for external MQTT/WebSocket connections. ## ## See: listener.tcp..nodelay ## ## Value: true | false listener.ws.external.nodelay = true +## The SO_REUSEADDR flag for MQTT/WebSocket Listener. +## +## Value: true | false +listener.ws.external.reuseaddr = true + ##-------------------------------------------------------------------- ## External WebSocket/SSL listener for MQTT Protocol -## listener.wss. is the IP address and port that the MQTT/Websocket/SSL +## listener.wss. is the IP address and port that the MQTT/WebSocket/SSL ## listener will bind. ## ## Value: IP:Port | Port @@ -1151,7 +1171,7 @@ listener.ws.external.nodelay = true ## Examples: 8084, 127.0.0.1:8084, ::1:8084 listener.wss.external = 8084 -## The acceptor pool for external MQTT/Websocket/SSL listener. +## The acceptor pool for external MQTT/WebSocket/SSL listener. ## ## Value: Number listener.wss.external.acceptors = 4 @@ -1161,19 +1181,19 @@ listener.wss.external.acceptors = 4 ## Value: Number listener.wss.external.max_clients = 64 -## TODO: Zone of the external MQTT/Websocket/SSL listener belonged to. +## TODO: Zone of the external MQTT/WebSocket/SSL listener belonged to. ## ## Value: String ## listener.wss.external.zone = external -## Mountpoint of the MQTT/Websocket/SSL Listener. +## Mountpoint of the MQTT/WebSocket/SSL Listener. ## ## See: listener.tcp..mountpoint ## ## Value: String ## listener.wss.external.mountpoint = inbound/ -## The access control rules for the MQTT/Websocket/SSL listener. +## The access control rules for the MQTT/WebSocket/SSL listener. ## ## See: listener.tcp..access. ## @@ -1269,35 +1289,35 @@ listener.wss.external.certfile = {{ platform_etc_dir }}/certs/cert.pem ## Value: cn | dn ## listener.wss.external.peer_cert_as_username = cn -## TCP backlog for the Websocket/SSL connection. +## TCP backlog for the WebSocket/SSL connection. ## ## See listener.tcp..backlog ## ## Value: Number >= 0 listener.wss.external.backlog = 1024 -## The TCP send timeout for the Websocket/SSL connection. +## The TCP send timeout for the WebSocket/SSL connection. ## ## See: listener.tcp..send_timeout ## ## Value: Duration listener.wss.external.send_timeout = 15s -## Close the Websocket/SSL connection if send timeout. +## Close the WebSocket/SSL connection if send timeout. ## ## See: listener.tcp..send_timeout_close ## ## Value: on | off listener.wss.external.send_timeout_close = on -## The TCP receive buffer(os kernel) for the Websocket/SSL connections. +## The TCP receive buffer(os kernel) for the WebSocket/SSL connections. ## ## See: listener.tcp..recbuf ## ## Value: Bytes ## listener.wss.external.recbuf = 4KB -## The TCP send buffer(os kernel) for the Websocket/SSL connections. +## The TCP send buffer(os kernel) for the WebSocket/SSL connections. ## ## See: listener.tcp..sndbuf ## @@ -1311,13 +1331,18 @@ listener.wss.external.send_timeout_close = on ## Value: Bytes ## listener.wss.external.buffer = 4KB -## The TCP_NODELAY flag for Websocket/SSL connections. +## The TCP_NODELAY flag for WebSocket/SSL connections. ## ## See: listener.tcp..nodelay ## ## Value: true | false ## listener.wss.external.nodelay = true +## The SO_REUSEADDR flag for WebSocket/SSL listener. +## +## Value: true | false +listener.wss.external.reuseaddr = true + ##-------------------------------------------------------------------- ## HTTP Management API Listener diff --git a/priv/emq.schema b/priv/emq.schema index 954f1bdea..b07055ead 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -850,6 +850,11 @@ end}. hidden ]}. +{mapping, "listener.tcp.$name.reuseaddr", "emqttd.listeners", [ + {datatype, {enum, [true, false]}}, + hidden +]}. + %%-------------------------------------------------------------------- %% SSL Listeners @@ -932,6 +937,11 @@ end}. hidden ]}. +{mapping, "listener.ssl.$name.reuseaddr", "emqttd.listeners", [ + {datatype, {enum, [true, false]}}, + hidden +]}. + {mapping, "listener.ssl.$name.tls_versions", "emqttd.listeners", [ {datatype, string} ]}. @@ -1067,6 +1077,11 @@ end}. hidden ]}. +{mapping, "listener.ws.$name.reuseaddr", "emqttd.listeners", [ + {datatype, {enum, [true, false]}}, + hidden +]}. + %%-------------------------------------------------------------------- %% MQTT/WebSocket/SSL Listeners @@ -1148,6 +1163,11 @@ end}. hidden ]}. +{mapping, "listener.wss.$name.reuseaddr", "emqttd.listeners", [ + {datatype, {enum, [true, false]}}, + hidden +]}. + {mapping, "listener.wss.$name.tls_versions", "emqttd.listeners", [ {datatype, string} ]}. @@ -1239,7 +1259,8 @@ end}. {recbuf, cuttlefish:conf_get(Prefix ++ ".recbuf", Conf, undefined)}, {sndbuf, cuttlefish:conf_get(Prefix ++ ".sndbuf", Conf, undefined)}, {buffer, cuttlefish:conf_get(Prefix ++ ".buffer", Conf, undefined)}, - {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}]) + {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}, + {reuseaddr, cuttlefish:conf_get(Prefix ++ ".reuseaddr", Conf, true)}]) end, SplitFun = fun(undefined) -> undefined; (S) -> string:tokens(S, ",") end, @@ -1378,6 +1399,11 @@ end}. hidden ]}. +{mapping, "listener.api.$name.reuseaddr", "emqttd.listeners", [ + {datatype, {enum, [true, false]}}, + hidden +]}. + {mapping, "listener.api.$name.handshake_timeout", "emqttd.listeners", [ {datatype, {duration, ms}} ]}. From 3146cdda924e61e45c0f2346dfcbb98effed09e1 Mon Sep 17 00:00:00 2001 From: HeeeJianBo Date: Sun, 28 Jan 2018 14:25:41 +0800 Subject: [PATCH 34/37] Fix #1473 for supporting special chars in URL path --- src/emqttd_http.erl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/emqttd_http.erl b/src/emqttd_http.erl index 2b484038b..c229f4de2 100644 --- a/src/emqttd_http.erl +++ b/src/emqttd_http.erl @@ -45,7 +45,7 @@ http_api() -> %% Handle HTTP Request %%-------------------------------------------------------------------- handle_request(Req, State) -> - Path = Req:get(path), + {Path, _, _} = mochiweb_util:urlsplit_path(Req:get(raw_path)), case Path of "/status" -> handle_request("/status", Req, Req:get(method)); @@ -58,7 +58,7 @@ handle_request(Req, State) -> end. inner_handle_request(Req, State) -> - Path = Req:get(path), + {Path, _, _} = mochiweb_util:urlsplit_path(Req:get(raw_path)), case Path of "/api/v2/auth" -> handle_request(Path, Req, State); _ -> if_authorized(Req, fun() -> handle_request(Path, Req, State) end) @@ -95,7 +95,8 @@ dispatcher(APIs) -> case {check_params(Params, FilterArgs), check_params_type(Params, FilterArgs)} of {true, true} -> - {match, [MatchList]} = re:run(Url, Regexp, [global, {capture, all_but_first, list}]), + {match, [MatchList0]} = re:run(Url, Regexp, [global, {capture, all_but_first, list}]), + MatchList = lists:map(fun mochiweb_util:unquote/1, MatchList0), Args = lists:append([[Method, Params], MatchList]), lager:debug("Mod:~p, Fun:~p, Args:~p", [emqttd_rest_api, Function, Args]), case catch apply(emqttd_rest_api, Function, Args) of From bd0409879b6105e76b16bbd6776a64fc1a8d1273 Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Sun, 28 Jan 2018 15:26:56 +0800 Subject: [PATCH 35/37] Add 'proxy_port_address', 'proxy_port_header' options for WebSocket listener --- etc/emq.conf | 22 ++++++++++++++++++---- priv/emq.schema | 8 ++++---- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/etc/emq.conf b/etc/emq.conf index 70fcd762c..a5ca15d9c 100644 --- a/etc/emq.conf +++ b/etc/emq.conf @@ -1084,9 +1084,17 @@ listener.ws.external.max_clients = 102400 ## Value: ACL Rule listener.ws.external.access.1 = allow all -## listener.ws.external.proxy_address_header = x-forwarded-for +## Use X-Forwarded-For header for real source IP if the EMQ cluster is +## deployed behind NGINX or HAProxy. +## +## Value: String +## listener.ws.external.proxy_address_header = X-Forwarded-For -## listener.ws.external.proxy_port_header = x-remote-port +## Use X-Forwarded-Port header for real source port if the EMQ cluster is +## deployed behind NGINX or HAProxy. +## +## Value: String +## listener.ws.external.proxy_port_header = X-Forwarded-Port ## Enable the Proxy Protocol V1/2 if the EMQ cluster is deployed behind ## HAProxy or Nginx. @@ -1204,9 +1212,15 @@ listener.wss.external.max_clients = 64 ## Value: ACL Rule listener.wss.external.access.1 = allow all -## listener.wss.external.proxy_address_header = x-forwarded-for +## See: listener.ws.external.proxy_address_header +## +## Value: String +## listener.wss.external.proxy_address_header = X-Forwarded-For -## listener.wss.external.proxy_port_header = x-remote-port +## See: listener.ws.external.proxy_port_header +## +## Value: String +## listener.wss.external.proxy_port_header = X-Forwarded-Port ## Enable the Proxy Protocol V1/2 support. ## diff --git a/priv/emq.schema b/priv/emq.schema index 9f8dbcf74..8c1e64a9f 100644 --- a/priv/emq.schema +++ b/priv/emq.schema @@ -1029,12 +1029,12 @@ end}. {datatype, string} ]}. -{mapping, "listener.ws.$name.proxy_port_header", "emqttd.listeners", [ +{mapping, "listener.ws.$name.proxy_address_header", "emqttd.listeners", [ {datatype, string}, hidden ]}. -{mapping, "listener.ws.$name.proxy_address_header", "emqttd.listeners", [ +{mapping, "listener.ws.$name.proxy_port_header", "emqttd.listeners", [ {datatype, string}, hidden ]}. @@ -1125,12 +1125,12 @@ end}. {datatype, string} ]}. -{mapping, "listener.wss.$name.proxy_port_header", "emqttd.listeners", [ +{mapping, "listener.wss.$name.proxy_address_header", "emqttd.listeners", [ {datatype, string}, hidden ]}. -{mapping, "listener.wss.$name.proxy_address_header", "emqttd.listeners", [ +{mapping, "listener.wss.$name.proxy_port_header", "emqttd.listeners", [ {datatype, string}, hidden ]}. From 4727acad1417fc30d78839bf1928dd7ac9a1da2d Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 1 Feb 2018 12:13:46 +0800 Subject: [PATCH 36/37] Depends on esockd v5.2.1, mochiweb v4.2.2 --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 804123d2d..3b3c4c1ff 100644 --- a/Makefile +++ b/Makefile @@ -8,9 +8,9 @@ dep_goldrush = git https://github.com/basho/goldrush 0.1.9 dep_gproc = git https://github.com/uwiger/gproc dep_getopt = git https://github.com/jcomellas/getopt v0.8.2 dep_lager = git https://github.com/basho/lager master -dep_esockd = git https://github.com/emqtt/esockd v5.2 +dep_esockd = git https://github.com/emqtt/esockd v5.2.1 dep_ekka = git https://github.com/emqtt/ekka v0.2.2 -dep_mochiweb = git https://github.com/emqtt/mochiweb v4.2.1 +dep_mochiweb = git https://github.com/emqtt/mochiweb v4.2.2 dep_pbkdf2 = git https://github.com/emqtt/pbkdf2 2.0.1 dep_lager_syslog = git https://github.com/basho/lager_syslog dep_bcrypt = git https://github.com/smarkets/erlang-bcrypt master From 0dac7a2708a2fb99ab41a995089903c1b47bf71a Mon Sep 17 00:00:00 2001 From: Feng Lee Date: Thu, 1 Feb 2018 12:18:49 +0800 Subject: [PATCH 37/37] Version 2.3.5 - depends on the 'develop' branch of esockd, ekka and mochiweb --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 804123d2d..683f6b057 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ PROJECT = emqttd PROJECT_DESCRIPTION = Erlang MQTT Broker -PROJECT_VERSION = 2.3.4 +PROJECT_VERSION = 2.3.5 DEPS = goldrush gproc lager esockd ekka mochiweb pbkdf2 lager_syslog bcrypt clique jsx @@ -8,9 +8,9 @@ dep_goldrush = git https://github.com/basho/goldrush 0.1.9 dep_gproc = git https://github.com/uwiger/gproc dep_getopt = git https://github.com/jcomellas/getopt v0.8.2 dep_lager = git https://github.com/basho/lager master -dep_esockd = git https://github.com/emqtt/esockd v5.2 -dep_ekka = git https://github.com/emqtt/ekka v0.2.2 -dep_mochiweb = git https://github.com/emqtt/mochiweb v4.2.1 +dep_esockd = git https://github.com/emqtt/esockd develop +dep_ekka = git https://github.com/emqtt/ekka develop +dep_mochiweb = git https://github.com/emqtt/mochiweb develop dep_pbkdf2 = git https://github.com/emqtt/pbkdf2 2.0.1 dep_lager_syslog = git https://github.com/basho/lager_syslog dep_bcrypt = git https://github.com/smarkets/erlang-bcrypt master