diff --git a/.github/workflows/build_packages.yaml b/.github/workflows/build_packages.yaml index 1165e130a..4e43f663b 100644 --- a/.github/workflows/build_packages.yaml +++ b/.github/workflows/build_packages.yaml @@ -29,6 +29,7 @@ jobs: - uses: actions/checkout@v3 with: path: source + fetch-depth: 0 # clone full git history - name: detect-profiles id: detect-profiles uses: ./source/.github/actions/detect-profiles diff --git a/.github/workflows/build_slim_packages.yaml b/.github/workflows/build_slim_packages.yaml index bd529a1b1..5a2b4de6c 100644 --- a/.github/workflows/build_slim_packages.yaml +++ b/.github/workflows/build_slim_packages.yaml @@ -39,6 +39,8 @@ jobs: # keep using v1 for now as the otp-23 image has an old version git # TODO: change to v3 after OTP is upgraded to 23.3.4.18-1 - uses: actions/checkout@v1 + with: + fetch-depth: 0 # clone full git history - name: fix-git-unsafe-repository run: git config --global --add safe.directory /__w/emqx/emqx - uses: ./.github/actions/detect-profiles @@ -123,6 +125,8 @@ jobs: runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v3 + with: + fetch-depth: 0 # clone full git history - name: ensure access to github if: endsWith(github.repository, 'enterprise') run: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a7f3cbe6c..14df0776f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -14,6 +14,8 @@ jobs: steps: - uses: actions/checkout@v3 + with: + fetch-depth: 0 # clone full git history - id: detect-profiles uses: ./.github/actions/detect-profiles @@ -55,6 +57,8 @@ jobs: -d "{\"repo\":\"emqx/emqx\", \"tag\": \"${{ github.ref_name }}\" }" \ ${{ secrets.EMQX_IO_RELEASE_API }} - uses: actions/checkout@v3 + with: + fetch-depth: 0 # clone full git history - name: get version id: version run: echo "version=$(./pkg-vsn.sh)" >> $GITHUB_OUTPUT diff --git a/build b/build index fa4b7017e..23e5cef49 100755 --- a/build +++ b/build @@ -62,20 +62,9 @@ log() { echo "===< $msg" } -delete_unwanted_file() { - if [ -e "${1}" ]; then - log "Deleting file: ${1}" - rm -f "${1}" - else - log "Cannot delete file: ${1} -- file not found" - fi -} - make_rel() { - ./rebar3 as "$PROFILE" release - # delete outdated cert store - delete_unwanted_file _build/"${PROFILE}"/rel/emqx/lib/certifi*/priv/cacerts.pem - ./rebar3 as "$PROFILE" tar + # shellcheck disable=SC1010 + ./rebar3 as "$PROFILE" do release,tar } relup_db() { diff --git a/changes/v4.3.22-en.md b/changes/v4.3.22-en.md index d4116990a..a625bf323 100644 --- a/changes/v4.3.22-en.md +++ b/changes/v4.3.22-en.md @@ -3,6 +3,8 @@ ## Enhancements +- Make sure listener's `tls_versions` config value is one or more of `tlsv1`, `tlsv1.1`, `tlsv1.2`, `tlsv1.3` [#9260](https://github.com/emqx/emqx/pull/9260). + - Remove useless information from the dashboard listener failure log [#9260](https://github.com/emqx/emqx/pull/9260). - We now trigger the `'message.acked'` hook after the CoAP gateway sends a message to the device and receives the ACK from the device [#9264](https://github.com/emqx/emqx/pull/9264). @@ -39,8 +41,8 @@ - Added configurations to enable more `client.disconnected` events (and counter bumps) [#9267](https://github.com/emqx/emqx/pull/9267). Prior to this change, the `client.disconnected` event (and counter bump) is triggered when a client performs a 'normal' disconnect, or is 'kicked' by system admin, but NOT triggered when a - stale connection had to be 'discarded' (for clean session) or 'takenover' (for non-clean session). - Now it is possible to set configs `broker.client_disconnect_discarded` and `broker.client_disconnect_takenover` to `on` to enable the event in these scenarios. + stale connection had to be 'discarded' (for clean session) or 'takeovered' (for non-clean session) by new connection. + Now it is possible to set configs `broker.client_disconnect_discarded` and `broker.client_disconnect_takeovered` to `on` to enable the event in these scenarios. - For Rule-Engine resource creation failure, delay before the first retry [#9313](https://github.com/emqx/emqx/pull/9313). Prior to this change, the retry delay was added *after* the retry failure. diff --git a/changes/v4.3.22-zh.md b/changes/v4.3.22-zh.md index 2e02538ca..758b31547 100644 --- a/changes/v4.3.22-zh.md +++ b/changes/v4.3.22-zh.md @@ -2,6 +2,8 @@ ## 增强 +- 检查监听器的 `tls_versions` 配置值是 `tlsv1`,`tlsv1.1`,`tlsv1.2`,`tlsv1.3` 中的一个或多个组合 [#9260](https://github.com/emqx/emqx/pull/9260)。 + - 删除 Dashboard 监听器失败时日志中的无用信息 [#9260](https://github.com/emqx/emqx/pull/9260). - 当 CoAP 网关给设备投递消息并收到设备发来的确认之后,回调 `'message.acked'` 钩子 [#9264](https://github.com/emqx/emqx/pull/9264)。 @@ -34,7 +36,7 @@ - 为更多类型的 `client.disconnected` 事件(计数器触发)提供可配置项 [#9267](https://github.com/emqx/emqx/pull/9267)。 此前,`client.disconnected` 事件及计数器仅会在客户端正常断开连接或客户端被系统管理员踢出时触发, - 但不会在旧 session 被废弃 (clean_session = true) 或旧 session 被接管 (clean_session = false) 时被触发。 + 但不会在旧 session 被新连接废弃时 (clean_session = true) ,或旧 session 被新连接接管时 (clean_session = false) 被触发。 可将 `broker.client_disconnect_discarded` 和 `broker.client_disconnect_takovered` 选项设置为 `on` 来启用此场景下的客户端断连事件。 - 规则引擎资源创建失败后,第一次重试前增加一个延迟 [#9313](https://github.com/emqx/emqx/pull/9313)。 diff --git a/etc/emqx.conf b/etc/emqx.conf index fc7ffa3cf..0a7e67bba 100644 --- a/etc/emqx.conf +++ b/etc/emqx.conf @@ -2539,9 +2539,9 @@ broker.route_batch_clean = off ## Enable client disconnect event will be triggered by which reasons. ## Value: on | off -## `takeover`: session was takenover by another client with same client ID. (clean_session = false) +## `discarded`: session was discarded by another client with same client ID when new connection use `clean_session = true`. ## Default: off -## `discard`: session was takeover by another client with same client ID. (clean_session = true) +## `takeover`: session was takeovered by another client with same client ID when new connection use `clean_session = false`. ## Default: off ## # broker.client_disconnect_discarded = off diff --git a/priv/emqx.schema b/priv/emqx.schema index 0462b0898..9e42362b2 100644 --- a/priv/emqx.schema +++ b/priv/emqx.schema @@ -842,13 +842,13 @@ end}. %% @doc Define a determined authentication plugin/module check order. %% see detailed doc in emqx.conf {mapping, "auth_order", "emqx.auth_order", [ - {default, "none"}, + {default, "none"}, % keep default value in sync with emqx_conf.erl {datatype, string} ]}. %% @doc Same as auth_order, but for ACL. {mapping, "acl_order", "emqx.acl_order", [ - {default, "none"}, + {default, "none"}, % keep default value in sync with emqx_conf.erl {datatype, string} ]}. @@ -2310,7 +2310,16 @@ end}. SslOpts = fun(Prefix) -> Versions = case SplitFun(cuttlefish:conf_get(Prefix ++ ".tls_versions", Conf, undefined)) of undefined -> undefined; - L -> [list_to_atom(V) || V <- L] + L -> + Versions0 = [list_to_atom(V) || V <- L], + SupportVersions = ['tlsv1', 'tlsv1.1', 'tlsv1.2', 'tlsv1.3'], + case lists:all(fun(V) -> lists:member(V, SupportVersions) end, Versions0) of + false -> + cuttlefish:invalid( + lists:flatten(io_lib:format("tls_versions: only support ~p", [SupportVersions]))); + true -> + Versions0 + end end, TLSCiphers = cuttlefish:conf_get(Prefix++".ciphers", Conf, undefined), PSKCiphers = cuttlefish:conf_get(Prefix++".psk_ciphers", Conf, undefined), @@ -2685,13 +2694,13 @@ end}. ]}. %% @doc Configuration of disconnected event reason. -%% `takeover`: session was takenover by another client with same client ID. (clean_session = false) -%% `discard`: session was takeover by another client with same client ID. (clean_session = true) +%% `discarded`: session was discarded by another client with same client ID when new connection use `clean_session = true`. {mapping, "broker.client_disconnect_discarded", "emqx.client_disconnect_discarded", [ {default, off}, {datatype, flag} ]}. +%% `takeovered`: session was takeovered by another client with same client ID when new connection use `clean_session = false`. {mapping, "broker.client_disconnect_takeovered", "emqx.client_disconnect_takeovered", [ {default, off}, {datatype, flag}