Put cn/dn of client cert into credentials (#2357)
Put cn/dn of client cert into credentials
This commit is contained in:
JianBo He
tigercl
parent
2534b8dc64
commit
c223f62c5a
|
|
@ -25,7 +25,7 @@
|
|||
-boot_mnesia({mnesia, [boot]}).
|
||||
-copy_mnesia({mnesia, [copy]}).
|
||||
|
||||
%% gen_server callbacks
|
||||
%% gen_event callbacks
|
||||
-export([ init/1
|
||||
, handle_event/2
|
||||
, handle_call/2
|
||||
|
|
|
|||
|
|
@ -207,11 +207,23 @@ credentials(#pstate{credentials = Credentials}) when map_size(Credentials) =/= 0
|
|||
credentials(#pstate{zone = Zone,
|
||||
client_id = ClientId,
|
||||
username = Username,
|
||||
peername = Peername}) ->
|
||||
#{zone => Zone,
|
||||
peername = Peername,
|
||||
peercert = Peercert}) ->
|
||||
with_cert(#{zone => Zone,
|
||||
client_id => ClientId,
|
||||
username => Username,
|
||||
peername => Peername}.
|
||||
peername => Peername}, Peercert).
|
||||
|
||||
with_cert(Credentials, undefined) -> Credentials;
|
||||
with_cert(Credentials, Peercert) ->
|
||||
Credentials#{dn => esockd_peercert:subject(Peercert),
|
||||
cn => esockd_peercert:common_name(Peercert)}.
|
||||
|
||||
keepsafety(Credentials) ->
|
||||
maps:filter(fun(password, _) -> false;
|
||||
(dn, _) -> false;
|
||||
(cn, _) -> false;
|
||||
(_, _) -> true end, Credentials).
|
||||
|
||||
stats(#pstate{recv_stats = #{pkt := RecvPkt, msg := RecvMsg},
|
||||
send_stats = #{pkt := SendPkt, msg := SendMsg}}) ->
|
||||
|
|
@ -389,7 +401,7 @@ process(?CONNECT_PACKET(
|
|||
case try_open_session(SessAttrs, PState3) of
|
||||
{ok, SPid, SP} ->
|
||||
PState4 = PState3#pstate{session = SPid, connected = true,
|
||||
credentials = maps:remove(password, Credentials0)},
|
||||
credentials = keepsafety(Credentials0)},
|
||||
ok = emqx_cm:register_connection(client_id(PState4)),
|
||||
true = emqx_cm:set_conn_attrs(client_id(PState4), attrs(PState4)),
|
||||
%% Start keepalive
|
||||
|
|
|
|||
Loading…
Reference in New Issue