Merge pull request #9340 from lafirest/feat/warning_for_default_cookie

refactor(cookie): Warning message when boot with default Erlang cookie
2022-11-15 22:34:30 +08:00 · 2022-11-15 22:34:30 +08:00 · e3675f5807
parent e9490654ae ed3dc0b614
commit e3675f5807
5 changed files with 26 additions and 9 deletions
--- a/bin/emqx
+++ b/bin/emqx
@ -537,9 +537,13 @@ if [ -z "$COOKIE" ]; then
    fi
 fi

-if [ -z "$COOKIE" ]; then
+[ -z "$COOKIE" ] && COOKIE="$EMQX_DEFAULT_ERLANG_COOKIE"
+if [ $IS_BOOT_COMMAND = 'yes' ] && [ "$COOKIE" = "$EMQX_DEFAULT_ERLANG_COOKIE" ]; then
+    echoerr "!!!!!!"
+    echoerr "WARNING: Default (insecure) Erlang cookie is in use."
    echoerr "Please set node.cookie in $RUNNER_ETC_DIR/emqx.conf or override from environment variable EMQX_NODE_COOKIE"
-    exit 1
+    echoerr "NOTE: Use the same config value for all nodes in the cluster."
+    echoerr "!!!!!!"
 fi

 cd "$ROOTDIR"
--- a/changes/v4.3.23-en.md
+++ b/changes/v4.3.23-en.md
@ -4,4 +4,6 @@

 - Added topic validation for `emqx_mod_rewrite`. The dest topics contains wildcards are not allowed to publish [#9359](https://github.com/emqx/emqx/issues/9359).

+- Print a warning message when boot with the default (insecure) Erlang cookie [#9340](https://github.com/emqx/emqx/pull/9340).
+
 ## Bug fixes
--- a/changes/v4.3.23-zh.md
+++ b/changes/v4.3.23-zh.md
@ -4,4 +4,6 @@

 - 为主题重写模块增加主题合法性检查，带有通配符的目标主题不允许被发布 [#9359](https://github.com/emqx/emqx/issues/9359)。

+- 使用默认的(不安全的) Erlang cookie 进行启动时，将会打印一条警告信息 [#9340](https://github.com/emqx/emqx/pull/9340)。
+
 ## 修复
--- a/data/emqx_vars
+++ b/data/emqx_vars
@ -14,6 +14,10 @@ RUNNER_DATA_DIR="{{ runner_data_dir }}"
 RUNNER_USER="{{ runner_user }}"
 EMQX_DESCRIPTION='{{ emqx_description }}'

+## Do not change EMQX_DEFAULT_ERLANG_COOKIE.
+## Configure EMQX_NODE_COOKIE instead
+EMQX_DEFAULT_ERLANG_COOKIE='{{ emqx_default_erlang_cookie }}'
+
 ## Warning: DO NOT create new variables using the above vars in this file,
 ## as the vars above can be overwritten by the relup scripts later, like:
 ## REL_VSN="new_version"
--- a/rebar.config.erl
+++ b/rebar.config.erl
@ -203,18 +203,23 @@ overlay_vars(RelType, PkgType, false) ->
    overlay_vars_rel(RelType) ++ overlay_vars_pkg(PkgType).

 %% vars per release type, cloud or edge
-overlay_vars_rel(RelType) ->
-    VmArgs = case RelType of
-                 cloud -> "vm.args";
-                 edge -> "vm.args.edge"
-             end,
-    [ {enable_plugin_emqx_rule_engine, RelType =:= cloud}
+overlay_vars_rel(cloud) ->
+    [ {vm_args_file, "vm.args"}
+    | overlay_vars_rel_common(cloud)
+    ];
+overlay_vars_rel(edge) ->
+    [ {vm_args_file, "vm.args.edge"}
+    | overlay_vars_rel_common(edge)
+    ].
+
+overlay_vars_rel_common(RelType) ->
+    [ {emqx_default_erlang_cookie, "emqxsecretcookie"}
+    , {enable_plugin_emqx_rule_engine, RelType =:= cloud}
    , {enable_plugin_emqx_bridge_mqtt, RelType =:= edge}
    , {enable_plugin_emqx_modules, false} %% modules is not a plugin in ce
    , {enable_plugin_emqx_recon, true}
    , {enable_plugin_emqx_retainer, true}
    , {enable_plugin_emqx_telemetry, true}
-    , {vm_args_file, VmArgs}
    ].

 %% vars per packaging type, bin(zip/tar.gz/docker) or pkg(rpm/deb)