root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Add schema duplicate for amqp 1.0

This commit is contained in:
Simon Unge 2024-06-12 17:14:54 +00:00 committed by Michael Klishin
parent 145592efe9
commit 24fb0334ac
2 changed files with 235 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
deps/rabbit/priv/schema/rabbit.schema vendored
View File

@ -2661,9 +2661,117 @@ fun(Conf) ->
list_to_binary(cuttlefish:conf_get("amqp1_0.default_vhost", Conf))
end}.
%% ----------------------------------------------------------------------------
%% AMQP client 1.0 TLS options
%% ----------------------------------------------------------------------------
{mapping, "amqp10_client.ssl_options", "amqp10_client.ssl_options", [
{datatype, {enum, [none]}}
]}.
{translation, "amqp10_client.ssl_options",
fun(Conf) ->
case cuttlefish:conf_get("amqp10_client.ssl_options", Conf, undefined) of
none -> [];
_ -> cuttlefish:invalid("Invalid amqp10_client.ssl_options")
end
end}.
{mapping, "amqp10_client.ssl_options.verify", "amqp10_client.ssl_options.verify", [
{datatype, {enum, [verify_peer, verify_none]}}]}.
{mapping, "amqp10_client.ssl_options.cacertfile", "amqp10_client.ssl_options.cacertfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp10_client.ssl_options.certfile", "amqp10_client.ssl_options.certfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp10_client.ssl_options.cacerts.$name", "amqp10_client.ssl_options.cacerts",
[{datatype, string}]}.
{translation, "amqp10_client.ssl_options.cacerts",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("amqp10_client.ssl_options.cacerts", Conf),
[ list_to_binary(V) || {_, V} <- Settings ]
end}.
{mapping, "amqp10_client.ssl_options.cert", "amqp10_client.ssl_options.cert",
[{datatype, string}]}.
{translation, "amqp10_client.ssl_options.cert",
fun(Conf) ->
list_to_binary(cuttlefish:conf_get("amqp10_client.ssl_options.cert", Conf))
end}.
{mapping, "amqp10_client.ssl_options.crl_check", "amqp10_client.ssl_options.crl_check",
[{datatype, [{enum, [true, false, peer, best_effort]}]}]}.
{mapping, "amqp10_client.ssl_options.depth", "amqp10_client.ssl_options.depth",
[{datatype, integer}, {validators, ["byte"]}]}.
{mapping, "amqp10_client.ssl_options.key.RSAPrivateKey", "amqp10_client.ssl_options.key",
[{datatype, string}]}.
{mapping, "amqp10_client.ssl_options.key.DSAPrivateKey", "amqp10_client.ssl_options.key",
[{datatype, string}]}.
{mapping, "amqp10_client.ssl_options.key.PrivateKeyInfo", "amqp10_client.ssl_options.key",
[{datatype, string}]}.
{translation, "amqp10_client.ssl_options.key",
fun(Conf) ->
case cuttlefish_variable:filter_by_prefix("amqp10_client.ssl_options.key", Conf) of
[{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)};
_ -> undefined
end
end}.
{mapping, "amqp10_client.ssl_options.keyfile", "amqp10_client.ssl_options.keyfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp10_client.ssl_options.log_alert", "amqp10_client.ssl_options.log_alert",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp10_client.ssl_options.password", "amqp10_client.ssl_options.password",
[{datatype, string}]}.
{mapping, "amqp10_client.ssl_options.psk_identity", "amqp10_client.ssl_options.psk_identity",
[{datatype, string}]}.
{mapping, "amqp10_client.ssl_options.reuse_sessions", "amqp10_client.ssl_options.reuse_sessions",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp10_client.ssl_options.secure_renegotiate", "amqp10_client.ssl_options.secure_renegotiate",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp10_client.ssl_options.versions.$version", "amqp10_client.ssl_options.versions",
[{datatype, atom}]}.
{translation, "amqp10_client.ssl_options.versions",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("amqp10_client.ssl_options.versions", Conf),
[ V || {_, V} <- Settings ]
end}.
{mapping, "amqp10_client.ssl_options.sni", "amqp10_client.ssl_options.server_name_indication",
[{datatype, [{enum, [none]}, string]}]}.
{translation, "amqp10_client.ssl_options.server_name_indication",
fun(Conf) ->
case cuttlefish:conf_get("amqp10_client.ssl_options.sni", Conf, undefined) of
undefined -> cuttlefish:unset();
none -> cuttlefish:unset();
Hostname -> Hostname
end
end}.
% ===============================
% AMQP 0.9.1
% ===============================
%% ----------------------------------------------------------------------------
%% amqp_client TLS options
%% AMQP client 0.9.1 TLS options
%% ----------------------------------------------------------------------------
{mapping, "amqp_client.ssl_options", "amqp_client.ssl_options", [

146
deps/rabbit/test/config_schema_SUITE_data/rabbit.snippets vendored
View File

@ -251,7 +251,7 @@ cluster_formation.classic_config.nodes.peer2 = rabbit@hostname2",
[{peer_discovery_backend,rabbit_peer_discovery_classic_config}]},
{cluster_nodes,{[rabbit@hostname2,rabbit@hostname1],disc}}]}],
[]},
{cluster_formation_module_dns_alias,
"cluster_formation.peer_discovery_backend = dns
cluster_formation.dns.hostname = discovery.eng.example.local",
@ -264,7 +264,7 @@ cluster_formation.dns.hostname = discovery.eng.example.local",
]}]}
]}],
[]},
{cluster_formation_disk,
"cluster_formation.peer_discovery_backend = rabbit_peer_discovery_classic_config
cluster_formation.classic_config.nodes.peer1 = rabbit@hostname1
@ -698,17 +698,17 @@ tcp_listen_options.exit_on_close = false",
{fail_if_no_peer_cert, false},
{honor_ecc_order, true}]}]}],
[]},
{ssl_cert_login_from_cn,
"ssl_cert_login_from = common_name",
[{rabbit,[{ssl_cert_login_from, common_name}]}],
[]},
{ssl_cert_login_from_dn,
"ssl_cert_login_from = distinguished_name",
[{rabbit,[{ssl_cert_login_from, distinguished_name}]}],
[]},
{ssl_cert_login_from_san_dns,
"ssl_cert_login_from = subject_alternative_name
ssl_cert_login_san_type = dns
@ -719,7 +719,7 @@ tcp_listen_options.exit_on_close = false",
{ssl_cert_login_san_index, 0}
]}],
[]},
{ssl_options_bypass_pem_cache,
"ssl_options.bypass_pem_cache = true",
@ -1063,20 +1063,21 @@ credential_validator.regexp = ^abc\\d+",
%% AMQP TLS options
%%
{ssl_options,
{amqp_client_ssl_options,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.verify = verify_peer",
[{amqp_client, [
{ssl_options,
[{cacertfile, "test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile, "test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile, "test/config_schema_SUITE_data/certs/key.pem"},
{verify, verify_peer}]}
]}],
[{amqp_client,
[
{ssl_options,
[{cacertfile, "test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile, "test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile, "test/config_schema_SUITE_data/certs/key.pem"},
{verify, verify_peer}]}
]}],
[amqp_client]},
{ssl_options_verify_peer,
{amqp_client_ssl_options_verify_peer,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
@ -1089,7 +1090,7 @@ credential_validator.regexp = ^abc\\d+",
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{verify,verify_peer}]}]}],
[]},
{ssl_options_password,
{amqp_client_ssl_options_password,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
@ -1102,7 +1103,7 @@ credential_validator.regexp = ^abc\\d+",
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{password,"t0p$3kRe7"}]}]}],
[]},
{ssl_options_tls_versions,
{amqp_client_ssl_options_tls_versions,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
@ -1117,7 +1118,7 @@ credential_validator.regexp = ^abc\\d+",
{versions,['tlsv1.2','tlsv1.1']}]}
]}],
[]},
{ssl_options_depth,
{amqp_client_ssl_options_depth,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
@ -1131,7 +1132,7 @@ credential_validator.regexp = ^abc\\d+",
{depth,2},
{verify,verify_peer}]}]}],
[]},
{ssl_options_sni_disabled,
{amqp_client_ssl_options_sni_disabled,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
@ -1148,7 +1149,7 @@ credential_validator.regexp = ^abc\\d+",
}]
}],
[]},
{ssl_options_sni_hostname,
{amqp_client_ssl_options_sni_hostname,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
@ -1165,6 +1166,111 @@ credential_validator.regexp = ^abc\\d+",
{server_name_indication, "hostname.dev"}
]}
]}],
[]},
{amqp10_client_ssl_options,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.verify = verify_peer",
[{amqp10_client,
[
{ssl_options,
[{cacertfile, "test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile, "test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile, "test/config_schema_SUITE_data/certs/key.pem"},
{verify, verify_peer}]}
]}],
[amqp10_client]},
{amqp10_client_ssl_options_verify_peer,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.verify = verify_peer",
[{amqp10_client,
[
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{verify,verify_peer}]}]}],
[]},
{amqp10_client_ssl_options_password,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.password = t0p$3kRe7",
[{amqp10_client,
[
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{password,"t0p$3kRe7"}]}]}],
[]},
{amqp10_client_ssl_options_tls_versions,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp10_client.ssl_options.versions.tls1_1 = tlsv1.1",
[],
[{amqp10_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{versions,['tlsv1.2','tlsv1.1']}]}
]}],
[]},
{amqp10_client_ssl_options_depth,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.depth = 2
amqp10_client.ssl_options.verify = verify_peer",
[{amqp10_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{depth,2},
{verify,verify_peer}]}]}],
[]},
{amqp10_client_ssl_options_sni_disabled,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp10_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp10_client.ssl_options.sni = none",
[],
[{amqp10_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{versions,['tlsv1.2','tlsv1.1']}]
}]
}],
[]},
{amqp10_client_ssl_options_sni_hostname,
"amqp10_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp10_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp10_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp10_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp10_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp10_client.ssl_options.sni = hostname.dev",
[],
[{amqp10_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{versions,['tlsv1.2','tlsv1.1']},
{server_name_indication, "hostname.dev"}
]}
]}],
[]}
].