root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #44 from rabbitmq/rabbitmq-web-mqtt-31 

Add settings to disable TCP and TLS listeners explicitly
This commit is contained in:
Michael Klishin 2018-12-11 17:11:23 +03:00 committed by GitHub
parent 6c46b01717 4c5c72dc5f
commit 6bfc6a4664
4 changed files with 62 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deps/rabbitmq_web_mqtt/Makefile vendored
View File

@ -4,7 +4,7 @@ PROJECT_MOD = rabbit_web_mqtt_app
define PROJECT_ENV
[
{tcp_config, []},
{tcp_config, [{ip, "127.0.0.1"}, {port, 15675}]},
{ssl_config, []},
{num_tcp_acceptors, 10},
{num_ssl_acceptors, 10},

21
deps/rabbitmq_web_mqtt/priv/schema/rabbitmq_web_mqtt.schema vendored
View File

@ -5,8 +5,9 @@
{mapping, "web_mqtt.tcp.backlog", "rabbitmq_web_mqtt.tcp_config.backlog",
[{datatype, integer}]}.
{mapping, "web_mqtt.tcp.listener", "rabbitmq_web_mqtt.tcp_config",
[{datatype, ip}]}.
{mapping, "web_mqtt.tcp.listener", "rabbitmq_web_mqtt.tcp_config", [
{datatype, [{enum, [none]}, ip]}
]}.
{mapping, "web_mqtt.tcp.ip", "rabbitmq_web_mqtt.tcp_config.ip",
[{datatype, string}, {validators, ["is_ip"]}]}.
{mapping, "web_mqtt.tcp.port", "rabbitmq_web_mqtt.tcp_config.port",
@ -17,19 +18,21 @@
{translation,
"rabbitmq_web_mqtt.tcp_config",
fun(Conf) ->
Setting = cuttlefish:conf_get("web_mqtt.tcp.listener", Conf),
Setting = cuttlefish:conf_get("web_mqtt.tcp.listener", Conf, undefined),
case Setting of
none -> [];
undefined -> [];
{Ip, Port} when is_list(Ip), is_integer(Port) ->
[{ip, Ip}, {port, Port}];
_ -> Setting
[{ip, Ip}, {port, Port}]
end
end
}.
{mapping, "web_mqtt.ssl.backlog", "rabbitmq_web_mqtt.ssl_config.backlog",
[{datatype, integer}]}.
{mapping, "web_mqtt.ssl.listener", "rabbitmq_web_mqtt.ssl_config",
[{datatype, ip}]}.
{mapping, "web_mqtt.ssl.listener", "rabbitmq_web_mqtt.ssl_config", [
{datatype, [{enum, [none]}, ip]}
]}.
{mapping, "web_mqtt.ssl.ip", "rabbitmq_web_mqtt.ssl_config.ip",
[{datatype, string}, {validators, ["is_ip"]}]}.
{mapping, "web_mqtt.ssl.port", "rabbitmq_web_mqtt.ssl_config.port",
@ -46,8 +49,10 @@
{translation,
"rabbitmq_web_mqtt.ssl_config",
fun(Conf) ->
Setting = cuttlefish:conf_get("web_mqtt.ssl.listener", Conf),
Setting = cuttlefish:conf_get("web_mqtt.ssl.listener", Conf, undefined),
case Setting of
none -> [];
undefined -> [];
{Ip, Port} when is_list(Ip), is_integer(Port) ->
[{ip, Ip}, {port, Port}];
_ -> Setting

61
deps/rabbitmq_web_mqtt/src/rabbit_web_mqtt_app.erl vendored
View File

@ -54,24 +54,27 @@ mqtt_init() ->
CowboyOpts = CowboyOpts0#{env => #{dispatch => Routes},
middlewares => [cowboy_router, rabbit_web_mqtt_middleware, cowboy_handler],
proxy_header => get_env(proxy_protocol, false)},
{TCPConf, IpStr, Port} = get_tcp_conf(),
case ranch:start_listener(web_mqtt, get_env(num_tcp_acceptors, 10),
ranch_tcp, TCPConf,
rabbit_web_mqtt_connection_sup, CowboyOpts) of
{ok, _} -> ok;
{error, {already_started, _}} -> ok;
{error, Err} ->
rabbit_log_connection:error(
"Failed to start a WebSocket (HTTP) listener. Error: ~p,"
" listener settings: ~p~n",
[Err, TCPConf]),
throw(Err)
case get_env(tcp_config, []) of
[] ->
ok;
TCPConf0 ->
{TCPConf, IpStr, Port} = get_tcp_conf(TCPConf0),
case ranch:start_listener(web_mqtt, get_env(num_tcp_acceptors, 10),
ranch_tcp, TCPConf,
rabbit_web_mqtt_connection_sup, CowboyOpts) of
{ok, _} -> ok;
{error, {already_started, _}} -> ok;
{error, ErrTCP} ->
rabbit_log_connection:error(
"Failed to start a WebSocket (HTTP) listener. Error: ~p,"
" listener settings: ~p~n",
[ErrTCP, TCPConf]),
throw(ErrTCP)
end,
listener_started('http/web-mqtt', TCPConf),
rabbit_log:info("rabbit_web_mqtt: listening for HTTP connections on ~s:~w~n",
[IpStr, Port])
end,
listener_started('http/web-mqtt', TCPConf),
rabbit_log:info("rabbit_web_mqtt: listening for HTTP connections on ~s:~w~n",
[IpStr, Port]),
case get_env(ssl_config, []) of
[] ->
ok;
@ -81,6 +84,18 @@ mqtt_init() ->
{ok, _} = ranch:start_listener(web_mqtt_secure, get_env(num_ssl_acceptors, 10),
ranch_ssl, TLSConf,
rabbit_web_mqtt_connection_sup, CowboyOpts),
case ranch:start_listener(web_mqtt_secure, get_env(num_ssl_acceptors, 10),
ranch_ssl, TLSConf,
rabbit_web_mqtt_connection_sup, CowboyOpts) of
{ok, _} -> ok;
{error, {already_started, _}} -> ok;
{error, ErrTLS} ->
rabbit_log_connection:error(
"Failed to start a TLS WebSocket (HTTPS) listener. Error: ~p,"
" listener settings: ~p~n",
[ErrTLS, TLSConf]),
throw(ErrTLS)
end,
listener_started('https/web-mqtt', TLSConf),
rabbit_log:info("rabbit_web_mqtt: listening for HTTPS connections on ~s:~w~n",
[TLSIpStr, TLSPort])
@ -95,13 +110,13 @@ listener_started(Protocol, Listener) ->
<- rabbit_networking:tcp_listener_addresses(Port)],
ok.
get_tcp_conf() ->
TCPConf0 = [{connection_type, supervisor}|get_env(tcp_config, [])],
TCPConf1 = case proplists:get_value(port, TCPConf0) of
undefined -> [{port, 15675}|TCPConf0];
_ -> TCPConf0
get_tcp_conf(TCPConf0) ->
TCPConf1 = [{connection_type, supervisor}|TCPConf0],
TCPConf2 = case proplists:get_value(port, TCPConf1) of
undefined -> [{port, 15675}|TCPConf1];
_ -> TCPConf1
end,
get_ip_port(TCPConf1).
get_ip_port(TCPConf2).
get_tls_conf(TLSConf0) ->
TLSConf1 = [{connection_type, supervisor}|TLSConf0],

10
deps/rabbitmq_web_mqtt/test/config_schema_SUITE_data/rabbitmq_web_mqtt.snippets vendored
View File

@ -3,6 +3,11 @@
[{rabbitmq_web_mqtt,
[{tcp_config, [{ip,"127.0.0.1"},{port,12345}]}]}],
[rabbitmq_web_mqtt]},
{tcp_listener_none,
"web_mqtt.tcp.listener = none",
[{rabbitmq_web_mqtt,
[{tcp_config, []}]}],
[rabbitmq_web_mqtt]},
{tcp_config,
"web_mqtt.tcp.ip = 127.0.0.3
web_mqtt.tcp.port = 11122",
@ -24,6 +29,11 @@
[{rabbitmq_web_mqtt,
[{ssl_config, [{ip,"127.0.0.4"},{port,15672}]}]}],
[rabbitmq_web_mqtt]},
{ssl_listener_none,
"web_mqtt.ssl.listener = none",
[{rabbitmq_web_mqtt,
[{ssl_config, []}]}],
[rabbitmq_web_mqtt]},
{ssl,
"web_mqtt.ssl.ip = 127.0.0.2
web_mqtt.ssl.port = 15671