root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Remove server options and move to rabbit schema

This commit is contained in:
Simon Unge 2024-06-10 20:30:55 +00:00 committed by Michael Klishin
parent 3195ff8c29
commit b136da0642
10 changed files with 213 additions and 365 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
deps/amqp_client/BUILD.bazel vendored
View File

@ -124,10 +124,6 @@ rabbitmq_integration_suite(
],
)
rabbitmq_integration_suite(
name = "config_schema_SUITE",
)
rabbitmq_suite(
name = "unit_SUITE",
size = "small",

9
deps/amqp_client/app.bzl vendored
View File

@ -118,7 +118,6 @@ def all_srcs(name = "all_srcs"):
filegroup(
name = "priv",
srcs = ["priv/schema/amqp_client.schema"],
)
filegroup(
@ -191,11 +190,3 @@ def test_suite_beam_files(name = "test_suite_beam_files"):
erlc_opts = "//:test_erlc_opts",
deps = ["//deps/rabbit_common:erlang_app"],
)
erlang_bytecode(
name = "config_schema_SUITE_beam_files",
testonly = True,
srcs = ["test/config_schema_SUITE.erl"],
outs = ["test/config_schema_SUITE.beam"],
app_name = "amqp_client",
erlc_opts = "//:test_erlc_opts",
)

129
deps/amqp_client/priv/schema/amqp_client.schema vendored
View File

@ -1,129 +0,0 @@
%% ----------------------------------------------------------------------------
%% RabbitMQ amqp_client TLS options
%% ----------------------------------------------------------------------------
{mapping, "amqp_client.ssl_options", "amqp_client.ssl_options", [
{datatype, {enum, [none]}}
]}.
{translation, "amqp_client.ssl_options",
fun(Conf) ->
case cuttlefish:conf_get("amqp_client.ssl_options", Conf, undefined) of
none -> [];
_ -> cuttlefish:invalid("Invalid amqp_client.ssl_options")
end
end}.
{mapping, "amqp_client.ssl_options.verify", "amqp_client.ssl_options.verify", [
{datatype, {enum, [verify_peer, verify_none]}}]}.
{mapping, "amqp_client.ssl_options.fail_if_no_peer_cert", "amqp_client.ssl_options.fail_if_no_peer_cert", [
{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.cacertfile", "amqp_client.ssl_options.cacertfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.certfile", "amqp_client.ssl_options.certfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.cacerts.$name", "amqp_client.ssl_options.cacerts",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.cacerts",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("amqp_client.ssl_options.cacerts", Conf),
[ list_to_binary(V) || {_, V} <- Settings ]
end}.
{mapping, "amqp_client.ssl_options.cert", "amqp_client.ssl_options.cert",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.cert",
fun(Conf) ->
list_to_binary(cuttlefish:conf_get("amqp_client.ssl_options.cert", Conf))
end}.
{mapping, "amqp_client.ssl_options.client_renegotiation", "amqp_client.ssl_options.client_renegotiation",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.crl_check", "amqp_client.ssl_options.crl_check",
[{datatype, [{enum, [true, false, peer, best_effort]}]}]}.
{mapping, "amqp_client.ssl_options.depth", "amqp_client.ssl_options.depth",
[{datatype, integer}, {validators, ["byte"]}]}.
{mapping, "amqp_client.ssl_options.dh", "amqp_client.ssl_options.dh",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.dh",
fun(Conf) ->
list_to_binary(cuttlefish:conf_get("amqp_client.ssl_options.dh", Conf))
end}.
{mapping, "amqp_client.ssl_options.dhfile", "amqp_client.ssl_options.dhfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.honor_cipher_order", "amqp_client.ssl_options.honor_cipher_order",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.honor_ecc_order", "amqp_client.ssl_options.honor_ecc_order",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.key.RSAPrivateKey", "amqp_client.ssl_options.key",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.key.DSAPrivateKey", "amqp_client.ssl_options.key",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.key.PrivateKeyInfo", "amqp_client.ssl_options.key",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.key",
fun(Conf) ->
case cuttlefish_variable:filter_by_prefix("amqp_client.ssl_options.key", Conf) of
[{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)};
_ -> undefined
end
end}.
{mapping, "amqp_client.ssl_options.keyfile", "amqp_client.ssl_options.keyfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.log_alert", "amqp_client.ssl_options.log_alert",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.password", "amqp_client.ssl_options.password",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.psk_identity", "amqp_client.ssl_options.psk_identity",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.reuse_sessions", "amqp_client.ssl_options.reuse_sessions",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.secure_renegotiate", "amqp_client.ssl_options.secure_renegotiate",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.versions.$version", "amqp_client.ssl_options.versions",
[{datatype, atom}]}.
{translation, "amqp_client.ssl_options.versions",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("amqp_client.ssl_options.versions", Conf),
[ V || {_, V} <- Settings ]
end}.
{mapping, "amqp_client.ssl_options.sni", "amqp_client.ssl_options.server_name_indication",
[{datatype, [{enum, [none]}, string]}]}.
{translation, "amqp_client.ssl_options.server_name_indication",
fun(Conf) ->
case cuttlefish:conf_get("amqp_client.ssl_options.sni", Conf, undefined) of
undefined -> cuttlefish:unset();
none -> cuttlefish:unset();
Hostname -> Hostname
end
end}.
{mapping, "amqp_client.ssl_options.hostname_verification", "amqp_client.ssl_hostname_verification", [
{datatype, {enum, [wildcard, none]}}]}.

53
deps/amqp_client/test/config_schema_SUITE.erl vendored
View File

@ -1,53 +0,0 @@
%% This Source Code Form is subject to the terms of the Mozilla Public
%% License, v. 2.0. If a copy of the MPL was not distributed with this
%% file, You can obtain one at https://mozilla.org/MPL/2.0/.
%%
%% Copyright (c) 2007-2024 Broadcom. All Rights Reserved. The term Broadcom refers to Broadcom Inc. and/or its subsidiaries. All rights reserved.
%%
-module(config_schema_SUITE).
-compile(export_all).
all() ->
[
run_snippets
].
%% -------------------------------------------------------------------
%% Testsuite setup/teardown.
%% -------------------------------------------------------------------
init_per_suite(Config) ->
rabbit_ct_helpers:log_environment(),
Config1 = rabbit_ct_helpers:run_setup_steps(Config),
rabbit_ct_config_schema:init_schemas(amqp_client, Config1).
end_per_suite(Config) ->
rabbit_ct_helpers:run_teardown_steps(Config).
init_per_testcase(Testcase, Config) ->
rabbit_ct_helpers:testcase_started(Config, Testcase),
Config1 = rabbit_ct_helpers:set_config(Config, [
{rmq_nodename_suffix, Testcase}
]),
rabbit_ct_helpers:run_steps(Config1,
rabbit_ct_broker_helpers:setup_steps() ++
rabbit_ct_client_helpers:setup_steps()).
end_per_testcase(Testcase, Config) ->
Config1 = rabbit_ct_helpers:run_steps(Config,
rabbit_ct_client_helpers:teardown_steps() ++
rabbit_ct_broker_helpers:teardown_steps()),
rabbit_ct_helpers:testcase_finished(Config1, Testcase).
%% -------------------------------------------------------------------
%% Testcases.
%% -------------------------------------------------------------------
run_snippets(Config) ->
ok = rabbit_ct_broker_helpers:rpc(Config, 0,
?MODULE, run_snippets1, [Config]).
run_snippets1(Config) ->
rabbit_ct_config_schema:run_snippets(Config).

166
deps/amqp_client/test/config_schema_SUITE_data/amqp_client.snippets vendored
View File

@ -1,166 +0,0 @@
[{ssl_options,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.verify = verify_peer
amqp_client.ssl_options.fail_if_no_peer_cert = true",
[{amqp_client, [
{ssl_options,
[{cacertfile, "test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile, "test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile, "test/config_schema_SUITE_data/certs/invalid_key.pem"},
{verify, verify_peer},
{fail_if_no_peer_cert, true}]}
]}],
[amqp_client]},
{ssl_options_verify_peer,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.verify = verify_peer
amqp_client.ssl_options.fail_if_no_peer_cert = false",
[{amqp_client,
[
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{verify,verify_peer},
{fail_if_no_peer_cert,false}]}]}],
[]},
{ssl_options_password,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.password = t0p$3kRe7",
[{amqp_client,
[
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{password,"t0p$3kRe7"}]}]}],
[]},
{ssl_options_tls_versions,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1",
[],
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{versions,['tlsv1.2','tlsv1.1']}]}
]}],
[]},
{ssl_options_depth,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.depth = 2
amqp_client.ssl_options.verify = verify_peer
amqp_client.ssl_options.fail_if_no_peer_cert = false",
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{depth,2},
{verify,verify_peer},
{fail_if_no_peer_cert,false}]}]}],
[]},
{ssl_options_honor_cipher_order,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.depth = 2
amqp_client.ssl_options.verify = verify_peer
amqp_client.ssl_options.fail_if_no_peer_cert = false
amqp_client.ssl_options.honor_cipher_order = true",
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{depth,2},
{verify,verify_peer},
{fail_if_no_peer_cert, false},
{honor_cipher_order, true}]}]}],
[]},
{ssl_options_honor_ecc_order,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.depth = 2
amqp_client.ssl_options.verify = verify_peer
amqp_client.ssl_options.fail_if_no_peer_cert = false
amqp_client.ssl_options.honor_ecc_order = true",
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{depth,2},
{verify,verify_peer},
{fail_if_no_peer_cert, false},
{honor_ecc_order, true}]}
]}],
[]},
{ssl_options_sni_disabled,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp_client.ssl_options.sni = none",
[],
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{versions,['tlsv1.2','tlsv1.1']}]
}]
}],
[]},
{ssl_options_sni_hostname,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp_client.ssl_options.sni = hostname.dev",
[],
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{versions,['tlsv1.2','tlsv1.1']},
{server_name_indication, "hostname.dev"}
]}
]}],
[]},
{ssl_options_hostname_verification_wildcard,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/invalid_cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/invalid_cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/invalid_key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp_client.ssl_options.hostname_verification = wildcard",
[],
[{amqp_client,
[
{ssl_hostname_verification, wildcard},
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/invalid_cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/invalid_cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/invalid_key.pem"},
{versions,['tlsv1.2','tlsv1.1']}
]}
]}],
[]}
].

1
deps/amqp_client/test/config_schema_SUITE_data/certs/invalid_cacert.pem vendored
View File

@ -1 +0,0 @@
I'm not a certificate

1
deps/amqp_client/test/config_schema_SUITE_data/certs/invalid_cert.pem vendored
View File

@ -1 +0,0 @@
I'm not a certificate

1
deps/amqp_client/test/config_schema_SUITE_data/certs/invalid_key.pem vendored
View File

@ -1 +0,0 @@
I'm not a certificate

104
deps/rabbit/priv/schema/rabbit.schema vendored
View File

@ -2662,6 +2662,110 @@ fun(Conf) ->
end}.
%% ----------------------------------------------------------------------------
%% amqp_client TLS options
%% ----------------------------------------------------------------------------
{mapping, "amqp_client.ssl_options", "amqp_client.ssl_options", [
{datatype, {enum, [none]}}
]}.
{translation, "amqp_client.ssl_options",
fun(Conf) ->
case cuttlefish:conf_get("amqp_client.ssl_options", Conf, undefined) of
none -> [];
_ -> cuttlefish:invalid("Invalid amqp_client.ssl_options")
end
end}.
{mapping, "amqp_client.ssl_options.verify", "amqp_client.ssl_options.verify", [
{datatype, {enum, [verify_peer, verify_none]}}]}.
{mapping, "amqp_client.ssl_options.cacertfile", "amqp_client.ssl_options.cacertfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.certfile", "amqp_client.ssl_options.certfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.cacerts.$name", "amqp_client.ssl_options.cacerts",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.cacerts",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("amqp_client.ssl_options.cacerts", Conf),
[ list_to_binary(V) || {_, V} <- Settings ]
end}.
{mapping, "amqp_client.ssl_options.cert", "amqp_client.ssl_options.cert",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.cert",
fun(Conf) ->
list_to_binary(cuttlefish:conf_get("amqp_client.ssl_options.cert", Conf))
end}.
{mapping, "amqp_client.ssl_options.crl_check", "amqp_client.ssl_options.crl_check",
[{datatype, [{enum, [true, false, peer, best_effort]}]}]}.
{mapping, "amqp_client.ssl_options.depth", "amqp_client.ssl_options.depth",
[{datatype, integer}, {validators, ["byte"]}]}.
{mapping, "amqp_client.ssl_options.key.RSAPrivateKey", "amqp_client.ssl_options.key",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.key.DSAPrivateKey", "amqp_client.ssl_options.key",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.key.PrivateKeyInfo", "amqp_client.ssl_options.key",
[{datatype, string}]}.
{translation, "amqp_client.ssl_options.key",
fun(Conf) ->
case cuttlefish_variable:filter_by_prefix("amqp_client.ssl_options.key", Conf) of
[{[_,_,Key], Val}|_] -> {list_to_atom(Key), list_to_binary(Val)};
_ -> undefined
end
end}.
{mapping, "amqp_client.ssl_options.keyfile", "amqp_client.ssl_options.keyfile",
[{datatype, string}, {validators, ["file_accessible"]}]}.
{mapping, "amqp_client.ssl_options.log_alert", "amqp_client.ssl_options.log_alert",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.password", "amqp_client.ssl_options.password",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.psk_identity", "amqp_client.ssl_options.psk_identity",
[{datatype, string}]}.
{mapping, "amqp_client.ssl_options.reuse_sessions", "amqp_client.ssl_options.reuse_sessions",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.secure_renegotiate", "amqp_client.ssl_options.secure_renegotiate",
[{datatype, {enum, [true, false]}}]}.
{mapping, "amqp_client.ssl_options.versions.$version", "amqp_client.ssl_options.versions",
[{datatype, atom}]}.
{translation, "amqp_client.ssl_options.versions",
fun(Conf) ->
Settings = cuttlefish_variable:filter_by_prefix("amqp_client.ssl_options.versions", Conf),
[ V || {_, V} <- Settings ]
end}.
{mapping, "amqp_client.ssl_options.sni", "amqp_client.ssl_options.server_name_indication",
[{datatype, [{enum, [none]}, string]}]}.
{translation, "amqp_client.ssl_options.server_name_indication",
fun(Conf) ->
case cuttlefish:conf_get("amqp_client.ssl_options.sni", Conf, undefined) of
undefined -> cuttlefish:unset();
none -> cuttlefish:unset();
Hostname -> Hostname
end
end}.
% ===============================
% Validators
% ===============================

110
deps/rabbit/test/config_schema_SUITE_data/rabbit.snippets vendored
View File

@ -1057,6 +1057,114 @@ credential_validator.regexp = ^abc\\d+",
{incoming_message_interceptors, [{set_header_routing_node, false},
{set_header_timestamp, false}]}
]}],
[]}
[]},
%%
%% AMQP TLS options
%%
{ssl_options,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.verify = verify_peer",
[{amqp_client, [
{ssl_options,
[{cacertfile, "test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile, "test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile, "test/config_schema_SUITE_data/certs/key.pem"},
{verify, verify_peer}]}
]}],
[amqp_client]},
{ssl_options_verify_peer,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.verify = verify_peer",
[{amqp_client,
[
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{verify,verify_peer}]}]}],
[]},
{ssl_options_password,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.password = t0p$3kRe7",
[{amqp_client,
[
{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{password,"t0p$3kRe7"}]}]}],
[]},
{ssl_options_tls_versions,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1",
[],
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{versions,['tlsv1.2','tlsv1.1']}]}
]}],
[]},
{ssl_options_depth,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.depth = 2
amqp_client.ssl_options.verify = verify_peer",
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{depth,2},
{verify,verify_peer}]}]}],
[]},
{ssl_options_sni_disabled,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp_client.ssl_options.sni = none",
[],
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{versions,['tlsv1.2','tlsv1.1']}]
}]
}],
[]},
{ssl_options_sni_hostname,
"amqp_client.ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem
amqp_client.ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem
amqp_client.ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem
amqp_client.ssl_options.versions.tls1_2 = tlsv1.2
amqp_client.ssl_options.versions.tls1_1 = tlsv1.1
amqp_client.ssl_options.sni = hostname.dev",
[],
[{amqp_client,
[{ssl_options,
[{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"},
{certfile,"test/config_schema_SUITE_data/certs/cert.pem"},
{keyfile,"test/config_schema_SUITE_data/certs/key.pem"},
{versions,['tlsv1.2','tlsv1.1']},
{server_name_indication, "hostname.dev"}
]}
]}],
[]}
].