3 лет назад · 507f46eb66
--- a/apps/emqx_psk/i18n/emqx_psk_i18n.conf
+++ b/apps/emqx_psk/i18n/emqx_psk_i18n.conf
@@ -0,0 +1,59 @@
 
				+emqx_psk_schema {
			
 
				+
			
 
				+  psk_authentication {
			
 
				+    desc {
			
 
				+      en: """PSK stands for 'Pre-Shared Keys'.
			
 
				+This config to enable TLS-PSK authentication.
			
 
				+
			
 
				+Important! Make sure the SSL listener with only `tlsv1.2` enabled, and also PSK cipher suites
			
 
				+configured, such as `RSA-PSK-AES256-GCM-SHA384`.
			
 
				+
			
 
				+See listener SSL options config for more details.
			
 
				+
			
 
				+The IDs and secrets can be provided from a file which is configurable by the `init_file` field.
			
 
				+"""
			
 
				+      zh: """此配置用于启用 TLS-PSK 身份验证。
			
 
				+
			
 
				+PSK 是 “Pre-Shared-Keys” 的缩写。
			
 
				+
			
 
				+注意: 确保 SSL 监听器仅启用了 'tlsv1.2', 并且配置了PSK 密码套件，例如 'RSA-PSK-AES256-GCM-SHA384'。
			
 
				+
			
 
				+可以通过查看监听器中的 SSL 选项，了解更多详细信息。
			
 
				+
			
 
				+可以通过配置 'init_file' 来设置初始化的 ID 和 密钥"""
			
 
				+      }
			
 
				+    }
			
 
				+
			
 
				+  enable {
			
 
				+    desc {
			
 
				+      en: "Whether to enable TLS PSK support"
			
 
				+      zh: "是否开启 TLS PSK 支持"
			
 
				+      }
			
 
				+    }
			
 
				+
			
 
				+  init_file {
			
 
				+    desc {
			
 
				+      en: """If init_file is specified, EMQX will import PSKs from the file into the built-in database at startup for use by the runtime.
			
 
				+The file has to be structured line-by-line, each line must be in the format of `PSKIdentity:SharedSecret`.
			
 
				+For example: `mydevice1:c2VjcmV0`"""
			
 
				+      zh: """如果设置了初始化文件，EMQX 将在启动时从初始化文件中导入 PSK 信息到内建数据库中。
			
 
				+这个文件需要按行进行组织，每一行必须遵守如下格式: `PSKIdentity:SharedSecret`
			
 
				+例如: `mydevice1:c2VjcmV0`"""
			
 
				+      }
			
 
				+    }
			
 
				+
			
 
				+  separator {
			
 
				+    desc {
			
 
				+      en: "The separator between 'PSKIdentity' and 'SharedSecret' in the PSK file"
			
 
				+      zh: "PSK 文件中 'PSKIdentity' 和 'SharedSecret' 之间的分隔符"
			
 
				+      }
			
 
				+    }
			
 
				+
			
 
				+  chunk_size {
			
 
				+    desc {
			
 
				+      en: "The size of each chunk used to import to the built-in database from PSK file"
			
 
				+      zh: "将 PSK 文件导入到内建数据时每个块的大小"
			
 
				+      }
			
 
				+    }
			
 
				+
			
 
				+}
			
--- a/apps/emqx_psk/src/emqx_psk_schema.erl
+++ b/apps/emqx_psk/src/emqx_psk_schema.erl
@@ -19,6 +19,7 @@
 
				 -behaviour(hocon_schema).
			
 
				 
			
 
				 -include_lib("typerefl/include/types.hrl").
			
 
				+-include_lib("hocon/include/hoconsc.hrl").
			
 
				 
			
 
				 -export([
			
 
				     roots/0,
			
@@ -32,19 +33,7 @@ roots() -> ["psk_authentication"].
 
				 fields("psk_authentication") ->
			
 
				     #{
			
 
				         fields => fields(),
			
 
				-        desc =>
			
 
				-            ""
			
 
				-            "PSK stands for 'Pre-Shared Keys'.\n"
			
 
				-            "This config to enable TLS-PSK authentication.\n"
			
 
				-            "\n"
			
 
				-            "<strong>Important!</strong> Make sure the SSL listener with\n"
			
 
				-            "only <code>tlsv1.2</code> enabled, and also PSK cipher suites\n"
			
 
				-            "configured, such as <code>RSA-PSK-AES256-GCM-SHA384</code>.\n"
			
 
				-            "See listener SSL options config for more details.\n"
			
 
				-            "\n"
			
 
				-            "The IDs and secrets can be provided from a file the path\n"
			
 
				-            "to which is configurable by the <code>init_file</code> field.\n"
			
 
				-            ""
			
 
				+        desc => ?DESC(psk_authentication)
			
 
				     }.
			
 
				 
			
 
				 fields() ->
			
@@ -52,19 +41,14 @@ fields() ->
 
				         {enable,
			
 
				             sc(boolean(), #{
			
 
				                 default => false,
			
 
				-                desc => <<"Whether to enable TLS PSK support">>
			
 
				+                desc => ?DESC(enable)
			
 
				             })},
			
 
				         {init_file,
			
 
				             sc(
			
 
				                 binary(),
			
 
				                 #{
			
 
				                     required => false,
			
 
				-                    desc =>
			
 
				-                        <<"If init_file is specified, emqx will import PSKs from the file ",
			
 
				-                            "into the built-in database at startup for use by the runtime. ",
			
 
				-                            "The file has to be structured line-by-line, each line must be in ",
			
 
				-                            "the format of <code>PSKIdentity:SharedSecret</code>. For example: ",
			
 
				-                            "<code>mydevice1:c2VjcmV0</code>">>
			
 
				+                    desc => ?DESC(init_file)
			
 
				                 }
			
 
				             )},
			
 
				         {separator,
			
@@ -72,11 +56,7 @@ fields() ->
 
				                 binary(),
			
 
				                 #{
			
 
				                     default => <<":">>,
			
 
				-                    desc =>
			
 
				-                        <<
			
 
				-                            "The separator between <code>PSKIdentity</code>"
			
 
				-                            " and <code>SharedSecret</code> in the psk file"
			
 
				-                        >>
			
 
				+                    desc => ?DESC(separator)
			
 
				                 }
			
 
				             )},
			
 
				         {chunk_size,
			
@@ -84,10 +64,7 @@ fields() ->
 
				                 integer(),
			
 
				                 #{
			
 
				                     default => 50,
			
 
				-                    desc => <<
			
 
				-                        "The size of each chunk used to import to"
			
 
				-                        " the built-in database from psk file"
			
 
				-                    >>
			
 
				+                    desc => ?DESC(chunk_size)
			
 
				                 }
			
 
				             )}
			
 
				     ].