Merge pull request #1512 from emqtt/emq24

Version 2.3.5

etc/emq.conf

@@ -236,10 +236,18 @@ node.crash_dump = {{ platform_log_dir }}/crash.dump
 ## Value: Enum
 ##  - inet_tcp: the default; handles TCP streams with IPv4 addressing.
 ##  - inet6_tcp: handles TCP with IPv6 addressing.
+##  - inet_tls: using TLS for Erlang Distribution.
 ##
 ## vm.args: -proto_dist inet_tcp
 node.proto_dist = inet_tcp
 
+## Specify SSL Options in the file if using SSL for Erlang Distribution.
+##
+## Value: File
+##
+## vm.args: -ssl_dist_optfile <File>
+## node.ssl_dist_optfile = {{ platform_etc_dir }}/ssl_dist.conf
+
 ## Sets the net_kernel tick time. TickTime is specified in seconds.
 ## Notice that all communicating nodes are to have the same TickTime
 ## value specified.
@@ -696,7 +704,7 @@ listener.tcp.external.send_timeout_close = on
 ## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled.
 ##
 ## Value: on | off
-listener.tcp.external.tune_buffer = on
+## listener.tcp.external.tune_buffer = off
 
 ## The TCP_NODELAY flag for MQTT connections. Small amounts of data are
 ## sent immediately if the option is enabled.
@@ -775,28 +783,28 @@ listener.tcp.external.send_timeout_close = on
 ## See: listener.tcp.<name>.recbuf
 ##
 ## Value: Bytes
-listener.tcp.internal.recbuf = 16KB
+## listener.tcp.internal.recbuf = 16KB
 
 ## The TCP send buffer(os kernel) for internal MQTT connections.
 ##
 ## See: http://erlang.org/doc/man/inet.html
 ##
 ## Value: Bytes
-listener.tcp.internal.sndbuf = 16KB
+## listener.tcp.internal.sndbuf = 16KB
 
 ## The size of the user-level software buffer used by the driver.
 ##
 ## See: listener.tcp.<name>.buffer
 ##
 ## Value: Bytes
-listener.tcp.internal.buffer = 16KB
+## listener.tcp.internal.buffer = 16KB
 
 ## Sets the 'buffer = max(sndbuf, recbuf)' if this option is enabled.
 ##
 ## See: listener.tcp.<name>.tune_buffer
 ##
 ## Value: on | off
-listener.tcp.internal.tune_buffer = on
+## listener.tcp.internal.tune_buffer = off
 
 ## The TCP_NODELAY flag for internal MQTT connections.
 ##
@@ -1030,7 +1038,7 @@ listener.ssl.external.certfile = {{ platform_etc_dir }}/certs/cert.pem
 ## See: listener.tcp.<name>.tune_buffer
 ##
 ## Value: on | off
-## listener.ssl.external.tune_buffer = on
+## listener.ssl.external.tune_buffer = off
 
 ## The TCP_NODELAY flag for SSL connections.
 ##
@@ -1158,7 +1166,7 @@ listener.ws.external.send_timeout_close = on
 ## See: listener.tcp.<name>.tune_buffer
 ##
 ## Value: on | off
-listener.ws.external.tune_buffer = on
+## listener.ws.external.tune_buffer = off
 
 ## The TCP_NODELAY flag for external MQTT/WebSocket connections.
 ##

etc/ssl_dist.conf

@@ -0,0 +1,11 @@
+%% The options in the {server, Opts} tuple are used when calling ssl:ssl_accept/3,
+%% and the options in the {client, Opts} tuple are used when calling ssl:connect/4.
+%% 
+%% More information at: http://erlang.org/doc/apps/ssl/ssl_distribution.html
+[{server,
+  [{certfile, "{{ platform_etc_dir }}/certs/cert.pem"},
+   {keyfile, "{{ platform_etc_dir }}/certs/key.pem"},
+   {secure_renegotiate, true},
+   {depth, 0}]},
+ {client,
+  [{secure_renegotiate, true}]}].

priv/emq.schema

@@ -170,7 +170,15 @@ end}.
 
 %% @doc The erlang distributed protocol
 {mapping, "node.proto_dist", "vm_args.-proto_dist", [
-  %%{default, "inet_tcp"}
+  {default, "inet_tcp"},
+  {datatype, {enum, [inet_tcp, inet6_tcp, inet_tls]}},
+  hidden
+]}.
+
+%% @doc Specify SSL Options in the file if using SSL for erlang distribution
+{mapping, "node.ssl_dist_optfile", "vm_args.-ssl_dist_optfile", [
+  {datatype, string},
+  hidden
 ]}.
 
 %% @doc Secret cookie for distributed erlang node

src/emqttd.app.src

@@ -1,6 +1,6 @@
 {application,emqttd,
              [{description,"Erlang MQTT Broker"},
-              {vsn,"2.3.4"},
+              {vsn,"2.3.5"},
               {modules,[]},
               {registered,[emqttd_sup]},
               {applications,[kernel,stdlib,gproc,lager,esockd,mochiweb,