merge PR#755

docs/source/config.rst

@@ -453,7 +453,7 @@ SSL Listener - 8883
     mqtt.listener.ssl.certfile = etc/certs/cert.pem
     mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
     ## mqtt.listener.ssl.verify = verify_peer
-    ## mqtt.listener.ssl.failed_if_no_peer_cert = true
+    ## mqtt.listener.ssl.fail_if_no_peer_cert = true
 
 HTTP/WS Listener - 8083
 -----------------------
@@ -480,7 +480,7 @@ HTTPS/WSS Listener - 8084
     mqtt.listener.https.cacertfile = etc/certs/cacert.pem
     ## 开启双向认证
     ## mqtt.listener.https.verify = verify_peer
-    ## mqtt.listener.https.failed_if_no_peer_cert = true
+    ## mqtt.listener.https.fail_if_no_peer_cert = true
 
 --------------
 System Monitor

docs/source/plugins.rst

@@ -167,7 +167,7 @@ etc/plugins/emq_dashboard.conf:
     ## dashboard.listener.https.keyfile = etc/certs/key.pem
     ## dashboard.listener.https.cacertfile = etc/certs/cacert.pem
     ## dashboard.listener.https.verify = verify_peer
-    ## dashboard.listener.https.failed_if_no_peer_cert = true
+    ## dashboard.listener.https.fail_if_no_peer_cert = true
 
 -------------------------------
 emq_auth_ldap: LDAP Auth Plugin

etc/emq.conf

@@ -206,12 +206,12 @@ mqtt.listener.ssl.max_clients = 512
 
 ## Configuring SSL Options
 ## See http://erlang.org/doc/man/ssl.html
-mqtt.listener.ssl.handshake_timeout = 2000
+mqtt.listener.ssl.handshake_timeout = 15
 mqtt.listener.ssl.keyfile = etc/certs/key.pem
 mqtt.listener.ssl.certfile = etc/certs/cert.pem
 ## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.ssl.verify = verify_peer
-## mqtt.listener.ssl.failed_if_no_peer_cert = true
+## mqtt.listener.ssl.fail_if_no_peer_cert = true
 
 ## HTTP and WebSocket Listener
 mqtt.listener.http = 8083
@@ -222,12 +222,12 @@ mqtt.listener.http.max_clients = 64
 ## mqtt.listener.https = 8084
 ## mqtt.listener.https.acceptors = 4
 ## mqtt.listener.https.max_clients = 64
-## mqtt.listener.https.handshake_timeout = 2000
+## mqtt.listener.https.handshake_timeout = 15
 ## mqtt.listener.https.certfile = etc/certs/cert.pem
 ## mqtt.listener.https.keyfile = etc/certs/key.pem
 ## mqtt.listener.https.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.https.verify = verify_peer
-## mqtt.listener.https.failed_if_no_peer_cert = true
+## mqtt.listener.https.fail_if_no_peer_cert = true
 
 ##-------------------------------------------------------------------
 ## System Monitor

priv/emq.schema

@@ -536,7 +536,7 @@ end}.
   {datatype, atom}
 ]}.
 
-{mapping, "mqtt.listener.ssl.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.ssl.fail_if_no_peer_cert", "emqttd.listeners", [
   {datatype, {enum, [true, false]}}
 ]}.
 
@@ -592,7 +592,7 @@ end}.
   {datatype, atom}
 ]}.
 
-{mapping, "mqtt.listener.https.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.https.fail_if_no_peer_cert", "emqttd.listeners", [
   {datatype, {enum, [true, false]}}
 ]}.
 
@@ -611,12 +611,12 @@ end}.
                            {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}])
               end,
     SslOpts = fun(Prefix) ->
-                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)},
+                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000},
                           {keyfile,    cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
                           {certfile,   cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
                           {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},
                           {verify,     cuttlefish:conf_get(Prefix ++ ".verify", Conf, undefined)},
-                          {failed_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".failed_if_no_peer_cert", Conf, undefined)}])
+                          {fail_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".fail_if_no_peer_cert", Conf, undefined)}])
               end,
 
     Listeners = fun(Name) when is_atom(Name) ->

src/emqttd_http.erl

@@ -137,8 +137,7 @@ authorized(Req) ->
         case emqttd_access_control:auth(#mqtt_client{username = Username, peername = Peer}, Password) of
             ok ->
                 true;
-            %% http publish is_super to true?
-            {ok, IsSuper} ->
+            {ok, _IsSuper} -> 
                 true;
             {error, Reason} ->
                 lager:error("HTTP Auth failure: username=~s, reason=~p", [Username, Reason]),

test/emqttd_SUITE_data/emqttd.conf

@@ -206,12 +206,12 @@ mqtt.listener.ssl.max_clients = 512
 
 ## Configuring SSL Options
 ## See http://erlang.org/doc/man/ssl.html
-mqtt.listener.ssl.handshake_timeout = 2000
+mqtt.listener.ssl.handshake_timeout = 15
 mqtt.listener.ssl.keyfile = etc/certs/key.pem
 mqtt.listener.ssl.certfile = etc/certs/cert.pem
 ## mqtt.listener.ssl.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.ssl.verify = verify_peer
-## mqtt.listener.ssl.failed_if_no_peer_cert = true
+## mqtt.listener.ssl.fail_if_no_peer_cert = true
 
 ## HTTP and WebSocket Listener
 mqtt.listener.http = 8083
@@ -222,12 +222,12 @@ mqtt.listener.http.max_clients = 64
 ## mqtt.listener.https = 8084
 ## mqtt.listener.https.acceptors = 4
 ## mqtt.listener.https.max_clients = 64
-## mqtt.listener.https.handshake_timeout = 10
+## mqtt.listener.https.handshake_timeout = 15
 ## mqtt.listener.https.certfile = etc/certs/cert.pem
 ## mqtt.listener.https.keyfile = etc/certs/key.pem
 ## mqtt.listener.https.cacertfile = etc/certs/cacert.pem
 ## mqtt.listener.https.verify = verify_peer
-## mqtt.listener.https.failed_if_no_peer_cert = true
+## mqtt.listener.https.fail_if_no_peer_cert = true
 
 ##-------------------------------------------------------------------
 ## System Monitor

test/emqttd_SUITE_data/emqttd.schema

@@ -536,7 +536,7 @@ end}.
   {datatype, atom}
 ]}.
 
-{mapping, "mqtt.listener.ssl.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.ssl.fail_if_no_peer_cert", "emqttd.listeners", [
   {datatype, {enum, [true, false]}}
 ]}.
 
@@ -592,7 +592,7 @@ end}.
   {datatype, atom}
 ]}.
 
-{mapping, "mqtt.listener.https.failed_if_no_peer_cert", "emqttd.listeners", [
+{mapping, "mqtt.listener.https.fail_if_no_peer_cert", "emqttd.listeners", [
   {datatype, {enum, [true, false]}}
 ]}.
 
@@ -611,12 +611,12 @@ end}.
                            {nodelay, cuttlefish:conf_get(Prefix ++ ".nodelay", Conf, true)}])
               end,
     SslOpts = fun(Prefix) ->
-                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf)},
+                  Filter([{handshake_timeout, cuttlefish:conf_get(Prefix ++ ".handshake_timeout", Conf) * 1000},
                           {keyfile,    cuttlefish:conf_get(Prefix ++ ".keyfile", Conf, undefined)},
                           {certfile,   cuttlefish:conf_get(Prefix ++ ".certfile", Conf, undefined)},
                           {cacertfile, cuttlefish:conf_get(Prefix ++ ".cacertfile", Conf, undefined)},
                           {verify,     cuttlefish:conf_get(Prefix ++ ".verify", Conf, undefined)},
-                          {failed_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".failed_if_no_peer_cert", Conf, undefined)}])
+                          {fail_if_no_peer_cert, cuttlefish:conf_get(Prefix ++ ".fail_if_no_peer_cert", Conf, undefined)}])
               end,
 
     Listeners = fun(Name) when is_atom(Name) ->