Skip to content

Commit

Permalink
Added configuration item for handshake timeout on SSL channel (#531)
Browse files Browse the repository at this point in the history
  • Loading branch information
dsshf committed Nov 13, 2020
1 parent 1d38a1b commit 2496e2e
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 1 deletion.
1 change: 1 addition & 0 deletions broker/src/main/java/io/moquette/BrokerConstants.java
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ public final class BrokerConstants {
public static final String NETTY_TCP_NODELAY_PROPERTY_NAME = "netty.tcp_nodelay";
public static final String NETTY_SO_KEEPALIVE_PROPERTY_NAME = "netty.so_keepalive";
public static final String NETTY_CHANNEL_TIMEOUT_SECONDS_PROPERTY_NAME = "netty.channel_timeout.seconds";
public static final String NETTY_CHANNEL_HANDSHAKE_TIMEOUT_SECONDS_PROPERTY_NAME = "netty.channel_handshake_timeout.seconds";
public static final String NETTY_EPOLL_PROPERTY_NAME = "netty.epoll";
public static final String NETTY_MAX_BYTES_PROPERTY_NAME = "netty.mqtt.message_size";
public static final int DEFAULT_NETTY_MAX_BYTES_IN_MESSAGE = 8092;
Expand Down
10 changes: 9 additions & 1 deletion broker/src/main/java/io/moquette/broker/NewNettyAcceptor.java
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,7 @@ public void operationComplete(ChannelFuture future) throws Exception {
private boolean nettyTcpNodelay;
private boolean nettySoKeepalive;
private int nettyChannelTimeoutSeconds;
private int nettyChannelHandshakeTimeoutSeconds;
private int maxBytesInMessage;

private Class<? extends ServerSocketChannel> channelClass;
Expand All @@ -145,6 +146,8 @@ public void initialize(NewNettyMQTTHandler mqttHandler, IConfig props, ISslConte
nettyTcpNodelay = props.boolProp(BrokerConstants.NETTY_TCP_NODELAY_PROPERTY_NAME, true);
nettySoKeepalive = props.boolProp(BrokerConstants.NETTY_SO_KEEPALIVE_PROPERTY_NAME, true);
nettyChannelTimeoutSeconds = props.intProp(BrokerConstants.NETTY_CHANNEL_TIMEOUT_SECONDS_PROPERTY_NAME, 10);
nettyChannelHandshakeTimeoutSeconds = props.intProp(
BrokerConstants.NETTY_CHANNEL_HANDSHAKE_TIMEOUT_SECONDS_PROPERTY_NAME, 10);
maxBytesInMessage = props.intProp(BrokerConstants.NETTY_MAX_BYTES_PROPERTY_NAME,
BrokerConstants.DEFAULT_NETTY_MAX_BYTES_IN_MESSAGE);

Expand Down Expand Up @@ -414,6 +417,7 @@ public void close() {
}

private ChannelHandler createSslHandler(SocketChannel channel, SslContext sslContext, boolean needsClientAuth) {
SslHandler handler;
SSLEngine sslEngine = sslContext.newEngine(
channel.alloc(),
channel.remoteAddress().getHostString(),
Expand All @@ -422,6 +426,10 @@ private ChannelHandler createSslHandler(SocketChannel channel, SslContext sslCon
if (needsClientAuth) {
sslEngine.setNeedClientAuth(true);
}
return new SslHandler(sslEngine);

handler = new SslHandler(sslEngine);
handler.setHandshakeTimeoutMillis(nettyChannelHandshakeTimeoutSeconds * 1000);

return handler;
}
}
7 changes: 7 additions & 0 deletions distribution/src/main/resources/moquette.conf
Original file line number Diff line number Diff line change
Expand Up @@ -127,9 +127,16 @@ password_file config/password_file.conf
# netty.mqtt.message_size : by default the max size of message is set at 8092 bytes
# http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Toc442180836
# Fore more information about payload size specs.
#
# Optional
# netty.channel_handshake_timeout.seconds:
# The number of seconds before the SSL handshake times out. The
# value is provided to Netty's SslHandler, and its current
# default value is 10.
#*********************************************************************
# netty.epoll true
# netty.mqtt.message_size 8092
# netty.channel_handshake_timeout.seconds 10

#*********************************************************************
# Metrics Configuration
Expand Down

0 comments on commit 2496e2e

Please sign in to comment.