diff options
| -rw-r--r-- | src/rabbit_control.erl | 2 | ||||
| -rw-r--r-- | src/rabbit_net.erl | 5 | ||||
| -rw-r--r-- | src/rabbit_networking.erl | 9 | ||||
| -rw-r--r-- | src/rabbit_reader.erl | 29 |
4 files changed, 28 insertions, 17 deletions
diff --git a/src/rabbit_control.erl b/src/rabbit_control.erl index 67cea37b57..6e6ad06cb3 100644 --- a/src/rabbit_control.erl +++ b/src/rabbit_control.erl @@ -247,8 +247,6 @@ action(list_bindings, Node, Args, Inform) -> action(list_connections, Node, Args, Inform) -> Inform("Listing connections", []), ArgAtoms = default_if_empty(Args, [user, peer_address, peer_port, state]), - io:format("~p~n", [rpc_call(Node, rabbit_networking, connection_info_all, - [ArgAtoms])]), display_info_list(rpc_call(Node, rabbit_networking, connection_info_all, [ArgAtoms]), ArgAtoms); diff --git a/src/rabbit_net.erl b/src/rabbit_net.erl index b92d83efd3..145153c155 100644 --- a/src/rabbit_net.erl +++ b/src/rabbit_net.erl @@ -121,7 +121,10 @@ peername(Sock) when is_port(Sock) -> peercert(Sock) when is_record(Sock, ssl_socket) -> - public_key:pkix_decode_cert(ssl:peercert(Sock#ssl_socket.ssl), plain); + case ssl:peercert(Sock#ssl_socket.ssl) of + {ok, Cert} -> public_key:pkix_decode_cert(Cert, otp); + {error, no_peercert} -> no_peer_certificate + end; peercert(_) -> nossl. diff --git a/src/rabbit_networking.erl b/src/rabbit_networking.erl index 3fd5960c6b..3a3357ba9d 100644 --- a/src/rabbit_networking.erl +++ b/src/rabbit_networking.erl @@ -235,16 +235,11 @@ connections() -> connection_info_keys() -> rabbit_reader:info_keys(). -connection_info(Pid) -> - Info = rabbit_reader:info(Pid), - io:format("Got info: ~p~n", [Info]), - Info. +connection_info(Pid) -> rabbit_reader:info(Pid). connection_info(Pid, Items) -> rabbit_reader:info(Pid, Items). connection_info_all() -> cmap(fun (Q) -> connection_info(Q) end). -connection_info_all(Items) -> - io:format("The Items are ~p~n", [Items]), - cmap(fun (Q) -> connection_info(Q, Items) end). +connection_info_all(Items) -> cmap(fun (Q) -> connection_info(Q, Items) end). close_connection(Pid, Explanation) -> case lists:any(fun ({_, ChildPid, _, _}) -> ChildPid =:= Pid end, diff --git a/src/rabbit_reader.erl b/src/rabbit_reader.erl index 1b5946677a..befbb0c1ec 100644 --- a/src/rabbit_reader.erl +++ b/src/rabbit_reader.erl @@ -33,6 +33,8 @@ -include("rabbit_framing.hrl"). -include("rabbit.hrl"). +-include_lib("public_key/include/public_key.hrl"). + -export([start_link/0, info_keys/0, info/1, info/2, shutdown/2]). -export([system_continue/3, system_terminate/4, system_code_change/4]). @@ -61,9 +63,10 @@ queue_collector}). -define(INFO_KEYS, - [pid, address, port, peer_address, peer_port, peer_certificate, + [pid, address, port, peer_address, peer_port, recv_oct, recv_cnt, send_oct, send_cnt, send_pend, - state, channels, user, vhost, timeout, frame_max, client_properties]). + state, channels, user, vhost, timeout, frame_max, client_properties, + ssl_subject, ssl_fingerprint, ssl_ca]). %% connection lifecycle %% @@ -730,11 +733,13 @@ i(port, #v1{sock = Sock}) -> i(peer_address, #v1{sock = Sock}) -> {ok, {A, _}} = rabbit_net:peername(Sock), A; -i(peer_certificate, #v1{sock = Sock}) -> - case rabbit_net:peercert(Sock) of - {ok, Cert} -> Cert; - nossl -> nossl - end; +i(ssl_subject, #v1{sock = Sock}) -> + get_ssl_info(fun (Cert) -> + TBSCert = Cert#'OTPCertificate'.tbsCertificate, + Subj = TBSCert#'OTPTBSCertificate'.subject, + {ok, Subj} + end, + Sock); i(peer_port, #v1{sock = Sock}) -> {ok, {_, P}} = rabbit_net:peername(Sock), P; @@ -768,6 +773,16 @@ i(client_properties, #v1{connection = #connection{ i(Item, #v1{}) -> throw({bad_argument, Item}). +get_ssl_info(F, Sock) -> + io:format("Peer cert: ~p~n", [rabbit_net:peercert(Sock)]), + case rabbit_net:peercert(Sock) of + nossl -> nossl; + no_peer_certificate -> no_peer_certificate; + {ok, Cert} -> + io:format("Some information: ~p~n", [F(Cert)]), + F(Cert) + end. + %%-------------------------------------------------------------------------- send_to_new_channel(Channel, AnalyzedFrame, |