In the project I work on, we used version 1.10.0 of VerneMQ. I started a transition to version 1.13.0 of VerneMQ. In this system, we use a custom patch to reload certificates without interrupting the service. However, when I apply this patch, I receive a build error in VerneMQ.
OTP version: 24.3.4.17
OS: Alpine 3.18
Patch:
diff -Naur vernemq-1.13.0/apps/vmq_server/priv/vmq_server.schema vernemq-1.13.0-trusted-cert-refresh/apps/vmq_server/priv/vmq_server.schema
--- vernemq-1.13.0/apps/vmq_server/priv/vmq_server.schema 2019-11-26 07:11:10.000000000 -0300
+++ vernemq-1.13.0-trusted-cert-refresh/apps/vmq_server/priv/vmq_server.schema 2021-07-12 11:27:37.418754173 -0300
@@ -1881,6 +1881,20 @@
Integer >= 0
end}.
++%% @doc The integer number of milli-seconds between trusted
++%% certificates refreshes. A value of 0 disables the automatic
++%% refresh completely. If unset, defaults to 5 minutes.
+{mapping, "ssl_trusted_cert_refresh_interval", "vmq_server.ssl_trusted_cert_refresh_interval", [
+ {default, 300000},
+ {datatype, integer},
+ {validators, ["non-neg-integer"]},
+ hidden
+ ]}.
+
+{validator, "non-neg-integer", "must be a non-negative integer",
+ fun(Integer) ->
+ Integer >= 0
+ end}.
%% @doc Enable the $SYSTree Reporter.
{mapping, "systree_enabled", "vmq_server.systree_enabled", [
diff -Naur vernemq-1.13.0/apps/vmq_server/src/vmq_server_sup.erl vernemq-1.13.0-trusted-cert-refresh/apps/vmq_server/src/vmq_server_sup.erl
--- vernemq-1.13.0/apps/vmq_server/src/vmq_server_sup.erl 2019-11-26 07:11:10.000000000 -0300
+++ vernemq-1.13.0-trusted-cert-refresh/apps/vmq_server/src/vmq_server_sup.erl 2021-07-12 13:06:48.713413303 -0300
@@ -48,6 +48,7 @@ init([]) ->
{{one_for_one, 5, 10}, [
?CHILD(vmq_config, worker, []),
?CHILD(vmq_crl_srv, worker, []),
+ ?CHILD(vmq_trusted_cert_srv, worker, []),
?CHILD(vmq_metrics_sup, supervisor, []),
?CHILD(vmq_queue_sup_sup, supervisor, [infinity, 5, 10]),
?CHILD(vmq_reg_sup, supervisor, []),
diff -Naur vernemq-1.13.0/apps/vmq_server/src/vmq_trusted_cert_srv.erl vernemq-1.13.0-trusted-cert-refresh/apps/vmq_server/src/vmq_trusted_cert_srv.erl
--- vernemq-1.13.0/apps/vmq_server/src/vmq_trusted_cert_srv.erl 1969-12-31 21:00:00.000000000 -0300
+++ vernemq-1.13.0-trusted-cert-refresh/apps/vmq_server/src/vmq_trusted_cert_srv.erl 2021-07-12 13:20:49.745789089 -0300
@@ -0,0 +1,95 @@
+%% Copyright 2021 CPQD
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%% http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+
+-module(vmq_trusted_cert_srv).
+
+-behaviour(gen_server).
+
+%% API
+-export([start_link/0,
+ refresh_trusted_cert/0]).
+
+%% gen_server callbacks
+-export([init/1,
+ handle_call/3,
+ handle_cast/2,
+ handle_info/2,
+ terminate/2,
+ code_change/3]).
+
+-record(state, {}).
+
+-type state() :: #state{}.
+
+%%%===================================================================
+%%% API
+%%%===================================================================
+
+-spec start_link() -> 'ignore' | {'error',_} | {'ok',pid()}.
+start_link() ->
+ gen_server:start_link({local, ?MODULE}, ?MODULE, [], []).
+
+refresh_trusted_cert() ->
+ gen_server:call(?MODULE, clear_ssl_pem_cache).
+
+%%%===================================================================
+%%% gen_server callbacks
+%%%===================================================================
+
+-spec init([]) -> {'ok', state()}.
+init([]) ->
+ schedule_ssl_pem_cache_cleaning_tick(),
+ {ok, #state{}}.
+
+-spec handle_call(_, _, _) -> {'reply','ok', _}.
+handle_call(clear_ssl_pem_cache, _From, State) ->
+ clear_ssl_pem_cache(),
+ {reply, ok, State}.
+
+
+-spec handle_cast(_, _) -> {'noreply', _}.
+handle_cast(_Msg, State) ->
+ {noreply, State}.
+
+-spec handle_info(_, _) -> {'noreply', _}.
+handle_info(ssl_pem_cache_cleaning_tick, State) ->
+ clear_ssl_pem_cache(),
+ schedule_ssl_pem_cache_cleaning_tick(),
+ {noreply, State};
+handle_info(_Info, State) ->
+ {noreply, State}.
+
+-spec terminate(_, _) -> 'ok'.
+terminate(_Reason, _State) ->
+ ok.
+
+-spec code_change(_, _, _) -> {'ok', _}.
+code_change(_OldVsn, State, _Extra) ->
+ {ok, State}.
+
+%%%===================================================================
+%%% Internal functions
+%%%===================================================================
+
+schedule_ssl_pem_cache_cleaning_tick() ->
+ TickMS = vmq_config:get_env(ssl_trusted_cert_refresh_interval, 300000),
+ case TickMS of
+ 0 -> ok;
+ _ ->
+ erlang:send_after(TickMS, ?MODULE, ssl_pem_cache_cleaning_tick)
+ end.
+
+%% TODO: call ssl_pem_cache if and only if the cabundle has changed
+clear_ssl_pem_cache() ->
+ ssl_pem_cache:clear().
Error:
131.7 ===> Compiling c_src/syslog_drv.c
131.7 ===> Linking priv/syslog_drv.so
133.1 ===> Compiling c_src/eleveldb.cc
134.0 ===> Compiling c_src/refobjects.cc
135.0 ===> Compiling c_src/workitems.cc
135.0 ===> Linking /vernemq-build/_build/default/lib/eleveldb/priv/eleveldb.so
135.2 ===> Building escript for cuttlefish...
135.3 ===> Running neotoma...
135.4 ===> Analyzing applications...
135.7 ===> Compiling vmq_plumtree
135.7 ===> Compiling vmq_webhooks
135.9 ===> Compiling vmq_generic_msg_store
136.0 ===> Compiling vmq_passwd
136.1 ===> Compiling vmq_commons
136.2 apps/vmq_commons/src/gen_mqtt_client.erl:174:5: Warning: gen_fsm:sync_send_all_state_event/3 is deprecated; use the 'gen_statem' module instead
136.2 apps/vmq_commons/src/gen_mqtt_client.erl:176:21: Warning: gen_fsm:sync_send_all_state_event/3 is deprecated; use the 'gen_statem' module instead
136.2
136.6 ===> Compiling vmq_pulse
136.6 ===> Compiling vmq_ql
136.8 ===> Compiling vmq_plugin
136.9 ===> Compiling vmq_server
138.1 ===> Compiling vmq_mqtt5_demo_plugin
138.1 ===> Compiling vmq_swc
138.4 ===> Compiling vmq_diversity
138.6 ===> Compiling vmq_acl
138.6 ===> Compiling vmq_http_pub
138.7 ===> Compiling vmq_bridge
139.2 make[1]: Entering directory '/vernemq-build/apps/vmq_passwd/c_src'
139.2 cc vmq_passwd.c -lcrypto -o ../priv/vmq_passwd
139.3 make[1]: Leaving directory '/vernemq-build/apps/vmq_passwd/c_src'
139.3 ===> Running cuttlefish schema generator
139.4 ===> Assembling release vernemq-1.13.0...
140.1 ===> There are missing function calls in the release.
140.1 ===> Make sure all applications needed at runtime are included in the release.
140.1 ===> vmq_ranch:mask_socket/2 calls undefined function vmq_ranch_proxy_protocol:get_csocket/1
140.1 ===> vmq_swc_db_leveled:fold/5 calls undefined function leveled_bookie:book_objectfold/6
140.1 ===> vmq_swc_db_leveled:init/1 calls undefined function leveled_bookie:book_start/1
140.1 ===> vmq_swc_db_leveled:read/4 calls undefined function leveled_bookie:book_get/3
140.1 ===> vmq_swc_db_leveled:terminate/2 calls undefined function leveled_bookie:book_close/1
140.1 ===> vmq_swc_db_leveled:write/3 calls undefined function leveled_bookie:book_delete/4
140.1 ===> vmq_swc_db_leveled:write/3 calls undefined function leveled_bookie:book_put/5
140.1 ===> vmq_swc_db_rocksdb:fold/5 calls undefined function rocksdb:iterator/3
140.1 ===> vmq_swc_db_rocksdb:fold/5 calls undefined function rocksdb:iterator_close/1
140.1 ===> vmq_swc_db_rocksdb:fold/5 calls undefined function rocksdb:release_snapshot/1
140.1 ===> vmq_swc_db_rocksdb:fold/5 calls undefined function rocksdb:snapshot/1
140.1 ===> vmq_swc_db_rocksdb:fold_loop/5 calls undefined function rocksdb:iterator_move/2
140.1 ===> vmq_swc_db_rocksdb:fold_loop/5 calls undefined function rocksdb:release_snapshot/1
140.1 ===> vmq_swc_db_rocksdb:open_db/6 calls undefined function rocksdb:open_with_cf/3
140.1 ===> vmq_swc_db_rocksdb:read/4 calls undefined function rocksdb:get/4
140.1 ===> vmq_swc_db_rocksdb:terminate/2 calls undefined function rocksdb:close/1
140.1 ===> vmq_swc_db_rocksdb:write/3 calls undefined function rocksdb:write/3
140.3 ===> Release successfully assembled: _build/default/rel/vernemq
140.4 ===> Uncaught error in rebar_core. Run with DIAGNOSTIC=1 to see stacktrace or consult rebar3.crashdump
140.4 ===> When submitting a bug report, please include the output of `rebar3 report "your command"`
140.4 make: *** [Makefile:22: rel] Error 1