Allow custom tls_opts

4 files changed, 21 insertions, 7 deletions

diff --git a/components/dlink_tls/src/dlink_tls_conn.erl b/components/dlink_tls/src/dlink_tls_conn.erl
index 4629e55..cfa75d2 100644
--- a/components/dlink_tls/src/dlink_tls_conn.erl
+++ b/components/dlink_tls/src/dlink_tls_conn.erl
@@ -427,7 +427,8 @@ do_upgrade(Sock, server, CompSpec) ->
 
 tls_opts(Role, CompSpec) ->
     {ok, ServerOpts} = get_module_config(server_opts, [], CompSpec),
-    TlsOpts = rvi_common:get_value(tls_opts, ServerOpts, CompSpec),
+    TlsOpts = proplists:get_value(tls_opts, ServerOpts, []),
+    ?debug("TlsOpts = ~p", [TlsOpts]),
     Opt = fun(K) -> opt(K, TlsOpts,
                         fun() ->
                                 ok(setup:get_env(rvi_core, K))
@@ -440,11 +441,11 @@ tls_opts(Role, CompSpec) ->
                      {certfile, Opt(device_cert)},
                      {keyfile, Opt(device_key)},
                      {cacertfile, Opt(root_cert)}
-                    ]};
+                     | other_tls_opts(TlsOpts)]};
         {verify, false} ->
             {false, [
                      {verify, verify_none}
-                    ]};
+                     | other_tls_opts(TlsOpts)]};
         _ when VOpt==false; VOpt == {verify, true} ->  % {verify,true} default
             {true, [
                     {verify, verify_peer},
@@ -457,9 +458,19 @@ tls_opts(Role, CompSpec) ->
                                         fun(X) ->
                                                 partial_chain(Role, X)
                                         end)}
+                    | other_tls_opts(TlsOpts)
                    ]}
     end.
 
+other_tls_opts(Opts) ->
+    other_tls_opts([device_cert, device_key,
+                    root_cert, verify_fun,
+                    partial_chain, verify], Opts).
+
+other_tls_opts(Remove, Opts) ->
+    [O || {K,_} = O <- Opts,
+          not lists:member(K, Remove)].
+
 opt(Key, Opts, Def) ->
     case lists:keyfind(Key, 1, Opts) of
         false when is_function(Def, 0) -> Def();
diff --git a/priv/test_config/tls_backend.config b/priv/test_config/tls_backend.config
index fa931d8..ccc03a5 100644
--- a/priv/test_config/tls_backend.config
+++ b/priv/test_config/tls_backend.config
@@ -8,7 +8,10 @@
      { [routing_rules, ""], [{proto_msgpack_rpc, dlink_tls_rpc}] },
      { [components, data_link], [{dlink_tls_rpc, gen_server,
 				  [{server_opts, [{port, 8807},
-						  {ping_interval,500}]}]}]},
+						  {ping_interval,500},
+						  {tls_opts,
+						   [{reuse_sessions, false}]}
+						 ]}]}]},
      { [components, protocol], [{proto_msgpack_rpc, gen_server, []}] }
     ]}
   ]}
diff --git a/priv/test_config/tls_backend_noverify.config b/priv/test_config/tls_backend_noverify.config
index cb24e81..b057af8 100644
--- a/priv/test_config/tls_backend_noverify.config
+++ b/priv/test_config/tls_backend_noverify.config
@@ -8,8 +8,9 @@
      { [routing_rules, ""], [{proto_msgpack_rpc, dlink_tls_rpc}] },
      { [components, data_link], [{dlink_tls_rpc, gen_server,
 				  [{server_opts, [{port, 8807},
-						  {verify, false},
-						  {ping_interval,500}]}]}]},
+						  {ping_interval,500},
+						  {tls_opts,
+						   [{verify, false}]}]}]}]},
      { [components, protocol], [{proto_msgpack_rpc, gen_server, []}] }
     ]}
   ]}
diff --git a/priv/test_config/tls_sample_noverify.config b/priv/test_config/tls_sample_noverify.config
index 0328cf4..9dad5f9 100644
--- a/priv/test_config/tls_sample_noverify.config
+++ b/priv/test_config/tls_sample_noverify.config
@@ -8,7 +8,6 @@
      { [routing_rules, ""], [{proto_msgpack_rpc, dlink_tls_rpc}] },
      { [components, data_link], [{dlink_tls_rpc, gen_server,
 				  [{server_opts, [{port, 9007},
-%						  {verify, false},
 						  {ping_interval,500}]},
 				   {persistent_connections,
 				    ["localhost:8807"]}]}]},