fix(schema): simplify ssl ciphers filed schema

apps/emqx/src/emqx_schema.erl

@@ -23,7 +23,6 @@
 -dialyzer(no_fail_call).
 
 -include_lib("typerefl/include/types.hrl").
--include_lib("snabbkaffe/include/snabbkaffe.hrl").
 
 -type duration() :: integer().
 -type duration_s() :: integer().
@@ -1084,7 +1083,7 @@ default_tls_vsns(tcp) ->
 
 -spec ciphers_schema(quic | dtls | tcp_all | undefined) -> hocon_schema:field_schema().
 ciphers_schema(Default) ->
-    sc(hoconsc:union([string(), hoconsc:array(string())]),
+    sc(hoconsc:array(string()),
        #{ default => default_ciphers(Default)
         , converter => fun(Ciphers) when is_binary(Ciphers) ->
                                binary:split(Ciphers, <<",">>, [global]);
@@ -1283,13 +1282,7 @@ parse_user_lookup_fun(StrConf) ->
 validate_ciphers(Ciphers) ->
     All = ssl:cipher_suites(all, 'tlsv1.3', openssl) ++
           ssl:cipher_suites(all, 'tlsv1.2', openssl), %% includes older version ciphers
-    lists:foreach(
-        fun(Cipher) ->
-                case lists:member(Cipher, All) of
-                    true ->
-                        ok;
-                    false ->
-                        ?tp(error, bad_tls_cipher_suite, #{ciphers => Cipher}),
-                        error({bad_tls_cipher_suite, Cipher})
-                end
-        end, Ciphers).
+    case lists:filter(fun(Cipher) -> not lists:member(Cipher, All) end, Ciphers) of
+        [] -> ok;
+        Bad -> {error, {bad_ciphers, Bad}}
+    end.

apps/emqx/test/emqx_schema_tests.erl

@@ -17,7 +17,6 @@
 -module(emqx_schema_tests).
 
 -include_lib("eunit/include/eunit.hrl").
--include_lib("snabbkaffe/include/snabbkaffe.hrl").
 
 ssl_opts_dtls_test() ->
     Sc = emqx_schema:server_ssl_opts_schema(#{versions => dtls,
@@ -71,14 +70,11 @@ ssl_opts_tls_psk_test() ->
                   end, PskCiphers).
 
 bad_cipher_test() ->
-    ok = snabbkaffe:start_trace(),
     Sc = emqx_schema:server_ssl_opts_schema(#{}, false),
-    ?assertThrow({_Sc, [{validation_error, _Error}]},
+    Reason = {bad_ciphers, ["foo"]},
+    ?assertThrow({_Sc, [{validation_error, #{reason := Reason}}]},
               [validate(Sc, #{<<"versions">> => [<<"tlsv1.2">>],
                         <<"ciphers">> => [<<"foo">>]})]),
-    Trace = snabbkaffe:collect_trace(),
-    ?assertEqual(1, length(?of_kind(bad_tls_cipher_suite, Trace))),
-    snabbkaffe:stop(),
     ok.
 
 validate(Schema, Data0) ->
@@ -96,13 +92,6 @@ validate(Schema, Data0) ->
 
 ciperhs_schema_test() ->
     Sc = emqx_schema:ciphers_schema(undefined),
-    ?assertMatch(
-       #{type := {union, [_, {array, _}]},
-         default := [_ | _],
-         converter := Converter,
-         validator := Validator
-        } when is_function(Converter) andalso is_function(Validator),
-       Sc),
     WSc = #{roots => [{ciphers, Sc}]},
     ?assertThrow({_, [{validation_error, _}]},
                  hocon_schema:check_plain(WSc, #{<<"ciphers">> => <<"foo,bar">>})).