Merge pull request #7814 from HJianBo/fix-gw-bad-ssl

fix(gw): return BAD_REQUEST if request's ssl files is bad

apps/emqx_gateway/src/coap/emqx_coap_impl.erl

@@ -80,7 +80,7 @@ on_gateway_load(
             throw(
                 {badconf, #{
                     key => listeners,
-                    vallue => Listener,
+                    value => Listener,
                     reason => Reason
                 }}
             )

apps/emqx_gateway/src/emqx_gateway_api.erl

@@ -97,6 +97,8 @@ gateway(post, Request) ->
     catch
         error:{badkey, K} ->
             return_http_error(400, [K, " is required"]);
+        error:{badconf, _} = Reason1 ->
+            emqx_gateway_http:reason2resp(Reason1);
         error:badarg ->
             return_http_error(404, "Bad gateway name")
     end.

apps/emqx_gateway/src/emqx_gateway_conf.erl

@@ -99,9 +99,9 @@ load_gateway(GwName, Conf) ->
 unconvert_listeners(Ls) when is_list(Ls) ->
     lists:foldl(
         fun(Lis, Acc) ->
-            %% FIXME: params apperence guard?
             {[Type, Name], Lis1} = maps_key_take([<<"type">>, <<"name">>], Lis),
-            NLis1 = maps:without([<<"id">>], Lis1),
+            _ = vaildate_listener_name(Name),
+            NLis1 = maps:without([<<"id">>, <<"running">>], Lis1),
             emqx_map_lib:deep_merge(Acc, #{Type => #{Name => NLis1}})
         end,
         #{},
@@ -114,10 +114,25 @@ maps_key_take([], M, Acc) ->
     {lists:reverse(Acc), M};
 maps_key_take([K | Ks], M, Acc) ->
     case maps:take(K, M) of
-        error -> throw(bad_key);
+        error -> error(bad_key);
         {V, M1} -> maps_key_take(Ks, M1, [V | Acc])
     end.
 
+vaildate_listener_name(Name) ->
+    try
+        {match, _} = re:run(Name, "^[0-9a-zA-Z_-]+$"),
+        ok
+    catch
+        _:_ ->
+            error(
+                {badconf, #{
+                    key => name,
+                    value => Name,
+                    reason => illegal_listener_name
+                }}
+            )
+    end.
+
 -spec update_gateway(atom_or_bin(), map()) -> map_or_err().
 update_gateway(GwName, Conf0) ->
     Exclude0 = [listeners, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_ATOM],

apps/emqx_gateway/src/emqx_gateway_http.erl

@@ -381,7 +381,7 @@ reason2msg({badconf, #{key := Key, value := Value, reason := Reason}}) ->
         end,
     fmtstr(
         "Bad config value '~s' for '~s', reason: ~s",
-        [NValue, Key, Reason]
+        [NValue, Key, emqx_gateway_utils:stringfy(Reason)]
     );
 reason2msg(
     {badres, #{
@@ -506,13 +506,16 @@ with_gateway(GwName0, Fun) ->
             return_http_error(400, [K, " is required"]);
         %% Exceptions from emqx_gateway_utils:parse_listener_id/1
         error:{invalid_listener_id, Id} ->
-            return_http_error(400, ["invalid listener id: ", Id]);
-        %% Exceptions from: emqx:get_config/1
+            return_http_error(400, ["Invalid listener id: ", Id]);
+        %% Exceptions from emqx:get_config/1
         error:{config_not_found, Path0} ->
             Path = lists:concat(
                 lists:join(".", lists:map(fun to_list/1, Path0))
             ),
             return_http_error(404, "Resource not found. path: " ++ Path);
+        %% Exceptions from emqx_gateway_conf:convert_certs/2,3
+        error:{bad_ssl_config, #{which_option := Option}} ->
+            return_http_error(400, ["Bad SSL config, option: ", Option]);
         Class:Reason:Stk ->
             ?SLOG(error, #{
                 msg => "uncatched_error",

apps/emqx_gateway/src/exproto/emqx_exproto_impl.erl

@@ -105,7 +105,7 @@ on_gateway_load(
             throw(
                 {badconf, #{
                     key => listeners,
-                    vallue => Listener,
+                    value => Listener,
                     reason => Reason
                 }}
             )

apps/emqx_gateway/src/lwm2m/emqx_lwm2m_impl.erl

@@ -75,7 +75,7 @@ on_gateway_load(
                     throw(
                         {badconf, #{
                             key => listeners,
-                            vallue => Listener,
+                            value => Listener,
                             reason => Reason
                         }}
                     )

apps/emqx_gateway/src/stomp/emqx_stomp_impl.erl

@@ -84,7 +84,7 @@ on_gateway_load(
             throw(
                 {badconf, #{
                     key => listeners,
-                    vallue => Listener,
+                    value => Listener,
                     reason => Reason
                 }}
             )

apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl

@@ -318,7 +318,7 @@ t_authn_data_mgmt(_) ->
     {204, _} = request(get, "/gateway/stomp/authentication"),
     {204, _} = request(delete, "/gateway/stomp").
 
-t_listeners(_) ->
+t_listeners_tcp(_) ->
     GwConf = #{name => <<"stomp">>},
     {201, _} = request(post, "/gateway", GwConf),
     {404, _} = request(get, "/gateway/stomp/listeners"),