From 3c2a7dbadc1064ca86a097987980c57dde6ae23e Mon Sep 17 00:00:00 2001
From: Andrew Mayorov <encube.ul@gmail.com>
Date: Sat, 3 Jun 2023 00:12:10 +0300
Subject: [PATCH] fix(tlsgc): consolidate conf keypaths knowledge in
 `emqx_tls_lib`

So that this GC mechanism will be easier to maintain.
---
 apps/emqx/src/emqx_tls_certfile_gc.erl | 10 +++++-----
 apps/emqx/src/emqx_tls_lib.erl         |  5 +++++
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/apps/emqx/src/emqx_tls_certfile_gc.erl b/apps/emqx/src/emqx_tls_certfile_gc.erl
index ed0c2c083..1d6f4c41b 100644
--- a/apps/emqx/src/emqx_tls_certfile_gc.erl
+++ b/apps/emqx/src/emqx_tls_certfile_gc.erl
@@ -240,11 +240,11 @@ find_references(Root) ->
         Config
     ).
 
-is_file_reference([<<"keyfile">> | _]) -> true;
-is_file_reference([<<"certfile">> | _]) -> true;
-is_file_reference([<<"cacertfile">> | _]) -> true;
-is_file_reference([<<"issuer_pem">>, <<"ocsp">> | _]) -> true;
-is_file_reference(_) -> false.
+is_file_reference(Stack) ->
+    lists:any(
+        fun(KP) -> lists:prefix(lists:reverse(KP), Stack) end,
+        emqx_tls_lib:ssl_file_conf_keypaths()
+    ).
 
 is_string(Value) ->
     is_list(Value) orelse is_binary(Value).
diff --git a/apps/emqx/src/emqx_tls_lib.erl b/apps/emqx/src/emqx_tls_lib.erl
index c05e0d092..157040c30 100644
--- a/apps/emqx/src/emqx_tls_lib.erl
+++ b/apps/emqx/src/emqx_tls_lib.erl
@@ -31,6 +31,7 @@
     ensure_ssl_files/2,
     ensure_ssl_files/3,
     drop_invalid_certs/1,
+    ssl_file_conf_keypaths/0,
     pem_dir/1,
     is_managed_ssl_file/1,
     is_valid_pem_file/1,
@@ -371,6 +372,10 @@ is_valid_string(Binary) when is_binary(Binary) ->
         _Otherwise -> false
     end.
 
+-spec ssl_file_conf_keypaths() -> [_ConfKeypath :: [binary()]].
+ssl_file_conf_keypaths() ->
+    ?SSL_FILE_OPT_PATHS.
+
 %% Check if it is a valid PEM formatted key.
 is_pem(MaybePem) ->
     try