From 23c604716345f533bc2e14e5510c165c11c43eca Mon Sep 17 00:00:00 2001 From: JianBo He Date: Thu, 28 Apr 2022 14:38:20 +0800 Subject: [PATCH] fix(gw): return BAD_REQUEST if request's ssl files is bad --- apps/emqx_gateway/src/coap/emqx_coap_impl.erl | 2 +- apps/emqx_gateway/src/emqx_gateway_api.erl | 2 ++ apps/emqx_gateway/src/emqx_gateway_conf.erl | 21 ++++++++++++++++--- apps/emqx_gateway/src/emqx_gateway_http.erl | 9 +++++--- .../src/exproto/emqx_exproto_impl.erl | 2 +- .../src/lwm2m/emqx_lwm2m_impl.erl | 2 +- .../src/stomp/emqx_stomp_impl.erl | 2 +- .../test/emqx_gateway_api_SUITE.erl | 2 +- 8 files changed, 31 insertions(+), 11 deletions(-) diff --git a/apps/emqx_gateway/src/coap/emqx_coap_impl.erl b/apps/emqx_gateway/src/coap/emqx_coap_impl.erl index d44dce142..94961fadf 100644 --- a/apps/emqx_gateway/src/coap/emqx_coap_impl.erl +++ b/apps/emqx_gateway/src/coap/emqx_coap_impl.erl @@ -80,7 +80,7 @@ on_gateway_load( throw( {badconf, #{ key => listeners, - vallue => Listener, + value => Listener, reason => Reason }} ) diff --git a/apps/emqx_gateway/src/emqx_gateway_api.erl b/apps/emqx_gateway/src/emqx_gateway_api.erl index a0ff42138..86e2a946d 100644 --- a/apps/emqx_gateway/src/emqx_gateway_api.erl +++ b/apps/emqx_gateway/src/emqx_gateway_api.erl @@ -97,6 +97,8 @@ gateway(post, Request) -> catch error:{badkey, K} -> return_http_error(400, [K, " is required"]); + error:{badconf, _} = Reason1 -> + emqx_gateway_http:reason2resp(Reason1); error:badarg -> return_http_error(404, "Bad gateway name") end. diff --git a/apps/emqx_gateway/src/emqx_gateway_conf.erl b/apps/emqx_gateway/src/emqx_gateway_conf.erl index 1ac8c50f8..509910631 100644 --- a/apps/emqx_gateway/src/emqx_gateway_conf.erl +++ b/apps/emqx_gateway/src/emqx_gateway_conf.erl @@ -99,9 +99,9 @@ load_gateway(GwName, Conf) -> unconvert_listeners(Ls) when is_list(Ls) -> lists:foldl( fun(Lis, Acc) -> - %% FIXME: params apperence guard? {[Type, Name], Lis1} = maps_key_take([<<"type">>, <<"name">>], Lis), - NLis1 = maps:without([<<"id">>], Lis1), + _ = vaildate_listener_name(Name), + NLis1 = maps:without([<<"id">>, <<"running">>], Lis1), emqx_map_lib:deep_merge(Acc, #{Type => #{Name => NLis1}}) end, #{}, @@ -114,10 +114,25 @@ maps_key_take([], M, Acc) -> {lists:reverse(Acc), M}; maps_key_take([K | Ks], M, Acc) -> case maps:take(K, M) of - error -> throw(bad_key); + error -> error(bad_key); {V, M1} -> maps_key_take(Ks, M1, [V | Acc]) end. +vaildate_listener_name(Name) -> + try + {match, _} = re:run(Name, "^[0-9a-zA-Z_-]+$"), + ok + catch + _:_ -> + error( + {badconf, #{ + key => name, + value => Name, + reason => illegal_listener_name + }} + ) + end. + -spec update_gateway(atom_or_bin(), map()) -> map_or_err(). update_gateway(GwName, Conf0) -> Exclude0 = [listeners, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_ATOM], diff --git a/apps/emqx_gateway/src/emqx_gateway_http.erl b/apps/emqx_gateway/src/emqx_gateway_http.erl index f438466b5..f8cf4f96f 100644 --- a/apps/emqx_gateway/src/emqx_gateway_http.erl +++ b/apps/emqx_gateway/src/emqx_gateway_http.erl @@ -381,7 +381,7 @@ reason2msg({badconf, #{key := Key, value := Value, reason := Reason}}) -> end, fmtstr( "Bad config value '~s' for '~s', reason: ~s", - [NValue, Key, Reason] + [NValue, Key, emqx_gateway_utils:stringfy(Reason)] ); reason2msg( {badres, #{ @@ -506,13 +506,16 @@ with_gateway(GwName0, Fun) -> return_http_error(400, [K, " is required"]); %% Exceptions from emqx_gateway_utils:parse_listener_id/1 error:{invalid_listener_id, Id} -> - return_http_error(400, ["invalid listener id: ", Id]); - %% Exceptions from: emqx:get_config/1 + return_http_error(400, ["Invalid listener id: ", Id]); + %% Exceptions from emqx:get_config/1 error:{config_not_found, Path0} -> Path = lists:concat( lists:join(".", lists:map(fun to_list/1, Path0)) ), return_http_error(404, "Resource not found. path: " ++ Path); + %% Exceptions from emqx_gateway_conf:convert_certs/2,3 + error:{bad_ssl_config, #{which_option := Option}} -> + return_http_error(400, ["Bad SSL config, option: ", Option]); Class:Reason:Stk -> ?SLOG(error, #{ msg => "uncatched_error", diff --git a/apps/emqx_gateway/src/exproto/emqx_exproto_impl.erl b/apps/emqx_gateway/src/exproto/emqx_exproto_impl.erl index 2c89d32c7..e5015b84d 100644 --- a/apps/emqx_gateway/src/exproto/emqx_exproto_impl.erl +++ b/apps/emqx_gateway/src/exproto/emqx_exproto_impl.erl @@ -105,7 +105,7 @@ on_gateway_load( throw( {badconf, #{ key => listeners, - vallue => Listener, + value => Listener, reason => Reason }} ) diff --git a/apps/emqx_gateway/src/lwm2m/emqx_lwm2m_impl.erl b/apps/emqx_gateway/src/lwm2m/emqx_lwm2m_impl.erl index ade160b25..ba17f2057 100644 --- a/apps/emqx_gateway/src/lwm2m/emqx_lwm2m_impl.erl +++ b/apps/emqx_gateway/src/lwm2m/emqx_lwm2m_impl.erl @@ -75,7 +75,7 @@ on_gateway_load( throw( {badconf, #{ key => listeners, - vallue => Listener, + value => Listener, reason => Reason }} ) diff --git a/apps/emqx_gateway/src/stomp/emqx_stomp_impl.erl b/apps/emqx_gateway/src/stomp/emqx_stomp_impl.erl index 4a71399a4..04dd81140 100644 --- a/apps/emqx_gateway/src/stomp/emqx_stomp_impl.erl +++ b/apps/emqx_gateway/src/stomp/emqx_stomp_impl.erl @@ -84,7 +84,7 @@ on_gateway_load( throw( {badconf, #{ key => listeners, - vallue => Listener, + value => Listener, reason => Reason }} ) diff --git a/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl b/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl index 6bb111e60..351200abf 100644 --- a/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl +++ b/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl @@ -278,7 +278,7 @@ t_authn_data_mgmt(_) -> {204, _} = request(get, "/gateway/stomp/authentication"), {204, _} = request(delete, "/gateway/stomp"). -t_listeners(_) -> +t_listeners_tcp(_) -> GwConf = #{name => <<"stomp">>}, {201, _} = request(post, "/gateway", GwConf), {404, _} = request(get, "/gateway/stomp/listeners"),