yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #7814 from HJianBo/fix-gw-bad-ssl 

fix(gw): return BAD_REQUEST if request's ssl files is bad
This commit is contained in:
JianBo He 2022-04-29 11:52:57 +08:00 committed by GitHub
parent 7061d94cf9 23c6047163
commit 725c96dc2f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 31 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/emqx_gateway/src/coap/emqx_coap_impl.erl
View File

@ -80,7 +80,7 @@ on_gateway_load(
throw( throw(
{badconf, #{ {badconf, #{
key => listeners, key => listeners,
vallue => Listener, value => Listener,
reason => Reason reason => Reason
}} }}
) )

2
apps/emqx_gateway/src/emqx_gateway_api.erl
View File

@ -97,6 +97,8 @@ gateway(post, Request) ->
catch catch
error:{badkey, K} -> error:{badkey, K} ->
return_http_error(400, [K, " is required"]); return_http_error(400, [K, " is required"]);
error:{badconf, _} = Reason1 ->
emqx_gateway_http:reason2resp(Reason1);
error:badarg -> error:badarg ->
return_http_error(404, "Bad gateway name") return_http_error(404, "Bad gateway name")
end. end.

21
apps/emqx_gateway/src/emqx_gateway_conf.erl
View File

@ -99,9 +99,9 @@ load_gateway(GwName, Conf) ->
unconvert_listeners(Ls) when is_list(Ls) -> unconvert_listeners(Ls) when is_list(Ls) ->
lists:foldl( lists:foldl(
fun(Lis, Acc) -> fun(Lis, Acc) ->
%% FIXME: params apperence guard?
{[Type, Name], Lis1} = maps_key_take([<<"type">>, <<"name">>], Lis), {[Type, Name], Lis1} = maps_key_take([<<"type">>, <<"name">>], Lis),
NLis1 = maps:without([<<"id">>], Lis1), _ = vaildate_listener_name(Name),
NLis1 = maps:without([<<"id">>, <<"running">>], Lis1),
emqx_map_lib:deep_merge(Acc, #{Type => #{Name => NLis1}}) emqx_map_lib:deep_merge(Acc, #{Type => #{Name => NLis1}})
end, end,
#{}, #{},
@ -114,10 +114,25 @@ maps_key_take([], M, Acc) ->
{lists:reverse(Acc), M}; {lists:reverse(Acc), M};
maps_key_take([K | Ks], M, Acc) -> maps_key_take([K | Ks], M, Acc) ->
case maps:take(K, M) of case maps:take(K, M) of
error -> throw(bad_key); error -> error(bad_key);
{V, M1} -> maps_key_take(Ks, M1, [V | Acc]) {V, M1} -> maps_key_take(Ks, M1, [V | Acc])
end. end.
vaildate_listener_name(Name) ->
try
{match, _} = re:run(Name, "^[0-9a-zA-Z_-]+$"),
ok
catch
_:_ ->
error(
{badconf, #{
key => name,
value => Name,
reason => illegal_listener_name
}}
)
end.
-spec update_gateway(atom_or_bin(), map()) -> map_or_err(). -spec update_gateway(atom_or_bin(), map()) -> map_or_err().
update_gateway(GwName, Conf0) -> update_gateway(GwName, Conf0) ->
Exclude0 = [listeners, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_ATOM], Exclude0 = [listeners, ?EMQX_AUTHENTICATION_CONFIG_ROOT_NAME_ATOM],

9
apps/emqx_gateway/src/emqx_gateway_http.erl
View File

@ -381,7 +381,7 @@ reason2msg({badconf, #{key := Key, value := Value, reason := Reason}}) ->
end, end,
fmtstr( fmtstr(
"Bad config value '~s' for '~s', reason: ~s", "Bad config value '~s' for '~s', reason: ~s",
[NValue, Key, Reason] [NValue, Key, emqx_gateway_utils:stringfy(Reason)]
); );
reason2msg( reason2msg(
{badres, #{ {badres, #{
@ -506,13 +506,16 @@ with_gateway(GwName0, Fun) ->
return_http_error(400, [K, " is required"]); return_http_error(400, [K, " is required"]);
%% Exceptions from emqx_gateway_utils:parse_listener_id/1 %% Exceptions from emqx_gateway_utils:parse_listener_id/1
error:{invalid_listener_id, Id} -> error:{invalid_listener_id, Id} ->
return_http_error(400, ["invalid listener id: ", Id]); return_http_error(400, ["Invalid listener id: ", Id]);
%% Exceptions from: emqx:get_config/1 %% Exceptions from emqx:get_config/1
error:{config_not_found, Path0} -> error:{config_not_found, Path0} ->
Path = lists:concat( Path = lists:concat(
lists:join(".", lists:map(fun to_list/1, Path0)) lists:join(".", lists:map(fun to_list/1, Path0))
), ),
return_http_error(404, "Resource not found. path: " ++ Path); return_http_error(404, "Resource not found. path: " ++ Path);
%% Exceptions from emqx_gateway_conf:convert_certs/2,3
error:{bad_ssl_config, #{which_option := Option}} ->
return_http_error(400, ["Bad SSL config, option: ", Option]);
Class:Reason:Stk -> Class:Reason:Stk ->
?SLOG(error, #{ ?SLOG(error, #{
msg => "uncatched_error", msg => "uncatched_error",

2
apps/emqx_gateway/src/exproto/emqx_exproto_impl.erl
View File

@ -105,7 +105,7 @@ on_gateway_load(
throw( throw(
{badconf, #{ {badconf, #{
key => listeners, key => listeners,
vallue => Listener, value => Listener,
reason => Reason reason => Reason
}} }}
) )

2
apps/emqx_gateway/src/lwm2m/emqx_lwm2m_impl.erl
View File

@ -75,7 +75,7 @@ on_gateway_load(
throw( throw(
{badconf, #{ {badconf, #{
key => listeners, key => listeners,
vallue => Listener, value => Listener,
reason => Reason reason => Reason
}} }}
) )

2
apps/emqx_gateway/src/stomp/emqx_stomp_impl.erl
View File

@ -84,7 +84,7 @@ on_gateway_load(
throw( throw(
{badconf, #{ {badconf, #{
key => listeners, key => listeners,
vallue => Listener, value => Listener,
reason => Reason reason => Reason
}} }}
) )

2
apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl
View File

@ -318,7 +318,7 @@ t_authn_data_mgmt(_) ->
{204, _} = request(get, "/gateway/stomp/authentication"), {204, _} = request(get, "/gateway/stomp/authentication"),
{204, _} = request(delete, "/gateway/stomp"). {204, _} = request(delete, "/gateway/stomp").
t_listeners(_) -> t_listeners_tcp(_) ->
GwConf = #{name => <<"stomp">>}, GwConf = #{name => <<"stomp">>},
{201, _} = request(post, "/gateway", GwConf), {201, _} = request(post, "/gateway", GwConf),
{404, _} = request(get, "/gateway/stomp/listeners"), {404, _} = request(get, "/gateway/stomp/listeners"),