fix(quic): environment variables as cert file prefix for quic listener

2023-06-10 11:52:03 +02:00 · 2023-06-10 11:52:03 +02:00 · 9f135d1f2b
parent 4215da12f0
commit 9f135d1f2b
3 changed files with 12 additions and 5 deletions
--- a/apps/emqx/src/emqx_listeners.erl
+++ b/apps/emqx/src/emqx_listeners.erl
@ -423,8 +423,8 @@ do_start_listener(quic, ListenerName, #{bind := Bind} = Opts) ->
            ),
            ListenOpts =
                [
-                    {certfile, str(maps:get(certfile, SSLOpts))},
-                    {keyfile, str(maps:get(keyfile, SSLOpts))},
+                    {certfile, emqx_schema:naive_env_interpolation(maps:get(certfile, SSLOpts))},
+                    {keyfile, emqx_schema:naive_env_interpolation(maps:get(keyfile, SSLOpts))},
                    {alpn, ["mqtt"]},
                    {conn_acceptors, lists:max([DefAcceptors, maps:get(acceptors, Opts, 0)])},
                    {keep_alive_interval_ms, maps:get(keep_alive_interval, Opts, 0)},
@ -434,8 +434,10 @@ do_start_listener(quic, ListenerName, #{bind := Bind} = Opts) ->
                    {verify, maps:get(verify, SSLOpts, verify_none)}
                ] ++
                    case maps:get(cacertfile, SSLOpts, undefined) of
-                        undefined -> [];
-                        CaCertFile -> [{cacertfile, str(CaCertFile)}]
+                        undefined ->
+                            [];
+                        CaCertFile ->
+                            [{cacertfile, emqx_schema:naive_env_interpolation(CaCertFile)}]
                    end ++
                    case maps:get(password, SSLOpts, undefined) of
                        undefined -> [];
--- a/apps/emqx/src/emqx_schema.erl
+++ b/apps/emqx/src/emqx_schema.erl
@ -1435,7 +1435,9 @@ fields("listener_quic_ssl_opts") ->
                true ->
                    {Name, Schema};
                false ->
-                    {Name, Schema#{deprecated => {since, "5.0.20"}}}
+                    {Name, Schema#{
+                        deprecated => {since, "5.0.20"}, importance => ?IMPORTANCE_HIDDEN
+                    }}
            end
        end,
        Schema1
--- a/changes/ee/fix-11006.en.md
+++ b/changes/ee/fix-11006.en.md
@ -0,0 +1,3 @@
+Fix QUIC listeners's default cert file paths.
+
+Prior to this change, the default cert file paths are prefixed with environment variable `${EMQX_ETC_DIR}` which were not interpolated before used in QUIC listeners.