From bf2b5a9f24eb99f88feb21cdf727af522c722a0b Mon Sep 17 00:00:00 2001 From: Serge Tupchii Date: Tue, 6 Jun 2023 18:53:17 +0300 Subject: [PATCH] fix(emqx_listeners): fix listener authentication create/update Listener authentication is a list of authenticators, so each of them must be created or updated individually. --- apps/emqx/src/emqx_listeners.erl | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/apps/emqx/src/emqx_listeners.erl b/apps/emqx/src/emqx_listeners.erl index c0116fd8c..9a59db6e1 100644 --- a/apps/emqx/src/emqx_listeners.erl +++ b/apps/emqx/src/emqx_listeners.erl @@ -527,18 +527,26 @@ post_config_update(_Path, _Request, _NewConf, _OldConf, _AppEnvs) -> create_listener(Type, Name, NewConf) -> Res = start_listener(Type, Name, NewConf), - recreate_authenticator(Res, Type, Name, NewConf). + recreate_authenticators(Res, Type, Name, NewConf). -recreate_authenticator(ok, Type, Name, Conf) -> +recreate_authenticators(ok, Type, Name, Conf) -> Chain = listener_id(Type, Name), _ = emqx_authentication:delete_chain(Chain), - case maps:get(authentication, Conf, []) of - [] -> ok; - AuthN -> emqx_authentication:create_authenticator(Chain, AuthN) - end; -recreate_authenticator(Error, _Type, _Name, _NewConf) -> + do_create_authneticators(Chain, maps:get(authentication, Conf, [])); +recreate_authenticators(Error, _Type, _Name, _NewConf) -> Error. +do_create_authneticators(Chain, [AuthN | T]) -> + case emqx_authentication:create_authenticator(Chain, AuthN) of + {ok, _} -> + do_create_authneticators(Chain, T); + Error -> + _ = emqx_authentication:delete_chain(Chain), + Error + end; +do_create_authneticators(_Chain, []) -> + ok. + remove_listener(Type, Name, OldConf) -> ok = unregister_ocsp_stapling_refresh(Type, Name), case stop_listener(Type, Name, OldConf) of @@ -553,7 +561,7 @@ update_listener(Type, Name, {OldConf, NewConf}) -> try_clear_ssl_files(certs_dir(Type, Name), NewConf, OldConf), ok = maybe_unregister_ocsp_stapling_refresh(Type, Name, NewConf), Res = restart_listener(Type, Name, {OldConf, NewConf}), - recreate_authenticator(Res, Type, Name, NewConf). + recreate_authenticators(Res, Type, Name, NewConf). perform_listener_changes([]) -> ok;