From a175bfa926de2b87ff5eed9a5041fb7905708e57 Mon Sep 17 00:00:00 2001
From: Shawn <506895667@qq.com>
Date: Tue, 12 Mar 2024 16:30:57 +0800
Subject: [PATCH] fix: fast fail on invalid ssl options

---
 src/esockd.app.src          |  2 +-
 src/esockd.appup.src        | 24 +++++++++++++++++++-----
 src/esockd_listener_sup.erl |  5 ++++-
 3 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/src/esockd.app.src b/src/esockd.app.src
index 760167cd..45d40adb 100644
--- a/src/esockd.app.src
+++ b/src/esockd.app.src
@@ -1,7 +1,7 @@
 {application, esockd,
  [{description, "General Non-blocking TCP/SSL and UDP/DTLS Server"},
   {id, "esockd"},
-  {vsn, "5.8.11"},
+  {vsn, "5.8.12"},
   {modules, []},
   {registered, []},
   {applications, [kernel, stdlib, sasl, ssl]},
diff --git a/src/esockd.appup.src b/src/esockd.appup.src
index 6f03cc4f..89542599 100644
--- a/src/esockd.appup.src
+++ b/src/esockd.appup.src
@@ -1,16 +1,21 @@
 %%-*- mode: erlang; -*-
 
-{"5.8.10",
-  [{"5.8.10",
-    [{load_module,esockd_transport,brutal_purge,soft_purge,[]}]},
+{"5.8.12",
+  [{"5.8.11",
+    [{load_module,esockd_listener_sup,brutal_purge,soft_purge,[]}]},
+   {"5.8.10",
+    [{load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
+     {load_module,esockd_transport,brutal_purge,soft_purge,[]}]},
    {<<"5\\.8\\.[6-9]">>,
     [{add_module,esockd_utils},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_transport,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]}
     ]},
    {<<"5\\.8\\.[4-5]">>,
     [{add_module,esockd_utils},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_udp,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
@@ -18,6 +23,7 @@
     ]},
    {"5.8.3",
     [{add_module,esockd_utils},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_udp,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
@@ -26,6 +32,7 @@
     ]},
    {<<"5\\.8\\.[0-2]">>,
     [{add_module,esockd_utils},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_udp,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
@@ -37,16 +44,21 @@
     ]},
    {<<".*">>, []}
   ],
-  [{"5.8.10",
-    [{load_module,esockd_transport,brutal_purge,soft_purge,[]}]},
+  [{"5.8.11",
+    [{load_module,esockd_listener_sup,brutal_purge,soft_purge,[]}]},
+   {"5.8.10",
+    [{load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
+     {load_module,esockd_transport,brutal_purge,soft_purge,[]}]},
    {<<"5\\.8\\.[6-9]">>,
     [{load_module,esockd_transport,brutal_purge,soft_purge,[]},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
      {delete_module,esockd_utils}
     ]},
    {<<"5\\.8\\.[4-5]">>,
     [{load_module,esockd_udp,brutal_purge,soft_purge,[]},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
      {load_module,esockd_transport,brutal_purge,soft_purge,[]},
@@ -54,6 +66,7 @@
     ]},
    {"5.8.3",
     [{load_module,esockd_udp,brutal_purge,soft_purge,[]},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
      {load_module,esockd_limiter, brutal_purge, soft_purge, []},
@@ -62,6 +75,7 @@
     ]},
    {<<"5\\.8\\.[0-2]">>,
     [{load_module,esockd_udp,brutal_purge,soft_purge,[]},
+     {load_module,esockd_listener_sup,brutal_purge,soft_purge,[]},
      {load_module,esockd_acceptor,brutal_purge,soft_purge,[]},
      {load_module,esockd_proxy_protocol,brutal_purge,soft_purge,[]},
      {load_module,esockd_connection_sup,brutal_purge,soft_purge,[]},
diff --git a/src/esockd_listener_sup.erl b/src/esockd_listener_sup.erl
index 8de1906f..1fb6b75b 100644
--- a/src/esockd_listener_sup.erl
+++ b/src/esockd_listener_sup.erl
@@ -217,7 +217,10 @@ ssl_upgrade_fun(Type, Opts) ->
           end,
     case proplists:get_value(Key, Opts) of
         undefined -> [];
-        SslOpts -> [esockd_transport:ssl_upgrade_fun(SslOpts)]
+        SslOpts ->
+            %% validate ssl options here
+            _ = ssl:handle_options(SslOpts, server),
+            [esockd_transport:ssl_upgrade_fun(SslOpts)]
     end.
 
 conn_rate_opt(Opts) ->