From 724bd4cd622d9e04a68db85fcf236f3395cf3b9f Mon Sep 17 00:00:00 2001
From: Shawn <506895667@qq.com>
Date: Mon, 5 Aug 2024 15:31:55 +0800
Subject: [PATCH] fix: fast fail on invalid ssl options

---
 src/esockd.app.src          | 2 +-
 src/esockd_acceptor_sup.erl | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/esockd.app.src b/src/esockd.app.src
index 2e3cdc6..32fe1af 100644
--- a/src/esockd.app.src
+++ b/src/esockd.app.src
@@ -1,7 +1,7 @@
 {application, esockd,
  [{description, "General Non-blocking TCP/SSL and UDP/DTLS Server"},
   {id, "esockd"},
-  {vsn, "5.9.7"},
+  {vsn, git},
   {modules, []},
   {registered, []},
   {applications, [kernel, stdlib, sasl, ssl, public_key]},
diff --git a/src/esockd_acceptor_sup.erl b/src/esockd_acceptor_sup.erl
index a6ca519..d9ec1dc 100644
--- a/src/esockd_acceptor_sup.erl
+++ b/src/esockd_acceptor_sup.erl
@@ -126,7 +126,11 @@ ssl_upgrade_fun(Type, Opts) ->
           end,
     case proplists:get_value(Key, Opts) of
         undefined -> [];
-        SslOpts -> [esockd_transport:ssl_upgrade_fun(SslOpts)]
+        SslOpts ->
+            %% validate ssl options and prevent the listener from starting if
+            %% validation failed
+            _ = ssl:handle_options(SslOpts, server, undefined),
+            [esockd_transport:ssl_upgrade_fun(SslOpts)]
     end.
 
 tune_socket(Sock, []) ->