fix: tighten MxGateway Ldap:Port to 1-65535; catch IOException in path validation

Defect 1: ValidateLdap used AddIfNotPositive for Port, accepting any value
> 0 including 70000. Replaced with builder.Port() from the shared
ZB.MOM.WW.Configuration library, which enforces the 1-65535 TCP range and
emits "MxGateway:Ldap:Port must be between 1 and 65535 (was {value})".

Defect 2: AddIfInvalidPath only caught ArgumentException, NotSupportedException,
and PathTooLongException from Path.GetFullPath. On macOS/Linux a path containing
an embedded null throws IOException, which escaped the catch block and caused
Validate() to throw instead of returning a failure. Added catch (IOException).

Tests: added Validate_Fails_WhenLdapPortIsZero, Validate_Fails_WhenLdapPortExceedsMaximum,
and Validate_Succeeds_WhenLdapEnabledWithValidPort to cover the new range boundary.

src/ZB.MOM.WW.MxGateway.Server/Configuration/GatewayOptionsValidator.cs

@@ -80,7 +80,7 @@ public sealed class GatewayOptionsValidator : OptionsValidatorBase<GatewayOption
             options.GroupAttribute,
             "MxGateway:Ldap:GroupAttribute is required when LDAP login is enabled.",
             builder);
-        AddIfNotPositive(options.Port, "MxGateway:Ldap:Port must be greater than zero.", builder);
+        builder.Port(options.Port, "MxGateway:Ldap:Port");
 
         if (!options.UseTls && !options.AllowInsecureLdap)
         {
@@ -339,5 +339,9 @@ public sealed class GatewayOptionsValidator : OptionsValidatorBase<GatewayOption
         {
             builder.Add(message);
         }
+        catch (IOException)
+        {
+            builder.Add(message);
+        }
     }
 }