lib/rapi/client.py · 0d9bc5d2a7e7f395b57c98ac7945be6f4767e649 · itminedu / snf-ganeti

RAPI client: Fix SSL error reporting for real · 0d9bc5d2

Michael Hanselmann authored May 12, 2010

My previous patch, commit 857705e8

, helped in one particular
situation where the exception didn't contain any arguments
(pyOpenSSL reporting a WantReadError, which shouldn't occur with a
blocking socket anyway). With this patch, more common and uncommon
errors should be easy to recognize.

SSL errors without any of these patches:
“ganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')]”

SSL errors with both patches:
“ganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')] (<OpenSSL.SSL.Error
instance at 0x…>)”

WantReadError without any of these two patches:
“ganeti.rapi.client.CertificateError: SSL issue: ”

WantReadError with both patches:
“ganeti.rapi.client.CertificateError: SSL issue:
(<OpenSSL.SSL.WantReadError instance at 0x…>)”

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>

0d9bc5d2