Commit 0d9bc5d2 authored by Michael Hanselmann's avatar Michael Hanselmann
Browse files

RAPI client: Fix SSL error reporting for real

My previous patch, commit 857705e8

, helped in one particular
situation where the exception didn't contain any arguments
(pyOpenSSL reporting a WantReadError, which shouldn't occur with a
blocking socket anyway). With this patch, more common and uncommon
errors should be easy to recognize.

SSL errors without any of these patches:
“ganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')]”

SSL errors with both patches:
“ganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')] (<OpenSSL.SSL.Error
instance at 0x…>)”

WantReadError without any of these two patches:
“ganeti.rapi.client.CertificateError: SSL issue: ”

WantReadError with both patches:
“ganeti.rapi.client.CertificateError: SSL issue:
(<OpenSSL.SSL.WantReadError instance at 0x…>)”
Signed-off-by: default avatarMichael Hanselmann <hansmi@google.com>
Reviewed-by: default avatarIustin Pop <iustin@google.com>
parent 857705e8
......@@ -403,7 +403,7 @@ class GanetiRapiClient(object):
resp = self._http.open(req)
encoded_response_content = resp.read()
except (OpenSSL.SSL.Error, OpenSSL.crypto.Error), err:
raise CertificateError("SSL issue: %r" % err)
raise CertificateError("SSL issue: %s (%r)" % (err, err))
if encoded_response_content:
response_content = simplejson.loads(encoded_response_content)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment