From 0d9bc5d2a7e7f395b57c98ac7945be6f4767e649 Mon Sep 17 00:00:00 2001
From: Michael Hanselmann <hansmi@google.com>
Date: Wed, 12 May 2010 11:28:38 +0200
Subject: [PATCH] RAPI client: Fix SSL error reporting for real
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
My previous patch, commit 857705e8, helped in one particular
situation where the exception didn't contain any arguments
(pyOpenSSL reporting a WantReadError, which shouldn't occur with a
blocking socket anyway). With this patch, more common and uncommon
errors should be easy to recognize.
SSL errors without any of these patches:
βganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')]β
SSL errors with both patches:
βganeti.rapi.client.CertificateError: SSL issue:
[('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE',
'certificate verify failed')] (<OpenSSL.SSL.Error
instance at 0xβ¦>)β
WantReadError without any of these two patches:
βganeti.rapi.client.CertificateError: SSL issue: β
WantReadError with both patches:
βganeti.rapi.client.CertificateError: SSL issue:
(<OpenSSL.SSL.WantReadError instance at 0xβ¦>)β
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
---
lib/rapi/client.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/rapi/client.py b/lib/rapi/client.py
index ce1ba1146..9cf45707b 100644
--- a/lib/rapi/client.py
+++ b/lib/rapi/client.py
@@ -403,7 +403,7 @@ class GanetiRapiClient(object):
resp = self._http.open(req)
encoded_response_content = resp.read()
except (OpenSSL.SSL.Error, OpenSSL.crypto.Error), err:
- raise CertificateError("SSL issue: %r" % err)
+ raise CertificateError("SSL issue: %s (%r)" % (err, err))
if encoded_response_content:
response_content = simplejson.loads(encoded_response_content)
--
GitLab