Ken Dreyer created PROTON-2465:
----------------------------------
Summary: SSLDomain raises SSLException with no more information
Key: PROTON-2465
URL: https://issues.apache.org/jira/browse/PROTON-2465
Project: Qpid Proton
Issue Type: New Feature
Reporter: Ken Dreyer
When methods fail in the {{proton.SSLDomain}} class, it's not possible to get
more debugging information to the user about what went wrong.
Sample code:
{noformat}
from proton import SSLDomain
ssl = SSLDomain(SSLDomain.MODE_CLIENT)
ssl.set_credentials('/home/user/user.crt', '/home/user/user.key', None)
{noformat}
If "{{{}user.crt{}}}" or "{{{}user.key{}}}" are unreadable (ie bad filesystem
permissions, or SELinux denials, etc), then {{set_credentials()}} fails with a
simple error:
{noformat}
proton._exceptions.SSLException: SSL failure.
{noformat}
There's nothing like ENOENT, EPERM, or anything else from openssl, or any other
information.
Looking at {{pn_ssl_domain_set_credentials()}} in
[c/src/ssl/openssl.c|https://github.com/apache/qpid-proton/blob/main/c/src/ssl/openssl.c],
two ideas occur to me:
# This method already logs helpful messages with {{{}ssl_log_error(){}}}. Is
there any way to access those messages with Python?
# This method returns bare ints for errors ({{{}-3{}}}, {{{}-4{}}}, etc). Is
there any code to translate those error numbers into other values in Python?
Would I have to write that myself? Where?
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
