Change in vdsm[master]: Raise a proper error message in vdsClient.py if no permissio...

Wed, 13 Jun 2012 02:16:49 -0700 

Dan Kenigsberg has submitted this change and it was merged.

Change subject: Raise a proper error message in vdsClient.py if no permission 
to read key files
......................................................................


Raise a proper error message in vdsClient.py if no permission to read key files

Currently, there is no permission check to read key files when ssl is
enabled, which maybe cause puzzling error. For example, when a
non-privileged user runs "vdsClient -s 0 getVdsCaps", there will be
as following error:

$ vdsClient -s 0 getVdsCaps
Traceback (most recent call last):
  File "/usr/share/vdsm/vdsClient.py", line 2275, in <module>
    code, message = commands[command][0](commandArgs)

  ...

  File "/usr/lib/python2.7/site-packages/vdsm/SecureXMLRPCServer.py", line 98, 
in connect
    cert_reqs=self.cert_reqs)
  File "/usr/lib64/python2.7/ssl.py", line 381, in wrap_socket
    ciphers=ciphers)
  File "/usr/lib64/python2.7/ssl.py", line 141, in __init__
    ciphers)
SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 certificate 
routines:X509_load_cert_crl_file:system lib

When ssl is enabled, this patch will first check the permission to read
key files, and then raise a proper error message if there is no read access
to them.

Change-Id: I59b983d31a08bc657abdcba85f2f033900338055
Signed-off-by: Wenyi Gao <[email protected]>
---
M vdsm_cli/vdscli.py.in
1 file changed, 4 insertions(+), 0 deletions(-)

Approvals:
  Wenyi Gao: Verified
  Dan Kenigsberg: Looks good to me, approved


--
To view, visit http://gerrit.ovirt.org/5156
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I59b983d31a08bc657abdcba85f2f033900338055
Gerrit-PatchSet: 3
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Wenyi Gao <[email protected]>
Gerrit-Reviewer: Adam Litke <[email protected]>
Gerrit-Reviewer: Dan Kenigsberg <[email protected]>
Gerrit-Reviewer: Itamar Heim <[email protected]>
Gerrit-Reviewer: Wenyi Gao <[email protected]>
_______________________________________________
vdsm-patches mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/vdsm-patches

Reply via email to