From Dan Kenigsberg <>:

Dan Kenigsberg has submitted this change and it was merged. ( )

Change subject: ssl: handle handshake errors

ssl: handle handshake errors

There are two possible errors (sslerror and socket.error) which are
raised during ssl handshake that need to be handled. We do not want
to see unhandled error backtraces in the logs which could easily
generate enourmos amount of logs when malicious client exploit it.
We log now only the occurence of the error and the offending IP address
that caused the error.

We fix the issue by handling both errors and cleanly closing file

Change-Id: I99cfa35e608f429640455c35495be1783854e3da
Signed-off-by: Piotr Kliczewski <>
Signed-off-by: Irit Goihman <>
M lib/vdsm/
1 file changed, 6 insertions(+), 1 deletion(-)

  Martin Peřina: Looks good to me, but someone else must approve
  Yaniv Bronhaim: Looks good to me, but someone else must approve
  Jenkins CI: Passed CI tests
  Irit Goihman: Verified
  Dan Kenigsberg: Looks good to me, approved

To view, visit
To unsubscribe, visit

Gerrit-MessageType: merged
Gerrit-Change-Id: I99cfa35e608f429640455c35495be1783854e3da
Gerrit-PatchSet: 10
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Piotr Kliczewski <>
Gerrit-Reviewer: Dan Kenigsberg <>
Gerrit-Reviewer: Francesco Romani <>
Gerrit-Reviewer: Irit Goihman <>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Martin Peřina <>
Gerrit-Reviewer: Oved Ourfali <>
Gerrit-Reviewer: Piotr Kliczewski <>
Gerrit-Reviewer: Yaniv Bronhaim <>
Gerrit-Reviewer: gerrit-hooks <>
vdsm-patches mailing list --
To unsubscribe send an email to

Reply via email to