Home Explore Help
Sign In
zorun
/
kea
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[2595] Make certificate error non-fatal

Jelte Jansen 12 years ago
parent
d4d5c0ee65
commit
0f4eb55137
3 changed files with 5 additions and 19 deletions
Split View Show Diff Stats
  1. 4 12
      src/bin/cmdctl/cmdctl.py.in
  2. 0 4
      src/bin/cmdctl/cmdctl_messages.mes
  3. 1 3
      src/bin/cmdctl/tests/cmdctl_test.py

+ 4 - 12
src/bin/cmdctl/cmdctl.py.in
View File 

@@ -82,13 +82,6 @@ SPECFILE_LOCATION = SPECFILE_PATH + os.sep + "cmdctl.spec"
 
 class CmdctlException(Exception):
 
     pass
 
 
-class CmdctlFatalException(Exception):
 
-    """
 
-    Exception for fatal errors, which should not be caught anywhere but on
 
-    the highest level.
 
-    """
 
-    pass
 
-
 
 def check_file(file_name):
 
     # TODO: Check contents of certificate file
 
     if not os.path.exists(file_name):
 
@@ -561,9 +554,10 @@ class SecureHTTPServer(socketserver_mixin.NoPollMixIn,
 
             self.close_request(sock)
 
             # raise socket error to finish the request
 
             raise socket.error
 
-        except CmdctlException as cce:
 
-            logger.fatal(CMDCTL_SSL_SETUP_FAILURE_READING_CERT, cce)
 
-            raise CmdctlFatalException("Unable to accept SSL connections")
 
+        except (CmdctlException, IOError) as cce:
 
+            logger.error(CMDCTL_SSL_SETUP_FAILURE_READING_CERT, cce)
 
+            # raise socket error to finish the request
 
+            raise socket.error
 
 
     def get_request(self):
 
         '''Get client request socket and wrap it in SSL context. '''
 
@@ -652,8 +646,6 @@ if __name__ == '__main__':
 
         logger.info(CMDCTL_STOPPED_BY_KEYBOARD)
 
     except CmdctlException as err:
 
         logger.fatal(CMDCTL_UNCAUGHT_EXCEPTION, err);
 
-    except CmdctlFatalException as fe:
 
-        logger.fatal(CMDCTL_FATAL_EXCEPTION, fe)
 
 
     if httpd:
 
         httpd.shutdown()

+ 0 - 4
src/bin/cmdctl/cmdctl_messages.mes
View File 

@@ -43,9 +43,6 @@ specific error is printed in the message.
 
 This debug message indicates that the given command has been sent to
 
 the given module.
 
 
-% CMDCTL_FATAL_EXCEPTION A fatal error occured: %1
 
-While running, b10-cmdctl encountered a fatal exception and it will shut down
 
-
 
 % CMDCTL_NO_SUCH_USER username not found in user database: %1
 
 A login attempt was made to b10-cmdctl, but the username was not known.
 
 Users can be added with the tool b10-cmdctl-usermgr.
 
@@ -64,7 +61,6 @@ the given module.
 
 % CMDCTL_SSL_SETUP_FAILURE_READING_CERT failed to read certificate or key: %1
 
 The b10-cmdctl daemon is unable to read either the certificate file or
 
 the private key file, and is therefore unable to accept any SSL connections.
 
-This is a fatal error, as b10-cmdctl cannot be of any use in this state.
 
 The specific error is printed in the message.
 
 The administrator should solve the issue with the files, or recreate them
 
 with the b10-certgen tool.

+ 1 - 3
src/bin/cmdctl/tests/cmdctl_test.py
View File 

@@ -513,9 +513,7 @@ class TestSecureHTTPServer(unittest.TestCase):
 
     def test_wrap_sock_in_ssl_context(self):
 
         sock = socket.socket()
 
 
-        # Test exception is Fatal here (all specific cases are tested
 
-        # in test_check_key_and_cert())
 
-        self.assertRaises(CmdctlFatalException,
 
+        self.assertRaises(socket.error,
 
                           self.server._wrap_socket_in_ssl_context,
 
                           sock,
 
                           'no_such_file', 'no_such_file')