New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mgr/dashboard: Updating the inbuilt ssl providers error #38484
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM except my comment.
_block_errors = ('unknown protocol', 'unknown error', | ||
'unknown ca', 'unknown_ca', | ||
'inappropriate fallback', 'https proxy request', | ||
'wrong version number', 'bad_certificate', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where does bad_certificate
come from? I can't find it in https://github.com/cherrypy/cheroot/blob/master/cheroot/ssl/builtin.py.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added it there, i don't know if its a valid one but I am seeing bad certificate error in downstream. So I thought this will fix that issue too. @votdev
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nizamial09 could you reorder these errors to align with _block_errors
in upstream? if you believe that 'bad_certificate'
should be added as well, could you please create a dedicated commit for adding it, and make sure it is reproducible and upstream it to https://github.com/cherrypy/cheroot ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay. I'll check if its reproducible in upstream and create a PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reproducible in upstream. The error was actually sslv3 alert bad certificate
. Updated this PR.
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:897)
Fixes: https://tracker.ceph.com/issues/48490 Signed-off-by: Nizamudeen A <nia@redhat.com>
b6d166b
to
89e8077
Compare
89e8077
to
cd687b6
Compare
…iders error upstream tracked in cherrypy/cheroot#348 Fixes: https://tracker.ceph.com/issues/48490 Signed-off-by: Nizamudeen A <nia@redhat.com>
cd687b6
to
4cbe89f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm
jenkins test make check |
jenkins test dashboard |
jenkins test make check |
Updating the inbuilt ssl providers error according to the upstream changes.
https://github.com/cherrypy/cheroot/blob/master/cheroot/ssl/builtin.py#L303
Fixes: https://tracker.ceph.com/issues/48490
Signed-off-by: Nizamudeen A nia@redhat.com
Checklist
Show available Jenkins commands
jenkins retest this please
jenkins test classic perf
jenkins test crimson perf
jenkins test signed
jenkins test make check
jenkins test make check arm64
jenkins test submodules
jenkins test dashboard
jenkins test api
jenkins test docs
jenkins render docs
jenkins test ceph-volume all
jenkins test ceph-volume tox