Skip to content

Commit

Permalink
[FABC-703] Improved TLS error message
Browse files Browse the repository at this point in the history 
Made the error message clear when using TLS but
the client does not specify server TLS certificate.

Change-Id: I5f072269ced57abd310cdd9b449f625f56c35aa7
Signed-off-by: Saad Karim <skarim@us.ibm.com>
  • Loading branch information
Saad Karim committed Sep 24, 2018
1 parent c1ed308 commit 360f46e
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion lib/server_test.go
View file
Expand Up @@ -2027,7 +2027,7 @@ func TestSRVNewUserRegistryMySQL(t *testing.T) {
csp := util.GetDefaultBCCSP()
_, err := dbutil.NewUserRegistryMySQL(datasource, tlsConfig, csp)
assert.Error(t, err)
assert.Contains(t, err.Error(), "No TLS certificate files were provided")
assert.Contains(t, err.Error(), "No trusted root certificates for TLS were provided")

// Test with with a file that does not exist
tlsConfig = &libtls.ClientTLSConfig{
Expand Down
2 changes: 1 addition & 1 deletion lib/tls/tls.go
View file
Expand Up @@ -96,7 +96,7 @@ func GetClientTLSConfig(cfg *ClientTLSConfig, csp bccsp.BCCSP) (*tls.Config, err
}
rootCAPool := x509.NewCertPool()
if len(cfg.CertFiles) == 0 {
return nil, errors.New("No TLS certificate files were provided")
return nil, errors.New("No trusted root certificates for TLS were provided")
}

for _, cacert := range cfg.CertFiles {
Expand Down
4 changes: 2 additions & 2 deletions lib/tls/tls_test.go
View file
Expand Up @@ -89,7 +89,7 @@ func TestGetClientTLSConfigInvalidArgs(t *testing.T) {
AbsTLSClient(cfg, configDir)
_, err = GetClientTLSConfig(cfg, nil)
assert.Error(t, err)
assert.Contains(t, err.Error(), "No TLS certificate files were provided")
assert.Contains(t, err.Error(), "No trusted root certificates for TLS were provided")

// 3.
cfg = &ClientTLSConfig{
Expand All @@ -114,7 +114,7 @@ func TestGetClientTLSConfigInvalidArgs(t *testing.T) {
}
_, err = GetClientTLSConfig(cfg, nil)
assert.Error(t, err)
assert.Contains(t, err.Error(), "No TLS certificate files were provided")
assert.Contains(t, err.Error(), "No trusted root certificates for TLS were provided")

// 5.
cfg = &ClientTLSConfig{
Expand Down

0 comments on commit 360f46e

Please sign in to comment.