Skip to content
Browse files

15924 - Ambiguous error if client cert on nodes is empty

In the past the SSL class could raise an ambiguous error if
a key file is present but empty.

An error message will now be logged stating which key file
is empty.
  • Loading branch information...
1 parent e0bcd0b commit 6f2a8835c8fae4adbc98780775c765b4120c8846 @ploubser ploubser committed with ripienaar Sep 6, 2012
Showing with 9 additions and 0 deletions.
  1. +1 −0 lib/mcollective/ssl.rb
  2. +8 −0 spec/unit/ssl_spec.rb
1 lib/mcollective/ssl.rb
@@ -243,6 +243,7 @@ def read_key(type, key=nil, passphrase=nil)
return key if key.nil?
raise "Could not find key #{key}" unless File.exist?(key)
+ raise "#{type} key file '#{key}' is empty" if
if type == :public
8 spec/unit/ssl_spec.rb
@@ -82,6 +82,14 @@ module MCollective
}.to raise_error("Could not find key /nonexisting")
+ it "should fail on existing, empty files" do
+ File.expects(:exist?).with('key').returns(true)
+ File.expects(:zero?).with('key').returns(true)
+ expect{
+ @ssl.read_key(:public, 'key')
+ }.to raise_error("public key file 'key' is empty")
+ end
it "should fail on unknown key types" do
expect {
@ssl.read_key(:unknown, @ssl.public_key_file)

0 comments on commit 6f2a883

Please sign in to comment.
Something went wrong with that request. Please try again.