improved source/tls error reporting (#888)

shotover · Oct 31, 2022 · bc3ce73 · bc3ce73
1 parent 5959371
commit bc3ce73
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 3 deletions.
diff --git a/shotover-proxy/src/config/topology.rs b/shotover-proxy/src/config/topology.rs
@@ -70,7 +70,10 @@ impl Topology {
                     sources_list.append(
                         &mut source_config
                             .get_source(chain, trigger_shutdown_rx.clone())
-                            .await?,
+                            .await
+                            .map_err(|e| {
+                                e.context(format!("Failed to initialize source {source_name}"))
+                            })?,
                     );
                 } else {
                     return Err(anyhow!("Could not find the [{}] chain from \

diff --git a/shotover-proxy/src/server.rs b/shotover-proxy/src/server.rs
@@ -266,8 +266,11 @@ impl<C: Codec + 'static> TcpCodecListener<C> {
         {
             Ok(_) => info!("source {} was shutdown", self.source_name),
             Err(e) => error!(
-                "source {} encountered an error when flushing the chain for shutdown: {}",
-                self.source_name, e
+                "{:?}",
+                e.context(format!(
+                    "source {} encountered an error when flushing the chain for shutdown",
+                    self.source_name,
+                ))
             ),
         }
     }

diff --git a/shotover-proxy/src/tls.rs b/shotover-proxy/src/tls.rs
@@ -2,6 +2,7 @@ use anyhow::{anyhow, Result};
 use openssl::ssl::Ssl;
 use openssl::ssl::{SslAcceptor, SslConnector, SslFiletype, SslMethod};
 use serde::{Deserialize, Serialize};
+use std::path::Path;
 use std::pin::Pin;
 use std::sync::Arc;
 use tokio::io::{AsyncRead, AsyncWrite};
@@ -23,8 +24,26 @@ pub struct TlsAcceptor {
     acceptor: Arc<SslAcceptor>,
 }
 
+pub fn check_file_field(field_name: &str, file_path: &str) -> Result<()> {
+    if Path::new(file_path).exists() {
+        Ok(())
+    } else {
+        Err(anyhow!(
+            "configured {field_name} does not exist '{file_path}'"
+        ))
+    }
+}
+
 impl TlsAcceptor {
     pub fn new(tls_config: TlsAcceptorConfig) -> Result<TlsAcceptor> {
+        // openssl's errors are really bad so we do our own checks so we can provide reasonable errors
+        check_file_field(
+            "certificate_authority_path",
+            &tls_config.certificate_authority_path,
+        )?;
+        check_file_field("private_key_path", &tls_config.private_key_path)?;
+        check_file_field("certificate_path", &tls_config.certificate_path)?;
+
         let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls())?;
         builder.set_ca_file(tls_config.certificate_authority_path)?;
         builder.set_private_key_file(tls_config.private_key_path, SslFiletype::PEM)?;
@@ -65,14 +84,20 @@ pub struct TlsConnector {
 
 impl TlsConnector {
     pub fn new(tls_config: TlsConnectorConfig) -> Result<TlsConnector> {
+        check_file_field(
+            "certificate_authority_path",
+            &tls_config.certificate_authority_path,
+        )?;
         let mut builder = SslConnector::builder(SslMethod::tls())?;
         builder.set_ca_file(tls_config.certificate_authority_path)?;
 
         if let Some(private_key_path) = tls_config.private_key_path {
+            check_file_field("private_key_path", &private_key_path)?;
             builder.set_private_key_file(private_key_path, SslFiletype::PEM)?;
         }
 
         if let Some(certificate_path) = tls_config.certificate_path {
+            check_file_field("certificate_path", &certificate_path)?;
             builder.set_certificate_chain_file(certificate_path)?;
         }