(#15595) Offer better errors for certificate validation errors
e7b30496726fUnpublished
Actions

Unpublished Commit · Learn More

Repository Importing: This repository is still importing.

Description

(#15595) Offer better errors for certificate validation errors

The verify_callback callback gets an OpenSSL::SSL::SSLContext for each
certificate in the chain that's verified. If the verification failed,
then SSL provides a nice error to the callback, but that error doesn't
appear in the subsequent OpenSSL::SSL::SSLError.

This patch uses a technique similar to that used for peer_certs to
collect those errors and then add them to the Puppet::Error message
later.

Remove the guess at the error (time sync).

Details

Provenance

Dustin J. Mitchell <dustin@mozilla.com>	Authored on
Andrew Parker <andy@puppetlabs.com>	Committed on Jul 25 2012, 11:03 PM
vanmeeuwen	Pushed on Jun 2 2015, 2:22 PM

Parents

rPUc0a0a45c010c: tidy.rb: Added info about the default value of 'type' to the doc.

Branches

Unknown

Tags

Unknown

Event Timeline

Andrew Parker <andy@puppetlabs.com> committed rPUe7b30496726f: (#15595) Offer better errors for certificate validation errors (authored by Dustin J. Mitchell <dustin@mozilla.com>).Jul 25 2012, 11:03 PM

Changes (2)

Path

Size

lib/

puppet/

indirector/

rest.rb

spec/

unit/

indirector/

rest_spec.rb

rPUe7b30496726f

View Options

lib/puppet/indirector/rest.rb