1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Add additional information to the get_url SSL failure message. (#20025)

When get_url or other functions receive an SSL failure it prints a
standard message regardless of the failure. Include the actual OpenSSL
message in the error message so alternative failures can be debugged.

Closes: #20024
This commit is contained in:
Jamie Lennox 2017-01-11 03:22:43 +11:00 committed by Toshio Kuratomi
parent 8ae29a5a80
commit 0533b3d639

View file

@ -528,7 +528,7 @@ def RedirectHandlerFactory(follow_redirects=None, validate_certs=True):
return RedirectHandler
def build_ssl_validation_error(hostname, port, paths):
def build_ssl_validation_error(hostname, port, paths, exc=None):
'''Inteligently build out the SSLValidationError based on what support
you have installed
'''
@ -550,7 +550,10 @@ def build_ssl_validation_error(hostname, port, paths):
msg.append('You can use validate_certs=False if you do'
' not need to confirm the servers identity but this is'
' unsafe and not recommended.'
' Paths checked for this platform: %s')
' Paths checked for this platform: %s.')
if exc:
msg.append('The exception msg was: %s.' % to_native(exc))
raise SSLValidationError(' '.join(msg) % (hostname, port, ", ".join(paths)))
@ -722,7 +725,8 @@ class SSLValidationHandler(urllib_request.BaseHandler):
#ssl_s.unwrap()
s.close()
except (ssl.SSLError, CertificateError):
build_ssl_validation_error(self.hostname, self.port, paths_checked)
e = get_exception()
build_ssl_validation_error(self.hostname, self.port, paths_checked, e)
except socket.error:
e = get_exception()
raise ConnectionError('Failed to connect to %s at port %s: %s' % (self.hostname, self.port, to_native(e)))