txaws-dev team mailing list archive
-
txaws-dev team
-
Mailing list archive
-
Message #00124
[Merge] lp:~chihchun/txaws/txaws-lp1050741 into lp:txaws
Rex Tsai has proposed merging lp:~chihchun/txaws/txaws-lp1050741 into lp:txaws.
Requested reviews:
txAWS Committers (txaws-dev)
For more details, see:
https://code.launchpad.net/~chihchun/txaws/txaws-lp1050741/+merge/130777
Improved handling broken PEM files from /etc/ssh/certs
--
https://code.launchpad.net/~chihchun/txaws/txaws-lp1050741/+merge/130777
Your team txAWS Committers is requested to review the proposed merge of lp:~chihchun/txaws/txaws-lp1050741 into lp:txaws.
=== modified file 'txaws/client/ssl.py'
--- txaws/client/ssl.py 2012-01-26 23:05:01 +0000
+++ txaws/client/ssl.py 2012-10-22 11:17:23 +0000
@@ -4,7 +4,7 @@
import sys
from OpenSSL import SSL
-from OpenSSL.crypto import load_certificate, FILETYPE_PEM
+from OpenSSL.crypto import load_certificate, FILETYPE_PEM, Error
from twisted.internet.ssl import CertificateOptions
@@ -107,10 +107,14 @@
cert_file = open(cert_file_name)
data = cert_file.read()
cert_file.close()
- x509 = load_certificate(FILETYPE_PEM, data)
- digest = x509.digest("sha1")
- # Now, de-duplicate in case the same cert has multiple names.
- certificate_authority_map[digest] = x509
+ try:
+ x509 = load_certificate(FILETYPE_PEM, data)
+ digest = x509.digest("sha1")
+ # Now, de-duplicate in case the same cert has multiple names.
+ certificate_authority_map[digest] = x509
+ except Error:
+ # ignore broken PEM file.
+ continue
values = certificate_authority_map.values()
if len(values) == 0:
raise exception.CertsNotFoundError("Could not find any .pem files.")
Follow ups