Commit 2b0d5043 authored by Jérome Perrin's avatar Jérome Perrin Committed by Julien Muchembled

x509: gracefully handle ENOMEM when running openssl

prevent this kind of errors when running openssl fail:

```
10-12-2018 19:04:02 ERROR     AttributeError: 'NoneType' object has no attribute 'splitlines'
Traceback (most recent call last):
  File "/opt/re6st/eggs/re6stnet-0.513-py2.7.egg/re6st/cli/node.py", line 428, in main
    s(*args)
  File "/opt/re6st/eggs/re6stnet-0.513-py2.7.egg/re6st/utils.py", line 191, in select
    R[r]()
  File "/opt/re6st/eggs/re6stnet-0.513-py2.7.egg/re6st/tunnel.py", line 399, in handlePeerEvent
    True, crypto.FILETYPE_ASN1)
  File "/opt/re6st/eggs/re6stnet-0.513-py2.7.egg/re6st/x509.py", line 136, in loadVerify
    for x in err.splitlines():
```

/reviewed-on nexedi/re6stnet!6
parent 61ca38b5
...@@ -130,6 +130,9 @@ class Cert(object): ...@@ -130,6 +130,9 @@ class Cert(object):
p = openssl('verify', '-CAfile', self.ca_path) p = openssl('verify', '-CAfile', self.ca_path)
out, err = p.communicate(cert) out, err = p.communicate(cert)
if p.returncode or strict: if p.returncode or strict:
if err is None: # utils.Popen failed with ENOMEM
raise VerifyError(None, None,
"error running openssl, assuming cert is invalid")
# BBB: With old versions of openssl, detailed # BBB: With old versions of openssl, detailed
# error is printed to standard output. # error is printed to standard output.
for err in err, out: for err in err, out:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment