diff options
| author | William Woodruff <william@yossarian.net> | 2022-07-07 16:09:16 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-07 15:09:16 -0500 |
| commit | 65ca53a7a06a7c78c1749200a6b3a007e47d3214 (patch) | |
| tree | ee398b2d7cb228deee32fa892ec28e14f4bffb85 /src/OpenSSL | |
| parent | 02db1a024d04cf6669670f773fd6c5d3a7275626 (diff) | |
| download | pyopenssl-65ca53a7a06a7c78c1749200a6b3a007e47d3214.tar.gz | |
Make `X509StoreContextError`'s message friendlier (#1133)
* OpenSSL/crypto: make X509StoreContextError's message friendlier
Closes #1132.
Signed-off-by: William Woodruff <william@trailofbits.com>
* tests: update exception tests
Signed-off-by: William Woodruff <william@trailofbits.com>
* OpenSSL/crypto: blacken
Signed-off-by: William Woodruff <william@trailofbits.com>
* CHANGELOG: record changes
Signed-off-by: William Woodruff <william@trailofbits.com>
Diffstat (limited to 'src/OpenSSL')
| -rw-r--r-- | src/OpenSSL/crypto.py | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index d6ef67e..6f034d0 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -1776,8 +1776,11 @@ class X509StoreContextError(Exception): :type certificate: :class:`X509` """ - def __init__(self, message: Any, certificate: X509) -> None: + def __init__( + self, message: str, errors: List[Any], certificate: X509 + ) -> None: super(X509StoreContextError, self).__init__(message) + self.errors = errors self.certificate = certificate @@ -1878,21 +1881,22 @@ class X509StoreContext: When a call to native OpenSSL X509_verify_cert fails, additional information about the failure can be obtained from the store context. """ + message = _ffi.string( + _lib.X509_verify_cert_error_string( + _lib.X509_STORE_CTX_get_error(self._store_ctx) + ) + ).decode("utf-8") errors = [ _lib.X509_STORE_CTX_get_error(self._store_ctx), _lib.X509_STORE_CTX_get_error_depth(self._store_ctx), - _ffi.string( - _lib.X509_verify_cert_error_string( - _lib.X509_STORE_CTX_get_error(self._store_ctx) - ) - ).decode("utf-8"), + message, ] # A context error should always be associated with a certificate, so we # expect this call to never return :class:`None`. _x509 = _lib.X509_STORE_CTX_get_current_cert(self._store_ctx) _cert = _lib.X509_dup(_x509) pycert = X509._from_raw_x509_ptr(_cert) - return X509StoreContextError(errors, pycert) + return X509StoreContextError(message, errors, pycert) def set_store(self, store: X509Store) -> None: """ |