Resubmit: Be quieter about remote hosts with invalid SSL certs (#595)

This commit is contained in:
Osma Ahvenlampi 2023-07-12 18:51:08 +03:00 committed by GitHub
parent 5549d21528
commit b2a9b334be
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 1 deletions

View file

@ -1,5 +1,6 @@
import base64 import base64
import json import json
from ssl import SSLCertVerificationError, SSLError
from typing import Literal, TypedDict, cast from typing import Literal, TypedDict, cast
from urllib.parse import urlparse from urllib.parse import urlparse
@ -249,6 +250,10 @@ class HttpSignature:
content=body_bytes, content=body_bytes,
follow_redirects=method == "get", follow_redirects=method == "get",
) )
except SSLError as invalid_cert:
# Not our problem if the other end doesn't have proper SSL
print(f"{uri} {invalid_cert}")
raise SSLCertVerificationError(invalid_cert) from invalid_cert
except InvalidCodepoint as ex: except InvalidCodepoint as ex:
# Convert to a more generic error we handle # Convert to a more generic error we handle
raise httpx.HTTPError(f"InvalidCodepoint: {str(ex)}") from None raise httpx.HTTPError(f"InvalidCodepoint: {str(ex)}") from None

View file

@ -175,7 +175,7 @@ class Domain(StatorModel):
) )
except httpx.HTTPError: except httpx.HTTPError:
pass pass
except ssl.SSLCertVerificationError: except (ssl.SSLCertVerificationError, ssl.SSLError):
return None return None
else: else:
try: try: