Try for slightly less insane handling of cert errors during TLS accept.

svn path=/rpkid/rpki/https.py; revision=3131
author: Rob Austein <sra@hactrn.net> 2010-03-23 02:53:04 +0000
committer: Rob Austein <sra@hactrn.net> 2010-03-23 02:53:04 +0000
commit: ce9ed920c7e3a47f0dd35b64d91d3142b1371173 (patch)
tree: 7dfdcdf0f766d7970979596508638f29d8d947d8
parent: 831b35b6e5ff5e087341ab35fb5aa473fb935032 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/rpkid/rpki/https.py b/rpkid/rpki/https.py
index 3a91dccc..d969fb54 100644
--- a/rpkid/rpki/https.py
+++ b/rpkid/rpki/https.py
@@ -433,7 +433,14 @@ class http_server(http_stream):
     except POW.SSLUnexpectedEOFError:
       self.log("SSLUnexpectedEOF in tls_accept()")
       self.close(force = True)
-
+    except POW.SSLErrorSSLError, e:
+      if "\n" in e:
+        for line in str(e).splitlines():
+          rpki.log.error(line)
+        raise POW.SSLErrorSSLError, "TLS certificate problem, most likely"
+      else:
+        raise
+    
   def handle_no_content_length(self):
     self.handle_message()
author	Rob Austein <sra@hactrn.net>	2010-03-23 02:53:04 +0000
committer	Rob Austein <sra@hactrn.net>	2010-03-23 02:53:04 +0000
commit	ce9ed920c7e3a47f0dd35b64d91d3142b1371173 (patch)
tree	7dfdcdf0f766d7970979596508638f29d8d947d8
parent	831b35b6e5ff5e087341ab35fb5aa473fb935032 (diff)