[Twisted-Python] Where to catch ssl error exception?
Suppose I'm the ssl server and a client didn't follow ssl protocol somewhere, I can get an exception like following. The qustion is how can I catch it? Yun 2005/02/23 16:49 EST [HTTPChannel,21907,xx.xxx.xx.x] Traceback (most recent call last): File "/usr/lib/python2.3/site-packages/twisted/python/log.py", line 65, in callWithLogger callWithContext({"system": lp}, func, *args, **kw) File "/usr/lib/python2.3/site-packages/twisted/python/log.py", line 52, in callWithContext return context.call({ILogContext: newCtx}, func, *args, **kw) File "/usr/lib/python2.3/site-packages/twisted/python/context.py", line 43, in callWithContext return func(*args,**kw) File "/usr/lib/python2.3/site-packages/twisted/internet/default.py", line 535, in _doReadOrWrite why = getattr(selectable, method)() --- <exception caught here> --- File "/usr/lib/python2.3/site-packages/twisted/internet/tcp.py", line 98, in doRead return Connection.doRead(self) File "/usr/lib/python2.3/site-packages/twisted/internet/tcp.py", line 239, in doRead data = self.socket.recv(self.bufferSize) OpenSSL.SSL.Error: [('SSL routines', 'SSL23_READ', 'ssl handshake failure')] Yun
On Wed, 23 Feb 2005 17:00:31 -0500 (EST), Yun Mao <maoy@cis.upenn.edu> wrote:
Suppose I'm the ssl server and a client didn't follow ssl protocol somewhere, I can get an exception like following. The qustion is how can I catch it?
Twisted 1.3 doesn't make this easily possible. You could jump through some hoops to notice the SSL.Error with a custom log observer in conjunction with a connectionLost callback. In 2.0, connectionLost will simply be handed an error indicating the SSL problem and nothing will be logged by default. Short of replacing the default log observer entirely with one which does not log SSL errors, there is no way to prevent tracebacks like the one you included from ending up in the log. These tracebacks do not indicate any further problem than the one they describe. That is to say, something has gone wrong on the SSL layer, and the connection is going to be lost no matter what you do; it is unfortunate that the SSL error cannot be silenced, but in logging it, Twisted is indicating nothing more serious than that the connection is about to be lost. If you only need notification of the lost connection, not details regarding the specifics of the SSL failure, connectionLost in 1.3 should already provide you with enough information. Jp
participants (2)
-
Jp Calderone
-
Yun Mao