]> git.apps.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5435ed6)
mgr/dashboard: Updating the inbuilt ssl providers error
authorNizamudeen A <nia@redhat.com>
Tue, 8 Dec 2020 10:22:46 +0000 (15:52 +0530)
committerNizamudeen A <nia@redhat.com>
Tue, 8 Dec 2020 14:35:06 +0000 (20:05 +0530)
Fixes: https://tracker.ceph.com/issues/48490
Signed-off-by: Nizamudeen A <nia@redhat.com>
src/pybind/mgr/dashboard/cherrypy_backports.py patch | blob | history

diff --git a/src/pybind/mgr/dashboard/cherrypy_backports.py b/src/pybind/mgr/dashboard/cherrypy_backports.py
index 4d2a2cb05c30cefa529b617dec712f7496d37bf9..d97c6de8482b0342b4105ca0b56f0cd067d1243d 100644 (file)
--- a/src/pybind/mgr/dashboard/cherrypy_backports.py
+++ b/src/pybind/mgr/dashboard/cherrypy_backports.py
@@ -94,11 +94,16 @@ def accept_exceptions_from_builtin_ssl(v):
                         # Check if it's one of the known errors
                         # Errors that are caught by PyOpenSSL, but thrown by
                         # built-in ssl
-                        _block_errors = ('unknown protocol', 'unknown ca',
-                                         'unknown_ca', 'inappropriate fallback',
+                        _block_errors = ('unknown protocol', 'unknown ca', 'unknown_ca',
+                                         'unknown error',
+                                         'https proxy request', 'inappropriate fallback',
                                          'wrong version number',
                                          'no shared cipher', 'certificate unknown',
-                                         'ccs received early')
+                                         'ccs received early',
+                                         'certificate verify failed',  # client cert w/o trusted CA
+                                         'version too low',  # caused by SSL3 connections
+                                         'unsupported protocol',  # caused by TLS1 connections
+                                        )
                         for error_text in _block_errors:
                             if error_text in e.args[1].lower():
                                 # Accepted error, let's pass
Unnamed repository; edit this file 'description' to name the repository.