(
vm: &VirtualMachine,
e: impl std::borrow::Borrow<ssl::Error>,
)
| 3873 | } |
| 3874 | #[track_caller] |
| 3875 | fn convert_ssl_error( |
| 3876 | vm: &VirtualMachine, |
| 3877 | e: impl std::borrow::Borrow<ssl::Error>, |
| 3878 | ) -> PyBaseExceptionRef { |
| 3879 | let e = e.borrow(); |
| 3880 | let (cls, msg) = match e.code() { |
| 3881 | ssl::ErrorCode::WANT_READ => { |
| 3882 | return create_ssl_want_read_error(vm).upcast(); |
| 3883 | } |
| 3884 | ssl::ErrorCode::WANT_WRITE => { |
| 3885 | return create_ssl_want_write_error(vm).upcast(); |
| 3886 | } |
| 3887 | ssl::ErrorCode::SYSCALL => match e.io_error() { |
| 3888 | Some(io_err) => return io_err.to_pyexception(vm), |
| 3889 | // When no I/O error and OpenSSL error queue is empty, |
| 3890 | // this is an EOF in violation of protocol -> SSLEOFError |
| 3891 | None => { |
| 3892 | return create_ssl_eof_error(vm).upcast(); |
| 3893 | } |
| 3894 | }, |
| 3895 | ssl::ErrorCode::SSL => { |
| 3896 | // Check for OpenSSL 3.0 SSL_R_UNEXPECTED_EOF_WHILE_READING |
| 3897 | if let Some(ssl_err) = e.ssl_error() { |
| 3898 | // In OpenSSL 3.0+, unexpected EOF is reported as SSL_ERROR_SSL |
| 3899 | // with this specific reason code instead of SSL_ERROR_SYSCALL |
| 3900 | unsafe { |
| 3901 | let err_code = sys::ERR_peek_last_error(); |
| 3902 | let reason = sys::ERR_GET_REASON(err_code); |
| 3903 | let lib = sys::ERR_GET_LIB(err_code); |
| 3904 | if lib == ERR_LIB_SSL && reason == SSL_R_UNEXPECTED_EOF_WHILE_READING { |
| 3905 | return create_ssl_eof_error(vm).upcast(); |
| 3906 | } |
| 3907 | } |
| 3908 | return convert_openssl_error(vm, ssl_err.clone()); |
| 3909 | } |
| 3910 | ( |
| 3911 | PySSLError::class(&vm.ctx).to_owned(), |
| 3912 | "A failure in the SSL library occurred", |
| 3913 | ) |
| 3914 | } |
| 3915 | _ => ( |
| 3916 | PySSLError::class(&vm.ctx).to_owned(), |
| 3917 | "A failure in the SSL library occurred", |
| 3918 | ), |
| 3919 | }; |
| 3920 | vm.new_os_subtype_error(cls, None, msg).upcast() |
| 3921 | } |
| 3922 | |
| 3923 | // SSL_FILETYPE_ASN1 part of _add_ca_certs in CPython |
| 3924 | fn x509_stack_from_der(der: &[u8]) -> Result<Vec<X509>, ErrorStack> { |
no test coverage detected