log the internal error message from *SSL when the cert and private key doesn't match#14023
Merged
ggreenway merged 2 commits intoenvoyproxy:masterfrom Nov 16, 2020
qudongfang:better_error_msg_on_tls_cert_key_mismatch
Merged
log the internal error message from *SSL when the cert and private key doesn't match#14023ggreenway merged 2 commits intoenvoyproxy:masterfrom qudongfang:better_error_msg_on_tls_cert_key_mismatch
ggreenway merged 2 commits intoenvoyproxy:masterfrom
qudongfang:better_error_msg_on_tls_cert_key_mismatch
Conversation
|
Hi @qudongfang, welcome and thank you for your contribution. We will try to review your Pull Request as quickly as possible. In the meantime, please take a look at the contribution guidelines if you have not done so already. |
…ivate doesn't match. Signed-off-by: Dongfang Qu <qudongfang@gmail.com>
PiotrSikora
reviewed
Nov 13, 2020
| absl::StrCat("Failed to load private key from ", tls_certificate.privateKeyPath())); | ||
| throw EnvoyException(fmt::format("Failed to load private key from {}, Cause: {}", | ||
| tls_certificate.privateKeyPath(), | ||
| Utility::getLastCryptoError().value_or("not found"))); |
Contributor
There was a problem hiding this comment.
"not found" here is misleading, since it sounds like file was not found.
Contributor
Author
There was a problem hiding this comment.
Yeah, I think you're right.
Does Unknown sound sane to you?
Contributor
There was a problem hiding this comment.
"unknown" sounds fine, but all other uses of Utility::getLastCryptoError() in this file use .value_or("").
I'm fine with either.
Contributor
Author
There was a problem hiding this comment.
Cool, I updated it.
At the same time, I noticed that there're a few other places that we haven't checked the internal error messages.
I'd like to help if you think it's nice to have them.
Signed-off-by: Dongfang Qu <qudongfang@gmail.com>
ggreenway
approved these changes
Nov 13, 2020
Member
ggreenway
left a comment
There was a problem hiding this comment.
LGTM. Thanks! I always like improving error reporting.
Contributor
Author
|
/retest |
|
Retrying Azure Pipelines: |
mpuncel
added a commit
to mpuncel/envoy
that referenced
this pull request
Nov 18, 2020
* master: (117 commits) vrp: allow supervisord to open its log file (envoyproxy#14066) [http1] fix H/1 response pipelining (envoyproxy#13983) wasm: make dependency clearer (envoyproxy#14062) docs: updating 100-continue docs (envoyproxy#14040) quiche: fix stream trailer decoding issue (envoyproxy#13871) tidy: use last_github_commit script instead of target branch (envoyproxy#14052) stats: use RE2 and a better pattern to accelerate a single stats tag-extraction RE (envoyproxy#8831) wasm: use static registration for runtimes (envoyproxy#14014) grpc-json-transcoder: Add support for configuring unescaping behavior (envoyproxy#14009) ci: fix CodeQL-build by removing deprecated set-env command (envoyproxy#14046) config: fix crash when type URL doesn't match proto. (envoyproxy#14031) Build: Propagate user-supplied tags to external headers library. (envoyproxy#14016) [test host utils] use make_shared to avoid memory leaks (envoyproxy#14042) jwt_authn: update to jwt_verify_lib with 1 minute clock skew (envoyproxy#13872) quiche: update QUICHE tar (envoyproxy#13949) sds: improve watched directory documentation. (envoyproxy#14029) log the internal error message from *SSL when the cert and private key doesn't match (envoyproxy#14023) wasm: fix CPE for Wasmtime. (envoyproxy#14024) docs: Bump sphinxext-rediraffe version (envoyproxy#13996) CDS: remove warming cluster if CDS response desired (envoyproxy#13997) ...
andreyprezotto
pushed a commit
to andreyprezotto/envoy
that referenced
this pull request
Nov 24, 2020
…y doesn't match (envoyproxy#14023) Fixes envoyproxy#14022 Signed-off-by: Dongfang Qu <qudongfang@gmail.com>
qqustc
pushed a commit
to qqustc/envoy
that referenced
this pull request
Nov 24, 2020
…y doesn't match (envoyproxy#14023) Fixes envoyproxy#14022 Signed-off-by: Dongfang Qu <qudongfang@gmail.com> Signed-off-by: Qin Qin <qqin@google.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Issue #14022