diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-05-25 23:05:00 -0500 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-05-26 00:05:00 -0400 |
commit | d36bef0b744d79b209b13f87fb9c943e4091a2c5 (patch) | |
tree | ab33864d222f62b8c38511315e753063016c3153 /src/cryptography/hazmat/backends/openssl/dh.py | |
parent | 349923379f1c1baf51ff1709abaa19559a59ad69 (diff) | |
download | cryptography-d36bef0b744d79b209b13f87fb9c943e4091a2c5.tar.gz cryptography-d36bef0b744d79b209b13f87fb9c943e4091a2c5.tar.bz2 cryptography-d36bef0b744d79b209b13f87fb9c943e4091a2c5.zip |
fix libressl error/refactor some error handling (#3609)
* add libre so I can see the error
* add the libre error needed and refactor error handling a bit
We were historically matching on lib + func + reason, but func is
somewhat unstable so now we match on lib + reason only. Of course, in
this case libressl changed both lib and reason so it wouldn't
have mattered. All error handling from the error queue in
openssl is an illusion
* fix a typo, probably an unneeded branch
* review feedback
* refactor tests to support libressl
insert additional rant about libre here, although admittedly these tests
were assuming stability where openssl itself guarantees none
* better assert, fix flake8
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/dh.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/dh.py | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/dh.py b/src/cryptography/hazmat/backends/openssl/dh.py index 88c876fc..456e9bea 100644 --- a/src/cryptography/hazmat/backends/openssl/dh.py +++ b/src/cryptography/hazmat/backends/openssl/dh.py @@ -63,11 +63,11 @@ class _DHParameters(object): def _handle_dh_compute_key_error(errors, backend): lib = backend._lib - backend.openssl_assert(errors[0][1:] == ( - lib.ERR_LIB_DH, - lib.DH_F_COMPUTE_KEY, - lib.DH_R_INVALID_PUBKEY - )) + backend.openssl_assert( + errors[0]._lib_reason_match( + lib.ERR_LIB_DH, lib.DH_R_INVALID_PUBKEY + ) + ) raise ValueError("Public key value is invalid for this exchange.") |