在证书/密钥不匹配的情况下尝试/不使用扭曲的启动

时间:2014-12-18 15:10:32

标签: python exception twisted

所以我的扭曲邮件接收器运行良好。直到我们尝试处理配置为fubarred的情况,并且将不匹配的证书/密钥传递给工厂的证书选项对象。

我有一个模块custom_esmtp.py,其中包含ext_STARTLS(self,rest)的重载,我已修改如下,包括try / except:

    elif self.ctx and self.canStartTLS:
            try:
                self.sendCode(220, 'Begin TLS negotiation now')
                self.transport.startTLS(self.ctx)
                self.startedTLS = True
            except:
                log.err()
                self.sendCode(550, "Internal server error")
                return

当我运行代码时,传递了一个不匹配的证书和密钥,我得到以下调用堆栈:

Unhandled Error
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/site-packages/twisted/internet/tcp.py", line 220, in _dataReceived
    rval = self.protocol.dataReceived(data)
  File "/usr/local/lib/python2.7/site-packages/twisted/protocols/basic.py", line 454, in dataReceived
    self.lineReceived(line)
  File "/usr/local/lib/python2.7/site-packages/twisted/mail/smtp.py", line 568, in lineReceived
    return getattr(self, 'state_' + self.mode)(line)
  File "/usr/local/lib/python2.7/site-packages/twisted/mail/smtp.py", line 582, in state_COMMAND
    method('')
--- <exception caught here> ---
  File "custom_esmtp.py", line 286, in ext_STARTTLS
    self.transport.startTLS(self.ctx)
  File "/usr/local/lib/python2.7/site-packages/twisted/internet/_newtls.py", line 179, in startTLS
    startTLS(self, ctx, normal, FileDescriptor)
  File "/usr/local/lib/python2.7/site-packages/twisted/internet/_newtls.py", line 139, in startTLS
    tlsFactory = TLSMemoryBIOFactory(contextFactory, client, None)
  File "/usr/local/lib/python2.7/site-packages/twisted/protocols/tls.py", line 769, in __init__
    contextFactory = _ContextFactoryToConnectionFactory(contextFactory)
  File "/usr/local/lib/python2.7/site-packages/twisted/protocols/tls.py", line 648, in __init__
    oldStyleContextFactory.getContext()
  File "/usr/local/lib/python2.7/site-packages/twisted/internet/_sslverify.py", line 1429, in getContext
    self._context = self._makeContext()
  File "/usr/local/lib/python2.7/site-packages/twisted/internet/_sslverify.py", line 1439, in _makeContext
    ctx.use_privatekey(self.privateKey)
OpenSSL.SSL.Error: [('x509 certificate routines', 'X509_check_private_key', 'key values mismatch')]

custom_esmtp.py的第286行是self.transport.startTLS(self.ctx)。我已经查看了堆栈中列出的所有扭曲模块,在引用的行中,并且没有其他try / except块....所以我的理解是错误应该传回堆栈,未处理,直到它到达我custom_esmtp.py的处理程序?那么为什么它没有被处理 - 特别是因为我唯一的except是“全部捕获”?

提前致谢!

1 个答案:

答案 0 :(得分:1)

如果要捕获此错误,可以执行以下操作:

from OpenSSL import SSL

# ...

try:
    # ...
except SSL.Error:
    # ...

也许语法有点变化。我无法检查,因为我没有使用这个精确的软件包,但我们的想法是你必须声明要捕获的异常的导入路径。

相关问题
最新问题