diff options
| author | Michał Górny <mgorny@gentoo.org> | 2020-10-01 13:34:55 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2020-10-01 13:34:55 +0200 |
| commit | ce683786ce6ad9d0f5723b4438bb9054f4a49d77 (patch) | |
| tree | 5f9498a834549d1680750761f6eb64e5c85a23b0 | |
| parent | 9840187c10dcac5953daa0b2b419a86e633d7a22 (diff) | |
| download | gemato-ce683786ce6ad9d0f5723b4438bb9054f4a49d77.tar.gz | |
openpgp: Fix handling connection errors in WKD refresh
Bug: https://bugs.gentoo.org/745771
Signed-off-by: Michał Górny <mgorny@gentoo.org>
| -rw-r--r-- | gemato/openpgp.py | 12 | ||||
| -rw-r--r-- | tests/test_openpgp.py | 17 |
2 files changed, 19 insertions, 10 deletions
diff --git a/gemato/openpgp.py b/gemato/openpgp.py index 8663f02..a6fbfa8 100644 --- a/gemato/openpgp.py +++ b/gemato/openpgp.py @@ -416,10 +416,14 @@ debug-level guru } for a in addrs: url = get_wkd_url(a) - resp = requests.get(url, proxies=proxies) - if resp.status_code != 200: - logging.debug(f'refresh_keys_wkd(): failing due to failed' - f'request for {url}: {resp}') + try: + resp = requests.get(url, proxies=proxies) + resp.raise_for_status() + except (requests.exceptions.ConnectionError, + requests.exceptions.HTTPError, + ) as e: + logging.debug(f'refresh_keys_wkd(): failing due to failed ' + f'request for {url}: {e}') return False data += resp.content diff --git a/tests/test_openpgp.py b/tests/test_openpgp.py index 6bce97d..c57a612 100644 --- a/tests/test_openpgp.py +++ b/tests/test_openpgp.py @@ -5,6 +5,7 @@ import datetime import io +import logging import os import shlex import signal @@ -875,22 +876,26 @@ def test_refresh_wkd(openpgp_env_with_refresh, pytest.skip(str(e)) +@pytest.mark.parametrize('status', [401, 404, 500, ConnectionError]) def test_refresh_wkd_fallback_to_hkp(openpgp_env_with_refresh, - hkp_server): + hkp_server, caplog, status): """Test whether WKD refresh failure falls back to HKP""" with pytest.importorskip('responses').RequestsMock() as responses: try: with io.BytesIO(VALID_PUBLIC_KEY) as f: openpgp_env_with_refresh.import_key(f) hkp_server.keys[KEY_FINGERPRINT] = REVOKED_PUBLIC_KEY - responses.add( - responses.GET, - 'https://example.com/.well-known/openpgpkey/hu/' - '5x66h616iaskmnadrm86ndo6xnxbxjxb?l=gemato', - status=404) + if status is not ConnectionError: + responses.add( + responses.GET, + 'https://example.com/.well-known/openpgpkey/hu/' + '5x66h616iaskmnadrm86ndo6xnxbxjxb?l=gemato', + status=status) + caplog.set_level(logging.DEBUG) openpgp_env_with_refresh.refresh_keys( allow_wkd=True, keyserver=hkp_server.addr) + assert 'failing due to failed request' in caplog.text with pytest.raises(OpenPGPRevokedKeyFailure): with io.StringIO(SIGNED_MANIFEST) as f: |