fix proxy and SSL connection errors, registration bug

redhataccess · Apr 5, 2016 · caf5e4b · caf5e4b
1 parent 612af27
commit caf5e4b
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 10 deletions.
diff --git a/etc/redhat-access-insights.spec b/etc/redhat-access-insights.spec
@@ -4,7 +4,7 @@
 Name:                   redhat-access-insights
 Summary:                Uploads Insights information to Red Hat on a periodic basis
 Version:                1.0.8
-Release:                13%{?dist}
+Release:                14%{?dist}
 Source0:                https://github.com/redhataccess/insights-client/archive/redhat-access-insights-%{version}.tar.gz
 Epoch:                  0
 License:                GPLv2+
@@ -83,6 +83,9 @@ test "x$RPM_BUILD_ROOT" != "x" && rm -rf $RPM_BUILD_ROOT
 /usr/share/man/man5/*.5.gz
 
 %changelog
+* Tue Apr 05 2016 Jeremy CraftS <[email protected]> - 1.0.8-14
+- Resolves: bz1323150, bz1323187
+
 * Mon Mar 30 2016 Jeremy Crafts <[email protected]> - 1.0.8-13
 - Certificiate bugfix
 

diff --git a/redhat_access_insights/connection.py b/redhat_access_insights/connection.py
@@ -193,6 +193,7 @@ def _validate_hostnames(self):
             logger.debug(e)
             logger.error(
                 "Could not resolve hostname: %s", endpoint_url.geturl())
+            sys.exit(1)
         if self.proxies is not None:
             proxy_url = urlparse(self.proxies['https'])
             try:
@@ -210,7 +211,7 @@ def _validate_hostnames(self):
             except socket.gaierror as e:
                 logger.debug(e)
                 logger.error("Could not resolve proxy %s", proxy_url.geturl())
-                traceback.print_exc()
+                sys.exit(1)
 
     def _test_urls(self, url, method):
         """
@@ -277,14 +278,22 @@ def _test_openssl(self):
         sock = socket.socket()
         sock.setblocking(1)
         if self.proxies:
-            connect_str = 'CONNECT {0} HTTP/1.0\r\n'.format(hostname)
+            connect_str = 'CONNECT {0} HTTP/1.0\r\n'.format(hostname[0])
             if self.proxy_auth:
                 connect_str += 'Proxy-Authorization: {0}\r\n'.format(self.proxy_auth)
             connect_str += '\r\n'
-            proxy = urlparse(self.proxies).netloc.split(':')
-            sock.connect((proxy[0], int(proxy[1])))
+            proxy = urlparse(self.proxies['https']).netloc.split(':')
+            try:
+                sock.connect((proxy[0], int(proxy[1])))
+            except Exception as e:
+                logger.debug(e)
+                logger.error('Failed to connect to proxy %s. Connection refused.' % self.proxies['https'])
+                sys.exit(1)
             sock.send(connect_str)
-            sock.recv(4096)
+            res = sock.recv(4096)
+            if 'HTTP/1.0 200 Connection established' not in res:
+                logger.error('Failed to connect to %s. Invalid hostname.' % self.base_url)
+                sys.exit(1)
         else:
             try:
                 sock.connect((hostname[0], 443))
@@ -321,7 +330,8 @@ def _test_openssl(self):
             logger.info(self._generate_cert_str(server_cert.get_subject(), 'subject=/'))
             logger.info(self._generate_cert_str(server_cert.get_issuer(), 'issuer=/'))
             logger.info('---')
-        except SSL.Error:
+        except SSL.Error as e:
+            logger.debug('SSL error: %s' % e)
             success = False
             logger.error('Certificate chain test failed!')
         ssl_conn.shutdown()
@@ -585,9 +595,6 @@ def register(self, options):
         """
         Register this machine
         """
-
-        delete_unregistered_file()
-
         client_hostname = determine_hostname()
         # This will undo a blacklist
         logger.debug("API: Create system")
@@ -602,6 +609,8 @@ def register(self, options):
 
         message = system.headers.get("x-rh-message", "")
 
+        delete_unregistered_file()
+
         # Do grouping
         if options.group is not None:
             self.do_group(options.group)