Fix(#331): add more context to ssl error (#333)

cedric05 · Nov 15, 2024 · 45d8a27 · 45d8a27
1 parent 72372eb
commit 45d8a27
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/dothttp/__version__.py b/dothttp/__version__.py
@@ -1 +1 @@
-__version__ = "0.0.43a26"
+__version__ = "0.0.43a27"
diff --git a/dothttp/exceptions.py b/dothttp/exceptions.py
@@ -109,3 +109,8 @@ class DothttpAwsAuthException(DotHttpException):
 @exception_wrapper("AzureAuth exception: {message}")
 class DothttpAzureAuthException(DotHttpException):
     pass
+
+
+@exception_wrapper("Certificate error: if you trust server provided certificate and not in cert chain, use `@insecure`")
+class DothttpUnSignedCertException(DotHttpException):
+    pass
diff --git a/dothttp/parse/request_base.py b/dothttp/parse/request_base.py
@@ -10,11 +10,13 @@
 from requests import PreparedRequest, Response, Session
 
 # this is bad, loading private stuff. find a better way
+from requests.exceptions import SSLError
 from requests.auth import CONTENT_TYPE_FORM_URLENCODED, HTTPBasicAuth, HTTPDigestAuth
 from requests.status_codes import _codes as status_code
 from requests_pkcs12 import Pkcs12Adapter
 from textx import metamodel_from_file
 
+from ..exceptions import DothttpUnSignedCertException
 from ..models.parse_models import Http, HttpFileType, MultidefHttp, ScriptType
 from ..parse import (
     APPLICATION_JSON,
@@ -556,6 +558,21 @@ def get_response(self):
                 cert=self.httpdef.certificate,
                 verify=not self.httpdef.allow_insecure,
             )
+        # in case of ssl self signed error, try to catch it and add more info
+        # to user
+        except SSLError as e:
+            # figure out if it is self signed error
+            # there can be multiple reasons for ssl error
+            # 1. self signed certificate
+            # 2. expired certificate
+            # 3. certificate not matching
+            # 4. certificate not trusted
+            # 5. certificate not in chain
+            if "SSL: CERTIFICATE_VERIFY_FAILED" in str(e):
+                eprint(
+                    "self signed certificate error, to ignore use --allow-insecure flag"
+                )
+                raise DothttpUnSignedCertException()
         if not self.args.no_cookie and isinstance(session.cookies, LWPCookieJar):
             try:
                 session.cookies.save()  # lwpCookie has .save method

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "dothttp-req"
-version = "0.0.43a26"
+version = "0.0.43a27"
 description = "Dothttp is Simple http client for testing and development"
 authors = ["Prasanth <[email protected]>"]
 license = "MIT"
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		__version__ = "0.0.43a26"
		__version__ = "0.0.43a27"