From 34e16d47c54cb913fa94610d7d2780acddf7c836 Mon Sep 17 00:00:00 2001 From: william cross Date: Wed, 10 Apr 2024 14:24:13 +0100 Subject: [PATCH] Resolved #160 now checks wether the host cert is the same as server cert for sender if it is then an error message is given added sender_failed = True to an exception to properly show it failed --- ssm/agents.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ssm/agents.py b/ssm/agents.py index 54e57324..4726cbb2 100644 --- a/ssm/agents.py +++ b/ssm/agents.py @@ -222,6 +222,12 @@ def run_sender(protocol, brokers, project, token, cp, log): host_dn = get_certificate_subject(_from_file(host_cert)) log.info('Messages will be signed using %s', host_dn) + if server_cert == host_cert: + raise Ssm2Exception( + "server certificate is the same as host certificate in config file. " + "Do you really mean to encrypt messages with this certificate?" + ) + sender = Ssm2(brokers, cp.get('messaging', 'path'), path_type=path_type, @@ -246,6 +252,7 @@ def run_sender(protocol, brokers, project, token, cp, log): except (Ssm2Exception, CryptoException) as e: print('SSM failed to complete successfully. See log file for details.') log.error('SSM failed to complete successfully: %s', e) + sender_failed = True except Exception as e: print('SSM failed to complete successfully. See log file for details.') log.exception('Unexpected exception in SSM. See traceback below.')