gnsq icon indicating copy to clipboard operation
gnsq copied to clipboard

Published 20 hours ago verified publisher icon wtolson

TLS certification failed

Open bizky opened this issue 5 years ago • 1 comments

When I use the TLS cerification of gnsq, the code raised a exception. The Traceback of the exception is

Traceback (most recent call last):
  File "test.py", line 10, in <module>
    producer.start()
  File "/usr/local/lib/python3.5/dist-packages/gnsq/producer.py", line 112, in start
    self.connect_to_nsqd(address, int(port))
  File "/usr/local/lib/python3.5/dist-packages/gnsq/producer.py", line 154, in connect_to_nsqd
    conn.identify()
  File "/usr/local/lib/python3.5/dist-packages/gnsq/nsqd.py", line 381, in identify
    self.upgrade_to_tls()
  File "/usr/local/lib/python3.5/dist-packages/gnsq/nsqd.py", line 319, in upgrade_to_tls
    self.check_ok()
  File "/usr/local/lib/python3.5/dist-packages/gnsq/nsqd.py", line 307, in check_ok
    frame, data = self.read_response()
  File "/usr/local/lib/python3.5/dist-packages/gnsq/nsqd.py", line 257, in read_response
    processed_data = frame_handler(data)
  File "/usr/local/lib/python3.5/dist-packages/gnsq/nsqd.py", line 265, in handle_response
    self.on_response.send(self, response=data)
  File "/usr/local/lib/python3.5/dist-packages/blinker/base.py", line 267, in send
    for receiver in self.receivers_for(sender)]
  File "/usr/local/lib/python3.5/dist-packages/blinker/base.py", line 267, in <listcomp>
    for receiver in self.receivers_for(sender)]
  File "/usr/local/lib/python3.5/dist-packages/gnsq/producer.py", line 217, in handle_response
    result = self._response_queues[conn].popleft()

It seems that the self._response_queues of conn is missing, because the value of self._response_queues is {} when running at the last exception code.

The NSQD(v1.1.0) is run by the following command:

./nsqd --lookupd-tcp-address=127.0.0.1:4160 -tls-cert=./certs/server.pem -tls-key=./certs/server.key -tls-root-ca-file=./certs/ca.pem -tls-required=true

where, the certs folder is generated by the official command of nsq.

The Python code to connect to the nsqd is shown as following:

from gnsq import Producer

tls_options = {
    'keyfile': "./certs/server.key",
    'certfile': "./certs/server.pem",
}

producer = Producer('127.0.0.1:4150',tls_v1 = True, tls_options = tls_options)
producer.start()
producer.publish('topic', b'hello world')

bizky avatar Jun 09 '19 18:06 bizky

I'm having the same problem. I managed to fix it (temporarily) by changing the handle_response in gnsq/producer.py from this:

    def handle_response(self, conn, response):
        self.logger.debug('[%s] response: %s', conn, response)

        if response == nsq.OK:
            result = self._response_queues[conn].popleft()
            result.set(response)

        self.on_response.send(self, response=response)

To this:

    def handle_response(self, conn, response):
        self.logger.debug('[%s] response: %s', conn, response)

        if response == nsq.OK:
            if conn in self._response_queues:
                result = self._response_queues[conn].popleft()
                result.set(response)

        self.on_response.send(self, response=response)

herberthamaral avatar Sep 05 '19 20:09 herberthamaral