diff --git a/roles/koji_builder/files/__init__.py b/roles/koji_builder/files/__init__.py index e7a66f2d97..4acafe73e6 100644 --- a/roles/koji_builder/files/__init__.py +++ b/roles/koji_builder/files/__init__.py @@ -1943,8 +1943,29 @@ class ClientSession(object): except Exception, e: self._close_connection() if isinstance(e, OpenSSL.SSL.Error): - for arg in e.args: - for _, _, ssl_reason in arg: + # pyOpenSSL doesn't use different exception + # subclasses, we have to actually parse the args + for arg in e.args: + # First, check to see if 'arg' is iterable because + # it can be anything.. + try: + iter(arg) + except TypeError: + continue + + # We do all this so that we can detect cert expiry + # so we can avoid retrying those over and over. + for items in arg: + try: + iter(items) + except TypeError: + continue + + if len(items) != 3: + continue + + _, _, ssl_reason = items + if ('certificate revoked' in ssl_reason or 'certificate expired' in ssl_reason): # There's no point in retrying for this diff --git a/roles/koji_builder/tasks/main.yml b/roles/koji_builder/tasks/main.yml index e955a1f901..7db1a0277c 100644 --- a/roles/koji_builder/tasks/main.yml +++ b/roles/koji_builder/tasks/main.yml @@ -255,3 +255,9 @@ tags: - koji_builder +- name: HOTFIX ssl fix for koji + copy: src=__init__.py dest=/usr/lib/python2.7/site-packages/koji/__init__.py + tags: + - koji_builder + - hotfix +