Open mdekstrand opened 8 months ago
@mdekstrand Could you post an example, please? Unfortunately, I doubt anyone is going to actively go and try reproducing it any time soon.
If you see a nice way to improve that, contributions are welcome.
Hi @mdekstrand,
Thanks for sharing the steps to reproduce the issue. However, I couldn't replicate the problem using those steps because it seems that something needs to be pushed to the remote storage first. If nothing has been pushed yet, then there's no error. But if we try to push changes to the remote storage, the issue can be reproduced as well.
Here are the detailed steps I took:
Run the following command to generate a certificate and private key for use with SFTPGo.
openssl req -x509 -out secrets/localhost.crt -keyout secrets/localhost.key \
-newkey rsa:4096 -nodes -sha256 \
-subj '/CN=localhost' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
Set up an SFTPGo server that supports WebDAV. This server will listen on a specific port number (10443) on your local machine. Configure the server to use the SSL/TLS certificate and private key created in step 1 to enable secure connections over HTTPS.
#!/usr/bin/env bash
CONTAINER_NAME="webdav" SECRETS_DIR="/usr/local/src/secrets"
graceful_shutdown() { docker stop $CONTAINER_NAME && docker rm $CONTAINER_NAME exit } trap graceful_shutdown INT TERM
docker create --name $CONTAINER_NAME \ -a STDOUT \ -p 8080:8080 \ -p 2022:2022 \ -p 10443:10443 \ -e SFTPGO_WEBDAVDBINDINGS0PORT=10443 \ -e SFTPGO_WEBDAVDBINDINGS0ENABLE_HTTPS=true \ -e SFTPGO_WEBDAVDBINDINGS0CERTIFICATE_FILE=$SECRETS_DIR/localhost.crt \ -e SFTPGO_WEBDAVDBINDINGS0CERTIFICATE_KEY_FILE=$SECRETS_DIR/localhost.key \ -t "drakkan/sftpgo:v2.5.5" || exit
docker cp -q ./secrets/ $CONTAINER_NAME:$SECRETS_DIR || exit docker start --attach $CONTAINER_NAME || exit
3. Make sure the server is using the certificate you provided
```bash
openssl s_client -showcerts -connect localhost:10443 </dev/null
Initialize DVC.
dvc init --no-scm
Track some changes.
touch example.xml && dvc add example.xml
Add the remote.
dvc remote add test webdavs://localhost:10443
Try to push changes to the remote.
dvc push --remote test
Thanks @hqdncw! That's exactly the error situation I was seeing.
Bug Report
Description
When using the 'webdavs' remote, if the connection fails due to an SSL verification error, the error cause is hidden and DVC fails with an internal error message.
Reproduce
Expected
DVC to fail with an error message stating that the SSL verification failed.
This information is currently only available when running with
-v
.Environment information