Closed jpineaufr closed 4 months ago
Interesting! In this case it seems that the peer is returning no certificates, is that correct and expected?
If I understand how the paho MQTT client works, this seems expected. I am facing this case only on the TLS connection to the MQTT broker.
This problem is not critical. This is just for information if anyone has the same situation.
I am also seeing this. I'm trying to implement truststore
into Salt and I'm seeing this error when Salt tries to download files.
@twangboy Thanks for reporting this, are there any special circumstances you're using Truststore under that might return zero certificates in the handshake? I'll get a fix for this incorrect exception out.
Yeah, I'm not that familiar with the code. I'm trying to figure out what we're doing...
Hello,
Maybe I'm not using this library correctly with MQTTLibrary. But I prefer to inform you of my problem.
In the _api.py file, the _verify_peercerts function can initialize the cert_bytes variable as an empty array. This variable is assigned to the cert_chain parameter of the _verify_peercerts_impl function.
In a Windows env (_windows.py), the _verify_peercerts_impl uses the cert_chain as a non-empty array without check. If the cert_chain is empty, the function throws an exception: "IndexError: list index out of range"
For example to resolve this in my specific case, I use this in _windows.py (l. 322):
Regards