This repository was archived by the owner on Dec 16, 2022. It is now read-only.
Consider mirroring OneCRLTools code in canary repo #59
Comments
mwobensmith
changed the title
|
I don't think it's feasible for the reasons discussed in #58. The onecrl binary unfortunately does not report errors. This issue has been reported upstream in https://github.com/mozmark/OneCRL-Tools/issues/3. There already is a sanity check in https://github.com/mozilla/tls-canary/blob/master/one_crl_downloader.py#L71 for the onecrl output, and it makes tls_canary log a critical error and exit if onecrl yields an empty result. This is far from ideal, but so far it's the only way I found to detect onecrl error conditions. |
|
Let me add that the current problem is not caused by a onecrl runtime issue, but by an error in the onecrl package during the |
Merged
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Based on previous issue, where we seem to have a regression in a library we depend on, perhaps we should consider storing our own cache of the OneCRLTools code. The canary can't run correctly without it.
We could also consider other scenarios, like running the canary with warnings if this code is not working.
The text was updated successfully, but these errors were encountered: