From b1ce5cde1d8b06c03e9dacbc6cda15ebbe3a1ac4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9ophile=20Diot?= <tdiot@bunkerity.com>
Date: Mon, 19 Aug 2024 10:22:19 +0100
Subject: [PATCH] chore: Fix error handling in custom-cert.py

---
 src/common/core/customcert/jobs/custom-cert.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/common/core/customcert/jobs/custom-cert.py b/src/common/core/customcert/jobs/custom-cert.py
index 42752f83a..1d56e04e5 100644
--- a/src/common/core/customcert/jobs/custom-cert.py
+++ b/src/common/core/customcert/jobs/custom-cert.py
@@ -43,6 +43,7 @@ def check_cert(cert_file: Union[Path, bytes], key_file: Union[Path, bytes], firs
             cached, err = JOB.cache_file("cert.pem", cert_file, service_id=first_server, checksum=cert_hash, delete_file=False)
             if not cached:
                 LOGGER.error(f"Error while caching custom-cert cert.pem file : {err}")
+                return False, err
 
         key_hash = bytes_hash(key_file)
         old_hash = JOB.cache_hash("key.pem", service_id=first_server)
@@ -51,6 +52,7 @@ def check_cert(cert_file: Union[Path, bytes], key_file: Union[Path, bytes], firs
             cached, err = JOB.cache_file("key.pem", key_file, service_id=first_server, checksum=key_hash, delete_file=False)
             if not cached:
                 LOGGER.error(f"Error while caching custom-key key.pem file : {err}")
+                return False, err
 
         return ret, ""
     except BaseException as e:
@@ -98,6 +100,7 @@ def check_cert(cert_file: Union[Path, bytes], key_file: Union[Path, bytes], firs
                     except BaseException:
                         LOGGER.exception(f"Error while decoding cert data, skipping server {first_server}...")
                         skipped_servers.append(first_server)
+                        status = 2
                         continue
 
                 if key_file:
@@ -108,6 +111,7 @@ def check_cert(cert_file: Union[Path, bytes], key_file: Union[Path, bytes], firs
                     except BaseException:
                         LOGGER.exception(f"Error while decoding key data, skipping server {first_server}...")
                         skipped_servers.append(first_server)
+                        status = 2
                         continue
 
                 LOGGER.info(f"Checking certificate for {first_server} ...")
@@ -115,10 +119,12 @@ def check_cert(cert_file: Union[Path, bytes], key_file: Union[Path, bytes], firs
                 if isinstance(err, BaseException):
                     LOGGER.error(f"Exception while checking {first_server}'s certificate, skipping ... \n{err}")
                     skipped_servers.append(first_server)
+                    status = 2
                     continue
                 elif err:
                     LOGGER.warning(f"Error while checking {first_server}'s certificate : {err}")
                     skipped_servers.append(first_server)
+                    status = 2
                     continue
                 elif need_reload:
                     LOGGER.info(f"Detected change in {first_server}'s certificate")