Turns out the exception propagation here works after all
diff --git a/OpenSSL/ssl/context.c b/OpenSSL/ssl/context.c
index ebaf164..98cc01c 100644
--- a/OpenSSL/ssl/context.c
+++ b/OpenSSL/ssl/context.c
@@ -101,10 +101,8 @@
if (ret == NULL) {
/*
- * XXX The callback raised an exception. At the very least, it should
- * be printed out here. An *actual* solution would be to raise it up
- * through OpenSSL. That might be a bit tricky, but it's probably
- * possible. -exarkun
+ * The callback raised an exception. It will be raised by whatever
+ * Python API triggered this callback.
*/
goto out;
}
@@ -119,9 +117,9 @@
if (!PyString_Check(ret)) {
/*
- * XXX Returned something that wasn't a string. This is bogus. We
- * should report an error or raise an exception (again, through OpenSSL
- * - tricky). -exarkun
+ * XXX Returned something that wasn't a string. This is bogus. We'll
+ * return 0 and OpenSSL will treat it as an error, resulting in an
+ * exception from whatever Python API triggered this callback.
*/
Py_DECREF(ret);
goto out;
@@ -130,8 +128,9 @@
len = PyString_Size(ret);
if (len > maxlen) {
/*
- * XXX Returned more than we said they were allowed to return. Report
- * an error or raise an exception (tricky blah blah). -exarkun
+ * Returned more than we said they were allowed to return. Just
+ * truncate it. Might be better to raise an exception,
+ * instead. -exarkun
*/
len = maxlen;
}