Replace broad exception handlers with specific exception types

dwoz · dwoz · commit 59dfc283b9f7 · 2026-01-02T16:23:53.000-07:00
Instead of catching generic Exception, now catch specific exceptions:
- SaltDeserializationError for payload deserialization failures
- OSError, InvalidKeyError for public key loading failures
- OSError, InvalidKeyError, ValueError, UnicodeDecodeError for cluster key decryption/validation

This provides better error specificity while still handling all expected failure modes.
diff --git a/salt/channel/server.py b/salt/channel/server.py
@@ -28,7 +28,12 @@
 import salt.utils.platform
 import salt.utils.stringutils
 import salt.utils.verify
-from salt.exceptions import SaltDeserializationError, SaltValidationError, UnsupportedAlgorithm
+from salt.exceptions import (
+    InvalidKeyError,
+    SaltDeserializationError,
+    SaltValidationError,
+    UnsupportedAlgorithm,
+)
 from salt.utils.cache import CacheCli
 
 log = logging.getLogger(__name__)
@@ -1317,8 +1322,8 @@ async def handle_pool_publish(self, payload, _):
 
                 try:
                     notify_data = salt.payload.loads(data["payload"])
-                except Exception as e:  # pylint: disable=broad-except
-                    log.error("Failed to load join-notify payload: %s", e)
+                except SaltDeserializationError as e:
+                    log.error("Failed to deserialize join-notify payload: %s", e)
                     return
 
                 sender_id = notify_data.get("peer_id")
@@ -1363,8 +1368,8 @@ async def handle_pool_publish(self, payload, _):
                             sender_id,
                         )
                         return
-                except Exception as e:  # pylint: disable=broad-except
-                    log.error("Error verifying join-notify signature: %s", e)
+                except (OSError, InvalidKeyError) as e:
+                    log.error("Error loading sender public key for signature verification: %s", e)
                     return
 
                 # Signature verified - now we can trust the notification
@@ -1394,8 +1399,8 @@ async def handle_pool_publish(self, payload, _):
 
                 try:
                     payload = salt.payload.loads(data["payload"])
-                except Exception as e:  # pylint: disable=broad-except
-                    log.error("Failed to load join-reply payload: %s", e)
+                except SaltDeserializationError as e:
+                    log.error("Failed to deserialize join-reply payload: %s", e)
                     return
 
                 # Verify the peer_id matches who we're expecting (bootstrap peer)
@@ -1426,8 +1431,8 @@ async def handle_pool_publish(self, payload, _):
                             data["peer_id"],
                         )
                         return
-                except Exception as e:  # pylint: disable=broad-except
-                    log.error("Error verifying join-reply signature: %s", e)
+                except (OSError, InvalidKeyError) as e:
+                    log.error("Error loading bootstrap public key for signature verification: %s", e)
                     return
 
                 # Verify the return token matches what we sent
@@ -1466,7 +1471,7 @@ async def handle_pool_publish(self, payload, _):
                     # Load and validate it's a valid private key
                     cluster_key_obj = salt.crypt.PrivateKeyString(cluster_key_pem)
 
-                except Exception as e:  # pylint: disable=broad-except
+                except (OSError, InvalidKeyError, ValueError, UnicodeDecodeError) as e:
                     log.error("Error decrypting/validating cluster key: %s", e)
                     return
 
