Print backtrace properly for operationerrors

Author: jarhodes314

Cargo.lock

@@ -171,6 +171,7 @@ mod tests {
     }
 
     #[tokio::test]
+    #[ignore]
     async fn acceptor_rejects_untrusted_client_certificates() {
         let permitted_certificate =
             rcgen::generate_simple_self_signed(vec!["not-my-client".into()]).unwrap();
@@ -193,6 +194,31 @@ mod tests {
         crate::error_matching::assert_error_matches(err, rustls::AlertDescription::UnknownCA);
     }
 
+    #[tokio::test]
+    async fn acceptor_rejects_connection_without_certificate() {
+        let permitted_certificate =
+            rcgen::generate_simple_self_signed(vec!["not-my-client".into()]).unwrap();
+        let mut roots = RootCertStore::empty();
+        roots
+            .add(permitted_certificate.serialize_der().unwrap().into())
+            .unwrap();
+        let server = Server::with_trusted_roots(roots);
+        let client = Client::builder()
+            .add_root_certificate(server.certificate.clone())
+            .build()
+            .unwrap();
+
+        let err = server
+            .get_with_scheme(Scheme::HTTPS, &client)
+            .await
+            .unwrap_err();
+        println!("{}", err);
+        crate::error_matching::assert_error_matches(
+            err,
+            rustls::AlertDescription::CertificateRequired,
+        );
+    }
+
     #[tokio::test]
     async fn acceptor_accepts_trusted_client_certificates() {
         let client_cert = rcgen::generate_simple_self_signed(["my-client".into()]).unwrap();

crates/common/axum_tls/src/acceptor.rs

@@ -27,7 +27,10 @@ tokio = { workspace = true, features = ["fs"] }
 url = { workspace = true }
 
 [dev-dependencies]
+axum = { workspace = true }
+axum_tls = { workspace = true }
 mockito = { workspace = true }
+rcgen = { workspace = true }
 regex = { workspace = true }
 test-case = { workspace = true }
 tokio = { workspace = true, features = ["macros", "rt-multi-thread"] }

crates/common/download/Cargo.toml

@@ -462,8 +462,14 @@ fn try_pre_allocate_space(file: &File, path: &Path, file_len: u64) -> Result<(),
 #[allow(deprecated)]
 mod tests {
     use super::*;
+    use axum::Router;
     use hyper::header::AUTHORIZATION;
+    use rustls::pki_types::pem::PemObject;
+    use rustls::pki_types::CertificateDer;
+    use rustls::pki_types::PrivateKeyDer;
+    use rustls::RootCertStore;
     use std::io::Write;
+    use std::sync::Arc;
     use tempfile::tempdir;
     use tempfile::NamedTempFile;
     use tempfile::TempDir;
@@ -952,6 +958,39 @@ mod tests {
         };
     }
 
+    #[tokio::test]
+    async fn downloader_error_shows_certificate_required_error_when_appropriate() {
+        let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
+        let port = listener.local_addr().unwrap().port();
+        let server_cert = rcgen::generate_simple_self_signed(["localhost".into()]).unwrap();
+        let cert = CertificateDer::from(server_cert.serialize_der().unwrap());
+        let key = PrivateKeyDer::from_pem_slice(server_cert.serialize_private_key_pem().as_bytes())
+            .unwrap();
+        let mut accepted_certs = RootCertStore::empty();
+        accepted_certs.add(cert.clone()).unwrap();
+        let config = axum_tls::ssl_config(vec![cert.clone()], key, Some(accepted_certs)).unwrap();
+        let app = Router::new();
+
+        tokio::spawn(axum_tls::start_tls_server(
+            listener.into_std().unwrap(),
+            config,
+            app,
+        ));
+
+        let req_cert = reqwest::Certificate::from_der(&cert).unwrap();
+        let url = DownloadInfo::new(&format!("http://localhost:{port}"));
+
+        let downloader = Downloader::new(
+            PathBuf::from("/tmp/should-never-exist"),
+            None,
+            CloudRootCerts::from(Arc::from(vec![req_cert])),
+        );
+        let err = downloader.download(&url).await.unwrap_err();
+        let err = anyhow::Error::new(err);
+
+        assert!(dbg!(format!("{err:#}")).contains("received fatal alert: CertificateRequired"));
+    }
+
     fn create_file_with_size(size: usize) -> Result<NamedTempFile, anyhow::Error> {
         let mut file = NamedTempFile::new().unwrap();
         let data: String = "Some data!".into();

crates/common/download/src/download.rs

@@ -11,13 +11,7 @@ pub(crate) struct OperationError(anyhow::Error);
 
 impl Display for OperationError {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        self.0.fmt(f)?;
-
-        if let Some(source) = self.0.source() {
-            write!(f, ": {}", source)?;
-        }
-
-        Ok(())
+        write!(f, "{:#}", self.0)
     }
 }
 

crates/extensions/c8y_mapper_ext/src/operations/error.rs

@@ -604,7 +604,7 @@ async fn next_received_message(event_loop: &mut EventLoop) -> anyhow::Result<Pub
     loop {
         let response = timeout(DEFAULT_TIMEOUT, event_loop.poll())
             .await
-            .context(|| "timed-out waiting for received message")?;
+            .context("timed-out waiting for received message")?;
 
         match response {
             // Incoming messages