[bugfix] tweak httpclient error handling again ... (#1721)

* check for tls, x509 errors using string.Contains() since crypto/tls sucks Signed-off-by: kim <grufwub@gmail.com> * use 2* maxprocs Signed-off-by: kim <grufwub@gmail.com> --------- Signed-off-by: kim <grufwub@gmail.com>
2025-06-05 21:59:39 +02:00 · 2023-04-30 09:11:18 +01:00
parent 68b91d2128
commit ead286a67b
2 changed files with 8 additions and 11 deletions
--- a/internal/httpclient/client.go
+++ b/internal/httpclient/client.go
@ -19,7 +19,6 @@ package httpclient

 import (
 	"context"
-	"crypto/x509"
 	"errors"
 	"fmt"
 	"io"
@ -266,15 +265,13 @@ func (c *Client) DoSigned(r *http.Request, sign SignFunc) (rsp *http.Response, e
 		) {
 			// Non-retryable errors.
 			return nil, err
-		} else if errorsv2.Assignable(err,
-			(*x509.CertificateInvalidError)(nil),
-			(*x509.HostnameError)(nil),
-			(*x509.UnknownAuthorityError)(nil),
-		) {
-			// Non-retryable TLS errors.
-			return nil, err
-		} else if strings.Contains(err.Error(), "stopped after 10 redirects") {
-			// Don't bother if net/http returned after too many redirects
+		} else if errstr := err.Error(); // nocollapse
+		strings.Contains(errstr, "stopped after 10 redirects") ||
+			strings.Contains(errstr, "tls: ") ||
+			strings.Contains(errstr, "x509: ") {
+			// These error types aren't wrapped
+			// so we have to check the error string.
+			// All are unrecoverable!
 			return nil, err
 		} else if dnserr := (*net.DNSError)(nil); // nocollapse
 		errors.As(err, &dnserr) && dnserr.IsNotFound {