From dfb720d0ee1eb48fba4fea0e205e3ce686d01349 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 17 Aug 2018 13:56:38 -0400
Subject: [PATCH] Have collective command warn if the libssl library is not
 viable

Main example is RedHat providing pyOpenSSL of relatively ancient
vintage.
---
 confluent_server/confluent/sockapi.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/confluent_server/confluent/sockapi.py b/confluent_server/confluent/sockapi.py
index db6d5864..ea5c37e6 100644
--- a/confluent_server/confluent/sockapi.py
+++ b/confluent_server/confluent/sockapi.py
@@ -144,6 +144,14 @@ def sessionhdl(connection, authname, skipauth=False, cert=None):
     send_data(connection, {'authpassed': 1})
     request = tlvdata.recv(connection)
     if 'collective' in request and skipauth:
+        if not libssl:
+            tlvdata.send(
+                connection,
+                {'collective': {'error': 'Server either does not have '
+                                         'python-openssl installed or has an '
+                                         'incorrect version installed '
+                                         '(e.g. pyOpenSSL)'}})
+            return
         return collective.handle_connection(connection, None, request['collective'],
                                      local=True)
     while request is not None: