Share ssl error codes

youknowone · youknowone · commit 07f44275c5b5 · 2025-12-20T19:31:01.000+09:00
diff --git a/crates/stdlib/src/openssl.rs b/crates/stdlib/src/openssl.rs
@@ -248,8 +248,6 @@ mod _ssl {
     #[pyattr]
     const VERIFY_DEFAULT: u32 = 0;
     #[pyattr]
-    const SSL_ERROR_EOF: u32 = 8; // custom for python
-    #[pyattr]
     const HAS_SNI: bool = true;
     #[pyattr]
     const HAS_ECDH: bool = true;
@@ -3391,15 +3389,8 @@ mod _ssl {
                 Some(io_err) => return io_err.to_pyexception(vm),
                 // When no I/O error and OpenSSL error queue is empty,
                 // this is an EOF in violation of protocol -> SSLEOFError
-                // Need to set args[0] = SSL_ERROR_EOF for suppress_ragged_eofs check
                 None => {
-                    return vm
-                        .new_os_subtype_error(
-                            PySSLEOFError::class(&vm.ctx).to_owned(),
-                            Some(SSL_ERROR_EOF as i32),
-                            "EOF occurred in violation of protocol",
-                        )
-                        .upcast();
+                    return create_ssl_eof_error(vm).upcast();
                 }
             },
             ssl::ErrorCode::SSL => {
@@ -3412,13 +3403,7 @@ mod _ssl {
                         let reason = sys::ERR_GET_REASON(err_code);
                         let lib = sys::ERR_GET_LIB(err_code);
                         if lib == ERR_LIB_SSL && reason == SSL_R_UNEXPECTED_EOF_WHILE_READING {
-                            return vm
-                                .new_os_subtype_error(
-                                    PySSLEOFError::class(&vm.ctx).to_owned(),
-                                    Some(SSL_ERROR_EOF as i32),
-                                    "EOF occurred in violation of protocol",
-                                )
-                                .upcast();
+                            return create_ssl_eof_error(vm).upcast();
                         }
                     }
                     return convert_openssl_error(vm, ssl_err.clone());
diff --git a/crates/stdlib/src/ssl.rs b/crates/stdlib/src/ssl.rs
@@ -207,28 +207,6 @@ mod _ssl {
     #[pyattr]
     const OP_ALL: i32 = 0x00000BFB; // Combined "safe" options (reduced for i32, excluding OP_LEGACY_SERVER_CONNECT for OpenSSL 3.0.0+ compatibility)
 
-    // Error types
-    #[pyattr]
-    const SSL_ERROR_NONE: i32 = 0;
-    #[pyattr]
-    const SSL_ERROR_SSL: i32 = 1;
-    #[pyattr]
-    const SSL_ERROR_WANT_READ: i32 = 2;
-    #[pyattr]
-    const SSL_ERROR_WANT_WRITE: i32 = 3;
-    #[pyattr]
-    const SSL_ERROR_WANT_X509_LOOKUP: i32 = 4;
-    #[pyattr]
-    const SSL_ERROR_SYSCALL: i32 = 5;
-    #[pyattr]
-    const SSL_ERROR_ZERO_RETURN: i32 = 6;
-    #[pyattr]
-    const SSL_ERROR_WANT_CONNECT: i32 = 7;
-    #[pyattr]
-    const SSL_ERROR_EOF: i32 = 8;
-    #[pyattr]
-    const SSL_ERROR_INVALID_ERROR_CODE: i32 = 10;
-
     // Alert types (matching _TLSAlertType enum)
     #[pyattr]
     const ALERT_DESCRIPTION_CLOSE_NOTIFY: i32 = 0;
diff --git a/crates/stdlib/src/ssl/error.rs b/crates/stdlib/src/ssl/error.rs
@@ -10,9 +10,27 @@ pub(crate) mod ssl_error {
         types::Constructor,
     };
 
-    // Error type constants (needed for create_ssl_want_read_error etc.)
+    // Error type constants - exposed as pyattr and available for internal use
+    #[pyattr]
+    pub(crate) const SSL_ERROR_NONE: i32 = 0;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_SSL: i32 = 1;
+    #[pyattr]
     pub(crate) const SSL_ERROR_WANT_READ: i32 = 2;
+    #[pyattr]
     pub(crate) const SSL_ERROR_WANT_WRITE: i32 = 3;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_WANT_X509_LOOKUP: i32 = 4;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_SYSCALL: i32 = 5;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_ZERO_RETURN: i32 = 6;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_WANT_CONNECT: i32 = 7;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_EOF: i32 = 8;
+    #[pyattr]
+    pub(crate) const SSL_ERROR_INVALID_ERROR_CODE: i32 = 10;
 
     #[pyattr]
     #[pyexception(name = "SSLError", base = PyOSError)]
@@ -102,15 +120,15 @@ pub(crate) mod ssl_error {
     pub fn create_ssl_eof_error(vm: &VirtualMachine) -> PyRef<PyOSError> {
         vm.new_os_subtype_error(
             PySSLEOFError::class(&vm.ctx).to_owned(),
-            None,
+            Some(SSL_ERROR_EOF),
             "EOF occurred in violation of protocol",
         )
     }
 
     pub fn create_ssl_zero_return_error(vm: &VirtualMachine) -> PyRef<PyOSError> {
         vm.new_os_subtype_error(
             PySSLZeroReturnError::class(&vm.ctx).to_owned(),
-            None,
+            Some(SSL_ERROR_ZERO_RETURN),
             "TLS/SSL connection has been closed (EOF)",
         )
     }
