(dev/core#178) Redis - Report error messages

[totten]

Overview

If the Redis server returns an error message (e.g. due to malformed requests or credentials), the substance of this message is invisible to the site administrator.

See also: https://lab.civicrm.org/dev/core/issues/178

Before

The reported error is opaque -- specifying that some $key was unavailable, but not reporting why it was unavailable.

After

The reported includes the reason provided by Redis.

[civibot]

(Standard links)

• If this is your first pull-request for CiviCRM, please browse CONTRIBUTING.md for information about the development and testing processes.
• If you are reviewing this pull-request, you may wish to consult the test sites and the Review Standards (long template, short template).

[colemanw]

Is there any possibility of sensitive information being contained in that message? If so we should check permissions "view debug output" before appending that info.

[totten]

I suspect the error messages are safe, but it's hard to know because it's an open-set. Adding the permission check sounds smart from a policy perspective...

But I'm not so sure about bootstrap mechanics -- the thing is that caches are used very early during the bootstrap process, and permission-checks feel like something that requires more services... feels likely to create strange-loop. (Witness: CRM_Core_Permission::check() fires hooks. If the cache is failing, then we may not be able to display the error about the cache failing because we can't check permissions because we can't fire hooks because we can't access the extension-mapping cache.) I'll push up a revision which tries to take a more conservative tact.

Relatedly, I think the call to the CRM_Core_Error::fatal() has been misusing the second parameter in a way that might leak inappropriate data. I'm updating to fix that too.

[colemanw]

This looks good now.