Bug 239034
Summary: | RHN yum plugin sending malformed HTTP/1.1 header to proxy server preventing updates | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Terry Consultant <t.consultant> | ||||
Component: | m2crypto | Assignee: | Miloslav Trmač <mitr> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 5.0 | CC: | doughnut, kraxel, marceln, scott.brynen | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | i386 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | RHBA-2008-0041 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2008-01-16 14:18:57 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 246139, 296411 | ||||||
Attachments: |
|
Description
Terry Consultant
2007-05-04 15:33:33 UTC
Additionally, I have tested going to other non-rhn repos with yum on the same machine, through the same proxy. They all worked fine once I disabled the rhn plugin. I see this too. Recent errata update (yum-rhn-plugin-0.4.3-2.el5.noarch.rpm) doesn't fix it. is there an update for this issue?? Created attachment 198561 [details]
M2Crypto proxy Host: header patch
Brute force fix to add the "Host:" header to make mod_proxy's strict RFC
checking happy.
I have hacked together a simple fix and tested with mod_proxy. The issue is two different python calls are being made to connect via the proxy, and one breaks RFC causing mod_proxy to throw a 400 bad request. (thanks to Terry for tracking down the exact problem!) The bug is really in the httpslib.py in the m2crypto-0.16-6.el5.1 package. Here's a simple one line hack/fix for the bare minimum to make mod_proxy happy. (i have not tested this fix via squid or other proxies, although not sure why this would break anything since we're just adding the Host: header directly to the request sent to the proxy) Patch was generated on a x86_64 machine, but I've tested that it applies cleanly on a 32bit/i386 arch. to apply to your system, follow these directions: -download the patch file -x86_64: cd to /usr/lib64/python2.4/site-packages/M2Crypto -i386: cd to /usr/lib/python2.4/site-packages/M2Crypto -patch the file: patch -p0 < /[path to your patch]/rhn-mod_proxy-fix.patch I can confirm that this sullution works on a i386 and a x86_64 rhel 5 system! mitr, can you take a look at this patch and give your input. The patch works fine (tested with squid and mod_proxy); I have sent it upstream and added it to rawhide m2crypto-0.18-2. Karl, thank you! I can confirm that this bug occurs and is solved with the patch to add the Host with a Sophos WS1000 web security appliance as well. This bug should also be marked as applying to all RH5 hardware platforms. *** Bug 243468 has been marked as a duplicate of this bug. *** An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0041.html |