Bug 1313868

Summary: [GSS] - SSL Warning message: [Errno 185090050] _ssl.c:344: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Product: Red Hat Gluster Storage Reporter: Mukul Malhotra <mmalhotr>
Component: gluster-swiftAssignee: sankarshan <sankarshan>
Status: CLOSED NOTABUG QA Contact: surabhi <sbhaloth>
Severity: high Docs Contact:
Priority: high    
Version: rhgs-3.1CC: a.badger, extras-qa, lmacken, nlevinki, ppai, rbean, rhs-bugs, rjones, thiago, tla
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1019120 Environment:
Last Closed: 2016-03-17 15:46:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1019120    
Bug Blocks:    

Description Mukul Malhotra 2016-03-02 13:54:35 UTC 
+++ This bug was initially created as a clone of Bug #1019120 +++

Description of problem:

When using a web proxy:

$ fedpkg update
Creating a new update for  libguestfs-1.23.32-1.fc20 
Traceback (most recent call last):
  File "/usr/bin/bodhi", line 523, in <module>
    main()
  File "/usr/bin/bodhi", line 220, in main
    data = bodhi.save(**update_args)
  File "/usr/lib/python2.7/site-packages/fedora/client/bodhi.py", line 111, in save
    'bugs': bugs,
  File "/usr/lib/python2.7/site-packages/fedora/client/baseclient.py", line 344, in send_request
    auth_params=auth_params, retries=retries)
  File "/usr/lib/python2.7/site-packages/fedora/client/proxyclient.py", line 351, in send_request
    verify=not self.insecure,
  File "/usr/lib/python2.7/site-packages/requests/api.py", line 88, in post
    return request('post', url, data=data, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/api.py", line 44, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 335, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 438, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 331, in send
    raise SSLError(e)
requests.exceptions.SSLError: [Errno 185090050] _ssl.c:340: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
Could not generate update request: Command 'bodhi --new --release f20 --file bodhi.template libguestfs-1.23.32-1.fc20 --username rjones' returned non-zero exit status 1

However if I unset http_proxy, https_proxy & ftp_proxy variables
then the same bodhi update works fine.

Version-Release number of selected component (if applicable):

bodhi-client-0.9.5-2.fc19.noarch
fedpkg-1.14-1.fc19.noarch
python-requests-1.2.3-5.fc19.noarch

How reproducible:

100% (Happened to me at least 5 times, and I can reproduce it
easily)

Steps to Reproduce:
1. fedpkg update

Actual results:

Fails if an ordinary squid proxy is configured.

--- Additional comment from Toshio Ernie Kuratomi on 2013-10-17 17:12:27 EDT ---

Ralph, I thought we tested python-requests was able to work with proxies?  Do you remember anything that might tell us why this isn't working?

--- Additional comment from Ralph Bean on 2013-10-17 21:34:37 EDT ---

No, nothing comes to mind.  It might be something that shifted in a more recent python-requests release.  One of us will need to set up squid to do some debugging.

--- Additional comment from Richard W.M. Jones on 2013-11-25 08:30:20 EST ---

Also this bug breaks fedora-review.

--- Additional comment from Fedora End Of Life on 2015-01-09 15:15:27 EST ---

This message is a notice that Fedora 19 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 19. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained. Approximately 4 (four) weeks from now this bug will
be closed as EOL if it remains open with a Fedora 'version' of '19'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 19 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

--- Additional comment from Fedora End Of Life on 2015-02-17 12:41:11 EST ---

Fedora 19 changed to end-of-life (EOL) status on 2015-01-06. Fedora 19 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.
Comment 3 Mukul Malhotra 2016-03-03 10:35:56 UTC 
Hello,

Customer is using python 2.7.8 version. Can we provide any workaround to the customer to avoid the warning or error messages ?

Thanks
Mukul
Comment 6 Mukul Malhotra 2016-03-04 12:22:21 UTC 
Hello,

Thanks Prashanth for the test output.

Mukul
Comment 7 Mukul Malhotra 2016-03-17 15:46:05 UTC 
Hello,

Customer issue is resolved so closing the bz.

Thanks for the help.

Thanks
Mukul