Bug 132061

Summary: Yum 2.1.x fails thru firewall
Product: [Fedora] Fedora Reporter: david avery <david.avery>
Component: yumAssignee: Jeremy Katz <katzj>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: katzj, mstenner
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-06-20 20:10:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
ethereal capture none

Description david avery 2004-09-08 13:53:40 UTC
Description of problem:
yum vers 2.1.x fails when used thru http 1.0 authenticating proxy/firewall

Version-Release number of selected component (if applicable):
2,1,x

How reproducible:
always
 
Steps to Reproduce:
1. set http-proxy env var to an  http1.0 authenticating proxy
2. yum list updates
3.
  
Actual results:
transaction fails with HTTP 400 error

Expected results:
transaction succeeds

Additional info:

Comment 1 david avery 2004-09-08 14:01:42 UTC
Created attachment 103583 [details]
ethereal capture

Comment 2 Bill Nottingham 2004-09-08 19:44:51 UTC
Did yum 1.x work?

Comment 3 david avery 2004-09-08 20:34:50 UTC
yes yum 2.0.7-3 works fine

Comment 4 Michael Stenner 2004-09-08 21:51:59 UTC
gah.  Perhaps someone can help me interpret this capture.  Here's what
I see:

  295  -->  syn
  296  <--  syn/ack
  297  -->  ack
  298  -->  GET repomd.xml
  299  <--  HTTP/1.0 200 OK - and start of data
  300  <--  rest of data
  301  -->  ack of 299
  302  -->  ack of 300
  303  <--  HTTP/1.0 400 Bad Request
  304  -->  ack of 303
  305  <--  ack/fin
  309  -->  ack of 305
  315  -->  GET primary.xml
  316  <--  rst
  317  -->  ack/rst

So, it's looking to me like the error is for the second file, and that
the error is coming before the request is made.  Is that correct?  I'm
not sure I'm reading this properly.
  

Comment 5 Seth Vidal 2004-09-08 21:54:08 UTC
ummm
the file will definitely not be primary.xml

it should be primary.xml.gz

if it is primary.xml then maybe the server is being 'cute' with .gz files.



Comment 6 Michael Stenner 2004-09-08 21:56:45 UTC
It is indeed primary.xml.gz.  I was just being quick and sloppy. 
Sorry for the confusion.

Comment 7 david avery 2004-09-08 22:15:23 UTC
i wonder if it's s HTTP1.0 proxy being sent HTTP1.1 problem ?


Comment 8 david avery 2004-09-09 01:27:42 UTC
this is thru a Sidewinder 5.2 firewall
(http://www.securecomputing.com/) which uses a modified apache proxy

Comment 9 david avery 2004-09-09 02:03:27 UTC
as noted on the fedora-devel list, location is browsable via IE or mozilla