Bug 1382311

Summary: ISE: rhnpush with connection by https on Fedoras
Product: [Community] Spacewalk Reporter: Pavel Studeník <pstudeni>
Component: ServerAssignee: Tomáš Kašpárek <tkasparek>
Status: CLOSED EOL QA Contact: Red Hat Satellite QA List <satqe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.5CC: eherget, jdobes, jhutar, mmraka, tlestach
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-06 13:49:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1310034    

Description Pavel Studeník 2016-10-06 10:32:16 UTC 
Description of problem:
When I try to push package to spacewalk and I have set connection by https, sometimes I received Internal Server Error. It looks that problem causes combination mod_ssl and python*-cryptography

"This error is commonly encountered when another library is not cleaning up the OpenSSL error stack. If you are using cryptography with another library that uses OpenSSL try disabling it before reporting a bug."

Version-Release number of selected component (if applicable):
python2-cryptography-1.3.1-1.fc24.x86_64
python3-cryptography-1.3.1-1.fc24.x86_64
rhnpush-5.5.100-1.fc24.noarch
mod_ssl-2.4.23-4.fc24.x86_64

How reproducible:
irregularly only on Fedora 24

Steps to Reproduce:
1. restart httpd (mod_ssl)
2. rhnpush  -c ... -u .. -p ..

Actual results:
Internal Server Error


Expected results:
Without ISE

Additional info:
>> tail -f /var/log/httpd/error_log
[Thu Oct 06 10:22:25.135046 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib/python2.7/site-packages/rhn/SSL.py", line 26, in <module>
[Thu Oct 06 10:22:25.135162 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     from OpenSSL import SSL
[Thu Oct 06 10:22:25.135180 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib/python2.7/site-packages/OpenSSL/__init__.py", line 8, in <module>
[Thu Oct 06 10:22:25.135229 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     from OpenSSL import rand, crypto, SSL
[Thu Oct 06 10:22:25.135245 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib/python2.7/site-packages/OpenSSL/rand.py", line 12, in <module>
[Thu Oct 06 10:22:25.135335 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     from OpenSSL._util import (
[Thu Oct 06 10:22:25.135352 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib/python2.7/site-packages/OpenSSL/_util.py", line 6, in <module>
[Thu Oct 06 10:22:25.135428 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     from cryptography.hazmat.bindings.openssl.binding import Binding
[Thu Oct 06 10:22:25.135445 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 225, in <module>
[Thu Oct 06 10:22:25.135546 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     Binding.init_static_locks()
[Thu Oct 06 10:22:25.135564 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 181, in init_static_locks
[Thu Oct 06 10:22:25.135587 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     cls._ensure_ffi_initialized()
[Thu Oct 06 10:22:25.135601 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 176, in _ensure_ffi_initialized
[Thu Oct 06 10:22:25.135621 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     cls._register_osrandom_engine()
[Thu Oct 06 10:22:25.135634 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 141, in _register_osrandom_engine
[Thu Oct 06 10:22:25.135654 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     _openssl_assert(cls.lib, cls.lib.ERR_peek_error() == 0)
[Thu Oct 06 10:22:25.135667 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 63, in _openssl_assert
[Thu Oct 06 10:22:25.135689 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634]     errors_with_text
[Thu Oct 06 10:22:25.135711 2016] [wsgi:error] [pid 22804] [client 10.34.34.235:57634] InternalError: Unknown OpenSSL error. This error is commonly encountered when another library is not cleaning up the OpenSSL error stack. If you are using cryptography with another library that uses OpenSSL try disabling it before reporting a bug. Otherwise please file an issue at https://github.com/pyca/cryptography/issues with information on how to reproduce this. ([_OpenSSLErrorWithText(code=151441516L, lib=9, func=109, reason=108, reason_text='error:0906D06C:PEM routines:PEM_read_bio:no start line'), _OpenSSLErrorWithText(code=151441516L, lib=9, func=109, reason=108, reason_text='error:0906D06C:PEM routines:PEM_read_bio:no start line')])
Comment 1 Gennadii Altukhov 2016-11-08 12:46:45 UTC 
Cannot reproduce this bug. I'm using Spacewalk on Fedora 24 and SSL is on. rhnpush via https as well.
Comment 2 Ondrej Gajdusek 2017-06-20 09:55:51 UTC 
I can't reproduce this bug. I'm using fresh-installed Spacewalk on Fedora 24.
Steps I did:
dnf -y install mod_ssl openssl
systemctl restart httpd
# as described here: https://docs.fedoraproject.org/en-US/Fedora/14/html/Deployment_Guide/s2-apache-mod_ssl-enabling.html
rhnpush -c fedora24-x86_64 -u *** -p *** --server=https://ibm-x3650m4-03-vm05.lab.eng.brq.redhat.com/APP redhat-rpm-config-42-2.fc24.noarch.rpm


rpm -q python3-cryptography python2-cryptography rhnpush mod_ssl
python3-cryptography-1.5.3-3.fc24.x86_64
python2-cryptography-1.5.3-3.fc24.x86_64
rhnpush-5.5.105-1.fc24.noarch
mod_ssl-2.4.25-1.fc24.x86_64
Comment 4 Eric Herget 2017-07-20 12:51:16 UTC 
Closing this bug because we were not able to reproduce in later version of Spacewalk.  Believe this has been fixed.
Comment 5 Pavel Studeník 2017-07-24 13:28:28 UTC 
I still can see following errors in logs on Fedora 24/25

python2-cryptography-1.5.3-3.fc24.x86_64
python2-cryptography-1.5.3-3.fc25.x86_64

>> tail /var/log/httpd/error_log
[Sun ...] [wsgi:error] [pid 12170] [client ]     Binding.init_static_locks()
[Sun ...] [wsgi:error] [pid 12170] [client ]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 180, in init_static_locks
[Sun ...] [wsgi:error] [pid 12170] [client ]     cls._ensure_ffi_initialized()
[Sun ...] [wsgi:error] [pid 12170] [client ]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 175, in _ensure_ffi_initialized
[Sun ...] [wsgi:error] [pid 12170] [client ]     cls._register_osrandom_engine()
[Sun ...] [wsgi:error] [pid 12170] [client ]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 140, in _register_osrandom_engine
[Sun ...] [wsgi:error] [pid 12170] [client ]     _openssl_assert(cls.lib, cls.lib.ERR_peek_error() == 0)
[Sun ...] [wsgi:error] [pid 12170] [client ]   File "/usr/lib64/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 62, in _openssl_assert
[Sun ...] [wsgi:error] [pid 12170] [client ]     errors_with_text
[Sun ...] [wsgi:error] [pid 12170] [client ] InternalError: Unknown OpenSSL error. This error is commonly encountered when another library is not cleaning up the OpenSSL error stack. If you are using cryptography with another library that uses OpenSSL try disabling it before reporting a bug. Otherwise please file an issue at https://github.com/pyca/cryptography/issues with information on how to reproduce this. ([_OpenSSLErrorWithText(code=151441516L, lib=9, func=109, reason=108, reason_text='error:0906D06C:PEM routines:PEM_read_bio:no start line'), _OpenSSLErrorWithText(code=151441516L, lib=9, func=109, reason=108, reason_text='error:0906D06C:PEM routines:PEM_read_bio:no start line')])
[Sun Jul 23 17:04:06.307375 2017] [mpm_prefork:notice] [pid 21598] AH00170: caught SIGWINCH, shutting down gracefully
Comment 6 Tomas Lestach 2017-07-24 13:35:04 UTC 
Pavel, two guys said they cannot reproduce the bug. I'd expect to see more detailed reproducer steps if reopened.
Comment 8 Pavel Studeník 2017-07-26 11:53:20 UTC 
*** Bug 1346293 has been marked as a duplicate of this bug. ***
Comment 9 Pavel Studeník 2017-07-26 13:12:22 UTC 
Sometimes I received this traceback during uploading package

Package ...
Using POST request
Waiting 3 seconds and trying again...
Giving up after 3 attempts
Exception ignored in: <function WeakValueDictionary.__init__.<locals>.remove at 0x7f01f04ae510>
Traceback (most recent call last):
  File "/usr/lib64/python3.5/weakref.py", line 117, in remove
TypeError: 'NoneType' object is not callable
Comment 13 Michael Mráka 2020-03-06 13:49:20 UTC 
Spacewalk 2.8 (and older) has already reached it's End Of Life.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before end of life. If you would still like
to see this bug fixed and are able to reproduce it against current version
of Spacewalk 2.9, you are encouraged change the 'version' and re-open it.