| Summary: | Performance issue with handling bogus certs. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Community] Candlepin | Reporter: | J.C. Molet <jmolet> | ||||
| Component: | candlepin | Assignee: | Bryan Kearney <bkearney> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | J.C. Molet <jmolet> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 0.5 | CC: | alikins, awood, spandey | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-05-29 19:04:43 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Bug Depends On: | |||||||
| Bug Blocks: | 715031 | ||||||
| Attachments: |
|
||||||
The number of product certs installed also seems to multiply the amount of these warnings, so it's doing something for every product cert. Since RHEL 6.1 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. This appears to have been fixed as of 0.98.8. Trying to reproduce this bug. A lot of things have changed about rhsm and the testdata since this was filed. Trying to directly use a bogus entitlement cert gives me this:
2011-12-16 11:46:05,606 [DEBUG] @managerlib.py:462 - 1 already subscribed
2011-12-16 11:46:05,609 [ERROR] @certdirectory.py:183 - Reason(s):
- Serial number must be > 0
- Invalid common name: None
- No order infomation
Traceback (most recent call last):
File "/usr/share/rhsm/subscription_manager/certdirectory.py", line 180, in append
raise Exception('\n - '.join(bogus))
Exception: Reason(s):
- Serial number must be > 0
- Invalid common name: None
- No order infomation
2011-12-16 11:46:05,609 [ERROR] @certdirectory.py:187 - File: /etc/pki/entitlement/5422343147936706310.pem, not loaded
Reason(s):
- Serial number must be > 0
- Invalid common name: None
- No order infomation
Which removes it from consideration and rhsm doesn't care about that cert anymore. This prevents the bug.
I have also tried to edit the product certs and get the same behavior.
Due to the fact that rhsm handles bogus certificates differently now and that I cannot reproduce this bug, I'm marking it VERIFIED.
subscription-manager-gnome-0.98.8-1.git.10.9010475.el5_7
subscription-manager-0.98.8-1.git.10.9010475.el5_7
python-rhsm-0.99.1-1.git.1.20cbd9e.el5_7
|
Created attachment 488836 [details] bug log and cert Description of problem: Certs are updated every time a subscribe and unsubscribe occurs. It looks like if the updater encounters a bogus cert, it passes a warning... but then loops on that warning several hundred times. This tends to lock up the gui, and fills the syslog. Version-Release number of selected component (if applicable): python-rhsm-0.95.5-1.git.0.0bfdb97.el6.noarch subscription-manager-firstboot-0.95.5-1.git.32.1094e13.el6.x86_64 subscription-manager-gnome-0.95.5-1.git.32.1094e13.el6.x86_64 subscription-manager-0.95.5-1.git.32.1094e13.el6.x86_64 How reproducible: always. Steps to Reproduce: 1. Install rhsm-gui and register to a standalone candlepin with the testdata populated. 2. Copy over all product certs from the candlepin server to your client to simulate having a lot of products. 3. Search for and subscribe/unsubscribe from the "Management Add-On" Actual results: See attachment for an example entitlement cert that does this and the log. Basically It spews the logger with: 2011-03-30 12:41:29,835 [WARNING] bogus() @certificate.py:306 - No product information in certificate: 3083863656148949610 many times over and over which causes parts of the gui to hang. Expected results: I'm not sure that this cert is even an actual bogus cert, but even if it is, it should only warn about it once. Additional info: