Bug 751292

Summary: Bug in rhnplugin.conf RHEL 6.2
Product: Red Hat Enterprise Linux 6 Reporter: Miroslav Suchý <msuchy>
Component: rhn-client-toolsAssignee: Miroslav Suchý <msuchy>
Status: CLOSED ERRATA QA Contact: Jiří Mikulka <jmikulka>
Severity: medium Docs Contact:
Priority: low    
Version: 6.2CC: chinchek, jhutar, jmikulka, jpazdziora, mminar, msuchy
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: rhn-client-tools-1.0.0-79.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 595837 Environment:
Last Closed: 2012-06-20 11:59:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 595837, 751294    
Bug Blocks:    

Description Miroslav Suchý 2011-11-04 08:42:35 UTC
+++ This bug was initially created as a clone of Bug #595837 +++

Description of problem:

When /etc/yum/pluginconf.d/rhnplugin.conf is set to:

enabled = 1
gpgcheck = 1

yum fails with the following:

]$ yum repolist
Loaded plugins: rhnplugin, security
Traceback (most recent call last):
  File "/usr/bin/yum", line 29, in ?
    yummain.user_main(sys.argv[1:], exit_code=True)
  File "/usr/share/yum-cli/yummain.py", line 309, in user_main
    errcode = main(args)
  File "/usr/share/yum-cli/yummain.py", line 157, in main
  File "/usr/share/yum-cli/cli.py", line 187, in getOptionsConfig
  File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 664, in <lambda>
    conf = property(fget=lambda self: self._getConfig(),
  File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 253, in _getConfig
  File "/usr/lib/python2.4/site-packages/yum/plugins.py", line 179, in run
    func(conduitcls(self, self.base, conf, **kwargs))
  File "/usr/lib/yum-plugins/rhnplugin.py", line 111, in init_hook
    login_info = up2dateAuth.getLoginInfo()
  File "/usr/share/rhn/up2date_client/up2dateAuth.py", line 217, in getLoginInfo
  File "/usr/share/rhn/up2date_client/up2dateAuth.py", line 184, in login
    li = server.up2date.login(systemId)
  File "/usr/share/rhn/up2date_client/rhnserver.py", line 50, in __call__
    return rpcServer.doCall(method, *args, **kwargs)
  File "/usr/share/rhn/up2date_client/rpcServer.py", line 202, in doCall
    ret = method(*args, **kwargs)
  File "/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__
    return self.__send(self.__name, args)
  File "/usr/share/rhn/up2date_client/rpcServer.py", line 38, in _request1
    ret = self._request(methodname, params)
  File "/usr/lib/python2.4/site-packages/rhn/rpclib.py", line 354, in _request
    self._handler, request, verbose=self._verbose)
  File "/usr/lib/python2.4/site-packages/rhn/transports.py", line 171, in request
    headers, fd = req.send_http(host, handler)
  File "/usr/lib/python2.4/site-packages/rhn/transports.py", line 704, in send_http
  File "/usr/lib64/python2.4/httplib.py", line 810, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib64/python2.4/httplib.py", line 833, in _send_request
  File "/usr/lib64/python2.4/httplib.py", line 804, in endheaders
  File "/usr/lib64/python2.4/httplib.py", line 685, in _send_output
  File "/usr/lib64/python2.4/httplib.py", line 664, in send
  File "/usr/lib/python2.4/site-packages/rhn/SSL.py", line 217, in write
    sent = self._connection.send(data)
OpenSSL.SSL.SysCallError: (104, 'Connection reset by peer')

Version-Release number of selected component (if applicable):

If rhnplugin.conf is disabled, yum works properly:

enabled = 0
gpgcheck = 1

How reproducible:
This is the case with RHEL 5.5 desktop and RHEL 5.5 server. 

Steps to Reproduce:
Actual results:

Expected results:

Additional info:

--- Additional comment from msuchy@redhat.com on 2010-05-26 04:46:19 EDT ---

Do you have properly set up sslCACert and serverURL in:
I assume you have set one of those incorectly. But yes, we can write some nice error message rather then this ugly traceback

Seee bug 595837 for fix.

Comment 2 Jan Pazdziora 2011-11-24 11:00:30 UTC
We would really need some steps to reproduce in deterministic fashion.

On my RHEL 6.2 (to be), with

# rpm -q rhn-client-tools

I get

# yum repolist
Loaded plugins: rhnplugin
There was an error communicating with RHN.
RHN channel support will be disabled.
Error communicating with server. The message was:
Unable to connect to the host and port specified
repolist: 0

when I hack my /etc/hosts to have the serverUrl to point to system which does not listen on 443 at all (localhost httpd without mod_ssl installed), and I get

# yum repolist
Loaded plugins: rhnplugin

The SSL certificate failed verification.

when I change it to point to machine which runs SSL but has completely different certificate (like www.google.com).

Is the issue still present on RHEL 6.2, and if so, what is the way to reproduce it?

Comment 3 Miroslav Suchý 2011-11-24 15:04:59 UTC
I could not offer you Jan good reproducer. This error popup randomly as network error appeared during random part of code.
Probably best reproducer would be to set up on server firewall, which will cut off the client and start this firewall during package download.

Comment 4 Miroslav Suchý 2011-11-24 15:07:55 UTC
*** Bug 732763 has been marked as a duplicate of this bug. ***

Comment 6 Miroslav Suchý 2012-01-05 13:24:57 UTC
cherry picked to satellite.git as:
* 5019731 751292 - fix syntax error
* 39f4e16 751292 - add missing import 
* 8ea5af5 751292 - all up2date bugs now inherit from YumBaseError so yum/pup can catch them
* b9fc03c 751292 - properly handle two exceptions
* 96a770b 751292 - write nice error in case of "connection reset by peer" and xmlrpc protocol error

Comment 9 Miroslav Suchý 2012-02-13 13:09:29 UTC
added missing import in commit d7cd86bc72b7f46293fbd15b222d19a8d7fcc371

you can get more verbose output if you do 
raise SSL.SysCallError('foo bar')

Comment 13 errata-xmlrpc 2012-06-20 11:59:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.