Bug 949008

Summary: The ISO importer set the SSL_VERIFY_HOST value to 1, when it should be 2
Product: [Retired] Pulp Reporter: Randy Barlow <rbarlow>
Component: rpm-supportAssignee: Randy Barlow <rbarlow>
Status: CLOSED CURRENTRELEASE QA Contact: Preethi Thomas <pthomas>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.1 Beta   
Target Milestone: ---   
Target Release: 2.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-09 06:55:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Randy Barlow 2013-04-05 15:58:32 UTC 
The docblock for the pycurl downloader wasn't terribly specific about what value this should be set to. It actually only mentioned setting it to 0 as being a way to disable and that it was an int.

The libcurl documentation says that setting it to 1 will cause an error condition, and that the correct value to set it to if you want verification is 2. This took me a long time to discover, sadly.

See http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTSSLVERIFYHOST for the source of lots of rbarlow rage.
Comment 2 Randy Barlow 2013-04-06 19:44:32 UTC 
This is fixed in https://github.com/pulp/pulp_rpm/pull/173
Comment 3 Randy Barlow 2013-04-08 20:08:26 UTC 
Merged.
Comment 4 Randy Barlow 2014-03-18 16:04:40 UTC 
This was fixed in a prior release of Pulp, but we never put it through the QE process. Moving to ON_QA.
Comment 5 Preethi Thomas 2014-04-11 15:03:59 UTC 
verified

[root@hp-dl380pgen8-02-vm-1 ~]# rpm -qa pulp-server
pulp-server-2.4.0-0.8.beta.el6.noarch
[root@hp-dl380pgen8-02-vm-1 ~]# 

[root@hp-dl380pgen8-02-vm-1 ~]# pulp-admin iso repo create --repo-id cdn-iso --feed=https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/iso --feed-ca-cert CDN/cdn.redhat.com-chain.crt --feed-cert CDN/1391032266_4771.crt  --feed-key CDN/1391032266_4771.key 
Successfully created repository [cdn-iso]

[root@hp-dl380pgen8-02-vm-1 ~]# 
[root@hp-dl380pgen8-02-vm-1 ~]# 
[root@hp-dl380pgen8-02-vm-1 ~]# pulp-admin iso repo sync run --repo-id cdn-iso
+----------------------------------------------------------------------+
                   Synchronizing Repository [cdn-iso]
+----------------------------------------------------------------------+

This command may be exited via ctrl+c without affecting the request.


The Pulp Manifest was downloaded successfully.

Downloading 3 ISOs...
[==================================================] 100%
ISOs: 3/3	Data: 10.7 GB/10.7 GB	Avg: 2.7 MB/s


Successfully downloaded 3 ISOs.


Task Succeeded



The repository was successfully published.


Task Succeeded


[root@hp-dl380pgen8-02-vm-1 ~]#
Comment 6 Randy Barlow 2014-08-09 06:55:28 UTC 
This has been fixed in Pulp 2.4.0-1.