Bug 1014092 - hwcert-backend submit fails when behind a proxy
hwcert-backend submit fails when behind a proxy
Status: NEW
Product: Red Hat Hardware Certification Program
Classification: Red Hat
Component: Test Suite (harness) (Show other bugs)
All Linux
high Severity urgent
: ---
: ---
Assigned To: Greg Nichols
Red Hat Kernel QE team
Depends On:
Blocks: 1052387
  Show dependency treegraph
Reported: 2013-10-01 08:05 EDT by Rainer Koenig
Modified: 2018-03-22 16:41 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 505763 None None None Never

  None (edit)
Description Rainer Koenig 2013-10-01 08:05:01 EDT
Description of problem:
After running some tests I wanted to submit the results with `hwcert-backend submit` but I only get a Error[111] "Connection refused"

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install RHEL, hwcert 
2. Set the environment variables for the proxies. In my case its:
export http_proxy=""
export https_proxy=""

3. run some tests and then do a `hwcert-backend submit`

Actual results:
The submit tasks asks first time if it should create a new cert or add to an existing. Then it asks for User-ID and password. After everything is entered, then you get the message "Could not submit results" because connection is refused.

Expected results:
Submit works.

Additional info:
I did an 'strace hwcert-backend submit` and the last lines show, that instead of honoring the proxy settings the process wants to establish a direct connection to (which is hardware.redhat.com). 

connect(3, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("")}, 16) = 0
poll([{fd=3, events=POLLOUT}], 1, 0)    = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "\370\216\1\0\0\1\0\0\0\0\0\0\10hardware\6redhat\3com"..., 37, MSG_NOSIGNAL, NULL, 0) = 37
poll([{fd=3, events=POLLIN|POLLOUT}], 1, 5000) = 1 ([{fd=3, revents=POLLOUT}])
sendto(3, "t\356\1\0\0\1\0\0\0\0\0\0\10hardware\6redhat\3com"..., 37, MSG_NOSIGNAL, NULL, 0) = 37
poll([{fd=3, events=POLLIN}], 1, 4999)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [81])                = 0
recvfrom(3, "t\356\201\200\0\1\0\0\0\1\0\0\10hardware\6redhat\3com"..., 2048, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("")}, [16]) = 81
poll([{fd=3, events=POLLIN}], 1, 4999)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [504])               = 0
recvfrom(3, "\370\216\201\200\0\1\0\1\0\r\0\f\10hardware\6redhat\3com"..., 1967, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("")}, [16]) = 504
close(3)                                = 0
connect(3, {sa_family=AF_INET, sin_port=htons(443), sin_addr=inet_addr("")}, 16) = -1 ECONNREFUSED (Connection refused)
close(3)                                = 0
write(1, "Error: could not submit certific"..., 47Error: could not submit certification results:
) = 47
write(1, "[Errno 111] Connection refused\n", 31[Errno 111] Connection refused
) = 31
unlink("/var/lock/subsys/hwcert")       = 0
rt_sigaction(SIGINT, {SIG_DFL, [], SA_RESTORER, 0x382420f500}, {0x3831703400, [], SA_RESTORER, 0x382420f500}, 8) = 0
exit_group(0)                           = ?

Note: If the https_proxy is not set correctly you won't even be able to enter the User-ID. So I assume that the proxy settings are right, but it looks like that the central submit function doesn't care about proxy settings.

Comment 1 Christian Horn 2013-10-01 09:54:17 EDT
- Do you encounter the issue when no_proxy is used?
- Crosscheck of the variables with wget or curl: Does fetching a https page work?
- What are the exact versions of the hwcert packages you use there? Is the RHEL a 6.4GA ?
Comment 3 Christian Horn 2013-10-07 04:09:43 EDT
(In reply to Christian Horn from comment #1)
> - Crosscheck of the variables with wget or curl: Does fetching a https page
> work?
Rainer reports that this works.
The hwcert packages just seem to block "at some later state".

Any ideas to further debug this?  Do we have a testscenario which tests the proxy functionality?
Comment 4 Christian Horn 2013-10-07 07:47:26 EDT
I reproduced this here with 2 systems,
- one running squid default config
- the other one running hwcert-backend submit.

After setting {http|https|ftp}_proxy variables:
- 'hwcert-backend submit' here uses the proxy initially
- but then tries to lookup partner-hwcert.redhat.com via DNS from the system, instead of using the proxy
Comment 11 Christian Horn 2014-02-03 11:14:20 EST
Same behavior on RHEL7 with latest client. On a system which has proxy access, verified with "elinks -dump ...":

Would you like to submit the results to the hardware catalog? (y|n) y
response: y
What certification is this system being tested for? (new|existing|none) new
response: new
Error: could not open a new certification:
[Errno -2] Name or service not known
Saving current results to:
Traceback (most recent call last):
  File "/usr/bin/hwcert", line 31, in <module>
    if not hwcert.run():
  File "/usr/share/hwcert/lib/hwcert/hardwarecertification.py", line 87, in run
    if not self.certify():
  File "/usr/share/hwcert/lib/hwcert/hardwarecertification.py", line 116, in certify
    if not self.doPlan():
  File "/usr/share/hwcert/lib/hwcert/harness.py", line 149, in doPlan
  File "/usr/share/hwcert/lib/hwcert/planner.py", line 88, in analyse
    test = testClass()
  File "/usr/share/hwcert/tests/cpuscaling/cpuscaling.py", line 77, in __init__
    self.cpuPower = CPUPower()
  File "/usr/share/hwcert/tests/cpuscaling/cpupower.py", line 38, in __init__
  File "/usr/share/hwcert/tests/cpuscaling/cpupower.py", line 124, in __getSupportInformation
    if maxFreq and not self.maximumFrequency:
UnboundLocalError: local variable 'maxFreq' referenced before assignment
[root@rhel7a ~]# rpm -qa|grep hwcert

Note You need to log in before you can comment on or make changes to this bug.