1423004 – yum-rhn-plugin sending malformed request header

Bug 1423004 - yum-rhn-plugin sending malformed request header

Summary: yum-rhn-plugin sending malformed request header

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	yum-rhn-plugin
Sub Component:
Version:	5.11
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Tomáš Kašpárek
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:	1423003 1423007
Blocks:
TreeView+	depends on / blocked

Reported:	2017-02-16 20:24 UTC by Grant Gainey
Modified:	2017-02-17 19:10 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1423003
Environment:
Last Closed:	2017-02-17 16:18:19 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1422518	1	None	None	None	2021-01-20 06:05:38 UTC

Internal Links: 1422518

Description Grant Gainey 2017-02-16 20:24:01 UTC

+++ This bug was initially created as a clone of Bug #1423003 +++

Description of problem:

The yum-rhn-plugin sends http-headers that are separated by only a newline, when the spec requires CRLF.

In the presence of an httpd which enforces the spec, this results in any attempt to update/install content returning

error was [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 400 Bad Request"

Version-Release number of selected component (if applicable):

The bug was introduced in yum-rhn-plugin-0.8.4-1. The problem was harmless until uncovered by fixes for httpd that tightened whitespace processing.

How reproducible:

See https://bugzilla.redhat.com/show_bug.cgi?id=1422518 for gory details. The net is, 'yum update a system that is talking to a satellite-5 whose httpd is at 2.2.15-60 or higher'.

Actual results:

error was [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 400 Bad Request"

Expected results:

successful install/update of packages.

Additional info:

This BZ is for getting the client-side fix in place for RHEL5, BZ#1422518 is for getting a workaround in place on the Satellite5 backend.

--- Additional comment from Grant Gainey on 2017-02-16 15:18:50 EST ---

We need to fix this in active z-streams as well

Comment 1 Grant Gainey 2017-02-16 20:25:09 UTC

As for RHEL6, this needs to get into active zstreams as well

Comment 2 Grant Gainey 2017-02-16 20:37:43 UTC

Proposed solution:

https://github.com/spacewalkproject/spacewalk/pull/506

Comment 3 Ales Dujicek 2017-02-17 14:13:02 UTC

RHEL5 is not affected by this issue, yum-rhn-plugin does not include that part of code

# rpm -q yum-rhn-plugin
yum-rhn-plugin-0.5.4.1-7.el5

# grep curl /usr/lib/yum-plugins/rhnplugin.py || echo no-curl
no-curl

I registered RHEL 5 to Satellite 5.8 Beta and it succesfully downloaded repodata of spacewalk-tools (rhel-x86_64-server-5 was empty)

# yum repolist
Loaded plugins: product-id, rhnplugin, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
repo id               repo name                                           status
rhel-x86_64-server-5  Red Hat Enterprise Linux (v. 5 for 64-bit x86_64)    0
spacewalk-tools       spacewalk-tools                                     24


Satellite package versions
# rpm -q httpd
httpd-2.2.15-60.el6.x86_64

Comment 4 Tomas Lestach 2017-02-17 16:18:19 UTC

Thank you, Ales!
Based on Comment 3 I'm closing this BZ NOTABUG.

Note You need to log in before you can comment on or make changes to this bug.