Bug 649274 - Infinite recursion in urllib2 on basicauth failure
Infinite recursion in urllib2 on basicauth failure
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: python (Show other bugs)
6.3
Unspecified Linux
low Severity medium
: rc
: ---
Assigned To: Dave Malcolm
Petr Šplíchal
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-11-03 08:29 EDT by Murilo Opsfelder Araujo
Modified: 2016-05-31 21:47 EDT (History)
2 users (show)

See Also:
Fixed In Version: python-2.6.6-1.el6.x86_64
Doc Type: Bug Fix
Doc Text:
Using an invalid username or password while attempting to authenticate against HTTPS via the urllib2 module resulted in infinite recursion. This behavior has been patched, and urllib2 now attempts authentication a maximum of five times before authentication is considered failed.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-05-19 07:37:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Murilo Opsfelder Araujo 2010-11-03 08:29:15 EDT
Description of problem:
When you try to authenticate against an HTTPS using urllib2 python module it dies in a loop.

Version-Release number of selected component (if applicable):
# rpm -qa python
python-2.6.5-3.el6.x86_64

How reproducible:
Always.

Steps to Reproduce:
1. Create a python code that calls urllib2.urlopen with an invalid username and password
2.
3.
  
Actual results:
File "/usr/lib64/python2.6/socket.py", line 504, in create_connection
    sock = socket(af, socktype, proto)
RuntimeError: maximum recursion depth exceeded while calling a Python object

Expected results:
It should raise an error or die.

Additional info:
This has been fixed by upstream:
http://bugs.python.org/issue8797
Comment 2 Dave Malcolm 2011-01-26 18:22:24 EST
Reproducible with vanilla 2.6.5 stdlib
Reproducible with python-2.6.5-3.el6.x86_64
Works OK for me with python-2.6.6-1.el6.x86_64
Works OK for me with python-2.6.6-9.el6.x86_64
Comment 4 Dave Malcolm 2011-01-26 18:26:44 EST
Looks like
  http://svn.python.org/view?view=rev&revision=81637
is the relevant change here; this is in 2.6.6, which was r84293.

See also bug 669847.
Comment 7 Laura Bailey 2011-05-09 21:09:07 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Using an invalid username or password while attempting to authenticate against HTTPS via the urllib2 module resulted in infinite recursion. This behavior has been patched, and urllib2 now attempts authentication a maximum of five times before authentication is considered failed.
Comment 8 errata-xmlrpc 2011-05-19 07:37:08 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0554.html
Comment 9 errata-xmlrpc 2011-05-19 09:07:45 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0554.html

Note You need to log in before you can comment on or make changes to this bug.