709188 – yum error when yum.conf contains empty proxy_username option

Bug 709188 - yum error when yum.conf contains empty proxy_username option

Summary: yum error when yum.conf contains empty proxy_username option

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	yum
Sub Component:
Version:	14
Hardware:	Unspecified
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Seth Vidal
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-05-31 01:36 UTC by Sidney Markowitz
Modified:	2014-01-21 23:18 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-08-16 15:50:28 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Sidney Markowitz 2011-05-31 01:36:13 UTC

Description of problem:

When configuring /etc/yum.conf to use a web proxy that does not require user/password, entering proxy_username= with no username causes yum not to work. That works in RedHat EL5, but RedHat EL6.0 amd 6.1 have the same bug.

Version-Release number of selected component (if applicable):
Tested bad in RHEL6.1 x86_64 yum 3.2.29 17.el6
Fedora 14 x86_64 yum 3.2.28 6.fc14
RHEL6.0 x86_64 yum 3.2.27 14.el6_0.1

Tested good in CentOS 5.6 x86_64 yum 3.2.22 33.el5.centos
RHEL5.5 and RHEL5.6 x86_64 don't have yum versions available

How reproducible: Always

Steps to Reproduce: (all commands as root or using sudo)

1. Setup the test machine behind a firewall that prevents the test machine from accessing the outside Internet except through a squid http and ftp proxy server configured to not require user/password authentication. The test will go much faster if the firewall is configured to reject packets immediately instead of just blocking and making you wait for a timeout.

2. If the test machine is running RHEL6, set up a third party repo such as EPEL in /etc/yum.repos.d so there is something to test yum with. If you are testing Fedora you can use the Fedora repo that is already configured. However the URL used for the yum repo must be outside the firewall.

3. Run the commands "yum clean all" and then "yum update" to verify that the test machine cannot access the yum repository.

4. Add the line to /etc/yum.conf "proxy=http://PROXY.EXAMPLE.COM:PORT" where you use the correct host name and port for the squid web proxy server.

5. Verify that yum clean all ; yum update now works properly

6. Add the lines to /etc/yum.conf "proxy_username=foo" and "proxy_password="

7. Verify that yum clean all ; yum update still works. This shows that if squid doesn't require a username/password, it doesn't care if you send it a username anyway.

8. Now change the line in /etc/yum.conf from "proxy_username=foo" to "proxy_username="

9. Try the commands "yum clean all ; yum update" again

Actual results:

You get errors indicating that yum update cannot reach the mirror server or the repositories on the outside Internet

Expected results:

Yum update should work without error, going through the proxy server

Additional info:

Steps 6 and 7 show that squid doesn't care if it is sent a user/password if none is needed, so the problem is not that "proxy_username=" causes some bogus user name to be sent. I suspect that yum is putting together a URL such as http://user:passwd@proxy.example.com:3187 which ends up as an invalid URL such as http://:@proxy.example.com:3187 that confuses a parser in yum or in squid.

This behaviour is a regression because RedHat EL5 and CentOS 5 do not exhibit the problem. It is a problem because it is surprising behaviour that used to work.

Comment 1 James Antill 2011-06-01 15:01:38 UTC

From what I can see we've always screwed this up, in yum ... my guess is that the older urlgrabber in RHEL-5/etc. (which uses httplib/urilib) is fixing our mistake, and the newer urlgrabber in RHEL-6/etc. (which uses pycurl) is just passing the invalid URL on.

Comment 2 Fedora End Of Life 2012-08-16 15:50:31 UTC

This message is a notice that Fedora 14 is now at end of life. Fedora 
has stopped maintaining and issuing updates for Fedora 14. It is 
Fedora's policy to close all bug reports from releases that are no 
longer maintained.  At this time, all open bugs with a Fedora 'version'
of '14' have been closed as WONTFIX.

(Please note: Our normal process is to give advanced warning of this 
occurring, but we forgot to do that. A thousand apologies.)

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, feel free to reopen 
this bug and simply change the 'version' to a later Fedora version.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we were unable to fix it before Fedora 14 reached end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" (top right of this page) and open it against that 
version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Note You need to log in before you can comment on or make changes to this bug.