Bug 817599 - next call to thumbslug fails after receiving non-cert 200 data from candlepin
next call to thumbslug fails after receiving non-cert 200 data from candlepin
Status: CLOSED CURRENTRELEASE
Product: Subscription Asset Manager
Classification: Red Hat
Component: thumbslug (Show other bugs)
1.0.0
Unspecified Unspecified
unspecified Severity unspecified
: rc
: 1.X
Assigned To: Katello Bug Bin
SAM QE List
: Triaged
Depends On:
Blocks: sam12-tracker
  Show dependency treegraph
 
Reported: 2012-04-30 11:26 EDT by Chris Duryee
Modified: 2013-06-07 13:25 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-06-07 13:23:34 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chris Duryee 2012-04-30 11:26:48 EDT
Description of problem:

This bug only occurs when thumbslug is using an upstream proxy (for example, tinyproxy).

If thumbslug connects to candlepin but receives a 200 response without valid cert data, it will return a 502 to the client (correct), but the next call to thumbslug will time out. Subsequent calls will work after that.

We think that thumbslug is not tearing down the connection from itself to the upstream proxy, which causes the second attempt to fail. Once the second connection fails, everything is cleaned up and subsequent connections work fine.

I'm not sure how common this would be for a customer, since it would be extremely unusual that candlepin returns a 200 with invalid cert data. However, the bug is indicative of a possible resource leak (albeit one that gets cleaned up soon after the leak occurs), so it would be good to fix.


Version-Release number of selected component (if applicable): 0.23

How reproducible: every time


Steps to Reproduce:
1. configure thumbslug to use a proxy
2. execute 'returns a 502 on a non certificate response from candlepin' spec test
3. execute 'allows downloading content with a valid certificate' spec test
  
Actual results: step 3 gets a 502

Expected results: step 3 should get valid data back from the cdn
Comment 2 RHEL Product and Program Management 2012-04-30 11:34:32 EDT
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 3 RHEL Product and Program Management 2012-04-30 11:54:55 EDT
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 4 James Bowes 2012-11-26 13:22:18 EST
Fixed in thumbslug 0.0.27-1
Comment 6 sthirugn@redhat.com 2013-02-13 15:52:35 EST
Verified in SAM 1.2 compose for the newer version of thumbslug package as mentioned in Comment 4 above.

# rpm -qa | grep thumbslug
thumbslug-0.0.28-1.el6_3.noarch
thumbslug-selinux-0.0.28-1.el6_3.noarch

Also Adrian Likins tested it agains the qa proxy server and it worked fine.

SAM Version:
* candlepin-0.7.23-1.el6_3.noarch
* candlepin-cert-consumer-cloud-qe-9.idm.lab.bos.redhat.com-1.0-1.noarch
* candlepin-tomcat6-0.7.23-1.el6_3.noarch
* elasticsearch-0.19.9-5.el6_3.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.2.1-1h.el6_3.noarch
* katello-cli-1.2.1-12h.el6_3.noarch
* katello-cli-common-1.2.1-12h.el6_3.noarch
* katello-common-1.2.1-15h.el6_3.noarch
* katello-configure-1.2.3-3h.el6_3.noarch
* katello-glue-candlepin-1.2.1-15h.el6_3.noarch
* katello-headpin-1.2.1-15h.el6_3.noarch
* katello-headpin-all-1.2.1-15h.el6_3.noarch
* katello-selinux-1.2.1-2h.el6_3.noarch
* thumbslug-0.0.28-1.el6_3.noarch
* thumbslug-selinux-0.0.28-1.el6_3.noarch
Comment 7 Bryan Kearney 2013-06-07 13:23:34 EDT
Closing out verified bugs from 1.2. Somehow the errata tool missed them.
Comment 8 Bryan Kearney 2013-06-07 13:25:22 EDT
Closing out verified bugs from 1.2. Somehow the errata tool missed them.

Note You need to log in before you can comment on or make changes to this bug.