Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 817599

Summary: next call to thumbslug fails after receiving non-cert 200 data from candlepin
Product: [Retired] Subscription Asset Manager Reporter: Chris Duryee <cduryee>
Component: thumbslugAssignee: Katello Bug Bin <katello-bugs>
Status: CLOSED CURRENTRELEASE QA Contact: SAM QE List <sam-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.0.0CC: alikins, esammons, sthirugn, tomckay
Target Milestone: rcKeywords: Triaged
Target Release: 1.X   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-06-07 17:23:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 816564    

Description Chris Duryee 2012-04-30 15:26:48 UTC 
Description of problem:

This bug only occurs when thumbslug is using an upstream proxy (for example, tinyproxy).

If thumbslug connects to candlepin but receives a 200 response without valid cert data, it will return a 502 to the client (correct), but the next call to thumbslug will time out. Subsequent calls will work after that.

We think that thumbslug is not tearing down the connection from itself to the upstream proxy, which causes the second attempt to fail. Once the second connection fails, everything is cleaned up and subsequent connections work fine.

I'm not sure how common this would be for a customer, since it would be extremely unusual that candlepin returns a 200 with invalid cert data. However, the bug is indicative of a possible resource leak (albeit one that gets cleaned up soon after the leak occurs), so it would be good to fix.


Version-Release number of selected component (if applicable): 0.23

How reproducible: every time


Steps to Reproduce:
1. configure thumbslug to use a proxy
2. execute 'returns a 502 on a non certificate response from candlepin' spec test
3. execute 'allows downloading content with a valid certificate' spec test
  
Actual results: step 3 gets a 502

Expected results: step 3 should get valid data back from the cdn
Comment 2 RHEL Program Management 2012-04-30 15:34:32 UTC 
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 3 RHEL Program Management 2012-04-30 15:54:55 UTC 
Thank you for your bug report. This issue was evaluated for inclusion
in the current release of Subscription Asset Manager (SAM). Unfortunately,
we are unable to address this request. Because we are in the final stages
of development in the current release, only significant, release-blocking
issues involving serious regressions and data corruption can be considered.

If you believe this issue meets the release blocking criteria as defined and
communicated to you by your Red Hat Support representative, please ask
your representative to file this issue as a blocker for the current release.
Otherwise, ask that it be evaluated for inclusion in the next release of SAM.
Comment 4 James Bowes 2012-11-26 18:22:18 UTC 
Fixed in thumbslug 0.0.27-1
Comment 6 sthirugn@redhat.com 2013-02-13 20:52:35 UTC 
Verified in SAM 1.2 compose for the newer version of thumbslug package as mentioned in Comment 4 above.

# rpm -qa | grep thumbslug
thumbslug-0.0.28-1.el6_3.noarch
thumbslug-selinux-0.0.28-1.el6_3.noarch

Also Adrian Likins tested it agains the qa proxy server and it worked fine.

SAM Version:
* candlepin-0.7.23-1.el6_3.noarch
* candlepin-cert-consumer-cloud-qe-9.idm.lab.bos.redhat.com-1.0-1.noarch
* candlepin-tomcat6-0.7.23-1.el6_3.noarch
* elasticsearch-0.19.9-5.el6_3.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.2.1-1h.el6_3.noarch
* katello-cli-1.2.1-12h.el6_3.noarch
* katello-cli-common-1.2.1-12h.el6_3.noarch
* katello-common-1.2.1-15h.el6_3.noarch
* katello-configure-1.2.3-3h.el6_3.noarch
* katello-glue-candlepin-1.2.1-15h.el6_3.noarch
* katello-headpin-1.2.1-15h.el6_3.noarch
* katello-headpin-all-1.2.1-15h.el6_3.noarch
* katello-selinux-1.2.1-2h.el6_3.noarch
* thumbslug-0.0.28-1.el6_3.noarch
* thumbslug-selinux-0.0.28-1.el6_3.noarch
Comment 7 Bryan Kearney 2013-06-07 17:23:34 UTC 
Closing out verified bugs from 1.2. Somehow the errata tool missed them.
Comment 8 Bryan Kearney 2013-06-07 17:25:22 UTC 
Closing out verified bugs from 1.2. Somehow the errata tool missed them.