Description of problem: Yum should display a warning when sslclientcert values with the same basename are configured in a repo. This was reported and fixed in bug 695427. Version-Release number of selected component (if applicable): yum-3.2.29-36.el6.noarch How reproducible: always Steps to Reproduce: 1. Configure a repo like this: cat > /etc/yum.repos.d/bz695427.repo <<EOF [bz695427_1] name=bz695427_1 baseurl=https://localhost/bz695427repo enabled=1 gpgcheck=0 #sslverify=false sslcacert=$TmpDir/myca.crt sslclientcert=/tmp/foo/cert.pem [bz695427_2] name=bz695427_2 baseurl=https://localhost/bz695427repo enabled=1 gpgcheck=0 #sslverify=false sslcacert=$TmpDir/myca.crt sslclientcert=/tmp/bar/cert.pem EOF 2. Check the result # yum --disablerepo='*' --enablerepo=bz695427_1 --enablerepo=bz695427_2 check-update; echo $? Loaded plugins: downloadonly, fastestmirror, product-id, security, subscription-manager, tmprepo Updating certificate-based repositories. Unable to read consumer identity Repo bz695427_1 forced skip_if_unavailable=True due to: /tmp/tmp.h7rRc1HyBc/myca.crt Repo bz695427_1 forced skip_if_unavailable=True due to: /tmp/foo/cert.pem Repo bz695427_2 forced skip_if_unavailable=True due to: /tmp/tmp.h7rRc1HyBc/myca.crt Repo bz695427_2 forced skip_if_unavailable=True due to: /tmp/bar/cert.pem Loading mirror speeds from cached hostfile https://localhost/bz695427repo/repodata/repomd.xml: [Errno 14] PYCURL ERROR 7 - "couldn't connect to host" Trying other mirror. https://localhost/bz695427repo/repodata/repomd.xml: [Errno 14] PYCURL ERROR 7 - "couldn't connect to host" Trying other mirror. 0 NOTE: In previous verison the pycurl errors did not appeared so it seams that the configuration was evaluated before the url is touched. See the details in expected results. 3. Even if the rep is correctly configured there is no warning: # yum --disablerepo='*' --enablerepo=bz695427_1 --enablerepo=bz695427_2 check-update; echo $? Loaded plugins: downloadonly, fastestmirror, product-id, security, subscription- : manager, tmprepo Updating certificate-based repositories. Unable to read consumer identity Repo bz695427_1 forced skip_if_unavailable=True due to: /tmp/foo/cert.pem Repo bz695427_2 forced skip_if_unavailable=True due to: /tmp/bar/cert.pem Loading mirror speeds from cached hostfile 0 # Actual results: no warning like, sslclientcert basename shared between foo and bar Expected results: # yum --disablerepo='*' --enablerepo=bz695427_1 --enablerepo=bz695427_2 check-update; echo $? Loaded plugins: downloadonly, fastestmirror, product-id, security, subscription- : manager, tmprepo Updating certificate-based repositories. Unable to read consumer identity Repo bz695427_1 forced skip_if_unavailable=True due to: /tmp/foo/cert.pem Repo bz695427_2 forced skip_if_unavailable=True due to: /tmp/bar/cert.pem sslclientcert basename shared between bz695427_2 and bz695427_1 1 # # # rpm -q yum yum-3.2.29-30.el6.noarch
1) Confirmed regression, the code that checks for duplicated basenames is dead, as _getRepos() is never called with doSetup = True. 2) This probably never worked, UNLESS at least one --enablerepo option was used. Patch BZ-880968-verify-options-before-diiung.patch removes self.base._getRepos(doSetup=True) call when handling --enablerepo option, so it manifests as a regression. 3) This bug is also present in HEAD.
Fixing this is probably simple: http://lists.baseurl.org/pipermail/yum-devel/2012-December/009818.html
Added the latest patch that's ACKd.
Added missing imports and checks to the backport. Fixed in 3.2.29-38. http://bulk-mail.corp.redhat.com/archives/cvs-commits-list/2012-December/msg04653.html
*** Bug 887322 has been marked as a duplicate of this bug. ***
*** Bug 887241 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-0406.html