Bug 47106
| Summary: | The umcp client can only answer one authentication request at a time | ||
|---|---|---|---|
| Product: | UCS | Reporter: | Jürn Brodersen <brodersen> |
| Component: | UMC (Generic) | Assignee: | Florian Best <best> |
| Status: | CLOSED FIXED | QA Contact: | Jürn Brodersen <brodersen> |
| Severity: | normal | ||
| Priority: | P5 | CC: | best, brodersen, schwardt |
| Version: | UCS 4.3 | ||
| Target Milestone: | UCS 4.4-1-errata | ||
| Hardware: | Other | ||
| OS: | Linux | ||
| See Also: |
https://forge.univention.org/bugzilla/show_bug.cgi?id=46870 https://forge.univention.org/bugzilla/show_bug.cgi?id=47239 |
||
| What kind of report is it?: | Bug Report | What type of bug is this?: | 7: Crash: Bug causes crash or data loss |
| Who will be affected by this bug?: | 1: Will affect a very few installed domains | How will those affected feel about the bug?: | 3: A User would likely not purchase the product |
| User Pain: | 0.120 | Enterprise Customer affected?: | |
| School Customer affected?: | ISV affected?: | ||
| Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
| Ticket number: | Bug group (optional): | ||
| Max CVSS v3 score: | |||
| Bug Depends on: | |||
| Bug Blocks: | 48002, 49929 | ||
| Attachments: |
Script to trigger the problem
Patch for umc-web-server |
||
|
Description
Jürn Brodersen
Created attachment 9544 [details]
Script to trigger the problem
The problem may be triggered with the attached test script that has to be called on the affected system. It sends 500 auth requests with a delay of 0<=x<0.2 seconds.
To improve the chance to trigger the problem, the following patch should be applied:
--- a/management/univention-management-console/univention-management-console-web-server
+++ b/management/univention-management-console/univention-management-console-web-server
@@ -155,6 +155,7 @@ class SessionClient(object):
self._auth_response.status = response.status
self._auth_response.result = response.result
self._auth_response.message = response.message
+ time.sleep(0.3)
self._auth_response_queue.put(self._auth_response)
# release queue object
self._auth_response_queue = None
(In reply to Sönke Schwardt-Krummrich from comment #1) > To improve the chance to trigger the problem, the following patch should be > applied: No... your script goes against the UMC-Server... The UMC-Webserver is not involved, so the patch is not effective. (In reply to Florian Best from comment #2) > (In reply to Sönke Schwardt-Krummrich from comment #1) > > To improve the chance to trigger the problem, the following patch should be > > applied: > No... your script goes against the UMC-Server... The UMC-Webserver is not > involved, so the patch is not effective. Oh sorry, it uses univention.lib.umc not umcp.client. Then it's valid. So in the bad case one have a forever hanging client, right? I assume it needs to be fixed in the umcp.Client. Started a branch: fbest/47106-47239-umc-webserver-client-hanging. Created attachment 10138 [details]
Patch for umc-web-server
The patch in fbest/47106-47239-umc-webserver-client-hanging worked for me with some changes in the umc-web-server
univention-management-console (11.0.4-33) 3e46cf5abc1e | Bug #47106: pep8 fe1a20e46acc | Bug #47106: fix multiple parallel authentication requests in umcp.Client univention-management-console.yaml fe1a20e46acc | Bug #47106: fix multiple parallel authentication requests in umcp.Client What I tested: Login with saml -> OK Login without saml -> OK @require_password decorator with saml -> OK Logout with saml -> OK Logout without saml -> OK Password change -> OK Can't reproduce comment 1 any more -> OK Can't reproduce problems hanging requests in the diagnostic module any more (these happened due to the fixes in bug 48002 and bug 49929, which triggered this bug) -> OK yaml -> OK |