freeipa/ipalib
Fraser Tweedale b8007e14cc rpc: always read response
If the server responds 401 and the response body is empty, the
client raises ResponseNotReady.  This occurs because:

1. For a non-200 response, the response read only if the
   Content-Length header occurs.

2. The response must be read before another request (e.g. the
   follow-up request with WWW-Authenticate header set), and this
   condition was not met.  For details see
   https://github.com/python/cpython/blob/v3.6.7/Lib/http/client.py#L1305-L1321.

This situation should not arise in regular use, because the client
either has a session cookie, or, knowing the details of the server
it is contacting, it establishes the GSS-API context and includes
the WWW-Authenticate header in the initial request.

Nevertheless, this problem has been observed in the wild.  I do not
know its ordinary cause(s), but one can force the issue by removing
an authenticated user's session cache from /run/ipa/ccaches, then
performing a request.

Resolve the issue by always reading the response.  It is safe to
call response.read() regardless of whether the Content-Length header
appears, or whether the body is empty.

Fixes: https://pagure.io/freeipa/issue/7752
Reviewed-By: Christian Heimes <cheimes@redhat.com>
2018-11-07 08:39:42 +01:00
..
install Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
__init__.py logging: remove object-specific loggers 2017-07-14 15:55:59 +02:00
aci.py Py3: Replace six.string_types with str 2018-09-27 16:11:18 +02:00
backend.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
base.py Py3: Replace six.string_types with str 2018-09-27 16:11:18 +02:00
capabilities.py Replace LooseVersion 2016-11-24 15:46:40 +01:00
cli.py Py3: Replace six.moves imports 2018-10-05 12:06:19 +02:00
config.py Py3: Replace six.moves imports 2018-10-05 12:06:19 +02:00
constants.py Increase MIN_DOMAIN_LEVEL to DOMAIN_LEVEL_1 2018-08-13 12:35:06 +02:00
crud.py ipalib, ipaserver: fix incorrect API.register calls in docstrings 2016-05-25 16:06:26 +02:00
dns.py dns: do not rely on custom param fields in record attributes 2016-06-20 16:39:12 +02:00
errors.py Require UTF-8 fs encoding 2017-11-21 16:13:28 +01:00
frontend.py Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
krb_utils.py Allow login to WebUI using Kerberos aliases/enterprise principals 2017-03-08 15:56:11 +01:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
messages.py Py3: Replace six.integer_types with int 2018-09-27 16:11:18 +02:00
misc.py Add fix for ipa plugins command 2017-02-17 10:22:07 +01:00
output.py Generate same API.txt under Python 2 and 3 2018-02-15 09:41:30 +01:00
parameters.py Py3: Replace six.moves imports 2018-10-05 12:06:19 +02:00
pkcs10.py Remove pkcs10 module contents 2017-10-25 09:46:41 +02:00
plugable.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
request.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
rpc.py rpc: always read response 2018-11-07 08:39:42 +01:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Cleanup shebang and executable bit 2018-07-05 19:46:42 +02:00
text.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
util.py Fix misleading errors during client install rollback 2018-10-26 08:11:03 +02:00
x509.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00