[Spacewalk-list] OSAD, Jabberd and OpenSSL errors

Nikhil Anand anand.nikhil at gmail.com
Tue Sep 13 01:48:24 UTC 2011 

Hello,

I performed a fresh update of Spacewalk on a CentOS 5.6 box, having followed all the installation instructions faithfully. I can register clients just fine; the Spacewalk server pings them just fine (can see this in osad-dispatcher.log on server.)

However, I can't:

+ Install/remove packages 
+ Push configs
+ Execute remote commands

The log files on the client (osad -N -vvvvvvv) keep showing the following salient errors:

----------------

2011-09-12 18:05:55 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>
2011-09-12 18:34:17 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>
2011-09-12 18:57:40 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>
2011-09-12 19:01:09 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>
2011-09-12 19:04:38 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>
2011-09-12 20:10:01 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>

----------------

This is followed by this OpenSSL error:

----------------

2011-09-12 20:10:01 jabber_lib._orig_dispatch: <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>
<-- <error><conflict xmlns = 'urn:ietf:params:xml:ns:xmpp-streams'  /></error>

2011-09-12 20:10:10 jabber_lib.process: None
2011-09-12 20:10:10 jabber_lib.process: before select(); timeout None
2011-09-12 20:10:10 jabber_lib.process: select() returned
2011-09-12 20:10:10 jabber_lib.process: Reading 1024 bytes from ssl socket
2011-09-12 20:10:10 jabber_lib.process: Read 16 bytes
2011-09-12 20:10:17 jabber_lib.process: None
2011-09-12 20:10:17 jabber_lib.process: before select(); timeout None
2011-09-12 20:10:17 jabber_lib.process: select() returned
2011-09-12 20:10:17 jabber_lib.process: Reading 1024 bytes from ssl socket
2011-09-12 20:10:17 jabber_lib.process: Closing socket
Error caught:
Traceback (most recent call last):
  File "/usr/share/rhn/osad/jabber_lib.py", line 118, in main
    self.process_forever(c)
  File "/usr/share/rhn/osad/jabber_lib.py", line 176, in process_forever
    self.process_once(client)
  File "/usr/share/rhn/osad/osad.py", line 242, in process_once
    client.process(timeout=None)
  File "/usr/share/rhn/osad/jabber_lib.py", line 1035, in process
    raise SSLError("OpenSSL error; will retry", str(e))
SSLError: ('OpenSSL error; will retry', "(-1, 'Unexpected EOF')")

2011-09-12 20:10:17 jabber_lib.main: Sleeping 96 seconds

----------------

This issue is exactly the same as:
http://www.redhat.com/archives/spacewalk-list/2009-February/msg00416.html

Searching around, I've tried/checked the following:

+ Firewall is disabled
+ SELinux is disabled
+ FQDN of the server is correct, and exactly the same in server.pem (for jabberd) and RHN-ORG-TRUSTED-SSL-CERT (installed on client). Same with /etc/pki/tls/certs/spacewalk.crt
+ Permissions are OK as far as this thread goes:
https://www.redhat.com/archives/spacewalk-list/2010-June/msg00092.html
+ I get the same issue with Oracle XE and PostgreSQL (I'm swearing less when using the latter...)
+ /etc/sysconfig/rhn/up2date looks OK. Nothing's different except these two lines:

  serverURL=https://<my FQDN>/XMLRPC
  sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT 

+ When re-registering a client, I make sure to do this:

  service osad stop
  rm /etc/sysconfig/rhn/osad-auth.conf
  service osad start

I've reached my knowledge's (and wit's) end trying to figure out what's happening. I've tried different boxes, VMs, even different versions of Spacewalk (1.3 and 1.4).

Could someone please help me figure out what's happening? Could someone post working /etc/jabberd/*.xml files (with the FQDNs ***-ed out, of course)?

Thank you for your time!
Nikhil

---
Nikhil Anand
515 708 2866
mantralay.org/key




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20110912/eb679dc7/attachment.htm>

More information about the Spacewalk-list mailing list