Hi Christian, We're facing some pretty bad performance issues on our production system after we moved our application to a different vm with RHEL6.4.
We notice that our performance issues occur especially when the log shows this: [Fri Mar 07 00:18:19 2014] [error] /opt/software/lib/python2.7/site-packages/pycrypto-2.6.1-py2.7-linux-x86_64.egg/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability. However, it is important to note that we've seen these warning issues for the last 1.5 years, so I doubt it has to do with it. Nonetheless, do you know what specific operations one could do to trigger this warning? I'm trying to see if I can reproduce the performance spikes. Thanks, Ze On Wednesday, February 6, 2013 12:22:49 AM UTC-8, Christian Hammond wrote: > > Hi Chuck, > > Sorry for failing to respond to the previous e-mail. Missed it. > > I haven't seen that particular warning before. It'll probably have a log > entry any time pycrypto is imported. What distro/version are you using? > Sounds like maybe it's an older one? You may need to hand-upgrade libgmp, > I'm not sure. > > From your previous e-mail: > > Doing a site backup never hurts, but generally isn't important. > > Review Board won't delete any files. At most, it'd add some new > directories and tell you to change permissions, but I don't think we've > done that since 1.5. We have provided instructions on other sorts of manual > updates that need to be made, though. > > We don't have any documentation right now on p4python's SSL support. This > is only needed if you're using SSL-backed Perforce repositories. It's > unfortunately not something we can automate well right now, but > essentially, you'd have to install OpenSSL 1.0.1 on your distro and install > its development package (I don't know if newer versions work -- hopefully > other 1.0.x releases do). You'd then need to manually compile/install > p4python. Yes, it's a pain, but it's something Perforce will need to make > easier for us. > > From the e-mail you just posted while I was replying to this, you'd need > to check the reviewboard.log file and see what error it's reporting before > I can say what happened. > > Christian > > -- > Christian Hammond - chi...@chipx86.com <javascript:> > Review Board - http://www.reviewboard.org > VMware, Inc. - http://www.vmware.com > > On Feb 6, 2013, at 12:10 AM, chuck j <cjerr...@gmail.com <javascript:>> > wrote: > > Hi Christian, > > I would like to thank you for your response about upgrade. > > I went through with your comments and i was able to bring my server to > 1.7.4. > > Also also want to bring to your notice regarding below warning i got after > while upgrading my site. > > /usr/local/lib/python2.7/site-packages/pycrypto-2.6-py2.7-linux-x86_64.egg/Crypto/Util/number.py:57: > > PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using > libgmp >= 5 to avoid timing attack vulnerability. > > How to resolve this? Do i need to build it libgmp again as message shows, > will it make RB server report more issues. > > Thanks, > -Chuck > > On Fri, Feb 1, 2013 at 6:58 PM, chuck j <cjerr...@gmail.com > <javascript:>>wrote: > > Thanks Christian for the response. > > Good to hear that upgrade is possible from 1.6.1 to 1.7.4 RB version, > apart from the database backup do we need to take care of any thing else > which will disturb our production setup and in case of any issue we should > be able to go back to our original state, if you point us action item it > would be really great. > > Few queries though > > 1. How does upgrade takes place, does it replace files by files ( I mean > python scripts etc ) apart from db. > 2. The Release note of 1.7.2 its been mentioned about below > > >>>>> However, this requires that p4python is specially compiled with > OpenSSL support, and that the system has development headers for OpenSSL > 1.0.1. P4PythonInstaller doesn’t do this, so users who need this feature > will currently have to compile p4python manually, providing the path to the > SSL directory using --ssl > >>>>> > > Do we have any tech note for the above steps which end user needs to > perform. > > Cheers, > Chuck > > On Thu, Jan 31, 2013 at 2:50 PM, Christian Hammond > <chi...@chipx86.com<javascript:> > > wrote: > Hi Chuck, > > I always recommend backing up your database first, but you should be able > to upgrade from 1.6.1 to 1.7.4 without any real problems. > > There is a bug that some people hit a while back in older versions that > introduced some stale upgrade data in the database. I meant to get a final > fix out in 1.7.4, but it slipped. If your 'rb-site upgrade' complains about > fields that already exist or something, e-mail and I'll give you the > solution. Otherwise, you shouldn't have any problems. > > Christian > > -- > Christian Hammond - chi...@chipx86.com <javascript:> > Review Board - http://www.reviewboard.org > VMware, Inc. - <a href="http://www.vmware.com/"; target="_ > > ... -- Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ --- Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ --- Happy user? Let us know at http://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to reviewboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
