From 8ef24e54007f656ecc8641130a1078dd2fac8dca Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Sat, 3 Dec 2016 22:35:19 +0000
Subject: [PATCH 1/2] Implement support for koji krb_login
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
ChangeLog | 4 ++++
src/utils.py | 27 +++++++++++++++++++++++----
2 files changed, 27 insertions(+), 4 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index ea49105..7492274 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2016-12-03 Patrick Uiterwijk <puiterwijk@redhat.com>
+
+ * src/utils.py: Added support for koji krb_login.
+
2016-10-03 Patrick Uiterwijk <puiterwijk@redhat.com>
* src/server.py: Added gpg_signature for plain gpg signatures.
diff --git a/src/utils.py b/src/utils.py
index 60131d4..8f40b31 100644
--- a/src/utils.py
+++ b/src/utils.py
@@ -222,11 +222,23 @@ def koji_read_config(global_config, instance):
parser = ConfigParser.ConfigParser()
parser.read(('/etc/koji.conf', os.path.expanduser(config_path)))
config = dict(parser.items('koji'))
- for opt in ('server', 'cert', 'serverca', 'topurl'):
+ for opt in ('server', 'serverca', 'topurl'):
if opt not in config:
raise KojiError('Missing koji configuration option %s' % opt)
for opt in ('cert', 'serverca'):
- config[opt] = os.path.expanduser(config[opt])
+ if opt in config:
+ config[opt] = os.path.expanduser(config[opt])
+ if 'authtype' not in config:
+ # We have no explicit authtype, try to be smart
+ if 'cert' in config:
+ config['authtype'] = 'ssl'
+ elif 'principal' in config and 'keytab' in config:
+ config['authtype'] = 'kerberos'
+ else:
+ raise KojiError('Unable to determine koji Auth type')
+ elif config['authtype'] not in ('ssl', 'kerberos'):
+ raise KojiError('Unsupported authtype %s requested' %
+ config['authtype'])
return config
def koji_connect(koji_config, authenticate, proxyuser=None):
@@ -242,8 +254,15 @@ def koji_connect(koji_config, authenticate, proxyuser=None):
session = koji.ClientSession(koji_config['server'])
if authenticate:
- session.ssl_login(koji_config['cert'], None,
- koji_config['serverca'], proxyuser=proxyuser)
+ if koji_config['authtye'] == 'ssl':
+ session.ssl_login(koji_config['cert'], None,
+ koji_config['serverca'], proxyuser=proxyuser)
+ elif koji_config['authtype'] == 'kerberos':
+ kwargs = {}
+ for opt in ('principal', 'keytab', 'ccache'):
+ if opt in koji_config:
+ kwargs[opt] = koji_config[opt]
+ session.krb_login(proxyuser=proxyuser, **kwargs)
try:
version = session.getAPIVersion()
except xmlrpclib.ProtocolError:
--
2.10.2