add krb_rdns option. see https://fedorahosted.org/koji/ticket/328

2016-04-01 16:53:56 -04:00 · 2016-04-01 16:53:56 -04:00 · b0cdd312ec
commit b0cdd312ec
parent fccc268b4e
8 changed files with 22 additions and 11 deletions
--- a/builder/kojid
+++ b/builder/kojid
@ -4598,6 +4598,7 @@ def get_options():
                'keytab': '/etc/kojid/kojid.keytab',
                'ccache': '/var/tmp/kojid.ccache',
                'krbservice': 'host',
+                'krb_rdns': True,
                'server': None,
                'user': None,
                'password': None,
@ -4633,7 +4634,7 @@ def get_options():
                    quit("value for %s option must be a valid integer" % name)
            elif name in ['offline_retry', 'use_createrepo_c',  'createrepo_skip_stat',
                          'createrepo_update', 'keepalive', 'use_fast_upload',
-                          'support_rpm_source_layout']:
+                          'support_rpm_source_layout', 'krb_rdns']:
                defaults[name] = config.getboolean('kojid', name)
            elif name in ['plugin', 'plugins']:
                defaults['plugin'] = value.split()
@ -4708,7 +4709,7 @@ if __name__ == "__main__":

    #build session options
    session_opts = {}
-    for k in ('user', 'password', 'krbservice', 'debug_xmlrpc', 'debug',
+    for k in ('user', 'password', 'krbservice', 'krb_rdns', 'debug_xmlrpc', 'debug',
              'retry_interval', 'max_retries', 'offline_retry', 'offline_retry_interval',
              'keepalive', 'timeout', 'use_fast_upload',
             ):
--- a/cli/koji
+++ b/cli/koji
@ -6952,7 +6952,7 @@ if __name__ == "__main__":
    for k in ('user', 'password', 'krbservice', 'debug_xmlrpc', 'debug', 'max_retries',
              'retry_interval', 'offline_retry', 'offline_retry_interval',
              'anon_retry', 'keepalive', 'timeout', 'use_fast_upload',
-              'upload_blocksize'):
+              'upload_blocksize', 'krb_rdns'):
        value = getattr(options,k)
        if value is not None:
            session_opts[k] = value
--- a/koji/init.py
+++ b/koji/init.py
@ -1488,6 +1488,7 @@ def read_config(profile_name, user_config=None):
        'upload_blocksize': 1048576,
        'poll_interval': 5,
        'krbservice': 'host',
+        'krb_rdns': True,
        'cert': '~/.koji/client.crt',
        'ca': '',  # FIXME: remove in next major release
        'serverca': '~/.koji/serverca.crt',
@ -1542,7 +1543,7 @@ def read_config(profile_name, user_config=None):
                #options *can* be set via the config file. Such options should
                #not have a default value set in the option parser.
                if result.has_key(name):
-                    if name in ('anon_retry', 'offline_retry', 'keepalive', 'use_fast_upload'):
+                    if name in ('anon_retry', 'offline_retry', 'keepalive', 'use_fast_upload', 'krb_rdns'):
                        result[name] = config.getboolean(profile_name, name)
                    elif name in ('max_retries', 'retry_interval',
                                  'offline_retry_interval', 'poll_interval', 'timeout',
@ -1893,7 +1894,10 @@ class ClientSession(object):
    def _serverPrincipal(self, cprinc):
        """Get the Kerberos principal of the server we're connecting
        to, based on baseurl."""
-        servername = socket.getfqdn(self._host)
+        if self.opts.get('krb_rdns', True):
+            servername = socket.getfqdn(self._host)
+        else:
+            servername = self._host
        #portspec = servername.find(':')
        #if portspec != -1:
        #    servername = servername[:portspec]
--- a/util/koji-gc
+++ b/util/koji-gc
@ -160,6 +160,7 @@ def get_options():
            ['keytab', None, 'string'],
            ['principal', None, 'string'],
            ['krbservice', None, 'string'],
+            ['krb_rdns', None, 'boolean'],
            ['runas', None, 'string'],
            ['user', None, 'string'],
            ['password', None, 'string'],
@ -927,7 +928,8 @@ if __name__ == "__main__":
    options, args = get_options()

    session_opts = {}
-    for k in ('user', 'password', 'krbservice', 'email_domain', 'debug_xmlrpc', 'debug'):
+    for k in ('user', 'password', 'krbservice', 'krb_rdns', 'email_domain',
+                'debug_xmlrpc', 'debug'):
        session_opts[k] = getattr(options,k)
    if options.network_hack:
        socket.setdefaulttimeout(180)
--- a/util/kojira
+++ b/util/kojira
@ -714,6 +714,7 @@ def get_options():
                'keytab': None,
                'ccache': '/var/tmp/kojira.ccache',
                'krbservice': 'host',
+                'krb_rdns': True,
                'retry_interval': 60,
                'max_retries': 120,
                'offline_retry': True,
@ -736,7 +737,7 @@ def get_options():
                    'max_delete_processes', 'max_repo_tasks_maven', 'delete_batch_size', )
        str_opts = ('topdir', 'server', 'user', 'password', 'logfile', 'principal', 'keytab', 'krbservice',
                    'cert', 'ca', 'serverca', 'debuginfo_tags', 'source_tags')  # FIXME: remove ca here
-        bool_opts = ('with_src','verbose','debug','ignore_stray_repos', 'offline_retry')
+        bool_opts = ('with_src','verbose','debug','ignore_stray_repos', 'offline_retry', 'krb_rdns')
        for name in config.options(section):
            if name in int_opts:
                defaults[name] = config.getint(section, name)
@ -791,7 +792,7 @@ if  __name__ == "__main__":
    else:
        logger.setLevel(logging.WARNING)
    session_opts = {}
-    for k in ('user', 'password', 'krbservice', 'debug_xmlrpc', 'debug',
+    for k in ('user', 'password', 'krbservice', 'krb_rdns', 'debug_xmlrpc', 'debug',
              'retry_interval', 'max_retries', 'offline_retry', 'offline_retry_interval'):
        session_opts[k] = getattr(options,k)
    session = koji.ClientSession(options.server,session_opts)
--- a/vm/kojivmd
+++ b/vm/kojivmd
@ -121,6 +121,7 @@ def get_options():
                'keytab': '/etc/kojivmd/kojivmd.keytab',
                'ccache': '/var/tmp/kojivmd.ccache',
                'krbservice': 'host',
+                'krb_rdns': True,
                'server': None,
                'user': None,
                'password': None,
@ -141,7 +142,7 @@ def get_options():
                    defaults[name] = int(value)
                except ValueError:
                    quit("value for %s option must be a valid integer" % name)
-            elif name in ['offline_retry']:
+            elif name in ['offline_retry', 'krb_rdns']:
                defaults[name] = config.getboolean('kojivmd', name)
            elif name in ['plugin', 'plugins']:
                defaults['plugin'] = value.split()
@ -1056,7 +1057,7 @@ if __name__ == "__main__":

    #build session options
    session_opts = {}
-    for k in ('user', 'password', 'krbservice', 'debug_xmlrpc', 'debug',
+    for k in ('user', 'password', 'krbservice', 'krb_rdns', 'debug_xmlrpc', 'debug',
              'retry_interval', 'max_retries', 'offline_retry', 'offline_retry_interval'):
        v = getattr(options, k, None)
        if v is not None:
--- a/www/kojiweb/index.py
+++ b/www/kojiweb/index.py
@ -161,7 +161,8 @@ def _assertLogin(environ):
 def _getServer(environ):
    opts = environ['koji.options']
    session = koji.ClientSession(opts['KojiHubURL'],
-                                 opts={'krbservice': opts['KrbService']})
+                                 opts={'krbservice': opts['KrbService'],
+                                       'krb_rdns': opts['KrbRDNS']})

    environ['koji.currentLogin'] = _getUserCookie(environ)
    if environ['koji.currentLogin']:
--- a/www/kojiweb/wsgi_publisher.py
+++ b/www/kojiweb/wsgi_publisher.py
@ -75,6 +75,7 @@ class Dispatcher(object):
        ['WebKeytab', 'string', '/etc/httpd.keytab'],
        ['WebCCache', 'string', '/var/tmp/kojiweb.ccache'],
        ['KrbService', 'string', 'host'],
+        ['KrbRDNS', 'boolean', True],

        ['WebCert', 'string', None],
        ['KojiHubCA', 'string', '/etc/kojiweb/kojihubca.crt'],