diff --git a/koji/auth.py b/koji/auth.py index c9a4aeed..36b66097 100644 --- a/koji/auth.py +++ b/koji/auth.py @@ -369,14 +369,6 @@ class Session(object): proxy_opt = 'ProxyDNs' proxy_dns = [dn.strip() for dn in context.opts.get(proxy_opt, '').split(delimiter)] - # backwards compatible for GSSAPI. - # in old way, proxy user whitelist is ProxyDNs. - # TODO: this should be removed in future release - if authtype == koji.AUTHTYPES['GSSAPI'] and not context.opts.get( - 'DisableGSSAPIProxyDNFallback', False): - proxy_dns += [dn.strip() for dn in - context.opts.get('ProxyDNs', '').split('|')] - if client_dn in proxy_dns: # the user authorized to login other users username = proxyuser diff --git a/kojihub/app/hub.conf b/kojihub/app/hub.conf index 0ea5164d..deca03ec 100644 --- a/kojihub/app/hub.conf +++ b/kojihub/app/hub.conf @@ -33,8 +33,6 @@ KojiDir = /mnt/koji ## Allowed Kerberos Realms separated by ','. ## Default value "*" indicates any Realm is allowed # AllowedKrbRealms = * -## TODO: this option should be removed in future release -# DisableGSSAPIProxyDNFallback = False ## TODO: this option should be turned True in 1.34 # DisableURLSessions = False diff --git a/kojihub/kojixmlrpc.py b/kojihub/kojixmlrpc.py index 1881a881..f598d370 100644 --- a/kojihub/kojixmlrpc.py +++ b/kojihub/kojixmlrpc.py @@ -445,8 +445,6 @@ def load_config(environ): ['ProxyPrincipals', 'string', ''], ['HostPrincipalFormat', 'string', None], ['AllowedKrbRealms', 'string', '*'], - # TODO: this option should be removed in future release - ['DisableGSSAPIProxyDNFallback', 'boolean', False], # TODO: this option should be turned True in 1.34 ['DisableURLSessions', 'boolean', False], @@ -722,10 +720,6 @@ def server_setup(environ): try: setup_logging1() opts = load_config(environ) - if opts['DisableGSSAPIProxyDNFallback']: - logger.warning( - 'Hub option DisableGSSAPIProxyDNFallback is deprecated and ' - 'will be removed in 1.29') setup_logging2(opts) koji.util.setup_rlimits(opts) plugins = load_plugins(opts)