remove deprecated krbV support

Fixes: https://pagure.io/koji/issue/1991
2020-05-13 16:36:32 +02:00 · 2020-05-13 16:36:32 +02:00 · f8419e3626
commit f8419e3626
parent ee93da4177
25 changed files with 30 additions and 552 deletions
--- a/cli/koji
+++ b/cli/koji
@ -119,7 +119,6 @@ def get_options():
                      help=_("specify a configuration profile"))
    parser.add_option("--keytab", help=_("specify a Kerberos keytab to use"), metavar="FILE")
    parser.add_option("--principal", help=_("specify a Kerberos principal to use"))
-    parser.add_option("--krbservice", help=_("specify the Kerberos service name for the hub"))
    parser.add_option("--cert", help=_("specify a SSL cert to use"), metavar="FILE")
    parser.add_option("--ca", help=SUPPRESS_HELP, metavar="FILE")  # FIXME: remove in 1.24
    parser.add_option("--runas", help=_("run as the specified user (requires special privileges)"))
--- a/cli/koji.conf
+++ b/cli/koji.conf
@ -16,21 +16,12 @@

 ;configuration for Kerberos authentication

-;the service name of the principal being used by the hub
-;krbservice = host
-
 ;the principal to auth as for automated clients
 ;principal = client@EXAMPLE.COM

 ;the keytab to auth as for automated clients
 ;keytab = /etc/krb5.keytab

-;enable to lookup dns canonical hostname for krb auth
-;krb_canon_host = no
-
-;The realm of server principal. Using client's realm if not set
-;krb_server_realm = EXAMPLE.COM
-

 ;configuration for SSL authentication

--- a/cli/koji_cli/lib.py
+++ b/cli/koji_cli/lib.py
@ -20,11 +20,6 @@ import koji
 from koji import parse_arches
 from koji.util import md5_constructor, to_list

-try:
-    import krbV
-except ImportError:  # pragma: no cover
-    krbV = None
-

 # for compatibility with plugins based on older version of lib
 # Use optparse imports directly in new code.
@ -663,18 +658,6 @@ def warn(msg):
    sys.stderr.flush()


-def has_krb_creds():
-    if krbV is None:
-        return False
-    try:
-        ctx = krbV.default_context()
-        ccache = ctx.default_ccache()
-        ccache.principal()
-        return True
-    except krbV.Krb5Error:
-        return False
-
-
 def activate_session(session, options):
    """Test and login the session is applicable"""
    if isinstance(options, dict):
@ -692,7 +675,7 @@ def activate_session(session, options):
            and options.authtype is None:
        # authenticate using user/password
        session.login()
-    elif options.authtype == "kerberos" or has_krb_creds() and options.authtype is None:
+    elif options.authtype == "kerberos" or options.authtype is None:
        try:
            if getattr(options, 'keytab', None) and getattr(options, 'principal', None):
                session.gssapi_login(principal=options.principal, keytab=options.keytab,