rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0175-rpc-preparations-for-recursion-fix.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   ac7d03c67af81669700da761908f3f0de3d23372
  2.   SOURCES
  3.   0175-rpc-preparations-for-recursion-fix.patch
Blob History Raw
ac7d03 
From ae8d12b2f764fa49bebf263ec646709900d90a6b Mon Sep 17 00:00:00 2001
ac7d03 
From: Stanislav Laznicka <slaznick@redhat.com>
ac7d03 
Date: Wed, 31 May 2017 15:45:19 +0200
ac7d03 
Subject: [PATCH] rpc: preparations for recursion fix
ac7d03
ac7d03 
Made several improvements to coding style:
ac7d03 
 - same use of KerberosError throughout the module
ac7d03 
 - removed some unused variables
ac7d03 
 - moved code from try-except blocks if it didn't have to be there
ac7d03 
 - preparations for putting most of RPCClient.create_connection()
ac7d03 
   to loop
ac7d03
ac7d03 
https://pagure.io/freeipa/issue/6796
ac7d03
ac7d03 
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
ac7d03 
---
ac7d03 
 ipalib/rpc.py | 27 +++++++++++++++++----------
ac7d03 
 1 file changed, 17 insertions(+), 10 deletions(-)
ac7d03
ac7d03 
diff --git a/ipalib/rpc.py b/ipalib/rpc.py
ac7d03 
index 297ed80414fae3d8b27558567425fec704f3e862..b12ce4c5365299332587ad0d2990ca30070217bf 100644
ac7d03 
--- a/ipalib/rpc.py
ac7d03 
+++ b/ipalib/rpc.py
ac7d03 
@@ -52,7 +52,7 @@ from six.moves import urllib
ac7d03 
 from ipalib.backend import Connectible
ac7d03 
 from ipalib.constants import LDAP_GENERALIZED_TIME_FORMAT
ac7d03 
 from ipalib.errors import (public_errors, UnknownError, NetworkError,
ac7d03 
-    KerberosError, XMLRPCMarshallError, JSONError)
ac7d03 
+                           XMLRPCMarshallError, JSONError)
ac7d03 
 from ipalib import errors, capabilities
ac7d03 
 from ipalib.request import context, Connection
ac7d03 
 from ipapython.ipa_log_manager import root_logger
ac7d03 
@@ -653,7 +653,7 @@ class KerbTransport(SSLTransport):
ac7d03 
                     except (TypeError, UnicodeError):
ac7d03 
                         pass
ac7d03 
             if not token:
ac7d03 
-                raise KerberosError(
ac7d03 
+                raise errors.KerberosError(
ac7d03 
                     message=u"No valid Negotiate header in server response")
ac7d03 
             token = self._sec_context.step(token=token)
ac7d03 
             if self._sec_context.complete:
ac7d03 
@@ -979,8 +979,10 @@ class RPCClient(Connectible):
ac7d03 
             delegate = self.api.env.delegate
ac7d03 
         if ca_certfile is None:
ac7d03 
             ca_certfile = self.api.env.tls_ca_cert
ac7d03 
+        context.ca_certfile = ca_certfile
ac7d03 
+
ac7d03 
+        rpc_uri = self.env[self.env_rpc_uri_key]
ac7d03 
         try:
ac7d03 
-            rpc_uri = self.env[self.env_rpc_uri_key]
ac7d03 
             principal = get_principal(ccache_name=ccache)
ac7d03 
             stored_principal = getattr(context, 'principal', None)
ac7d03 
             if principal != stored_principal:
ac7d03 
@@ -996,12 +998,14 @@ class RPCClient(Connectible):
ac7d03 
         except (errors.CCacheError, ValueError):
ac7d03 
             # No session key, do full Kerberos auth
ac7d03 
             pass
ac7d03 
-        context.ca_certfile = ca_certfile
ac7d03 
         urls = self.get_url_list(rpc_uri)
ac7d03 
         serverproxy = None
ac7d03 
         for url in urls:
ac7d03 
-            kw = dict(allow_none=True, encoding='UTF-8')
ac7d03 
-            kw['verbose'] = verbose
ac7d03 
+            kw = {
ac7d03 
+                'allow_none': True,
ac7d03 
+                'encoding': 'UTF-8',
ac7d03 
+                'verbose': verbose
ac7d03 
+            }
ac7d03 
             if url.startswith('https://'):
ac7d03 
                 if delegate:
ac7d03 
                     transport_class = DelegatedKerbTransport
ac7d03 
@@ -1036,21 +1040,24 @@ class RPCClient(Connectible):
ac7d03 
                         )
ac7d03 
                 # We don't care about the response, just that we got one
ac7d03 
                 break
ac7d03 
-            except KerberosError as krberr:
ac7d03 
+            except errors.KerberosError:
ac7d03 
                 # kerberos error on one server is likely on all
ac7d03 
-                raise errors.KerberosError(message=unicode(krberr))
ac7d03 
+                raise
ac7d03 
             except ProtocolError as e:
ac7d03 
                 if hasattr(context, 'session_cookie') and e.errcode == 401:
ac7d03 
                     # Unauthorized. Remove the session and try again.
ac7d03 
                     delattr(context, 'session_cookie')
ac7d03 
                     try:
ac7d03 
                         delete_persistent_client_session_data(principal)
ac7d03 
-                    except Exception as e:
ac7d03 
+                    except Exception:
ac7d03 
                         # This shouldn't happen if we have a session but it isn't fatal.
ac7d03 
                         pass
ac7d03 
-                    return self.create_connection(ccache, verbose, fallback, delegate)
ac7d03 
+                    return self.create_connection(
ac7d03 
+                        ccache, verbose, fallback, delegate)
ac7d03 
                 if not fallback:
ac7d03 
                     raise
ac7d03 
+                else:
ac7d03 
+                    self.log.info('Connection to %s failed with %s', url, e)
ac7d03 
                 serverproxy = None
ac7d03 
             except Exception as e:
ac7d03 
                 if not fallback:
ac7d03 
--
ac7d03 
2.9.4
ac7d03

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation