This is a multi-part message in MIME format. --------------040004070909070809080607 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit seth vidal wrote: >>Hi Seth, >> >>Thanks for your quick reply. I'm going to tackle it myself, since I >>have to have it in order to roll out Red Hat 9 to clients. > > > gotcha. > > internally I think urlgrab should look to see if it is http, ftp or file > urls > > if http - build up the basicauthhandler > if ftp put them inline ftp://user:pass@xxxxxxx/path/bar/ > if file ignore them and maybe even complain that the user is a moron. > > > Then that should be able to deal with it nicely and not require dragging > a lot of data around. > > Joe - you might be wise to smack Jack Neely in the head and see if you > two can merge your patch for this into his failover patches. It would > make my life easier b/c y'all are working on more or less the same > section(s) of code. Hi Seth and all, I've attached a patch that adds HTTP basic auth to yum 1.97 using the urllib2 HTTPBasicAuthHandler. It adds three new configuration file directives (user, password, and realm). All three appear to be required for the urllib2 auth support to work (I would so love to kill the realm directive but I can find no documentation that explains how to get by without it, and a couple of hours of testing and searching resulted only in frustration--if anyone has a clue on this point, I'd be very happy to hear it). I haven't added in the FTP support yet, but it is harmless to all of the other schemes (file and ftp), as far as I know. I've tested all of the yum commands against a server that does require and a server that does not require authentication and they all work, but I'm sure it is still buggy. One comment, which is probably more of a statement of my Python ignorance than a useful criticism: The keepalive bit at the top of urlgrabber forces some extra extraneous checks into the auth code, because it doesn't guarantee that an opener comes into existence. This seems like it could lead to bugs. If the way the keepalive setup works changes, auth setup breaks...I'm probably in the wrong on this, but I couldn't figure out a way to check for the existence of the opener object (and believe me I tried). I guess another try/except, of some sort, might be the solution to this. I'm just posting for comments, as I plan to add FTP support before I start campaigning for Seth to add this to the real yum. But I welcome any criticisms, as long as you've got a better way and tell me what it is. ;-) -- Joe Cooper <joe@xxxxxxxxxxxxx> Web caching appliances and support. http://www.swelltech.com --------------040004070909070809080607 Content-Type: text/plain; name="yum-1.97-auth.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="yum-1.97-auth.patch" diff -uNr yum-1.97/clientStuff.py yum-1.97-auth/clientStuff.py --- yum-1.97/clientStuff.py 2003-04-21 21:06:23.000000000 -0500 +++ yum-1.97-auth/clientStuff.py 2003-05-20 00:32:16.000000000 -0500 @@ -598,7 +598,7 @@ if not conf.cache: log(3, 'getting groups from server: %s' % serverid) try: - localgroupfile = retrygrab(remotegroupfile, localgroupfile, copy_local=1) + localgroupfile = retrygrab(remotegroupfile, localgroupfile, copy_local=1, realm=serverealm, user=serveruser, password=serverpassword) except URLGrabError, e: log(3, 'Error getting file %s' % remotegroupfile) log(3, '%s' % e) @@ -619,6 +619,9 @@ servername = conf.servername[serverid] serverheader = conf.remoteHeader(serverid) servercache = conf.servercache[serverid] + serverrealm = conf.serverrealm[serverid] + serveruser = conf.serveruser[serverid] + serverpassword = conf.serverpassword[serverid] log(2, 'Getting headers from: %s' % (servername)) log(4, 'Putting them into: %s' % (servercache)) localpkgs = conf.serverpkgdir[serverid] @@ -635,7 +638,7 @@ try: # FIXME this should do a test here too of the headerinfo file # if it is empty then just ignore the repo and move along - headerinfofn = retrygrab(serverheader, localheaderinfo, copy_local=1) + headerinfofn = retrygrab(serverheader, localheaderinfo, copy_local=1, realm=serverrealm, user=serveruser, password=serverpassword) except URLGrabError, e: errorlog(0, 'Error getting file %s' % serverheader) errorlog(0, '%s' % e) Binary files yum-1.97/clientStuff.pyc and yum-1.97-auth/clientStuff.pyc differ diff -uNr yum-1.97/config.py yum-1.97-auth/config.py --- yum-1.97/config.py 2003-04-21 21:06:23.000000000 -0500 +++ yum-1.97-auth/config.py 2003-05-19 23:46:52.000000000 -0500 @@ -50,6 +50,9 @@ self.servers = [] self.servername = {} self.serverurl = {} + self.serverrealm = {} + self.serveruser = {} + self.serverpassword = {} self.serverpkgdir = {} self.serverhdrdir = {} self.servercache = {} @@ -125,7 +128,14 @@ self.servergpgcheck[section]=self.cfg.getboolean(section,'gpgcheck') else: self.servergpgcheck[section]=0 - + + realm = self._getoption(section,'realm') + user = self._getoption(section,'user') + password = self._getoption(section,'password') + self.serverrealm[section] = realm + self.serveruser[section] = user + self.serverpassword[section] = password + (s,b,p,q,f,o) = urlparse.urlparse(self.serverurl[section]) # currently only allowing http, ftp and file url types if s not in ['http', 'ftp', 'file']: diff -uNr yum-1.97/urlgrabber.py yum-1.97-auth/urlgrabber.py --- yum-1.97/urlgrabber.py 2003-04-21 21:06:23.000000000 -0500 +++ yum-1.97-auth/urlgrabber.py 2003-05-20 00:18:18.000000000 -0500 @@ -21,6 +21,7 @@ HTTPException = None try: + global opener # This is a convenient way to make keepalive optional. # Just rename the module so it can't be imported. from keepalive import HTTPHandler @@ -130,7 +131,8 @@ def retrygrab(url, filename=None, copy_local=0, close_connection=0, progress_obj=None, throttle=None, bandwidth=None, - numtries=3, retrycodes=[-1,2,4,5,6,7], checkfunc=None): + numtries=3, retrycodes=[-1,2,4,5,6,7], checkfunc=None, + realm=None, user=None, password=None): """a wrapper function for urlgrab that retries downloads The args for retrygrab are the same as urlgrab except for numtries, @@ -196,7 +198,8 @@ if DEBUG: print 'TRY #%i: %s' % (tries, url) try: fname = urlgrab(url, filename, copy_local, close_connection, - progress_obj, throttle, bandwidth) + progress_obj, throttle, bandwidth, realm, + user, password) if not func is None: apply(func, (fname, )+args, kwargs) if DEBUG: print 'RESULT = success (%s)' % fname return fname @@ -205,7 +208,8 @@ if tries == numtries or (e.errno not in retrycodes): raise def urlgrab(url, filename=None, copy_local=0, close_connection=0, - progress_obj=None, throttle=None, bandwidth=None): + progress_obj=None, throttle=None, bandwidth=None, + realm=None, user=None, password=None): """grab the file at <url> and make a local copy at <filename> If filename is none, the basename of the url is used. @@ -262,6 +266,21 @@ if bandwidth == None: bandwidth = _bandwidth raw_throttle = bandwidth * throttle + # Authentication setup + if DEBUG: print 'Have auth info: %s %s %s %s' % (realm,host,user,password) + if user != None and password != None: + if scheme == 'http' and realm != None: + global opener + authinfo = urllib2.HTTPBasicAuthHandler() + authinfo.add_password(realm, host, user, password) + if keepalive_handler != None: + if DEBUG: print 'add with %s %s %s %s' % (realm,host,user,password) + opener.add_handler(authinfo) + else: + if DEBUG: print 'build with %s %s %s %s' % (realm, host, user, password) + opener = urllib2.build_opener(authinfo) + urllib2.install_opener(opener) + # initiate the connection & get the headers try: fo = urllib2.urlopen(url) --------------040004070909070809080607--
