Bug 668947

Summary: Unable to push packages to koji for build and anything else that requires authentication (like list-tasks)
Product: [Fedora] Fedora Reporter: Ratnadeep Debnath <rtnpro>
Component: kojiAssignee: David Cantrell <dcantrell>
Status: CLOSED INSUFFICIENT_DATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 14CC: dcantrell, kevin, mikem
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-23 22:23:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Ratnadeep Debnath 2011-01-12 07:53:38 UTC
Description of problem:
I am not able to do any upload to koji or anything that requires authentication. But I am able to ssh into my fedorapeople account and login to koji web interface.
I deleted all the ~/.fedora* and ~/.koji/ and successfully ran fedora-packager-setup. But the problem is still persistent. I also tried updating to koji-1.6.0-1.fc14.noarch from koji-1.4.0-4.fc14.noarch. Still the problem is persistant.
Version-Release number of selected component (if applicable):
1.4.0-4, 1.6.0-1

How reproducible:
My HDD was crashed. I got a new one, installed F14, copied all the contents from my previous backup of /home/rtnpro. One day I tried doing a koji scratch-build, then I see this problem.

Steps to Reproduce:
1.
2.
3.
  
Actual results:
1.
[rtnpro@xps ~]$ koji list-tasks
AuthError: Invalid session or bad credentials

[rtnpro@xps ~]$ koji build --scratch dist-f12 rpmbuild/SRPMS/python-keyring-0.5.1-1.fc14.src.rpm 
AuthError: Invalid session or bad credentials

2. [rtnpro@xps ~]$ fedora-cert -v
Verifying Certificate
cert expires: 2011-07-10
CRL Checking not implemented yet

3.
[rtnpro@xps ~]$ koji -d build --scratch dist-f14 rpmbuild/SRPMS/python-keyring-0.5.1-1.fc14.src.rpm 
Traceback (most recent call last):
  File "/usr/bin/koji", line 5077, in <module>
    rv = locals()[command].__call__(options, session, args)
  File "/usr/bin/koji", line 757, in handle_build
    activate_session(session)
  File "/usr/bin/koji", line 5059, in activate_session
    ensure_connection(session)
  File "/usr/bin/koji", line 210, in ensure_connection
    ret = session.getAPIVersion()
  File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1468, in __call__
    return self.__func(self.__name,args,opts)
  File "/usr/lib/python2.7/site-packages/koji/__init__.py", line 1718, in _callMethod
    raise err
koji.AuthError: Invalid session or bad credentials

4.
[rtnpro@xps ~]$ koji --debug-xmlrpc build --scratch dist-f14 rpmbuild/SRPMS/python-keyring-0.5.1-1.fc14.src.rpm 
send: "POST /kojihub/ssllogin HTTP/1.1\r\nHost: koji.fedoraproject.org:443\r\nAccept-Encoding: gzip\r\nUser-Agent: pyOpenSSL_XMLRPC/0.12 - xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: text/xml\r\nContent-Length: 140\r\n\r\n<?xml version='1.0'?>\n<methodCall>\n<methodName>sslLogin</methodName>\n<params>\n<param>\n<value><nil/></value></param>\n</params>\n</methodCall>\n"
reply: 'HTTP/1.1 200 OK\r\n'
header: Date: Wed, 12 Jan 2011 07:19:24 GMT
header: Server: Apache/2.2.3 (Red Hat)
header: Content-Length: 305
header: AppTime: D=59806
header: AppServer: koji01.phx2.fedoraproject.org
header: Connection: close
header: Content-Type: text/xml
body: "<?xml version='1.0'?>\n<methodResponse>\n<params>\n<param>\n<value><struct>\n<member>\n<name>session-id</name>\n<value><int>4490839</int></value>\n</member>\n<member>\n<name>session-key</name>\n<value><string>1383-7XQL0O6scZ4MkIxRxsS</string></value>\n</member>\n</struct></value>\n</param>\n</params>\n</methodResponse>\n"
send: "POST /kojihub?session-id=4490839&session-key=1383-7XQL0O6scZ4MkIxRxsS&callnum=0 HTTP/1.1\r\nHost: koji.fedoraproject.org:443\r\nAccept-Encoding: gzip\r\nUser-Agent: pyOpenSSL_XMLRPC/0.12 - xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: text/xml\r\nContent-Length: 107\r\n\r\n<?xml version='1.0'?>\n<methodCall>\n<methodName>getAPIVersion</methodName>\n<params>\n</params>\n</methodCall>\n"
reply: 'HTTP/1.1 200 OK\r\n'
header: Date: Wed, 12 Jan 2011 07:19:28 GMT
header: Server: Apache/2.2.3 (Red Hat)
header: Content-Length: 292
header: AppTime: D=200214
header: AppServer: koji01.phx2.fedoraproject.org
header: Connection: close
header: Content-Type: text/xml
body: "<?xml version='1.0'?>\n<methodResponse>\n<fault>\n<value><struct>\n<member>\n<name>faultCode</name>\n<value><int>1002</int></value>\n</member>\n<member>\n<name>faultString</name>\n<value><string>Invalid session or bad credentials</string></value>\n</member>\n</struct></value>\n</fault>\n</methodResponse>\n"
AuthError: Invalid session or bad credentials
send: "POST /kojihub?session-id=4490839&session-key=1383-7XQL0O6scZ4MkIxRxsS HTTP/1.1\r\nHost: koji.fedoraproject.org:443\r\nAccept-Encoding: gzip\r\nUser-Agent: pyOpenSSL_XMLRPC/0.12 - xmlrpclib.py/1.0.1 (by www.pythonware.com)\r\nContent-Type: text/xml\r\nContent-Length: 100\r\n\r\n<?xml version='1.0'?>\n<methodCall>\n<methodName>logout</methodName>\n<params>\n</params>\n</methodCall>\n"
reply: 'HTTP/1.1 200 OK\r\n'
header: Date: Wed, 12 Jan 2011 07:19:32 GMT
header: Server: Apache/2.2.3 (Red Hat)
header: Content-Length: 114
header: AppTime: D=10138
header: AppServer: koji01.phx2.fedoraproject.org
header: Connection: close
header: Content-Type: text/xml
body: "<?xml version='1.0'?>\n<methodResponse>\n<params>\n<param>\n<value><nil/></value></param>\n</params>\n</methodResponse>\n"
[rtnpro@xps ~]$ 
5./etc/koji.conf:
[koji]

;configuration for koji cli tool

;url of XMLRPC server
server = http://koji.fedoraproject.org/kojihub

;url of web interface
weburl = http://koji.fedoraproject.org/koji

;url of package download site
pkgurl = http://koji.fedoraproject.org/packages

;path to the koji top directory
topdir = /mnt/koji

;configuration for SSL authentication

;client certificate
cert = ~/.fedora.cert

;certificate of the CA that issued the client certificate
ca = ~/.fedora-server-ca.cert

;certificate of the CA that issued the HTTP server certificate
serverca = ~/.fedora-server-ca.cert



Expected results:


Additional info:

Comment 1 Mike McLean 2011-01-12 17:09:53 UTC
The debug shows that the server is issuing you a session and that your client is using it.

It is possible that your ip is changing between calls? Sessions are tied to ip addresses.

Comment 2 Mike McLean 2011-01-12 17:12:25 UTC
Furthermore the logout call succeeds, despite having the same credentials. This really points to some sort of strange routing where some of your connections are coming from different ip addresses.

Comment 3 Mike McLean 2011-02-09 19:43:27 UTC
needinfo -- please respond to comments 1 and 2.

Comment 4 Jesse Keating 2011-05-23 22:23:41 UTC
Closing due to missing responses.