From ee63d83dac8ea1e66881242a92b4a0efe439b3d1 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 10 May 2019 13:32:07 -0400
Subject: [PATCH] Allow caller to opt out of some behaviors

For keepalive, there are applications that can self heal and
would rather close an idle session instead of keeping it alive.

If the caller knows exactly that it wants to be administrator,
then do not automatically allow the session to downgrade to
operator.

Change-Id: Iefaf04387e28da9d7f2c613d567cd83ce69c2c03
---
 pyghmi/ipmi/command.py         | 10 ++++++++--
 pyghmi/ipmi/private/session.py | 25 ++++++++++++++++++-------
 test-requirements.txt          |  1 -
 zuul.d/project.yaml            |  2 --
 4 files changed, 26 insertions(+), 12 deletions(-)

diff --git a/pyghmi/ipmi/command.py b/pyghmi/ipmi/command.py
index e71a41f9..944a1820 100644
--- a/pyghmi/ipmi/command.py
+++ b/pyghmi/ipmi/command.py
@@ -130,10 +130,15 @@ class Command(object):
     :param onlogon: function to run when logon completes in an asynchronous
                     fashion.  This will result in a greenthread behavior.
     :param kg: Optional parameter to use if BMC has a particular Kg configured
+    :param verifycallback:  For OEM extensions that use HTTPS, this function
+                            will be used to evaluate the certificate.
+    :param keepalive:  If False, then an idle connection will logout rather than keepalive
+                       unless held open by console or ongoing activity.
     """
 
     def __init__(self, bmc=None, userid=None, password=None, port=623,
-                 onlogon=None, kg=None, privlevel=4, verifycallback=None):
+                 onlogon=None, kg=None, privlevel=None, verifycallback=None,
+                 keepalive=True):
         # TODO(jbjohnso): accept tuples and lists of each parameter for mass
         # operations without pushing the async complexities up the stack
         self.onlogon = onlogon
@@ -154,7 +159,8 @@ class Command(object):
                                                 onlogon=self.logged,
                                                 port=port,
                                                 kg=kg,
-                                                privlevel=privlevel)
+                                                privlevel=privlevel,
+                                                keepalive=keepalive)
             # induce one iteration of the loop, now that we would be
             # prepared for it in theory
             session.Session.wait_for_rsp(0)
diff --git a/pyghmi/ipmi/private/session.py b/pyghmi/ipmi/private/session.py
index 313ae6d5..41ce54aa 100644
--- a/pyghmi/ipmi/private/session.py
+++ b/pyghmi/ipmi/private/session.py
@@ -423,7 +423,8 @@ class Session(object):
                 port=623,
                 kg=None,
                 onlogon=None,
-                privlevel=4):
+                privlevel=None,
+                keepalive=True):
         trueself = None
         forbidsock = []
         for res in socket.getaddrinfo(bmc, port, 0, socket.SOCK_DGRAM):
@@ -471,7 +472,8 @@ class Session(object):
                  port=623,
                  kg=None,
                  onlogon=None,
-                 privlevel=4):
+                 privlevel=None,
+                 keepalive=True):
         if hasattr(self, 'initialized'):
             # new found an existing session, do not corrupt it
             if onlogon is None:
@@ -486,7 +488,13 @@ class Session(object):
         self.broken = False
         self.socket = None
         self.logged = 0
-        self.privlevel = privlevel
+        if privlevel is not None:
+            self.privlevel = privlevel
+            self.autopriv = False
+        else:
+            self.privlevel = 4
+            self.autopriv = True
+        self.autokeepalive = keepalive
         self.maxtimeout = 3  # be aggressive about giving up on initial packet
         self.incommand = False
         self.nameonly = 16  # default to name only lookups in RAKP exchange
@@ -1239,8 +1247,11 @@ class Session(object):
                 if self.incommand:
                     # if currently in command, no cause to keepalive
                     return
-                self.raw_command(netfn=6, command=1,
-                                 callback=self._keepalive_wrapper(None))
+                if self.autokeepalive:
+                    self.raw_command(netfn=6, command=1,
+                                    callback=self._keepalive_wrapper(None))
+                else:
+                    self.logout()
         except exc.IpmiException:
             self._mark_broken()
 
@@ -1449,9 +1460,9 @@ class Session(object):
         if data[0] != self.rmcptag:  # ignore mismatched tags for retry logic
             return -9
         if data[1] != 0:  # if not successful, consider next move
-            if data[1] in (9, 0xd) and self.privlevel == 4:
+            if data[1] in (9, 0xd) and self.privlevel == 4 and self.autopriv:
                 # Here the situation is likely that the peer didn't want
-                # us to use Operator.  Degrade to operator and try again
+                # us to use admin.  Degrade to operator and try again
                 self.privlevel = 3
                 self.login()
                 return
diff --git a/test-requirements.txt b/test-requirements.txt
index dcf40a44..f6e03721 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2,7 +2,6 @@ hacking>=1.1.0,<1.2.0
 coverage>=4.0
 fixtures>=3.0.0
 python-subunit>=1.0.0
-sphinx>=1.6.5
 openstackdocstheme>=1.18.1 # Apache-2.0
 stestr>=1.0.0 # Apache-2.0
 testscenarios>=0.4
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index 3cdb5eb5..0de0872b 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -2,9 +2,7 @@
     check:
       jobs:
         - build-openstack-sphinx-docs
-        - openstack-tox-lower-constraints
 
     gate:
       jobs:
         - build-openstack-sphinx-docs
-        - openstack-tox-lower-constraints