From 5a11e56c33525fe6163782f8b4692dd933e3e15c Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Mar 05 2018 21:42:45 +0000
Subject: Apply patch to port from pykerberos to python-gssapi Resolves: #1546884


---

diff --git a/Port-to-python-gssapi.patch b/Port-to-python-gssapi.patch
new file mode 100644
index 0000000..578e64a
--- /dev/null
+++ b/Port-to-python-gssapi.patch
@@ -0,0 +1,134 @@
+From 776ae1d92d28d2c291f4cd42471eb87441f29fe5 Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Mon, 19 Feb 2018 16:47:44 -0500
+Subject: [PATCH] Port to python-gssapi
+
+As part of this, migrate any urllib2_kerberos code to urllib-gssapi.
+---
+ .travis.yml         |  2 +-
+ Makefile            |  2 +-
+ did.spec            |  7 +++++--
+ did/cli.py          |  8 ++++----
+ did/plugins/jira.py |  4 ++--
+ did/plugins/rt.py   | 18 ++++++++++--------
+ docs/conf.py        |  2 +-
+ examples/dockerfile |  2 +-
+ setup.py            |  6 +++---
+ 9 files changed, 28 insertions(+), 23 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index cd0514b..2c1ac9b 100644
+--- a/Makefile
++++ b/Makefile
+@@ -79,7 +79,7 @@ clean:
+ run_docker: build_docker
+ 	@echo
+ 	@echo "Please note: this is a first cut at doing a container version as a result; known issues:"
+-	@echo "* kerberos auth may not be working correctly"
++	@echo "* GSSAPI auth may not be working correctly"
+ 	@echo "* container runs as privileged to access the conf file"
+ 	@echo "* output directory may not be quite right"
+ 	@echo
+diff --git a/did/cli.py b/did/cli.py
+index 623f3e4..8ea5c52 100644
+--- a/did/cli.py
++++ b/did/cli.py
+@@ -12,7 +12,7 @@ from __future__ import unicode_literals, absolute_import
+ import re
+ import sys
+ import argparse
+-import kerberos
++import gssapi
+ from dateutil.relativedelta import relativedelta as delta
+ 
+ import did.base
+@@ -205,7 +205,7 @@ def main(arguments=None):
+             did.base.Config.path(), did.base.Config.example().strip()))
+         raise
+ 
+-    except kerberos.GSSError as error:
+-        log.debug(error)
++    except gssapi.exceptions.GSSError as error:
++        log.debug(error.gen_msg())
+         raise did.base.ConfigError(
+-            "Kerberos authentication failed. Try kinit.")
++            "GSSAPI authentication failed. Try kinit.")
+diff --git a/did/plugins/jira.py b/did/plugins/jira.py
+index 874b21f..9c62a1d 100644
+--- a/did/plugins/jira.py
++++ b/did/plugins/jira.py
+@@ -39,7 +39,7 @@ import urllib
+ import urllib2
+ import cookielib
+ import dateutil.parser
+-import urllib2_kerberos
++import urllib_gssapi
+ 
+ from did.utils import log, pretty, listed
+ from did.base import Config, ReportError
+@@ -254,7 +254,7 @@ class JiraStats(StatsGroup):
+                 urllib2.HTTPSHandler(debuglevel=0),
+                 urllib2.HTTPRedirectHandler,
+                 urllib2.HTTPCookieProcessor(cookie),
+-                urllib2_kerberos.HTTPKerberosAuthHandler)
++                urllib_gssapi.HTTPSPNEGOAuthHandler)
+ 
+             log.debug("Connecting to {0}".format(self.auth_url))
+             if self.auth_type == 'basic':
+diff --git a/did/plugins/rt.py b/did/plugins/rt.py
+index a6f470b..f75f700 100644
+--- a/did/plugins/rt.py
++++ b/did/plugins/rt.py
+@@ -15,7 +15,9 @@ from __future__ import absolute_import, unicode_literals
+ import httplib
+ import urllib
+ import urlparse
+-import kerberos
++import gssapi
++
++from base64 import b64encode, b64decode
+ 
+ from did.utils import log, pretty
+ from did.base import ReportError, Config
+@@ -36,18 +38,18 @@ class RequestTracker(object):
+         self.url_string = parent.url
+ 
+     def get(self, path):
+-        """ Perform a GET request with Kerberos authentication """
+-        # Prepare Kerberos ticket granting ticket """
+-        _, ctx = kerberos.authGSSClientInit(
+-            'HTTP@{0}'.format(self.url.netloc))
+-        kerberos.authGSSClientStep(ctx, "")
+-        tgt = kerberos.authGSSClientResponse(ctx)
++        """ Perform a GET request with GSSAPI authentication """
++        # Generate token
++        service_name = gssapi.Name('HTTP@{0}'.format(self.url.netloc),
++                                   gssapi.NameType.hostbased_service)
++        ctx = gssapi.SecurityContext(usage="initiate", name=service_name)
++        data = b64encode(ctx.step()).decode()
+ 
+         # Make the connection
+         connection = httplib.HTTPSConnection(self.url.netloc, 443)
+         log.debug("GET {0}".format(path))
+         connection.putrequest("GET", path)
+-        connection.putheader("Authorization", "Negotiate {0}".format(tgt))
++        connection.putheader("Authorization", "Negotiate {0}".format(data))
+         connection.putheader("Referer", self.url_string)
+         connection.endheaders()
+ 
+diff --git a/examples/dockerfile b/examples/dockerfile
+index e289169..92a2f6e 100644
+--- a/examples/dockerfile
++++ b/examples/dockerfile
+@@ -1,7 +1,7 @@
+ FROM fedora
+ MAINTAINER langdon <langdon@fedoraproject.org>
+ RUN yum clean all && yum -y update
+-RUN yum -y install python python-pip make gcc krb5-devel python-devel python-setuptools python-kerberos python-nitrate python-dateutil python-urllib2_kerberos
++RUN yum -y install python python-pip make gcc krb5-devel python-devel python-setuptools python-gssapi python-nitrate python-dateutil python-urllib-gssapi
+ RUN yum clean all
+ 
+ COPY . /opt/did
+-- 
+2.16.1
+
diff --git a/did.spec b/did.spec
index 0aedc12..3c74221 100644
--- a/did.spec
+++ b/did.spec
@@ -1,6 +1,6 @@
 Name: did
 Version: 0.9
-Release: 6%{?dist}
+Release: 7%{?dist}
 
 Summary: What did you do last week, month, year?
 License: GPLv2+
@@ -8,9 +8,13 @@ License: GPLv2+
 URL: https://github.com/psss/did
 Source: https://github.com/psss/did/releases/download/%{version}/did-%{version}.tar.bz2
 
+Patch0: Port-to-python-gssapi.patch
+
 BuildArch: noarch
 BuildRequires: python2-devel
-Requires: python2-kerberos python2-nitrate python2-dateutil python2-urllib2_kerberos python2-bugzilla
+Requires: python2-gssapi
+Requires: python2-urllib-gssapi
+Requires: python2-nitrate python2-dateutil python2-bugzilla
 %{?el6:Requires: python-argparse}
 
 %description
@@ -19,7 +23,7 @@ changes) for given week, month, quarter, year or selected date
 range. By default all available stats for this week are reported.
 
 %prep
-%setup -q
+%autosetup -S git
 
 %build
 
@@ -43,6 +47,10 @@ install -pm 644 did.1.gz %{buildroot}%{_mandir}/man1
 %license LICENSE
 
 %changelog
+* Mon Mar 05 2018 Robbie Harwood <rharwood@redhat.com> - 9.9-7
+- Apply patch to port from pykerberos to python-gssapi
+- Resolves: #1546884
+
 * Wed Feb 07 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.9-6
 - Update Python 2 dependency declarations to new packaging standards
   (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)