From f402492eb0028cc626b100a7352adc5d8736c7c0 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Mon, 19 Feb 2018 16:16:32 -0500
Subject: [PATCH] Port to python-gssapi from pykerberos
---
python-nitrate.spec | 7 +++++--
setup.py | 2 +-
source/xmlrpc.py | 31 ++++++++++++++-----------------
3 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/python-nitrate.spec b/python-nitrate.spec
index 776f974..da8ad74 100644
--- a/python-nitrate.spec
+++ b/python-nitrate.spec
@@ -1,6 +1,6 @@
Name: python-nitrate
Version: 1.3
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Python API for the Nitrate test case management system
Group: Development/Languages
@@ -11,7 +11,7 @@ Source0: http://psss.fedorapeople.org/python-nitrate/%{name}-%{version}.tar.bz2
BuildArch: noarch
BuildRequires: python-devel
-Requires: python-kerberos python-psycopg2
+Requires: python-gssapi python-psycopg2
%description
python-nitrate is a Python interface to the Nitrate test case
@@ -40,6 +40,9 @@ install -pm 644 docs/*.1.gz %{buildroot}%{_mandir}/man1
%doc COPYING README examples
%changelog
+* Mon Feb 19 2018 Robbie Harwood <rharwood@redhat.com> 1.3-3
+- Port to python-gssapi
+
* Tue May 10 2016 Martin Frodl <mfrodl@redhat.com> 1.3-2
- Removed obsolete project page links
diff --git a/source/xmlrpc.py b/source/xmlrpc.py
index ca4e122..9585214 100644
--- a/source/xmlrpc.py
+++ b/source/xmlrpc.py
@@ -6,6 +6,7 @@ This code is based on http://landfill.bugzilla.org/testopia2/testopia/contrib/dr
and https://fedorahosted.org/python-bugzilla/browser/bugzilla/base.py
History:
+2018-02-19 Port to python-gssapi from pykerberos
2011-12-31 bugfix https://bugzilla.redhat.com/show_bug.cgi?id=735937
Example on how to access this library,
@@ -32,9 +33,10 @@ n = NitrateXmlrpc(
n.testplan_get(10)
"""
-import xmlrpclib, urllib2, httplib, kerberos
+import xmlrpclib, urllib2, httplib, gssapi
from types import *
from datetime import datetime, time
+from base64 import b64encode, b64decode
from cookielib import CookieJar
@@ -197,8 +199,9 @@ class SafeCookieTransport(xmlrpclib.SafeTransport,CookieTransport):
request = CookieTransport.request_with_cookies
# Stolen from FreeIPA source freeipa-1.2.1/ipa-python/krbtransport.py
-class KerbTransport(SafeCookieTransport):
- """Handles Kerberos Negotiation authentication to an XML-RPC server."""
+# Ported to use python-gssapi
+class GSSAPITransport(SafeCookieTransport):
+ """Handles GSSAPI Negotiation (SPNEGO) authentication to an XML-RPC server."""
def get_host_info(self, host):
host, extra_headers, x509 = xmlrpclib.Transport.get_host_info(self, host)
@@ -207,19 +210,13 @@ class KerbTransport(SafeCookieTransport):
h = host
hostinfo = h.split(':')
service = "HTTP@" + hostinfo[0]
-
- try:
- rc, vc = kerberos.authGSSClientInit(service);
- except kerberos.GSSError, e:
- raise kerberos.GSSError(e)
-
- try:
- kerberos.authGSSClientStep(vc, "");
- except kerberos.GSSError, e:
- raise kerberos.GSSError(e)
+
+ service_name = gssapi.Name(service, gssapi.NameType.hostbased_service)
+ vc = gssapi.SecurityContext(usage="initiate", name=service_name)
+ response = vc.step()
extra_headers = [
- ("Authorization", "negotiate %s" % kerberos.authGSSClientResponse(vc) )
+ ("Authorization", "negotiate %s" % b64encode(response).decode() )
]
return host, extra_headers, x509
@@ -487,14 +484,14 @@ class NitrateXmlrpc(object):
class NitrateKerbXmlrpc(NitrateXmlrpc):
"""
NitrateXmlrpc - Nitrate XML-RPC client
- for server deployed with mod_auth_kerb
+ for server deployed with mod_auth_gssapi
"""
def __init__(self, url):
if url.startswith('https://'):
- self._transport = KerbTransport()
+ self._transport = GSSAPITransport()
elif url.startswith('http://'):
raise NitrateError("Encrypted https communication required for "
- "Kerberos authentication.\nURL provided: {0}".format(url))
+ "GSSAPI authentication.\nURL provided: {0}".format(url))
else:
raise NitrateError("Unrecognized URL scheme: {0}".format(url))
--
2.16.1