From d2129552221bbca7e4bd6ee9bbaee4dafe1b55df Mon Sep 17 00:00:00 2001 From: CentOS Buildsys Date: Jun 25 2013 04:30:28 +0000 Subject: import python-kerberos-1.1-11.el7.src.rpm --- diff --git a/.python-kerberos.metadata b/.python-kerberos.metadata new file mode 100644 index 0000000..7a91ee4 --- /dev/null +++ b/.python-kerberos.metadata @@ -0,0 +1 @@ +910f10a001a4ccecd2c90311b4f919b6eb571b57 SOURCES/python-kerberos-1.1.tar.gz diff --git a/README.md b/README.md deleted file mode 100644 index 0e7897f..0000000 --- a/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 - -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/PyKerberos-delegation.patch b/SOURCES/PyKerberos-delegation.patch new file mode 100644 index 0000000..be6d05b --- /dev/null +++ b/SOURCES/PyKerberos-delegation.patch @@ -0,0 +1,136 @@ +diff -uPr python-kerberos-1.1/pysrc/kerberos.py python-kerberos-1.1-gssflags/pysrc/kerberos.py +--- python-kerberos-1.1/pysrc/kerberos.py 2008-09-17 07:17:15.000000000 -0400 ++++ python-kerberos-1.1-gssflags/pysrc/kerberos.py 2008-12-15 09:21:42.000000000 -0500 +@@ -90,7 +90,18 @@ + AUTH_GSS_CONTINUE=0 + AUTH_GSS_COMPLETE=1 + +-def authGSSClientInit(service): ++#Some useful gss flags ++GSS_C_DELEG_FLAG=1 ++GSS_C_MUTUAL_FLAG=2 ++GSS_C_REPLAY_FLAG=4 ++GSS_C_SEQUENCE_FLAG=8 ++GSS_C_CONF_FLAG=16 ++GSS_C_INTEG_FLAG=32 ++GSS_C_ANON_FLAG=64 ++GSS_C_PROT_READY_FLAG=128 ++GSS_C_TRANS_FLAG=256 ++ ++def authGSSClientInit(service, gssflags=GSS_C_MUTUAL_FLAG|GSS_C_SEQUENCE_FLAG): + """ + Initializes a context for GSSAPI client-side authentication with the given service principal. + authGSSClientClean must be called after this function returns an OK result to dispose of +@@ -98,6 +109,9 @@ + + @param service: a string containing the service principal in the form 'type@fqdn' + (e.g. 'imap@mail.apple.com'). ++ @param gssflags: optional integer used to set GSS flags. ++ (e.g. GSS_C_DELEG_FLAG|GSS_C_MUTUAL_FLAG|GSS_C_SEQUENCE_FLAG will allow ++ to forward credentials to the remote host) + @return: a tuple of (result, context) where result is the result code (see above) and + context is an opaque value that will need to be passed to subsequent functions. + """ +diff -uPr python-kerberos-1.1/src/kerberos.c python-kerberos-1.1-gssflags/src/kerberos.c +--- python-kerberos-1.1/src/kerberos.c 2008-09-17 05:38:55.000000000 -0400 ++++ python-kerberos-1.1-gssflags/src/kerberos.c 2008-12-15 09:26:39.000000000 -0500 +@@ -84,20 +84,22 @@ + return NULL; + } + +-static PyObject* authGSSClientInit(PyObject* self, PyObject* args) ++static PyObject* authGSSClientInit(PyObject* self, PyObject* args, PyObject* keywds) + { + const char *service; + gss_client_state *state; + PyObject *pystate; ++ static char *kwlist[] = {"service", "gssflags", NULL}; ++ long int gss_flags = GSS_C_MUTUAL_FLAG|GSS_C_SEQUENCE_FLAG; + int result = 0; + +- if (!PyArg_ParseTuple(args, "s", &service)) ++ if (!PyArg_ParseTupleAndKeywords(args, keywds, "s|l", kwlist, &service, &gss_flags)) + return NULL; + + state = (gss_client_state *) malloc(sizeof(gss_client_state)); + pystate = PyCObject_FromVoidPtr(state, NULL); + +- result = authenticate_gss_client_init(service, state); ++ result = authenticate_gss_client_init(service, gss_flags, state); + if (result == AUTH_GSS_ERROR) + return NULL; + +@@ -367,7 +369,7 @@ + "Change the user password."}, + {"getServerPrincipalDetails", getServerPrincipalDetails, METH_VARARGS, + "Return the service principal for a given service and hostname."}, +- {"authGSSClientInit", authGSSClientInit, METH_VARARGS, ++ {"authGSSClientInit", (PyCFunction)authGSSClientInit, METH_VARARGS|METH_KEYWORDS, + "Initialize client-side GSSAPI operations."}, + {"authGSSClientClean", authGSSClientClean, METH_VARARGS, + "Terminate client-side GSSAPI operations."}, +@@ -427,6 +429,15 @@ + PyDict_SetItemString(d, "AUTH_GSS_COMPLETE", PyInt_FromLong(AUTH_GSS_COMPLETE)); + PyDict_SetItemString(d, "AUTH_GSS_CONTINUE", PyInt_FromLong(AUTH_GSS_CONTINUE)); + ++ PyDict_SetItemString(d, "GSS_C_DELEG_FLAG", PyInt_FromLong(GSS_C_DELEG_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_MUTUAL_FLAG", PyInt_FromLong(GSS_C_MUTUAL_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_REPLAY_FLAG", PyInt_FromLong(GSS_C_REPLAY_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_SEQUENCE_FLAG", PyInt_FromLong(GSS_C_SEQUENCE_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_CONF_FLAG", PyInt_FromLong(GSS_C_CONF_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_INTEG_FLAG", PyInt_FromLong(GSS_C_INTEG_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_ANON_FLAG", PyInt_FromLong(GSS_C_ANON_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_PROT_READY_FLAG", PyInt_FromLong(GSS_C_PROT_READY_FLAG)); ++ PyDict_SetItemString(d, "GSS_C_TRANS_FLAG", PyInt_FromLong(GSS_C_TRANS_FLAG)); + error: + if (PyErr_Occurred()) + PyErr_SetString(PyExc_ImportError, "kerberos: init failed"); +diff -uPr python-kerberos-1.1/src/kerberosgss.c python-kerberos-1.1-gssflags/src/kerberosgss.c +--- python-kerberos-1.1/src/kerberosgss.c 2008-09-17 06:35:15.000000000 -0400 ++++ python-kerberos-1.1-gssflags/src/kerberosgss.c 2008-12-15 09:21:42.000000000 -0500 +@@ -108,7 +108,7 @@ + return result; + } + +-int authenticate_gss_client_init(const char* service, gss_client_state* state) ++int authenticate_gss_client_init(const char* service, long int gss_flags, gss_client_state* state) + { + OM_uint32 maj_stat; + OM_uint32 min_stat; +@@ -119,6 +119,7 @@ + state->context = GSS_C_NO_CONTEXT; + state->username = NULL; + state->response = NULL; ++ state->gss_flags = gss_flags; + + // Import server name first + name_token.length = strlen(service); +@@ -190,7 +191,7 @@ + &state->context, + state->server_name, + GSS_C_NO_OID, +- GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG, ++ (OM_uint32)state->gss_flags, + 0, + GSS_C_NO_CHANNEL_BINDINGS, + &input_token, +diff -uPr python-kerberos-1.1/src/kerberosgss.h python-kerberos-1.1-gssflags/src/kerberosgss.h +--- python-kerberos-1.1/src/kerberosgss.h 2008-05-23 12:40:38.000000000 -0400 ++++ python-kerberos-1.1-gssflags/src/kerberosgss.h 2008-12-15 09:21:42.000000000 -0500 +@@ -33,6 +33,7 @@ + typedef struct { + gss_ctx_id_t context; + gss_name_t server_name; ++ long int gss_flags; + char* username; + char* response; + } gss_client_state; +@@ -49,7 +50,7 @@ + + char* server_principal_details(const char* service, const char* hostname); + +-int authenticate_gss_client_init(const char* service, gss_client_state* state); ++int authenticate_gss_client_init(const char* service, long int gss_flags, gss_client_state* state); + int authenticate_gss_client_clean(gss_client_state *state); + int authenticate_gss_client_step(gss_client_state *state, const char *challenge); + int authenticate_gss_client_unwrap(gss_client_state* state, const char* challenge); diff --git a/SOURCES/PyKerberos-version.patch b/SOURCES/PyKerberos-version.patch new file mode 100644 index 0000000..2bbd8cb --- /dev/null +++ b/SOURCES/PyKerberos-version.patch @@ -0,0 +1,12 @@ +diff -u --recursive python-kerberos-1.1/setup.py python-kerberos-1.1-version/setup.py +--- python-kerberos-1.1/setup.py 2008-04-16 16:15:24.000000000 -0400 ++++ python-kerberos-1.1-version/setup.py 2013-06-17 15:40:26.446493040 -0400 +@@ -22,7 +22,7 @@ + + setup ( + name = "kerberos", +- version = "1.0", ++ version = "1.1", + description = "Kerberos high-level interface", + ext_modules = [ + Extension( diff --git a/SPECS/python-kerberos.spec b/SPECS/python-kerberos.spec new file mode 100644 index 0000000..de28262 --- /dev/null +++ b/SPECS/python-kerberos.spec @@ -0,0 +1,122 @@ +%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} +%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} +Name: python-kerberos +Version: 1.1 +Release: 11%{?dist} +Summary: A high-level wrapper for Kerberos (GSSAPI) operations + +Group: System Environment/Libraries +License: ASL 2.0 +URL: http://trac.calendarserver.org/projects/calendarserver/browser/PyKerberos +# Pull from SVN +# svn export http://svn.calendarserver.org/repository/calendarserver/PyKerberos/tags/release/PyKerberos-1.1/ python-kerberos-1.1 +# tar czf python-kerberos-%{version}.tar.gz python-kerberos-%{version} +Source0: %{name}-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +BuildRequires: python-devel +BuildRequires: krb5-devel +BuildRequires: python-setuptools + +Patch0: PyKerberos-delegation.patch +Patch1: PyKerberos-version.patch + +%description +This Python package is a high-level wrapper for Kerberos (GSSAPI) operations. +The goal is to avoid having to build a module that wraps the entire +Kerberos.framework, and instead offer a limited set of functions that do what +is needed for client/serverKerberos authentication based on +. + +Much of the C-code here is adapted from Apache's mod_auth_kerb-5.0rc7. + + +%prep +%setup -q + +%patch0 -p1 -b .delegation +%patch1 -p1 -b .version + +%build +%{__python} setup.py build + +%install +rm -rf $RPM_BUILD_ROOT +%{__python} setup.py install --skip-build --root $RPM_BUILD_ROOT + +%clean +rm -rf $RPM_BUILD_ROOT + + +%files +%defattr(-,root,root,-) +%doc README.txt LICENSE test.py +%{python_sitearch}/* + + +%changelog +* Mon Jun 17 2013 Rob Crittenden - 1.1-11 +- Fix version in setup.py so egg information is correct (#975202) + +* Thu Feb 14 2013 Fedora Release Engineering - 1.1-10.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sat Jul 21 2012 Fedora Release Engineering - 1.1-9.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Jan 14 2012 Fedora Release Engineering - 1.1-8.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Feb 08 2011 Fedora Release Engineering - 1.1-7.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Thu Jul 22 2010 David Malcolm - 1.1-6.1 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Sun Jul 26 2009 Fedora Release Engineering - 1.1-5.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Feb 26 2009 Fedora Release Engineering - 1.1-4.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Mon Dec 15 2008 Simo Sorce - 1.1-3.1 +- Fix minor issue with delegation patch + +* Fri Dec 12 2008 Simo Sorce - 1.1-3 +- Add delegation patch + +* Sat Nov 29 2008 Ignacio Vazquez-Abrams - 1.1-2 +- Rebuild for Python 2.6 + +* Thu Nov 27 2008 Simo Sorce - 1.1-1 +- New Upstream Release +- Remove patches as this version has them included already + +* Tue Feb 19 2008 Fedora Release Engineering - 1.0-6 +- Autorebuild for GCC 4.3 + +* Wed Jan 16 2008 Rob Crittenden - 1.0-5 +- Package the egg-info too + +* Wed Jan 16 2008 Rob Crittenden - 1.0-4 +- Switch from python_sitelib macro to python_sitearch +- Add python-setuptools to BuildRequires + +* Wed Jan 16 2008 Rob Crittenden - 1.0-3 +- Use the setup.py install target in order to generate debuginfo. + +* Thu Jan 3 2008 Rob Crittenden - 1.0-2 +- Add krb5-devel to BuildRequires + +* Wed Jan 2 2008 Rob Crittenden - 1.0-1 +- Change name to python-kerberos from PyKerberos +- Change license from "Apache License" to ASL 2.0 per guidelines +- Upstream released 1.0 which is equivalent to version 1541. Reverting + to that. + +* Tue Aug 28 2007 Rob Crittenden - 0.1735-2 +- Include GSS_C_DELEG_FLAG in gss_init_sec_context() so the command-line + tools can do kerberos ticket forwarding. + +* Tue Jul 31 2007 Rob Crittenden - 0.1735-1 +- Initial rpm version