Add patch for keytab kerberos client config

Move non upstreamable Fedora patch to the end to ease rebasing to future
  upstream release
Move license comment before license tag

fedora-config.patch

@@ -1,6 +1,7 @@
---- koji-1.11.0-orig/cli/koji.conf	2016-12-08 22:22:14.000000000 -0600
+diff -up koji-1.11.0/cli/koji.conf.clientconf koji-1.11.0/cli/koji.conf
-+++ koji-1.11.0/cli/koji.conf	2016-12-09 08:29:10.066764435 -0600
+--- koji-1.11.0/cli/koji.conf.clientconf	2017-01-08 12:35:51.681832856 +0100
-@@ -3,26 +3,17 @@
++++ koji-1.11.0/cli/koji.conf	2017-01-08 12:37:14.388829788 +0100
+@@ -3,18 +3,20 @@
  ;configuration for koji cli tool
  
  ;url of XMLRPC server
@@ -18,12 +19,16 @@
  ;path to the koji top directory
  ;topdir = /mnt/koji
  
--;configuration for Kerberos authentication
+ ;configuration for Kerberos authentication
 +authtype = kerberos
 +krb_rdns = false
  
--;the service name of the principal being used by the hub
+ ;the service name of the principal being used by the hub
--;krbservice = host
+ ;krbservice = host
+@@ -24,11 +26,3 @@
+ 
+ ;the keytab to auth as for automated clients
+ ;keytab = /etc/krb5.keytab
 -
 -;configuration for SSL authentication
 -

koji-pr239-principal-keytab-cli-config.patch

@@ -0,0 +1,41 @@
+From c056a2ff45a0e256aa27e1ca2b86ed4284bcaa52 Mon Sep 17 00:00:00 2001
+From: Patrick Uiterwijk <puiterwijk@redhat.com>
+Date: Dec 15 2016 01:58:50 +0000
+Subject: Allow principal and keytab in cli config
+
+
+Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
+
+---
+
+diff --git a/cli/koji.conf b/cli/koji.conf
+index 4294603..ae77e4e 100644
+--- a/cli/koji.conf
++++ b/cli/koji.conf
+@@ -19,6 +19,12 @@
+ ;the service name of the principal being used by the hub
+ ;krbservice = host
+ 
++;the principal to auth as for automated clients
++;principal = client@EXAMPLE.COM
++
++;the keytab to auth as for automated clients
++;keytab = /etc/krb5.keytab
++
+ ;configuration for SSL authentication
+ 
+ ;client certificate
+diff --git a/koji/__init__.py b/koji/__init__.py
+index 144c2c5..9b3c75d 100644
+--- a/koji/__init__.py
++++ b/koji/__init__.py
+@@ -1584,6 +1584,8 @@ def read_config(profile_name, user_config=None):
+         'poll_interval': 6,
+         'krbservice': 'host',
+         'krb_rdns': True,
++        'principal': None,
++        'keytab': None,
+         'cert': None,
+         'ca': '',  # FIXME: remove in next major release
+         'serverca': None,
+

koji.spec

@@ -9,20 +9,23 @@
 
 Name: koji
 Version: 1.11.0
-Release: 3%{?dist}
+Release: 4%{?dist}
-License: LGPLv2 and GPLv2+
 # koji.ssl libs (from plague) are GPLv2+
+License: LGPLv2 and GPLv2+
 Summary: Build system tools
 Group: Applications/System
 URL: https://pagure.io/koji/
 Source0: https://releases.pagure.org/koji/koji-%{version}.tar.bz2
-Patch0: fedora-config.patch
 # https://pagure.io/koji/pull-request/246
 Patch1: koji-pr246-kojigc-krb_rds-support.patch
 # https://pagure.io/koji/pull-request/248
 Patch2: koji-pr248-kojigc-keytab-support.patch
 # https://pagure.io/koji/pull-request/243
 Patch3: koji-pr243-CheckClientIP-and-TrustForwardedIP.patch
+# https://pagure.io/koji/pull-request/239
+Patch4: koji-pr239-principal-keytab-cli-config.patch
+# Not upstreamable
+Patch100: fedora-config.patch
 
 BuildArch: noarch
 Requires: python-krbV >= 1.0.13
@@ -172,10 +175,11 @@ koji-web is a web UI to the Koji system.
 
 %prep
 %setup -q
-%patch0 -p1 -b orig
 %patch1 -p1 -b .246
 %patch2 -p1 -b .248
 %patch3 -p1 -b .243
+%patch4 -p1 -b .239
+%patch100 -p1 -b .fedoraconfig
 
 %build
 
@@ -343,6 +347,12 @@ fi
 %endif
 
 %changelog
+* Sun Jan 08 2017 Till Maas <opensource@till.name> - 1.11.0-4
+- Add patch for keytab kerberos client config
+- Move non upstreamable Fedora patch to the end to ease rebasing to future
+  upstream release
+- Move license comment before license tag
+
 * Sat Jan 07 2017 Till Maas <opensource@till.name> - 1.11.0-3
 - Add patches for proxy IP forwarding