Port from python-krbV to python-gssapi

python-krbV library is deprecated and doesn't work with python 3. Replacing all
it's usages with python-gssapi.

- Removed Backend.krb and KRB5_CCache classes
  They were wrappers around krbV classes that cannot really work without them
- Added few utility functions for querying GSSAPI credentials
  in krb_utils module. They provide replacements for KRB5_CCache.
- Merged two kinit_keytab functions
- Changed ldap plugin connection defaults to match ipaldap
- Unified getting default realm
  Using api.env.realm instead of krbV call

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Robbie Harwood <rharwood@redhat.com>
Reviewed-By: Simo Sorce <ssorce@redhat.com>

daemons/dnssec/ipa-dnskeysync-replica

@@ -12,7 +12,7 @@ from binascii import hexlify
 from datetime import datetime
 import dns.dnssec
 import fcntl
-from krbV import Krb5Error
+from gssapi.exceptions import GSSError
 import logging
 import os
 from pprint import pprint
@@ -146,7 +146,7 @@ ccache_filename = os.path.join(WORKDIR, 'ipa-dnskeysync-replica.ccache')
 try:
     ipautil.kinit_keytab(PRINCIPAL, paths.IPA_DNSKEYSYNCD_KEYTAB,
                          ccache_filename, attempts=5)
-except Krb5Error as e:
+except GSSError as e:
     log.critical('Kerberos authentication failed: %s', e)
     sys.exit(1)
 

daemons/dnssec/ipa-ods-exporter

@@ -20,7 +20,7 @@ from datetime import datetime
 import dateutil.tz
 import dns.dnssec
 import fcntl
-from krbV import Krb5Error
+from gssapi.exceptions import GSSError
 import logging
 import os
 import subprocess
@@ -487,7 +487,7 @@ ccache_name = os.path.join(WORKDIR, 'ipa-ods-exporter.ccache')
 try:
     ipautil.kinit_keytab(PRINCIPAL, paths.IPA_ODS_EXPORTER_KEYTAB, ccache_name,
                          attempts=5)
-except Krb5Error as e:
+except GSSError as e:
     log.critical('Kerberos authentication failed: %s', e)
     sys.exit(1)