#748 pywin32 issue(s) under Python 3.6.1

[M Parry]

It appears that changes in Python 3.6.1 have broken at least one feature in pywin32 220. I suspect that specifically it is this: https://bugs.python.org/issue29100

While arguably a maintenance release of Python should not be introducing such breaking changes - and so a ticket should also be raised there - it looks like perhaps this has just exposed an existing issue in pywin32, where previously the relevant Python API was more permissive.

Here is an example of the problem:

> import getpass, sspi, sspicon, win32security
> client_name = getpass.getuser()
> auth_info = (client_name, 'wherever.com', None)
> pkg_info = win32security.QuerySecurityPackageInfo('Kerberos')
> win32security.AcquireCredentialsHandle(
>     client_name, pkg_info['Name'],
>     sspicon.SECPKG_CRED_OUTBOUND,
>     None, auth_info)                             

ValueError: year 30828 is out of range

I think that AcquireCredentialsHandle() is returning a 'never expires' timestamp, which is out of the range of Python's datetime. Perhaps this case should be represented as datetime.max?

[Ron Frederick]

This is currently breaking SSPI support on Windows in my AsyncSSH package, and I don't see any obvious workaround I can put in. The issue appears to affect the Python C API that pywin32 is using.

[Andrew Kapocsi]

This also breaks requests-kerberos: https://github.com/requests/requests-kerberos

[saul cruz]

any updates or workarounds, having the same issue

[M Parry]

FWIW, we worked around the specific issue in the example I originally gave by switching to using winkerberos, thereby avoiding that problematic code path in pywin32.

[Dave]

I've hit this bug recently when trying to connect to an exchange server and I've just hit it again now when trying to use requests_negotiate_sspi. This latter bug is a big problem for me so I'll see if I can patch pywin32 to fix it. Any suggestions where to start would be most welcome...