#314: Custom keytab file location for Kerberos -------------------------------+-------------------------------------------- Reporter: rahul@… | Owner: wsanchez@… Type: Enhancement | Status: new Priority: 4: Nice to have | Milestone: Later Component: Calendar Server | Severity: Other Keywords: | -------------------------------+-------------------------------------------- Comment(by arthurp@…): Replying to [comment:1 wsanchez@…]:
I think we just find the keytab via the underlying Kerberos library.
Right, but the underlying Kerberos library expects to obtain any non- default keytab locations from the environment variable KRB5_KTNAME, which is being filtered out by twisted. (see [http://twistedmatrix.com/trac/wiki/FrequentlyAskedQuestions#WhydontmyspawnPr... twisted FAQ]) For implementing this, I've chosen to patch through the environment variable as is already being done for PYTHONPATH (rather than dealing with adding configuration file items). The attached patch has been tested on Debian Lenny, against Debian's pykerberos 1.0+svn2455-1. From what I can see, the changes between that and pykerberos 1.1 stay far away from keytab handling. Note that setting KRB5_KTNAME to '' results in no keytab file ever being found, thus the mildly awkward syntax. -- Ticket URL: <http://trac.calendarserver.org/ticket/314#comment:2> CalendarServer </> HTTP/WebDAV/CalDAV Server