Hi Guido, Am Donnerstag, den 12.06.2008, 09:51 +0200 schrieb Guido Günther:
On Wed, Jun 11, 2008 at 11:14:52PM +0200, Jelmer Vernooij wrote:
How should I go about allowing more generic use? Would it be ok to break the existing API? Should I add a new call? I think the API can be extended without breaking it. The current call sets GSS_AUTH_P_NONE. If you want to setup real message integrity checking/encryption we can add these as parameters. We can also skip the part you ripped out by just jumping over it in case we pass in a NULL/NONE username. Thanks, I'll have a look at doing that.
I'd be interested to know what kind of respone buffer you pass in in that case. I'm implementing RFC2228 (GSSAPI Authentication + Encryption for FTP). The attached script extends ftplib.FTP to support GSSAPI logins and provides a very simple command-line FTP client that supports GSSAPI logins. It needs the patch I attached earlier. Feel free to include it in pykerberos as example; I can provide it under a different license if necessary.
Cheers, Jelmer -- Jelmer Vernooij <jelmer@samba.org> - http://samba.org/~jelmer/ Jabber: jelmer@jabber.fsfe.org