[CalendarServer-dev] PyKerberos - allow more generic use of authClientGSSWrap

Jelmer Vernooij jelmer at samba.org
Thu Jun 12 07:01:06 PDT 2008


Hi Guido,

Am Donnerstag, den 12.06.2008, 09:51 +0200 schrieb Guido Günther:
> On Wed, Jun 11, 2008 at 11:14:52PM +0200, Jelmer Vernooij wrote:
> > How should I go about allowing more generic use? Would it be ok to
> > break the existing API? Should I add a new call? 
> I think the API can be extended without breaking it. The current call
> sets GSS_AUTH_P_NONE. If you want to setup real message integrity
> checking/encryption we can add these as parameters. 
> We can also skip the part you ripped out by just jumping over it in case
> we pass in a NULL/NONE username. 
Thanks, I'll have a look at doing that. 

> I'd be interested to know what kind of respone buffer you pass in in
> that case.
I'm implementing RFC2228 (GSSAPI Authentication + Encryption for FTP).
The attached script extends ftplib.FTP to support GSSAPI logins and
provides a very simple command-line FTP client that supports GSSAPI
logins. It needs the patch I attached earlier. Feel free to include it
in pykerberos as example; I can provide it under a different license if
necessary.

Cheers,

Jelmer
-- 
Jelmer Vernooij <jelmer at samba.org> - http://samba.org/~jelmer/
Jabber: jelmer at jabber.fsfe.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ftplib_gssapi.py
Type: text/x-python
Size: 4609 bytes
Desc: not available
Url : http://lists.macosforge.org/pipermail/calendarserver-dev/attachments/20080612/77a4b5d9/attachment.py 


More information about the calendarserver-dev mailing list