Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Python GSSAPI Wrapper

Project Description

DEPRECATED

Please use ‘gssapi’ instead (on PyPI, or on GitHub at https://github.com/pythongssapi/python-gssapi).

PyGSSAPI

PyGSSAPI provides both low-level and high level wrappers around the GSSAPI C libraries. While it focuses on the Kerberos mechanism, it should also be useable with other GSSAPI mechanisms that do not rely on mechanism-specific C values that cannot easily be translated into Python.

Requirements

  • A working implementation of GSSAPI (such as from MIT Kerberos) which includes header files
  • a C compiler (such as GCC)
  • the flufl.enum Python package
  • the nose package (for tests)
  • the shouldbe package (for tests)

Installation

Easy Way

$ pip install pygssapi

From the Git Repo

$ git clone https://github.com/DirectXMan12/python-gssapi.git
$ python setup.py build
$ python setup.py install

Tests

I have written some tests of PyGSSAPI; they live in the gssapi.tests directory. Currently the basic gssapi.base commands and gssapi.client.BasicGSSClient have been tested. Before running the tests, a valid ‘host/[FQDN]’ (e.g. ‘host/some.domain’) must have been kinit-ed. If you run tox, it will do this for you (you will likely need to run tox with sudo).

$ sudo tox

or

$ sudo kinit host/some.domain -k
$ sudo setup.py nosetests

Structure

PyGSSAPI is composed of two parts: the low-level, C-style wrapper and the high-level, Python-style wrapper (which is a wrapper around the low-level API). Modules written in C are denoted by ‘(C)’, whereas those written in Python are denoted ‘(Py)’

Low-Level API

The low-level API lives in gssapi.base. The methods contained therein are designed to match closely with the original GSSAPI C methods. They follow the given format:

  • Names are camelCased versions of the C method names, with the gssapi_ prefix removed
  • Parameters which use C int constants as enums have flufl.enum.IntEnum classes defined, and thus may be passed either the enum members or integers
  • In cases where a specific constant is passed in the C API to represent a default value, None should be passed instead
  • In cases where non-integer C constants are passed, flufl.enum.Enum classes are defined for common values
  • Major and minor error codes are returned via gssapi.base.GSSError
  • All other relevant output values are returned in a tuple in the return value of the method (in cases where a non-error major status code may be returned, an additional member of the tuple is provided)
Structure
gssapi : /
base : /

includes all sub-packages automatically

impl : (C)
core C-API methods
status_utils : (C)
utilities for dealing with status codes
types : (Py)
Enumerations and Exception Types
Examples
import gssapi.base as gb

TODO(sross): provide more examples

High-Level API

The high-level API lives directly under gssapi. The classes contained in each file are designed to provide a more Python, Object-Oriented view of GSSAPI. Currently, they are designed for the basic GSSAPI tasks, but will be expanded upon in the future.

Structure
gssapi : /
client : (Py)

basic clients

BasicGSSClient
a client capable of performing basic GSS negotiation/encryption
BasicSASLGSSClient
a helper class to simplify working with SASL GSSAPI
type_wrappers : (Py)
provides useful wrappers around some Python capsule objects
Examples
import gssapi.client as gss

client = gss.BasicGSSClient('vnc@some.host', security_type='encrypted')

init_token = client.setupBaseSecurityContext()
# send to server, get response back...
next_token = client.updateSecurityContext(server_resp)
# encrypt a message
msg_enc = client.encrypt('WARNING: this is secret')
# send the message, get response back...
msg_unenc = client.decrypt(server_encrypted_message)

# freeing of resources (such as deleting the security context and releasing
# the names) is handled automatically
Release History

Release History

This version
History Node

1.0.0

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
PyGSSAPI-1.0.0.tar.gz (464.3 kB) Copy SHA256 Checksum SHA256 Source Jul 24, 2013

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting