This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description


Please use ‘gssapi’ instead (on PyPI, or on GitHub at


PyGSSAPI provides both low-level and high level wrappers around the GSSAPI C libraries. While it focuses on the Kerberos mechanism, it should also be useable with other GSSAPI mechanisms that do not rely on mechanism-specific C values that cannot easily be translated into Python.


  • A working implementation of GSSAPI (such as from MIT Kerberos) which includes header files
  • a C compiler (such as GCC)
  • the flufl.enum Python package
  • the nose package (for tests)
  • the shouldbe package (for tests)


Easy Way

$ pip install pygssapi

From the Git Repo

$ git clone
$ python build
$ python install


I have written some tests of PyGSSAPI; they live in the gssapi.tests directory. Currently the basic gssapi.base commands and gssapi.client.BasicGSSClient have been tested. Before running the tests, a valid ‘host/[FQDN]’ (e.g. ‘host/some.domain’) must have been kinit-ed. If you run tox, it will do this for you (you will likely need to run tox with sudo).

$ sudo tox


$ sudo kinit host/some.domain -k
$ sudo nosetests


PyGSSAPI is composed of two parts: the low-level, C-style wrapper and the high-level, Python-style wrapper (which is a wrapper around the low-level API). Modules written in C are denoted by ‘(C)’, whereas those written in Python are denoted ‘(Py)’

Low-Level API

The low-level API lives in gssapi.base. The methods contained therein are designed to match closely with the original GSSAPI C methods. They follow the given format:

  • Names are camelCased versions of the C method names, with the gssapi_ prefix removed
  • Parameters which use C int constants as enums have flufl.enum.IntEnum classes defined, and thus may be passed either the enum members or integers
  • In cases where a specific constant is passed in the C API to represent a default value, None should be passed instead
  • In cases where non-integer C constants are passed, flufl.enum.Enum classes are defined for common values
  • Major and minor error codes are returned via gssapi.base.GSSError
  • All other relevant output values are returned in a tuple in the return value of the method (in cases where a non-error major status code may be returned, an additional member of the tuple is provided)
gssapi : /
base : /

includes all sub-packages automatically

impl : (C)
core C-API methods
status_utils : (C)
utilities for dealing with status codes
types : (Py)
Enumerations and Exception Types
import gssapi.base as gb

TODO(sross): provide more examples

High-Level API

The high-level API lives directly under gssapi. The classes contained in each file are designed to provide a more Python, Object-Oriented view of GSSAPI. Currently, they are designed for the basic GSSAPI tasks, but will be expanded upon in the future.

gssapi : /
client : (Py)

basic clients

a client capable of performing basic GSS negotiation/encryption
a helper class to simplify working with SASL GSSAPI
type_wrappers : (Py)
provides useful wrappers around some Python capsule objects
import gssapi.client as gss

client = gss.BasicGSSClient('', security_type='encrypted')

init_token = client.setupBaseSecurityContext()
# send to server, get response back...
next_token = client.updateSecurityContext(server_resp)
# encrypt a message
msg_enc = client.encrypt('WARNING: this is secret')
# send the message, get response back...
msg_unenc = client.decrypt(server_encrypted_message)

# freeing of resources (such as deleting the security context and releasing
# the names) is handled automatically
Release History

Release History


This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
PyGSSAPI-1.0.0.tar.gz (464.3 kB) Copy SHA256 Checksum SHA256 Source Jul 24, 2013

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting