Menu
▾
▴
Re: [Xmpppy-devel] GSASL support for xmpppy
|
From: Alexey N. <sn...@gm...> - 2011-08-08 15:56:51
|
Well, it will get for free whatever comes in the libgsasl.
For instance, when I was developing it two years ago I wasn't able to
test it against kerberos environment, but customer reported that it
worked just fine, reusing his existing cached kerberos ticket.
And on the 'patch is fine' part - I'm not going to commit it to my
branch as it is long-stale. So it was intended to go by the 'random
developer's patch sent to the upstream' scenario ;-P
On Mon, Aug 8, 2011 at 3:12 PM, Norman Rasmussen <no...@gm...> wrote:
> Hey Alexey,
> I think the patch is fine. It's long time that xmpppy started supporting
> some modern auth mechs. It would get SCRAM for free with this too right?
> Cheers
> Norman
> On Mon, Aug 8, 2011 at 11:17 AM, Alexey Nezhdanov <sn...@gm...> wrote:
>>
>> Hi Norman.
>>
>> I've been just contacted by one of my old customers for whom I did a
>> python-gsasl library and integrated it's support into xmpppy about 2
>> years ago so he could use a KERBEROS auth in his script. He asked me
>> if there is any particular reason to not include it into upstream and
>> I didn't find any.
>>
>> Please have a look at the attached patch.
>>
>> It is quite simple: if we provide a callback for getting SASL
>> properties - that means that we want to use a 'new-style' SASL auth
>> with is implemented through usage of GSASL.
>>
>> I do not know if this is just 'not polished enough' or 'a feature' -
>> to have a dictionary of properties in the main.py
>> For 'traditional' DIGEST-MD5 this looks like overkill, but for more
>> complicated stuff it might be just neccessary.
>>
>> In any case, please have a look and share your comments.
>>
>> Alexey
>>
>> P.S. I needed to apply the following patch to GSASL/__init__.py:
>> -_gsasl=CDLL('libgsasl.so')
>> +try: _gsasl=CDLL('libgsasl.so')
>> +except: _gsasl=CDLL('libgsasl.so.7')
>
> --
> - Norman Rasmussen
> - Email: no...@ra...
> - Home page: http://norman.rasmussen.co.za/
>
|
