Revisions of python-pyspnego
buildservice-autocommit
accepted
request 1109000
from
Markéta Machová (mcalabkova)
(revision 26)
baserev update by copy to link target
Markéta Machová (mcalabkova)
accepted
request 1108944
from
Martin Hauke (mnhauke)
(revision 25)
- Update to version 0.9.2 * Only CI related changes - Update to version 0.9.1 * Always set the NTLMSSP_REQUEST_VERSION flag on the NTLM Negotiate message. This aligns the behaviour with how SSPI generates this message.
buildservice-autocommit
accepted
request 1085986
from
Dirk Mueller (dirkmueller)
(revision 24)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 23)
- update to 0.9.0: * Added the `spnego.ContextReq.dce_style` flag to enable DCE authentication mode * The value for `spnego.iov.BufferType.sign_only` on SSPI has changed from representing `SECBUFFER_MECHLIST` to `SECBUFFER_READONLY_WITH_CHECKSUM` * Added the IOV buffer type `spnego.iov.BufferType.data_readonly` * Added limited support for `wrap_iov` and `unwrap_iov` in the Python NTLM context provider. * Added the `query_message_sizes()` function on a context to retrieve the important message sizes Currently this only contains the size of the message `header`, also known as the signature or security trailer * Added the `spnego.ContextReq.no_integrity` flag to disable integrity/confidentiality on Kerberos/Negotiate contexts * Added optional kwargs to `step()` on a security context `channel_bindings` * Added support for decoding the following TLS payloads with `python -m spnego --token ...` * Client Hello * Server Hello * Certificate * Server Key Exchange * Client Key Exchange * Certificate Request * Added the `new_context()` method on the context proxies to provide an easy and efficient way to re-use the context credentials and options for a new context * Removed use of `gssntlmssp` to simplify codebase and ensure a
Dirk Mueller (dirkmueller)
accepted
request 1085736
from
Johannes Kastl (ojkastl_buildservice)
(revision 22)
add sle15_python_module_pythons
buildservice-autocommit
accepted
request 1035237
from
Markéta Machová (mcalabkova)
(revision 21)
baserev update by copy to link target
Markéta Machová (mcalabkova)
accepted
request 1034912
from
Yogalakshmi Arunachalam (yarunachalam)
(revision 20)
- Update to 0.6.3 * Ignore GSS_S_NO_CONTEXT errors on GSSAPI after stepping through the token exchange before the context is complete This is raised by MIT krb5 before 1.14.x and can be ignored - Update to 0.6.2 * Fix up sdist and wheels to include py.typed type annotation marker - Update to 0.6.1 * Added Python 3.11 wheel
buildservice-autocommit
accepted
request 1032070
from
Martin Hauke (mnhauke)
(revision 19)
baserev update by copy to link target
Martin Hauke (mnhauke)
accepted
request 1032054
from
Yogalakshmi Arunachalam (yarunachalam)
(revision 18)
- Update to 0.6.0 * Drop support for Python 3.6 - new minimum is 3.7+ * Moved setuptools config into pyproject.toml and made Cython a build requirement for Windows For most users this is a hidden change If a tool follows the PEP 517 standard, like pip, this build dependency will work automatically The pre cythonised files are no longer included in the sdist going forward - Update to 0.5.4 * Fix str of enum values when running in Python 3.11 to be consistent with older versions * Support gssapi on 1.5.x which comes with RHEL 8. - Update to 0.5.3 * Fix heap allocation errors when running with heap allocation monitoring on Windows - Update to 0.5.2 * Added custom MD4 hashing code for NTLM to use. Newer Linux distributions ship with OpenSSL 3.x which typically disables MD4 breaking the use of hashlib.new('md4', b"") Using this custom code allows NTLM to continue to work While it's bad to continue to use older hashing mechanisms in this case there is no valid alternative available - Update to 0.5.1 * Call gss_inquire_sec_context_by_oid(ctx, spnego_req_mechlistMIC_oid) when using pure NTLM over GSSAPI to ensure the token contains a MIC
buildservice-autocommit
accepted
request 1007433
from
Dirk Mueller (dirkmueller)
(revision 17)
baserev update by copy to link target
Dirk Mueller (dirkmueller)
committed
(revision 16)
- update to 0.5.0: * Added the `auth_stage` extra_info for a CredSSP context to give a human friendly indication of what sub auth stage it is up to. * Added the `protocol_version` extra_info for a CredSSP context to return the negotiated CredSSP protocol version. * Added the `credssp_min_protocol` keyword argument for a CredSSP context to set a minimum version the caller will accept of the peer. * This can be set to `5+` to ensure the peer supports and applies the mitigations for CVE-2018-0886. * Added safeguards when trying to retrieve the completed context attributes of `NegotiateProxy` before any contexts have been set up
Dirk Mueller (dirkmueller)
committed
(revision 15)
- update to 0.4.0: * Add `usage` argument for `tls.default_tls_context` to control whether the context is for a initiator or acceptor * Add type annotations and include `py.typed` in the package for downstream library use * Expose the `ContextProxy` class for type annotation use * Added `get_extra_info` to `ContextProxy` to expose a common way to retrieve context specific information, this is currently used by CredSSP to retrieve * `client_credential`: The delegated client credential for acceptors once the context is complete * `sslcontext`: The SSL context used to create the TLS object * `ssl_object`: The TLS object used during the CredSSP exchange * The `client_credential` property on `CredSSP` has been removed in favour of `context.get_extra_info('client_credential') * Added support for custom credential types * Can be used to for things like NTLM authentication with NT/LM hashes, Kerberos with a keytab or from an explicit CCache, etc * Support calling SSPI through `pyspnego`'s Negotiate proxy context * This allows users on Windows to still use Negotiate auth but with a complex set of credentials * Also opens up the ability to use Negotiate but only with Kerberos auth * The `username` and `password` property on the auth context object are deprecated and will return `None` until it is removed in a future release
Martin Hauke (mnhauke)
accepted
request 929860
from
Benjamin Greiner (bnavigator)
(revision 14)
- Reactivate python36 build
Martin Hauke (mnhauke)
accepted
request 928206
from
Martin Hauke (mnhauke)
(revision 13)
- Update to version 0.3.1 * Do not convert GSSAPI service to lowercase for GSSAPI and uppercase for SSPI * SPNs are case insensitive on Windows but case sensitive on Linux * Convering the service portion to upper or lower case could cause problems finding the target server on non-Windows GSSAPI implementations - Update to version 0.3.0 Packaging Changes * Changed project structure to a src layout * Include both Cython pyx/pyd and C files for SSPI in the sdist generated * Added Python 3.10 wheel Bugfixes * Ensure bad SPNEGO token inputs are raised as InvalidTokenError rather than struct.error - Update to version 0.2.0 Breaking Changes * Drop support for Python 2.7 and 3.5 - new minimum is 3.6+ * Made the gss, negotiate, ntlm, sspi exports private, use the spnego.client and spnego.server functions instead + A deprecation warning is raised when importing from these package directly and this will be removed in the next major release Features * Added support for CredSSP authentication using protocol='credssp' * Allow optional keyword arguments to be used with spnego.client
buildservice-autocommit
accepted
request 893033
from
Matej Cepl (mcepl)
(revision 12)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 892927
from
Martin Hauke (mnhauke)
(revision 11)
- Update to version 0.1.6 * Change enum type of iov.BufferType to IntEnum to fix load on Python 3.10 - #10 * Make pyspnego-parse and entry point which uses __main__.py in the spnego package. This allows users to use the parser script by running python -m spnego --token ...
buildservice-autocommit
accepted
request 862649
from
Markéta Machová (mcalabkova)
(revision 10)
baserev update by copy to link target
Markéta Machová (mcalabkova)
accepted
request 862564
from
Martin Hauke (mnhauke)
(revision 9)
- Update to version 0.1.5 * Respect NETBIOS_COMPUTER_NAME when getting the workstation name for NTLM tokens. This matches the behaviour of gss-ntlmssp to ensure a consistent approach.
buildservice-autocommit
accepted
request 853075
from
Matej Cepl (mcepl)
(revision 8)
baserev update by copy to link target
Matej Cepl (mcepl)
accepted
request 853054
from
Martin Hauke (mnhauke)
(revision 7)
- Update to version 0.1.4 * Only send negState: request-mic for the first reply from an acceptor for Negotiate auth. * Strict interpretations of SPNEGO will fail if the initiator sends this state as it is against the RFC.
Displaying revisions 1 - 20 of 26