|
Lines 660-668
if __name__ == '__main__':
|
Link Here
|
|---|
|
|---|
| 660 |
# open pipe to squid_kerb_auth for kerberos stuff |
660 |
# open pipe to squid_kerb_auth for kerberos stuff |
| 661 |
kerbPipe = None |
661 |
kerbPipe = None |
| 662 |
if options.gssSpnego: |
662 |
if options.gssSpnego: |
| 663 |
kerbPipe = subprocess.Popen([ |
663 |
cmd = ['/usr/lib/squid/negotiate_kerberos_auth', '-k', '/var/lib/samba/private/http-proxy-%(hostname)s.keytab' % cr ] |
| 664 |
'/usr/lib/squid/negotiate_kerberos_auth', '-k', '/var/lib/samba/private/http-proxy-%(hostname)s.keytab' % cr |
664 |
if options.gssSpnegoStripRealm: |
| 665 |
], stdin=subprocess.PIPE, stdout=subprocess.PIPE) |
665 |
cmd.append('-r') |
|
|
666 |
kerbPipe = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) |
| 666 |
|
667 |
|
| 667 |
while True: |
668 |
while True: |
| 668 |
|
669 |
|
|
Lines 701-715
if __name__ == '__main__':
|
Link Here
|
|---|
|
|---|
| 701 |
kerbPipe.stdin.flush() |
702 |
kerbPipe.stdin.flush() |
| 702 |
answer = kerbPipe.stdout.readline() |
703 |
answer = kerbPipe.stdout.readline() |
| 703 |
if options.debug: |
704 |
if options.debug: |
| 704 |
debug("real answer %s" % answer) |
705 |
debug("answer %s" % answer) |
| 705 |
# remove realm from login |
|
|
| 706 |
if options.gssSpnegoStripRealm: |
| 707 |
tmp = answer.split() |
| 708 |
if len(tmp) > 2 and tmp[0] == "AF": |
| 709 |
login = tmp[2].split("@", 1)[0] |
| 710 |
answer = "%s %s %s" % (tmp[0], tmp[1], login) |
| 711 |
if options.debug: |
| 712 |
debug("fixed answer %s" % answer) |
| 713 |
# this whole stuff could also be done by |
706 |
# this whole stuff could also be done by |
| 714 |
# python kerberos |
707 |
# python kerberos |
| 715 |
# result, context = kerberos.authGSSServerInit('HTTP') |
708 |
# result, context = kerberos.authGSSServerInit('HTTP') |