Lines 660-668
if __name__ == '__main__':
|
Link Here
|
---|
|
660 |
# open pipe to squid_kerb_auth for kerberos stuff |
660 |
# open pipe to squid_kerb_auth for kerberos stuff |
661 |
kerbPipe = None |
661 |
kerbPipe = None |
662 |
if options.gssSpnego: |
662 |
if options.gssSpnego: |
663 |
kerbPipe = subprocess.Popen([ |
663 |
cmd = ['/usr/lib/squid/negotiate_kerberos_auth', '-k', '/var/lib/samba/private/http-proxy-%(hostname)s.keytab' % cr ] |
664 |
'/usr/lib/squid/negotiate_kerberos_auth', '-k', '/var/lib/samba/private/http-proxy-%(hostname)s.keytab' % cr |
664 |
if options.gssSpnegoStripRealm: |
665 |
], stdin=subprocess.PIPE, stdout=subprocess.PIPE) |
665 |
cmd.append('-r') |
|
|
666 |
kerbPipe = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE) |
666 |
|
667 |
|
667 |
while True: |
668 |
while True: |
668 |
|
669 |
|
Lines 701-715
if __name__ == '__main__':
|
Link Here
|
---|
|
701 |
kerbPipe.stdin.flush() |
702 |
kerbPipe.stdin.flush() |
702 |
answer = kerbPipe.stdout.readline() |
703 |
answer = kerbPipe.stdout.readline() |
703 |
if options.debug: |
704 |
if options.debug: |
704 |
debug("real answer %s" % answer) |
705 |
debug("answer %s" % answer) |
705 |
# remove realm from login |
|
|
706 |
if options.gssSpnegoStripRealm: |
707 |
tmp = answer.split() |
708 |
if len(tmp) > 2 and tmp[0] == "AF": |
709 |
login = tmp[2].split("@", 1)[0] |
710 |
answer = "%s %s %s" % (tmp[0], tmp[1], login) |
711 |
if options.debug: |
712 |
debug("fixed answer %s" % answer) |
713 |
# this whole stuff could also be done by |
706 |
# this whole stuff could also be done by |
714 |
# python kerberos |
707 |
# python kerberos |
715 |
# result, context = kerberos.authGSSServerInit('HTTP') |
708 |
# result, context = kerberos.authGSSServerInit('HTTP') |