PyGSSAPI 1.0.0

Easy Way

$ pip install pygssapi

From the Git Repo

$ git clone https://github.com/DirectXMan12/python-gssapi.git
$ python setup.py build
$ python setup.py install

Low-Level API

The low-level API lives in gssapi.base. The methods contained therein are designed to match closely with the original GSSAPI C methods. They follow the given format:

• Names are camelCased versions of the C method names, with the gssapi_ prefix removed

• Parameters which use C int constants as enums have flufl.enum.IntEnum classes defined, and thus may be passed either the enum members or integers

• In cases where a specific constant is passed in the C API to represent a default value, None should be passed instead

• In cases where non-integer C constants are passed, flufl.enum.Enum classes are defined for common values

• Major and minor error codes are returned via gssapi.base.GSSError

• All other relevant output values are returned in a tuple in the return value of the method (in cases where a non-error major status code may be returned, an additional member of the tuple is provided)

import gssapi.base as gb

High-Level API

The high-level API lives directly under gssapi. The classes contained in each file are designed to provide a more Python, Object-Oriented view of GSSAPI. Currently, they are designed for the basic GSSAPI tasks, but will be expanded upon in the future.

import gssapi.client as gss

client = gss.BasicGSSClient('vnc@some.host', security_type='encrypted')

init_token = client.setupBaseSecurityContext()
# send to server, get response back...
next_token = client.updateSecurityContext(server_resp)
# encrypt a message
msg_enc = client.encrypt('WARNING: this is secret')
# send the message, get response back...
msg_unenc = client.decrypt(server_encrypted_message)

# freeing of resources (such as deleting the security context and releasing
# the names) is handled automatically