duplicity-team team mailing list archive
-
duplicity-team team
-
Mailing list archive
-
Message #03375
[Merge] lp:~fpytloun/duplicity/webdav-gssapi-fix into lp:duplicity
Filip Pytloun has proposed merging lp:~fpytloun/duplicity/webdav-gssapi-fix into lp:duplicity.
Requested reviews:
duplicity-team (duplicity-team)
For more details, see:
https://code.launchpad.net/~fpytloun/duplicity/webdav-gssapi-fix/+merge/285158
--
Your team duplicity-team is requested to review the proposed merge of lp:~fpytloun/duplicity/webdav-gssapi-fix into lp:duplicity.
=== modified file 'bin/duplicity.1'
--- bin/duplicity.1 2016-01-10 17:09:09 +0000
+++ bin/duplicity.1 2016-02-05 09:13:13 +0000
@@ -2071,6 +2071,10 @@
.br
(also see
.BR "A NOTE ON SSL CERTIFICATE VERIFICATION" ).
+.br
+.B Python kerberos module
+for kerberos authentication
+- https://github.com/02strich/pykerberos
.SH AUTHOR
.TP
=== modified file 'duplicity/backends/webdavbackend.py'
--- duplicity/backends/webdavbackend.py 2016-01-28 08:14:52 +0000
+++ duplicity/backends/webdavbackend.py 2016-02-05 09:13:13 +0000
@@ -28,7 +28,6 @@
import urllib
import urllib2
import urlparse
-import kerberos
import xml.dom.minidom
import duplicity.backend
@@ -236,8 +235,13 @@
if token.split(',')[0].lower() == 'negotiate':
try:
return self.get_kerberos_authorization()
- except kerberos.GSSError:
- # Fallback to basic auth
+ except ImportError:
+ log.warn("python-kerberos needed to use kerberos \
+ authorization, falling back to basic auth.")
+ return self.get_basic_authorization()
+ except Exception as e:
+ log.warn("Kerberos authorization failed: %s.\
+ Falling back to basic auth." % e)
return self.get_basic_authorization()
elif token.lower() == 'basic':
return self.get_basic_authorization()
@@ -249,6 +253,7 @@
return urllib2.parse_keqv_list(urllib2.parse_http_list(challenge_string))
def get_kerberos_authorization(self):
+ import kerberos
_, ctx = kerberos.authGSSClientInit("HTTP@%s" % self.conn.host)
kerberos.authGSSClientStep(ctx, "")
tgt = kerberos.authGSSClientResponse(ctx)
Follow ups
