Skip to content

Cleanup gssapi code; fix bug report re AttributeError. #1262

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 16, 2017
Merged

Cleanup gssapi code; fix bug report re AttributeError. #1262

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 9 additions & 10 deletions kafka/conn.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -532,20 +532,19 @@ def _try_authenticate_plain(self, future):
return future.success(True)

def _try_authenticate_gssapi(self, future):
data = b''
gssname = self.config['sasl_kerberos_service_name'] + '@' + self.hostname
ctx_Name = gssapi.Name(gssname, name_type=gssapi.NameType.hostbased_service)
ctx_CanonName = ctx_Name.canonicalize(gssapi.MechType.kerberos)
log.debug('%s: canonical Servicename: %s', self, ctx_CanonName)
ctx_Context = gssapi.SecurityContext(name=ctx_CanonName, usage='initiate')
log.debug("%s: initiator name: %s", self, ctx_Context.initiator_name)
gssapi_name = gssapi.Name(
self.config['sasl_kerberos_service_name'] + '@' + self.hostname,
name_type=gssapi.NameType.hostbased_service
).canonicalize(gssapi.MechType.kerberos)
log.debug('%s: GSSAPI name: %s', self, gssapi_name)

# Exchange tokens until authentication either succeeds or fails
client_ctx = gssapi.SecurityContext(name=gssapi_name, usage='initiate')
received_token = None
try:
while not ctx_Context.complete:
while not client_ctx.complete:
# calculate an output token from kafka token (or None if first iteration)
output_token = ctx_Context.step(received_token)
output_token = client_ctx.step(received_token)

# pass output token to kafka
try:
Expand All @@ -570,7 +569,7 @@ def _try_authenticate_gssapi(self, future):
except Exception as e:
return future.failure(e)

log.info('%s: Authenticated as %s via GSSAPI', self, gssname)
log.info('%s: Authenticated as %s via GSSAPI', self, gssapi_name)
return future.success(True)

def blacked_out(self):
Expand Down