diff options
| -rw-r--r-- | dont-panick-if-we-succeed.patch | 79 | ||||
| -rw-r--r-- | port-to-python-2.4.patch | 32 | ||||
| -rw-r--r-- | urllib2_kerberos.py | 20 |
3 files changed, 11 insertions, 120 deletions
diff --git a/dont-panick-if-we-succeed.patch b/dont-panick-if-we-succeed.patch deleted file mode 100644 index 050a023..0000000 --- a/dont-panick-if-we-succeed.patch +++ /dev/null @@ -1,79 +0,0 @@ ---- a/urllib2_kerberos.py -+++ b/urllib2_kerberos.py -@@ -42,6 +42,7 @@ class AbstractKerberosAuthHandler: - """checks for "Negotiate" in proper auth header - """ - authreqs = headers.getheaders(self.auth_header) -+ log.debug('authreqs = %s', authreqs) - - if authreqs: - -@@ -51,10 +52,10 @@ class AbstractKerberosAuthHandler: - if mo: - return mo.group(1) - else: -- log.debug("regex failed on: %s" % authreq) -+ log.debug("regex failed on: %s", authreq) - - else: -- log.debug("%s header not found" % self.auth_header) -+ log.debug("%s header not found", self.auth_header) - - return None - -@@ -64,10 +65,10 @@ class AbstractKerberosAuthHandler: - - def generate_request_header(self, req, headers, neg_value): - self.retried += 1 -- log.debug("retry count: %d" % self.retried) -+ log.debug("retry count: %d", self.retried) - - host = req.get_host() -- log.debug("req.get_host() returned %s" % host) -+ log.debug("req.get_host() returned %s", host) - - tail, sep, head = host.rpartition(':') - domain = tail if tail else head -@@ -75,7 +76,7 @@ class AbstractKerberosAuthHandler: - result, self.context = k.authGSSClientInit("HTTP@%s" % domain) - - if result < 1: -- log.warning("authGSSClientInit returned result %d" % result) -+ log.warning("authGSSClientInit returned result %d", result) - return None - - log.debug("authGSSClientInit() succeeded") -@@ -83,7 +84,7 @@ class AbstractKerberosAuthHandler: - result = k.authGSSClientStep(self.context, neg_value) - - if result < 0: -- log.warning("authGSSClientStep returned result %d" % result) -+ log.warning("authGSSClientStep returned result %d", result) - return None - - log.debug("authGSSClientStep() succeeded") -@@ -104,7 +105,7 @@ class AbstractKerberosAuthHandler: - if result < 1: - # this is a critical security warning - # should change to a raise --Tim -- log.critical("mutual auth failed: authGSSClientStep returned result %d" % result) -+ log.critical("mutual auth failed: authGSSClientStep returned result %d", result) - pass - - def clean_context(self): -@@ -134,12 +135,13 @@ class AbstractKerberosAuthHandler: - req.add_unredirected_header(self.authz_header, neg_hdr) - resp = self.parent.open(req) - -- self.authenticate_server(resp.info()) -+ if resp.getcode() != 200: -+ self.authenticate_server(resp.info()) - - return resp - - except k.GSSError, e: -- log.critical("GSSAPI Error: %s/%s" % (e[0][0], e[1][0])) -+ log.critical("GSSAPI Error: %s/%s", (e[0][0], e[1][0])) - return None - - finally: diff --git a/port-to-python-2.4.patch b/port-to-python-2.4.patch deleted file mode 100644 index 7586a10..0000000 --- a/port-to-python-2.4.patch +++ /dev/null @@ -1,32 +0,0 @@ ---- a/urllib2_kerberos.py -+++ b/urllib2_kerberos.py -@@ -62,8 +62,8 @@ class AbstractKerberosAuthHandler: - host = req.get_host() - log.debug("req.get_host() returned %s" % host) - -- tail, sep, head = host.rpartition(':') -- domain = tail if tail else head -+ cindex = host.rfind(':') -+ domain = (cindex == -1) and host or host[:cindex] - - result, self.context = k.authGSSClientInit("HTTP@%s" % domain) - -@@ -130,15 +130,15 @@ class AbstractKerberosAuthHandler: - if resp.getcode() != 200: - self.authenticate_server(resp.info()) - -+ self.clean_context() -+ self.retried = 0 - return resp - - except k.GSSError, e: - log.critical("GSSAPI Error: %s/%s" % (e[0][0], e[1][0])) -- return None -- -- finally: - self.clean_context() - self.retried = 0 -+ return None - - class ProxyKerberosAuthHandler(u2.BaseHandler, AbstractKerberosAuthHandler): - """Kerberos Negotiation handler for HTTP proxy auth diff --git a/urllib2_kerberos.py b/urllib2_kerberos.py index 96e409d..6c2c418 100644 --- a/urllib2_kerberos.py +++ b/urllib2_kerberos.py @@ -42,6 +42,7 @@ class AbstractKerberosAuthHandler: """checks for "Negotiate" in proper auth header """ authreq = headers.get(self.auth_header, None) + log.debug('authreqs = %s', authreqs) if authreq: rx = re.compile('(?:.*,)*\s*Negotiate\s*([^,]*),?', re.I) @@ -49,10 +50,10 @@ class AbstractKerberosAuthHandler: if mo: return mo.group(1) else: - log.debug("regex failed on: %s" % authreq) + log.debug("regex failed on: %s", authreq) else: - log.debug("%s header not found" % self.auth_header) + log.debug("%s header not found", self.auth_header) return None @@ -62,17 +63,17 @@ class AbstractKerberosAuthHandler: def generate_request_header(self, req, headers, neg_value): self.retried += 1 - log.debug("retry count: %d" % self.retried) + log.debug("retry count: %d", self.retried) host = req.get_host() - log.debug("req.get_host() returned %s" % host) + log.debug("req.get_host() returned %s", host) domain = host.rsplit(':', 1)[0] result, self.context = k.authGSSClientInit("HTTP@%s" % domain) if result < 1: - log.warning("authGSSClientInit returned result %d" % result) + log.warning("authGSSClientInit returned result %d", result) return None log.debug("authGSSClientInit() succeeded") @@ -80,7 +81,7 @@ class AbstractKerberosAuthHandler: result = k.authGSSClientStep(self.context, neg_value) if result < 0: - log.warning("authGSSClientStep returned result %d" % result) + log.warning("authGSSClientStep returned result %d", result) return None log.debug("authGSSClientStep() succeeded") @@ -101,7 +102,7 @@ class AbstractKerberosAuthHandler: if result < 1: # this is a critical security warning # should change to a raise --Tim - log.critical("mutual auth failed: authGSSClientStep returned result %d" % result) + log.critical("mutual auth failed: authGSSClientStep returned result %d", result) pass def clean_context(self): @@ -131,14 +132,15 @@ class AbstractKerberosAuthHandler: req.add_unredirected_header(self.authz_header, neg_hdr) resp = self.parent.open(req) - self.authenticate_server(resp.info()) + if resp.getcode() != 200: + self.authenticate_server(resp.info()) return resp except k.GSSError, e: self.clean_context() self.retried = 0 - log.critical("GSSAPI Error: %s/%s" % (e[0][0], e[1][0])) + log.critical("GSSAPI Error: %s/%s", e[0][0], e[1][0]) return None self.clean_context() |