Custom kinit python
ghudson at mit.edu
Thu Sep 4 11:54:24 EDT 2014
On 09/04/2014 03:37 AM, Peter Mogensen wrote:
> Doing a Python version will require first to decide whether you want to
> build the whole ASN.1/crypto handling protocol stuff in Python starting
> from RFC 3961/3962/4120 or you want to only code the actual cmd-line
> tool and use a python wrapper around libkrb5 (or some other Kerberos
> library) to do the actual protocol stuff.
In terms of pure Python implementations, I'm aware of two partial
* Marc Horowitz's pykrb5 at
https://github.com/mhorowitz/pykrb5. This has kinit/klist/kdestroy/kvno
equivalents, but only supports DES and 3DES crypto. pykrb5 uses pyasn1
* My own pyk5 at https://github.com/greghudson/pyk5. This isn't likely
evolve into anything user-facing as it's designed for eventual use in
the MIT krb5 test suite, and right now it doesn't have anything besides
RFC 3961 crypto and ASN.1 encoding. But the crypto does have support
for modern enctypes. pyk5 pyasn1 and PyCrypto.
Using bindings as Peter suggested is probably more practical right now,
depending on your needs.
More information about the krbdev