* Added the `auth_stage` extra_info for a CredSSP context to give a human
friendly indication of what sub auth stage it is up to.
* Added the `protocol_version` extra_info for a CredSSP context to return the
negotiated CredSSP protocol version.
* Added the `credssp_min_protocol` keyword argument for a CredSSP context to
set a minimum version the caller will accept of the peer.
* This can be set to `5+` to ensure the peer supports and applies the mitigations for CVE-2018-0886.
* Added safeguards when trying to retrieve the completed context attributes
of `NegotiateProxy` before any contexts have been set up
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyspnego?expand=0&rev=16
* Add `usage` argument for `tls.default_tls_context` to control whether the
context is for a initiator or acceptor
* Add type annotations and include `py.typed` in the package for downstream
library use
* Expose the `ContextProxy` class for type annotation use
* Added `get_extra_info` to `ContextProxy` to expose a common way to retrieve
context specific information, this is currently used by CredSSP to retrieve
* `client_credential`: The delegated client credential for acceptors
once the context is complete
* `sslcontext`: The SSL context used to create the TLS object
* `ssl_object`: The TLS object used during the CredSSP exchange
* The `client_credential` property on `CredSSP` has been removed in
favour of `context.get_extra_info('client_credential')
* Added support for custom credential types
* Can be used to for things like NTLM authentication with NT/LM hashes,
Kerberos with a keytab or from an explicit CCache, etc
* Support calling SSPI through `pyspnego`'s Negotiate proxy context
* This allows users on Windows to still use Negotiate auth but with a
complex set of credentials
* Also opens up the ability to use Negotiate but only with Kerberos auth
* The `username` and `password` property on the auth context object are
deprecated and will return `None` until it is removed in a future release
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyspnego?expand=0&rev=15
- Update to version 0.3.1
* Do not convert GSSAPI service to lowercase for GSSAPI and
uppercase for SSPI
* SPNs are case insensitive on Windows but case sensitive on
Linux
* Convering the service portion to upper or lower case could
cause problems finding the target server on non-Windows
GSSAPI implementations
- Update to version 0.3.0
Packaging Changes
* Changed project structure to a src layout
* Include both Cython pyx/pyd and C files for SSPI in the
sdist generated
* Added Python 3.10 wheel
Bugfixes
* Ensure bad SPNEGO token inputs are raised as InvalidTokenError
rather than struct.error
- Update to version 0.2.0
Breaking Changes
* Drop support for Python 2.7 and 3.5 - new minimum is 3.6+
* Made the gss, negotiate, ntlm, sspi exports private, use the
spnego.client and spnego.server functions instead
+ A deprecation warning is raised when importing from these
package directly and this will be removed in the next major
release
Features
* Added support for CredSSP authentication using
protocol='credssp'
* Allow optional keyword arguments to be used with spnego.client
OBS-URL: https://build.opensuse.org/request/show/928206
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyspnego?expand=0&rev=13
