Name | Date | Size | #Lines | LOC | ||
---|---|---|---|---|---|---|
.. | 03-May-2022 | - | ||||
src/ | H | 29-Oct-2021 | - | 36,308 | 26,814 | |
tests/ | H | 29-Oct-2021 | - | 9,450 | 7,206 | |
CHANGELOG.md | H A D | 29-Oct-2021 | 3.9 KiB | 103 | 59 | |
LICENSE | H A D | 29-Oct-2021 | 1.1 KiB | 22 | 17 | |
MANIFEST.in | H A D | 29-Oct-2021 | 268 | 10 | 10 | |
PKG-INFO | H A D | 29-Oct-2021 | 4.1 KiB | 127 | 85 | |
README.md | H A D | 29-Oct-2021 | 3.3 KiB | 101 | 62 | |
setup.cfg | H A D | 29-Oct-2021 | 172 | 17 | 11 | |
setup.py | H A D | 29-Oct-2021 | 4.2 KiB | 147 | 116 |
README.md
1# Python SPNEGO Library 2 3[![Test workflow](https://github.com/jborean93/pyspnego/actions/workflows/ci.yml/badge.svg)](https://github.com/jborean93/pyspnego/actions/workflows/ci.yml) 4[![codecov](https://codecov.io/gh/jborean93/pyspnego/branch/main/graph/badge.svg)](https://codecov.io/gh/jborean93/pyspnego) 5[![PyPI version](https://badge.fury.io/py/pyspnego.svg)](https://badge.fury.io/py/pyspnego) 6[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/jborean93/pyspnego/blob/master/LICENSE) 7 8Library to handle SPNEGO (Negotiate, NTLM, Kerberos) and CredSSP authentication. Also includes a packet parser that can 9be used to decode raw NTLM/SPNEGO/Kerberos tokens into a human readable format. 10 11 12## Requirements 13 14See [How to Install](#how-to-install) for more details 15 16* CPython 3.6+ 17* [cryptography](https://github.com/pyca/cryptography) 18 19### Optional Requirements 20 21The following Python libraries can be installed to add extra features that do not come with the base package: 22 23* [python-gssapi](https://github.com/pythongssapi/python-gssapi) and [pykrb5](https://github.com/jborean93/pykrb5) for Kerberos authentication on Linux 24* [ruamel.yaml](https://pypi.org/project/ruamel.yaml/) for YAML output support on `pyspnego-parse` 25 26 27## How to Install 28 29To install pyspnego with all basic features, run 30 31```bash 32pip install pyspnego 33``` 34 35### Kerberos Authentication 36 37While pyspnego supports Kerberos authentication on Linux, it isn't included by default due to its reliance on system 38packages to be present. 39 40To install these packages, run the below 41 42```bash 43# Debian/Ubuntu 44apt-get install gcc python3-dev libkrb5-dev 45 46# Centos/RHEL 47yum install gcc python-devel krb5-devel 48 49# Fedora 50dnf install gcc python-devel krb5-devel 51 52# Arch Linux 53pacman -S gcc krb5 54``` 55 56Once installed you can install the Python packages with 57 58```bash 59pip install pyspnego[kerberos] 60``` 61 62Kerberos also needs to be configured to talk to the domain but that is outside the scope of this page. 63 64While NTLM auth works out of the box, it is recommended to install the 65[gss-ntlmssp](https://github.com/gssapi/gss-ntlmssp) library for full Negotiate support. This can be done with 66 67```bash 68# Debian/Ubuntu 69apt-get install gss-ntlmssp 70 71# Centos/RHEL 72yum install gssntlmssp 73 74# Fedora 75dnf install gssntlmssp 76 77# Arch Linux 78# AUR package https://aur.archlinux.org/packages/gss-ntlmssp/ 79``` 80 81 82## How to Use 83 84See [the examples section](docs/examples) for examples on how to use the authentication side of the library. 85 86_Note: While server/acceptor authentication is available for all protocols it is highly recommended you have the system GSSAPI and NTLM system libraries present for acceptor authentication. Pyspnego NTLM acceptor authentication should work but it is not as thoroughly tested as the GSSAPI implementation._ 87 88 89### CredSSP Authentication 90 91Since version 0.2.0, pyspnego can be used for CredSSP authentication. While this isn't part of the SPNEGO/Negotiate 92protocol it uses common features and code like ASN.1 structures and even Negotiate auth as part of the CredSSP process. 93Both `initiate` and `accept` usages are supported when specifying `protocol='credssp'` but there are no guarantees the 94acceptor is free of any bugs so use with caution. 95 96 97## Backlog 98 99* Add support for anonymous authentication 100* See if `pywinrm` wants to use this 101