Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for DCE style authentication. #63

Merged
merged 1 commit into from
Apr 28, 2023
Merged

Add support for DCE style authentication. #63

merged 1 commit into from
Apr 28, 2023

Conversation

jborean93
Copy link
Owner

Adds support for DCE style authentication that is used by protocols like RPC. DCE style authentication changes some behaviour about an authentication protocol, e.g. Kerberos has an extra leg, and some wrapping behaviour changes. This PR also adjusts the underlying behaviour of spnego.iov.BufferType.sign_only on SSPI to represent the buffer type of SECBUFFER_DATA | SECBUFFER_READONLY_WITH_CHECKSUM rather than SECBUFFER_MECHLIST. This aligns the behaviour with GSSAPI and the use of SECBUFFER_MECHLIST is most likely an internal flag rather than something used publicly.

@codecov
Copy link

codecov bot commented Apr 26, 2023
edited
Loading

Codecov Report

Merging #63 (2f32a2d) into main (95d9878) will increase coverage by 1.46%.
The diff coverage is 93.52%.

❗ Current head 2f32a2d differs from pull request most recent head 459d020. Consider uploading reports for the commit 459d020 to get more accurate results

@@            Coverage Diff             @@
##             main      #63      +/-   ##
==========================================
+ Coverage   98.30%   99.77%   +1.46%     
==========================================
  Files          31       31              
  Lines        5262     5387     +125     
==========================================
+ Hits         5173     5375     +202     
+ Misses         89       12      -77
Flag Coverage Δ
99.77% <93.52%> (+1.46%) ⬆️
py3.10 99.77% <93.52%> (+1.46%) ⬆️
py3.11 99.77% <93.52%> (+1.46%) ⬆️
py3.7 99.77% <93.52%> (+1.46%) ⬆️
py3.8 99.77% <93.52%> (+1.46%) ⬆️
py3.9 99.77% <93.52%> (+1.46%) ⬆️
x64 99.77% <93.52%> (+1.46%) ⬆️
x86 95.67% <88.48%> (+1.47%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
src/spnego/_credssp.py 99.03% <50.00%> (-0.97%) ⬇️
src/spnego/_gss.py 98.94% <75.00%> (-1.06%) ⬇️
src/spnego/_negotiate.py 99.57% <83.33%> (-0.43%) ⬇️
src/spnego/_sspi.py 99.59% <94.11%> (-0.41%) ⬇️
src/spnego/_ntlm.py 99.76% <98.83%> (-0.24%) ⬇️
src/spnego/_context.py 99.49% <100.00%> (-0.51%) ⬇️
src/spnego/_ntlm_raw/security.py 100.00% <100.00%> (ø)
src/spnego/_version.py 100.00% <100.00%> (ø)
src/spnego/iov.py 100.00% <100.00%> (ø)

... and 1 file with indirect coverage changes

@jborean93 jborean93 force-pushed the dce branch 2 times, most recently from 2f32a2d to 895572a Compare April 28, 2023 04:01
@jborean93
Add support for DCE style authentication.
459d020 
Adds support for DCE style authentication that is used by protocols like
RPC. DCE style authentication changes some behaviour about an
authentication protocol, e.g. Kerberos has an extra leg, and some
wrapping behaviour changes. This PR also adjusts the underlying
behaviour of `spnego.iov.BufferType.sign_only` on SSPI to represent the
buffer type of `SECBUFFER_DATA | SECBUFFER_READONLY_WITH_CHECKSUM`
rather than `SECBUFFER_MECHLIST`. This aligns the behaviour with GSSAPI
and the use of `SECBUFFER_MECHLIST` is most likely an internal flag
rather than something used publicly.
@jborean93 jborean93 marked this pull request as ready for review April 28, 2023 04:29
@jborean93 jborean93 merged commit 617a72a into main Apr 28, 2023
@jborean93 jborean93 deleted the dce branch April 28, 2023 04:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jborean93