- Drop flag for out of sequence detection
- Use SPNEGO mechanism by default
- Fix
SanitizedResponse.content
to bebytes
which reflects the base type - Migrated project to a
src
layout setup and aPEP 621
compliant build, this should have no impact on end users
- Drop python2 compat glue
- Drop external mock dependency
- Use USER_NAME instead of HOSTBASED_SERVICE for user principals
- Remove unused imports in example code
- Fix typo in explicit mech example
- Include tests in sdist tarball
- Don't limit contexts to a single server name
- Add support for specifying an explicit GSSAPI mech
- Fix DOS bug around Negotiate regular expressoin
- Update README to include section on setup
- Disable mutual authentication by default
- Add more documentation on MutualAuthenticationError
- Fix example in README
- Fix license detection for PyPI
- Fix a problem with regex escaping
- Add COPR Makefile target
- Fork project to requests-gssapi
- Replace pykerberos with python-gssapi
- Add HTTPSPNEGOAuth interface. HTTPKerberosAuth is retained as a shim, but bump the major version anyway for clarity.
- Switch dependency on Windows from kerberos-sspi/pywin32 to WinKerberos. This brings Custom Principal support to Windows users.
- Make it possible to receive errors without having their contents and headers stripped.
- Resolve a bug caused by passing the
principal
keyword argument to kerberos-sspi on Windows.
- Support for principal, hostname, and realm override.
- Added support for mutual auth.
- Support for Kerberos delegation.
- Fixed problems declaring kerberos-sspi on Windows installs.
- Added Windows native authentication support by adding kerberos-sspi as an alternative backend.
- Prevent infinite recursion when a server returns 401 to an authorization attempt.
- Reduce the logging during successful responses.
- Fix HTTPKerberosAuth not to treat non-file as a file
- Prevent infinite recursion when GSSErrors occurs
Handle mutual authentication (see pull request 36)
All users should upgrade immediately. This has been reported to oss-security and we are awaiting a proper CVE identifier.
Update: We were issued CVE-2014-8650
Distribute as a wheel.
- Allow non-HTTP service principals with HTTPKerberosAuth using a new optional
argument
service
. - Fix bug in
setup.py
on distributions where thecompiler
module is not available. - Add test dependencies to
setup.py
sopython setup.py test
will work.
- Minor updates in the README
- Change requirements to depend on requests above 1.1.0
- Work with servers operating on non-standard ports
- Not documented
- Initial Release