freeipa/ipapython
Simo Sorce adf8aabf10
Use GSS-SPNEGO if connecting locally
GSS-SPNEGO allows us to negotiate a SASL bind with less roundtrips
therefore use it when possible.

We only enable it for local connections for now because we only
recently fixed Cyrus SASL to do proper GSS-SPNEGO negotiation. This
change means a newer and an older version are not compatible.

Restricting ourselves to the local host prevents issues with
incompatible services, and it is ok for us as we are only really
looking for speedups for the local short-lived connections performed
by the framework. Most other clients have longer lived connections,
so peformance improvements there are not as important.

Ticket: https://pagure.io/freeipa/issue/6656

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
2017-03-07 20:09:57 +01:00
..
install Don't prepend option names with additional '--' 2017-02-21 15:30:24 +01:00
__init__.py Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
admintool.py Python3 pylint fixes 2016-11-25 16:18:22 +01:00
certdb.py certdb: Don't restore_context() of new NSSDB 2017-03-01 13:42:01 +01:00
config.py ipautil: remove get_domain_name() 2016-11-29 14:50:51 +01:00
cookie.py Fix cookie with Max-Age processing 2017-03-06 10:48:32 +00:00
dn.py Support for Certificate Identity Mapping 2017-03-02 15:09:42 +01:00
dnsutil.py Py3: Fix ToASCII method 2017-01-06 12:48:10 +01:00
dogtag.py Moving ipaCert from HTTPD_ALIAS_DIR 2017-03-01 09:43:41 +00:00
errors.py Replace StandardError with Exception 2015-09-30 10:51:36 +02:00
graph.py Remove unused variables in the code 2016-09-27 13:35:58 +02:00
ipa_log_manager.py install: allow specifying verbosity and console log format in CLI 2016-11-11 12:17:25 +01:00
ipaldap.py Use GSS-SPNEGO if connecting locally 2017-03-07 20:09:57 +01:00
ipautil.py py3: ipa_generate_password: do not compare None and Int 2017-02-10 14:03:04 +01:00
ipavalidate.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
kerberos.py Principal: validate type of input parameter 2017-01-31 18:33:27 +01:00
kernel_keyring.py Fix session cookies 2016-07-22 16:30:32 +02:00
log_manager.py remove trailing newlines form python modules 2016-10-12 10:38:52 +02:00
Makefile.am ipapython: Add dependencies on version.py 2017-01-16 14:41:10 +01:00
nsslib.py Remove ipapython.nsslib as it is not used anymore 2017-03-01 09:43:41 +00:00
README Replace DNS client based on acutil with python-dns 2012-05-24 13:55:56 +02:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Adjustments for setup requirements 2016-11-30 13:32:30 +01:00
ssh.py py3: fingerprint_hex_sha256: fix encoding/decoding 2017-01-31 18:33:27 +01:00
version.py.in Build: move version handling from Makefile to configure 2016-11-09 13:08:32 +01:00

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines