def get_ipa_ccache_name(scheme='FILE'): if scheme == 'FILE': name = os.path.join(krbccache_dir, '%s%s' % (krbccache_prefix, os.getpid())) else: raise ValueError('ccache scheme "%s" unsupported', scheme) ccache_name = krb5_unparse_ccache(scheme, name) return ccache_name
def bind_ipa_ccache(ccache_data, scheme='FILE'): if scheme == 'FILE': name = _get_krbccache_pathname() root_logger.debug('storing ccache data into file "%s"', name) dst = open(name, 'w') dst.write(ccache_data) dst.close() else: raise ValueError('ccache scheme "%s" unsupported', scheme) ccache_name = krb5_unparse_ccache(scheme, name) os.environ['KRB5CCNAME'] = ccache_name return ccache_name
def get_ccname(): """Retrieve and validate Kerberos credential cache Only FILE schema is supported. """ ccname = os.environ.get('KRB5CCNAME') if ccname is None: raise ValueError("KRB5CCNAME env var is not set.") scheme, location = krb5_parse_ccache(ccname) if scheme != 'FILE': # MEMORY makes no sense raise ValueError("Unsupported KRB5CCNAME scheme {}".format(scheme)) if not os.path.isfile(location): raise ValueError("KRB5CCNAME file '{}' does not exit".format(location)) return krb5_unparse_ccache(scheme, location)