…he SASL QOP negotiation process.
The conf_flag controls whether gss_wrap applies encryption to the passed in buffer. If the conf_flag is set to 1, then encryption will be applied to the buffer, if it is 0, then the buffer will only be signed. The conf_flag is the third variable to the gss_wrap call in the MIT Kerberos library. Also modified unwrap so that the returned conf flag is checked to see if the server is honoring the negotiated QOP value. Note: in order for these changes to work, changes to PyKerberos also had to be made.