Add AUTHZID support for PLAIN mechanism.
The optional `identity` keyword argument to PLAIN will specify the used AUTHZID.
Switching order of service and host for digest-uri
Typeo in my previous commit: was sending the wrong buffer to the server!
…he SASL QOP negotiation process.
plain mechanism refers to 'self.user'
Should be 'self.username'
The conf_flag controls whether gss_wrap applies encryption to the passed in buffer. If the conf_flag is set to 1, then encryption will be applied to the buffer, if it is 0, then the buffer will only be signed. The conf_flag is the third variable to the gss_wrap call in the MIT Kerberos library. Also modified unwrap so that the returned conf flag is checked to see if the server is honoring the negotiated QOP value. Note: in order for these changes to work, changes to PyKerberos also had to be made.
Calling authenticateGSSClientWrap with a user name is only for the very specific instance of wanting to create the final message in the Sasl negotiation. For all other cases the user should be left out or set to None.
I am unable to figure out an easy way to get the doc files into /usr/share/doc/ without them also ending up in /usr/local/lib/