Only try kerberos auth when username contains @ and pass realm to pywinrm. Alternative to #10644, fixes #10577.

This commit is contained in:
Chris Church 2015-04-09 13:36:58 -04:00
parent 7f034a74d1
commit 5675982b0f

View file

@ -90,13 +90,18 @@ class Connection(object):
return _winrm_cache[cache_key] return _winrm_cache[cache_key]
exc = None exc = None
for transport, scheme in self.transport_schemes['http' if port == 5985 else 'https']: for transport, scheme in self.transport_schemes['http' if port == 5985 else 'https']:
if transport == 'kerberos' and not HAVE_KERBEROS: if transport == 'kerberos' and (not HAVE_KERBEROS or not '@' in self.user):
continue continue
if transport == 'kerberos':
realm = self.user.split('@', 1)[1].strip() or None
else:
realm = None
endpoint = urlparse.urlunsplit((scheme, netloc, '/wsman', '', '')) endpoint = urlparse.urlunsplit((scheme, netloc, '/wsman', '', ''))
vvvv('WINRM CONNECT: transport=%s endpoint=%s' % (transport, endpoint), vvvv('WINRM CONNECT: transport=%s endpoint=%s' % (transport, endpoint),
host=self.host) host=self.host)
protocol = Protocol(endpoint, transport=transport, protocol = Protocol(endpoint, transport=transport,
username=self.user, password=self.password) username=self.user, password=self.password,
realm=realm)
try: try:
protocol.send_message('') protocol.send_message('')
_winrm_cache[cache_key] = protocol _winrm_cache[cache_key] = protocol