Skip to content

Releases: deshaw/wsgi-kerberos

v1.0.2

24 Sep 18:51
@propertone propertone
v1.0.2
cc64c9e
Compare
Choose a tag to compare
v1.0.2 Latest
Latest
  • Set content-length header on 401/403 responses.
Assets 2

v1.0.1

19 Jan 03:13
@propertone propertone
v1.0.1
9d705f8
Compare
Choose a tag to compare
v1.0.1
  • Fix an issue introduced in v1.0.0 that could cause the server to hang after receiving a request with no body that could not be authenticated.
  • When a request could not be authenticated, WSGI-Kerberos now buffers no more than 64K of the request at a time before sending the response.
  • Increase the default read_max_on_auth_fail from 10 MB to 100 MB.
Assets 2

v1.0.0

29 Dec 00:51
@propertone propertone
v1.0.0
1104e69
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0
  • hostname no longer needs to be specified in KerberosAuthMiddleware constructor - any hostname in the keytab will be accepted
  • Set REMOTE_USER when valid auth is provided, even if not required
  • Limit the number of bytes read in request bodies on auth failure to mitigate a possible DoS attack. New parameter read_max_on_auth_fail can be set to customize or remove the limit
  • Support clients which don't request mutual authentication
  • Log Kerberos errors
  • Validate first word in Authorization header
  • Python 3 compatibility fixes
  • Various bug fixes
  • Update license from BSD-2-Clause to BSD-3-Clause
  • Project was moved to the D. E. Shaw Org
Assets 2