diff options
Diffstat (limited to 'source4/auth/credentials/pycredentials.c')
-rw-r--r-- | source4/auth/credentials/pycredentials.c | 316 |
1 files changed, 316 insertions, 0 deletions
diff --git a/source4/auth/credentials/pycredentials.c b/source4/auth/credentials/pycredentials.c new file mode 100644 index 0000000000..9922549e2d --- /dev/null +++ b/source4/auth/credentials/pycredentials.c @@ -0,0 +1,316 @@ +/* + Unix SMB/CIFS implementation. + Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "pycredentials.h" +#include "param/param.h" +#include "lib/cmdline/credentials.h" +#include "librpc/gen_ndr/samr.h" /* for struct samr_Password */ +#include "libcli/util/pyerrors.h" + +/* Here until param/param.i gets rewritten in "manual" C */ +extern struct loadparm_context *lp_from_py_object(PyObject *py_obj); + +struct cli_credentials *cli_credentials_from_py_object(PyObject *py_obj) +{ + if (py_obj == Py_None) { + return cli_credentials_init_anon(NULL); + } + + if (PyCredentials_Check(py_obj)) + return PyCredentials_AsCliCredentials(py_obj); + + return NULL; +} + +static PyObject *PyString_FromStringOrNULL(const char *str) +{ + if (str == NULL) + return Py_None; + return PyString_FromString(str); +} + +static PyObject *py_creds_new(PyTypeObject *type, PyObject *args, PyObject *kwargs) +{ + return py_talloc_import(type, cli_credentials_init(NULL)); +} + +static PyObject *py_creds_get_username(py_talloc_Object *self) +{ + return PyString_FromStringOrNULL(cli_credentials_get_username(self->ptr)); +} + +static PyObject *py_creds_set_username(py_talloc_Object *self, PyObject *args) +{ + char *newval; + enum credentials_obtained obt = CRED_SPECIFIED; + if (!PyArg_ParseTuple(args, "s|i", &newval, &obt)) + return NULL; + + return PyBool_FromLong(cli_credentials_set_username(self->ptr, newval, obt)); +} + +static PyObject *py_creds_get_password(py_talloc_Object *self) +{ + return PyString_FromStringOrNULL(cli_credentials_get_password(self->ptr)); +} + + +static PyObject *py_creds_set_password(py_talloc_Object *self, PyObject *args) +{ + char *newval; + enum credentials_obtained obt = CRED_SPECIFIED; + if (!PyArg_ParseTuple(args, "s|i", &newval, &obt)) + return NULL; + + return PyBool_FromLong(cli_credentials_set_password(self->ptr, newval, obt)); +} + +static PyObject *py_creds_get_domain(py_talloc_Object *self) +{ + return PyString_FromStringOrNULL(cli_credentials_get_domain(self->ptr)); +} + +static PyObject *py_creds_set_domain(py_talloc_Object *self, PyObject *args) +{ + char *newval; + enum credentials_obtained obt = CRED_SPECIFIED; + if (!PyArg_ParseTuple(args, "s|i", &newval, &obt)) + return NULL; + + return PyBool_FromLong(cli_credentials_set_domain(self->ptr, newval, obt)); +} + +static PyObject *py_creds_get_realm(py_talloc_Object *self) +{ + return PyString_FromStringOrNULL(cli_credentials_get_realm(self->ptr)); +} + +static PyObject *py_creds_set_realm(py_talloc_Object *self, PyObject *args) +{ + char *newval; + enum credentials_obtained obt = CRED_SPECIFIED; + if (!PyArg_ParseTuple(args, "s|i", &newval, &obt)) + return NULL; + + return PyBool_FromLong(cli_credentials_set_realm(self->ptr, newval, obt)); +} + +static PyObject *py_creds_get_bind_dn(py_talloc_Object *self) +{ + return PyString_FromStringOrNULL(cli_credentials_get_bind_dn(self->ptr)); +} + +static PyObject *py_creds_set_bind_dn(py_talloc_Object *self, PyObject *args) +{ + char *newval; + if (!PyArg_ParseTuple(args, "s", &newval)) + return NULL; + + return PyBool_FromLong(cli_credentials_set_bind_dn(self->ptr, newval)); +} + +static PyObject *py_creds_get_workstation(py_talloc_Object *self) +{ + return PyString_FromStringOrNULL(cli_credentials_get_workstation(self->ptr)); +} + +static PyObject *py_creds_set_workstation(py_talloc_Object *self, PyObject *args) +{ + char *newval; + enum credentials_obtained obt = CRED_SPECIFIED; + if (!PyArg_ParseTuple(args, "s|i", &newval, &obt)) + return NULL; + + return PyBool_FromLong(cli_credentials_set_workstation(self->ptr, newval, obt)); +} + +static PyObject *py_creds_is_anonymous(py_talloc_Object *self) +{ + return PyBool_FromLong(cli_credentials_is_anonymous(self->ptr)); +} + +static PyObject *py_creds_set_anonymous(py_talloc_Object *self) +{ + cli_credentials_set_anonymous(self->ptr); + return Py_None; +} + +static PyObject *py_creds_authentication_requested(py_talloc_Object *self) +{ + return PyBool_FromLong(cli_credentials_authentication_requested(self->ptr)); +} + +static PyObject *py_creds_wrong_password(py_talloc_Object *self) +{ + return PyBool_FromLong(cli_credentials_wrong_password(self->ptr)); +} + +static PyObject *py_creds_set_cmdline_callbacks(py_talloc_Object *self) +{ + return PyBool_FromLong(cli_credentials_set_cmdline_callbacks(self->ptr)); +} + +static PyObject *py_creds_parse_string(py_talloc_Object *self, PyObject *args) +{ + char *newval; + enum credentials_obtained obt = CRED_SPECIFIED; + if (!PyArg_ParseTuple(args, "s|i", &newval, &obt)) + return NULL; + + cli_credentials_parse_string(self->ptr, newval, obt); + return Py_None; +} + +static PyObject *py_creds_get_nt_hash(py_talloc_Object *self) +{ + const struct samr_Password *ntpw = cli_credentials_get_nt_hash(self->ptr, self->ptr); + + return PyString_FromStringAndSize((char *)ntpw->hash, 16); +} + +static PyObject *py_creds_set_kerberos_state(py_talloc_Object *self, PyObject *args) +{ + int state; + if (!PyArg_ParseTuple(args, "i", &state)) + return NULL; + + cli_credentials_set_kerberos_state(self->ptr, state); + return Py_None; +} + +static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args) +{ + PyObject *py_lp_ctx = Py_None; + struct loadparm_context *lp_ctx; + if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) + return NULL; + + lp_ctx = lp_from_py_object(py_lp_ctx); + if (lp_ctx == NULL) + return NULL; + + cli_credentials_guess(self->ptr, lp_ctx); + + return Py_None; +} + +static PyObject *py_creds_set_machine_account(py_talloc_Object *self, PyObject *args) +{ + PyObject *py_lp_ctx = Py_None; + struct loadparm_context *lp_ctx; + NTSTATUS status; + if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) + return NULL; + + lp_ctx = lp_from_py_object(py_lp_ctx); + if (lp_ctx == NULL) + return NULL; + + status = cli_credentials_set_machine_account(self->ptr, lp_ctx); + PyErr_NTSTATUS_IS_ERR_RAISE(status); + + return Py_None; +} + +static PyMethodDef py_creds_methods[] = { + { "get_username", (PyCFunction)py_creds_get_username, METH_NOARGS, + "S.get_username() -> username\nObtain username." }, + { "set_username", (PyCFunction)py_creds_set_username, METH_VARARGS, + "S.set_username(name, obtained=CRED_SPECIFIED) -> None\n" + "Change username." }, + { "get_password", (PyCFunction)py_creds_get_password, METH_NOARGS, + "S.get_password() -> password\n" + "Obtain password." }, + { "set_password", (PyCFunction)py_creds_set_password, METH_VARARGS, + "S.set_password(password, obtained=CRED_SPECIFIED) -> None\n" + "Change password." }, + { "get_domain", (PyCFunction)py_creds_get_domain, METH_NOARGS, + "S.get_domain() -> domain\n" + "Obtain domain name." }, + { "set_domain", (PyCFunction)py_creds_set_domain, METH_VARARGS, + "S.set_domain(domain, obtained=CRED_SPECIFIED) -> None\n" + "Change domain name." }, + { "get_realm", (PyCFunction)py_creds_get_realm, METH_NOARGS, + "S.get_realm() -> realm\n" + "Obtain realm name." }, + { "set_realm", (PyCFunction)py_creds_set_realm, METH_VARARGS, + "S.set_realm(realm, obtained=CRED_SPECIFIED) -> None\n" + "Change realm name." }, + { "get_bind_dn", (PyCFunction)py_creds_get_bind_dn, METH_NOARGS, + "S.get_bind_dn() -> bind dn\n" + "Obtain bind DN." }, + { "set_bind_dn", (PyCFunction)py_creds_set_bind_dn, METH_VARARGS, + "S.set_bind_dn(bind_dn) -> None\n" + "Change bind DN." }, + { "is_anonymous", (PyCFunction)py_creds_is_anonymous, METH_NOARGS, + NULL }, + { "set_anonymous", (PyCFunction)py_creds_set_anonymous, METH_NOARGS, + "S.set_anonymous() -> None\n" + "Use anonymous credentials." }, + { "get_workstation", (PyCFunction)py_creds_get_workstation, METH_NOARGS, + NULL }, + { "set_workstation", (PyCFunction)py_creds_set_workstation, METH_VARARGS, + NULL }, + { "authentication_requested", (PyCFunction)py_creds_authentication_requested, METH_NOARGS, + NULL }, + { "wrong_password", (PyCFunction)py_creds_wrong_password, METH_NOARGS, + "S.wrong_password() -> bool\n" + "Indicate the returned password was incorrect." }, + { "set_cmdline_callbacks", (PyCFunction)py_creds_set_cmdline_callbacks, METH_NOARGS, + "S.set_cmdline_callbacks() -> bool\n" + "Use command-line to obtain credentials not explicitly set." }, + { "parse_string", (PyCFunction)py_creds_parse_string, METH_VARARGS, + "S.parse_string(text, obtained=CRED_SPECIFIED) -> None\n" + "Parse credentials string." }, + { "get_nt_hash", (PyCFunction)py_creds_get_nt_hash, METH_NOARGS, + NULL }, + { "set_kerberos_state", (PyCFunction)py_creds_set_kerberos_state, METH_VARARGS, + NULL }, + { "guess", (PyCFunction)py_creds_guess, METH_VARARGS, NULL }, + { "set_machine_account", (PyCFunction)py_creds_set_machine_account, METH_VARARGS, NULL }, + { NULL } +}; + +PyTypeObject PyCredentials = { + .tp_name = "Credentials", + .tp_basicsize = sizeof(py_talloc_Object), + .tp_dealloc = py_talloc_dealloc, + .tp_new = py_creds_new, + .tp_flags = Py_TPFLAGS_DEFAULT, + .tp_methods = py_creds_methods, +}; + +void initcredentials(void) +{ + PyObject *m; + + if (PyType_Ready(&PyCredentials) < 0) + return; + + m = Py_InitModule3("credentials", NULL, "Credentials management."); + if (m == NULL) + return; + + PyModule_AddObject(m, "AUTO_USE_KERBEROS", PyInt_FromLong(CRED_AUTO_USE_KERBEROS)); + PyModule_AddObject(m, "DONT_USE_KERBEROS", PyInt_FromLong(CRED_DONT_USE_KERBEROS)); + PyModule_AddObject(m, "MUST_USE_KERBEROS", PyInt_FromLong(CRED_MUST_USE_KERBEROS)); + + Py_INCREF(&PyCredentials); + PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials); +} |