summaryrefslogtreecommitdiff
path: root/source4/python/py_ntsec.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/python/py_ntsec.c')
-rw-r--r--source4/python/py_ntsec.c281
1 files changed, 281 insertions, 0 deletions
diff --git a/source4/python/py_ntsec.c b/source4/python/py_ntsec.c
new file mode 100644
index 0000000000..47524d8e19
--- /dev/null
+++ b/source4/python/py_ntsec.c
@@ -0,0 +1,281 @@
+/*
+ Python wrappers for DCERPC/SMB client routines.
+
+ Copyright (C) Tim Potter, 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "python/py_common.h"
+
+/* Convert a SID to a Python dict */
+
+BOOL py_from_SID(PyObject **obj, DOM_SID *sid)
+{
+ fstring sidstr;
+
+ if (!sid) {
+ Py_INCREF(Py_None);
+ *obj = Py_None;
+ return True;
+ }
+
+ if (!sid_to_string(sidstr, sid))
+ return False;
+
+ *obj = PyString_FromString(sidstr);
+
+ return True;
+}
+
+BOOL py_to_SID(DOM_SID *sid, PyObject *obj)
+{
+ if (!PyString_Check(obj))
+ return False;
+
+ return string_to_sid(sid, PyString_AsString(obj));
+}
+
+BOOL py_from_ACE(PyObject **dict, SEC_ACE *ace)
+{
+ PyObject *obj;
+
+ if (!ace) {
+ Py_INCREF(Py_None);
+ *dict = Py_None;
+ return True;
+ }
+
+ *dict = PyDict_New();
+
+ PyDict_SetItemString(*dict, "type", PyInt_FromLong(ace->type));
+ PyDict_SetItemString(*dict, "flags", PyInt_FromLong(ace->flags));
+ PyDict_SetItemString(*dict, "mask", PyInt_FromLong(ace->info.mask));
+
+ if (py_from_SID(&obj, &ace->trustee))
+ PyDict_SetItemString(*dict, "trustee", obj);
+
+ return True;
+}
+
+BOOL py_to_ACE(SEC_ACE *ace, PyObject *dict)
+{
+ PyObject *obj;
+ uint8 ace_type, ace_flags;
+ DOM_SID trustee;
+ SEC_ACCESS sec_access;
+
+ if (!PyDict_Check(dict))
+ return False;
+
+ if (!(obj = PyDict_GetItemString(dict, "type")) ||
+ !PyInt_Check(obj))
+ return False;
+
+ ace_type = PyInt_AsLong(obj);
+
+ if (!(obj = PyDict_GetItemString(dict, "flags")) ||
+ !PyInt_Check(obj))
+ return False;
+
+ ace_flags = PyInt_AsLong(obj);
+
+ if (!(obj = PyDict_GetItemString(dict, "trustee")) ||
+ !PyString_Check(obj))
+ return False;
+
+ if (!py_to_SID(&trustee, obj))
+ return False;
+
+ if (!(obj = PyDict_GetItemString(dict, "mask")) ||
+ !PyInt_Check(obj))
+ return False;
+
+ sec_access.mask = PyInt_AsLong(obj);
+
+ init_sec_ace(ace, &trustee, ace_type, sec_access, ace_flags);
+
+ /* Fill in size field */
+
+ ace->size = SEC_ACE_HEADER_SIZE + sid_size(&trustee);
+
+ return True;
+}
+
+BOOL py_from_ACL(PyObject **dict, SEC_ACL *acl)
+{
+ PyObject *ace_list;
+ int i;
+
+ if (!acl) {
+ Py_INCREF(Py_None);
+ *dict = Py_None;
+ return True;
+ }
+
+ *dict = PyDict_New();
+
+ PyDict_SetItemString(*dict, "revision", PyInt_FromLong(acl->revision));
+
+ ace_list = PyList_New(acl->num_aces);
+
+ for (i = 0; i < acl->num_aces; i++) {
+ PyObject *obj;
+
+ if (py_from_ACE(&obj, &acl->ace[i]))
+ PyList_SetItem(ace_list, i, obj);
+ }
+
+ PyDict_SetItemString(*dict, "ace_list", ace_list);
+
+ return True;
+}
+
+BOOL py_to_ACL(SEC_ACL *acl, PyObject *dict, TALLOC_CTX *mem_ctx)
+{
+ PyObject *obj;
+ uint32 i;
+
+ if (!(obj = PyDict_GetItemString(dict, "revision")) ||
+ !PyInt_Check(obj))
+ return False;
+
+ acl->revision = PyInt_AsLong(obj);
+
+ if (!(obj = PyDict_GetItemString(dict, "ace_list")) ||
+ !PyList_Check(obj))
+ return False;
+
+ acl->num_aces = PyList_Size(obj);
+
+ acl->ace = talloc(mem_ctx, acl->num_aces * sizeof(SEC_ACE));
+ acl->size = SEC_ACL_HEADER_SIZE;
+
+ for (i = 0; i < acl->num_aces; i++) {
+ PyObject *py_ace = PyList_GetItem(obj, i);
+
+ if (!py_to_ACE(&acl->ace[i], py_ace))
+ return False;
+
+ acl->size += acl->ace[i].size;
+ }
+
+ return True;
+}
+
+BOOL py_from_SECDESC(PyObject **dict, SEC_DESC *sd)
+{
+ PyObject *obj;
+
+ *dict = PyDict_New();
+
+ PyDict_SetItemString(*dict, "revision", PyInt_FromLong(sd->revision));
+
+ if (py_from_SID(&obj, sd->owner_sid))
+ PyDict_SetItemString(*dict, "owner_sid", obj);
+
+ if (py_from_SID(&obj, sd->grp_sid))
+ PyDict_SetItemString(*dict, "group_sid", obj);
+
+ if (py_from_ACL(&obj, sd->dacl))
+ PyDict_SetItemString(*dict, "dacl", obj);
+
+ if (py_from_ACL(&obj, sd->sacl))
+ PyDict_SetItemString(*dict, "sacl", obj);
+
+ return True;
+}
+
+BOOL py_to_SECDESC(SEC_DESC **sd, PyObject *dict, TALLOC_CTX *mem_ctx)
+{
+ PyObject *obj;
+ uint16 revision;
+ DOM_SID owner_sid, group_sid;
+ SEC_ACL sacl, dacl;
+ BOOL got_dacl = False, got_sacl = False;
+ BOOL got_owner_sid = False, got_group_sid = False;
+
+ ZERO_STRUCT(dacl); ZERO_STRUCT(sacl);
+ ZERO_STRUCT(owner_sid); ZERO_STRUCT(group_sid);
+
+ if (!(obj = PyDict_GetItemString(dict, "revision")))
+ return False;
+
+ revision = PyInt_AsLong(obj);
+
+ if ((obj = PyDict_GetItemString(dict, "owner_sid"))) {
+
+ if (obj != Py_None) {
+
+ if (!py_to_SID(&owner_sid, obj))
+ return False;
+
+ got_owner_sid = True;
+ }
+ }
+
+ if ((obj = PyDict_GetItemString(dict, "group_sid"))) {
+
+ if (obj != Py_None) {
+
+ if (!py_to_SID(&group_sid, obj))
+ return False;
+
+ got_group_sid = True;
+ }
+ }
+
+ if ((obj = PyDict_GetItemString(dict, "dacl"))) {
+
+ if (obj != Py_None) {
+
+ if (!py_to_ACL(&dacl, obj, mem_ctx))
+ return False;
+
+ got_dacl = True;
+ }
+ }
+
+ if ((obj = PyDict_GetItemString(dict, "sacl"))) {
+
+ if (obj != Py_None) {
+
+ if (!py_to_ACL(&sacl, obj, mem_ctx))
+ return False;
+
+ got_sacl = True;
+ }
+ }
+
+#if 0 /* For new secdesc code */
+ *sd = make_sec_desc(mem_ctx, revision,
+ got_owner_sid ? &owner_sid : NULL,
+ got_group_sid ? &group_sid : NULL,
+ got_sacl ? &sacl : NULL,
+ got_dacl ? &dacl : NULL);
+#else
+ {
+ size_t sd_size;
+
+ *sd = make_sec_desc(mem_ctx, revision,
+ got_owner_sid ? &owner_sid : NULL,
+ got_group_sid ? &group_sid : NULL,
+ got_sacl ? &sacl : NULL,
+ got_dacl ? &dacl : NULL, &sd_size);
+ }
+#endif
+
+ return True;
+}