Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
4 :
5 : This program is free software; you can redistribute it and/or modify
6 : it under the terms of the GNU General Public License as published by
7 : the Free Software Foundation; either version 3 of the License, or
8 : (at your option) any later version.
9 :
10 : This program is distributed in the hope that it will be useful,
11 : but WITHOUT ANY WARRANTY; without even the implied warranty of
12 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 : GNU General Public License for more details.
14 :
15 : You should have received a copy of the GNU General Public License
16 : along with this program. If not, see <http://www.gnu.org/licenses/>.
17 : */
18 :
19 : #include "lib/replace/system/python.h"
20 : #include "python/py3compat.h"
21 : #include "includes.h"
22 : #include "python/modules.h"
23 : #include "pycredentials.h"
24 : #include "param/param.h"
25 : #include "auth/credentials/credentials_internal.h"
26 : #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */
27 : #include "librpc/gen_ndr/netlogon.h"
28 : #include "libcli/util/pyerrors.h"
29 : #include "libcli/auth/libcli_auth.h"
30 : #include "param/pyparam.h"
31 : #include <tevent.h>
32 : #include "libcli/auth/libcli_auth.h"
33 : #include "system/kerberos.h"
34 : #include "auth/kerberos/kerberos.h"
35 : #include "libcli/smb/smb_constants.h"
36 :
37 : void initcredentials(void);
38 :
39 35759 : static PyObject *py_creds_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
40 : {
41 35759 : return pytalloc_steal(type, cli_credentials_init(NULL));
42 : }
43 :
44 0 : static PyObject *PyCredentials_from_cli_credentials(struct cli_credentials *creds)
45 : {
46 0 : return pytalloc_reference(&PyCredentials, creds);
47 : }
48 :
49 38553 : static PyObject *py_creds_get_username(PyObject *self, PyObject *unused)
50 : {
51 38553 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
52 38553 : if (creds == NULL) {
53 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
54 0 : return NULL;
55 : }
56 38553 : return PyString_FromStringOrNULL(cli_credentials_get_username(creds));
57 : }
58 :
59 16733 : static PyObject *py_creds_set_username(PyObject *self, PyObject *args)
60 : {
61 6 : char *newval;
62 16733 : enum credentials_obtained obt = CRED_SPECIFIED;
63 16733 : int _obt = obt;
64 16733 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
65 16733 : if (creds == NULL) {
66 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
67 0 : return NULL;
68 : }
69 :
70 16733 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
71 0 : return NULL;
72 : }
73 16733 : obt = _obt;
74 :
75 16733 : return PyBool_FromLong(cli_credentials_set_username(creds, newval, obt));
76 : }
77 :
78 199 : static PyObject *py_creds_get_ntlm_username_domain(PyObject *self, PyObject *unused)
79 : {
80 199 : TALLOC_CTX *frame = talloc_stackframe();
81 199 : const char *user = NULL;
82 199 : const char *domain = NULL;
83 199 : PyObject *ret = NULL;
84 199 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
85 199 : if (creds == NULL) {
86 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
87 0 : return NULL;
88 : }
89 199 : cli_credentials_get_ntlm_username_domain(creds,
90 : frame, &user, &domain);
91 199 : ret = Py_BuildValue("(ss)",
92 : user,
93 : domain);
94 :
95 199 : TALLOC_FREE(frame);
96 199 : return ret;
97 : }
98 :
99 118 : static PyObject *py_creds_get_ntlm_response(PyObject *self, PyObject *args, PyObject *kwargs)
100 : {
101 118 : TALLOC_CTX *frame = talloc_stackframe();
102 118 : PyObject *ret = NULL;
103 1 : int flags;
104 1 : struct timeval tv_now;
105 1 : NTTIME server_timestamp;
106 118 : DATA_BLOB challenge = data_blob_null;
107 118 : DATA_BLOB target_info = data_blob_null;
108 1 : NTSTATUS status;
109 118 : DATA_BLOB lm_response = data_blob_null;
110 118 : DATA_BLOB nt_response = data_blob_null;
111 118 : DATA_BLOB lm_session_key = data_blob_null;
112 118 : DATA_BLOB nt_session_key = data_blob_null;
113 118 : const char *kwnames[] = { "flags", "challenge",
114 : "target_info",
115 : NULL };
116 118 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
117 118 : if (creds == NULL) {
118 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
119 0 : return NULL;
120 : }
121 :
122 118 : tv_now = timeval_current();
123 118 : server_timestamp = timeval_to_nttime(&tv_now);
124 :
125 118 : if (!PyArg_ParseTupleAndKeywords(args, kwargs, "is#|s#",
126 : discard_const_p(char *, kwnames),
127 : &flags,
128 : &challenge.data,
129 : &challenge.length,
130 : &target_info.data,
131 : &target_info.length)) {
132 0 : return NULL;
133 : }
134 :
135 118 : status = cli_credentials_get_ntlm_response(creds,
136 : frame, &flags,
137 : challenge,
138 : &server_timestamp,
139 : target_info,
140 : &lm_response, &nt_response,
141 : &lm_session_key, &nt_session_key);
142 :
143 118 : if (!NT_STATUS_IS_OK(status)) {
144 0 : PyErr_SetNTSTATUS(status);
145 0 : TALLOC_FREE(frame);
146 0 : return NULL;
147 : }
148 :
149 119 : ret = Py_BuildValue("{sis" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN
150 : "s" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN "}",
151 : "flags", flags,
152 : "lm_response",
153 118 : (const char *)lm_response.data, lm_response.length,
154 : "nt_response",
155 118 : (const char *)nt_response.data, nt_response.length,
156 : "lm_session_key",
157 118 : (const char *)lm_session_key.data, lm_session_key.length,
158 : "nt_session_key",
159 118 : (const char *)nt_session_key.data, nt_session_key.length);
160 118 : TALLOC_FREE(frame);
161 117 : return ret;
162 : }
163 :
164 24 : static PyObject *py_creds_get_principal(PyObject *self, PyObject *unused)
165 : {
166 24 : TALLOC_CTX *frame = talloc_stackframe();
167 24 : PyObject *ret = NULL;
168 24 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
169 24 : if (creds == NULL) {
170 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
171 0 : return NULL;
172 : }
173 24 : ret = PyString_FromStringOrNULL(cli_credentials_get_principal(creds, frame));
174 24 : TALLOC_FREE(frame);
175 2 : return ret;
176 : }
177 :
178 2 : static PyObject *py_creds_set_principal(PyObject *self, PyObject *args)
179 : {
180 2 : char *newval;
181 2 : enum credentials_obtained obt = CRED_SPECIFIED;
182 2 : int _obt = obt;
183 2 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
184 2 : if (creds == NULL) {
185 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
186 0 : return NULL;
187 : }
188 :
189 2 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
190 0 : return NULL;
191 : }
192 2 : obt = _obt;
193 :
194 2 : return PyBool_FromLong(cli_credentials_set_principal(creds, newval, obt));
195 : }
196 :
197 9993 : static PyObject *py_creds_get_password(PyObject *self, PyObject *unused)
198 : {
199 9993 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
200 9993 : if (creds == NULL) {
201 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
202 0 : return NULL;
203 : }
204 9993 : return PyString_FromStringOrNULL(cli_credentials_get_password(creds));
205 : }
206 :
207 17301 : static PyObject *py_creds_set_password(PyObject *self, PyObject *args)
208 : {
209 17301 : const char *newval = NULL;
210 17301 : enum credentials_obtained obt = CRED_SPECIFIED;
211 17301 : int _obt = obt;
212 17301 : PyObject *result = NULL;
213 17301 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
214 17301 : if (creds == NULL) {
215 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
216 0 : return NULL;
217 : }
218 :
219 17301 : if (!PyArg_ParseTuple(args, PYARG_STR_UNI"|i", "utf8", &newval, &_obt)) {
220 0 : return NULL;
221 : }
222 17301 : obt = _obt;
223 :
224 17301 : result = PyBool_FromLong(cli_credentials_set_password(creds, newval, obt));
225 17301 : PyMem_Free(discard_const_p(void*, newval));
226 17301 : return result;
227 : }
228 :
229 761 : static PyObject *py_creds_set_utf16_password(PyObject *self, PyObject *args)
230 : {
231 761 : enum credentials_obtained obt = CRED_SPECIFIED;
232 761 : int _obt = obt;
233 761 : PyObject *newval = NULL;
234 761 : DATA_BLOB blob = data_blob_null;
235 761 : Py_ssize_t size = 0;
236 1 : int result;
237 1 : bool ok;
238 761 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
239 761 : if (creds == NULL) {
240 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
241 0 : return NULL;
242 : }
243 :
244 761 : if (!PyArg_ParseTuple(args, "O|i", &newval, &_obt)) {
245 0 : return NULL;
246 : }
247 761 : obt = _obt;
248 :
249 761 : result = PyBytes_AsStringAndSize(newval, (char **)&blob.data, &size);
250 761 : if (result != 0) {
251 0 : PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
252 0 : return NULL;
253 : }
254 761 : blob.length = size;
255 :
256 761 : ok = cli_credentials_set_utf16_password(creds,
257 : &blob, obt);
258 :
259 761 : return PyBool_FromLong(ok);
260 : }
261 :
262 3 : static PyObject *py_creds_get_old_password(PyObject *self, PyObject *unused)
263 : {
264 3 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
265 3 : if (creds == NULL) {
266 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
267 0 : return NULL;
268 : }
269 3 : return PyString_FromStringOrNULL(cli_credentials_get_old_password(creds));
270 : }
271 :
272 1 : static PyObject *py_creds_set_old_password(PyObject *self, PyObject *args)
273 : {
274 1 : char *oldval;
275 1 : enum credentials_obtained obt = CRED_SPECIFIED;
276 1 : int _obt = obt;
277 1 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
278 1 : if (creds == NULL) {
279 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
280 0 : return NULL;
281 : }
282 :
283 1 : if (!PyArg_ParseTuple(args, "s|i", &oldval, &_obt)) {
284 0 : return NULL;
285 : }
286 1 : obt = _obt;
287 :
288 1 : return PyBool_FromLong(cli_credentials_set_old_password(creds, oldval, obt));
289 : }
290 :
291 1 : static PyObject *py_creds_set_old_utf16_password(PyObject *self, PyObject *args)
292 : {
293 1 : PyObject *oldval = NULL;
294 1 : DATA_BLOB blob = data_blob_null;
295 1 : Py_ssize_t size = 0;
296 1 : int result;
297 1 : bool ok;
298 1 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
299 1 : if (creds == NULL) {
300 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
301 0 : return NULL;
302 : }
303 :
304 1 : if (!PyArg_ParseTuple(args, "O", &oldval)) {
305 0 : return NULL;
306 : }
307 :
308 1 : result = PyBytes_AsStringAndSize(oldval, (char **)&blob.data, &size);
309 1 : if (result != 0) {
310 0 : PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
311 0 : return NULL;
312 : }
313 1 : blob.length = size;
314 :
315 1 : ok = cli_credentials_set_old_utf16_password(creds,
316 : &blob);
317 :
318 1 : return PyBool_FromLong(ok);
319 : }
320 :
321 13311 : static PyObject *py_creds_get_domain(PyObject *self, PyObject *unused)
322 : {
323 13311 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
324 13311 : if (creds == NULL) {
325 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
326 0 : return NULL;
327 : }
328 13311 : return PyString_FromStringOrNULL(cli_credentials_get_domain(creds));
329 : }
330 :
331 15943 : static PyObject *py_creds_set_domain(PyObject *self, PyObject *args)
332 : {
333 2 : char *newval;
334 15943 : enum credentials_obtained obt = CRED_SPECIFIED;
335 15943 : int _obt = obt;
336 15943 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
337 15943 : if (creds == NULL) {
338 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
339 0 : return NULL;
340 : }
341 :
342 15943 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
343 0 : return NULL;
344 : }
345 15943 : obt = _obt;
346 :
347 15943 : return PyBool_FromLong(cli_credentials_set_domain(creds, newval, obt));
348 : }
349 :
350 38632 : static PyObject *py_creds_get_realm(PyObject *self, PyObject *unused)
351 : {
352 38632 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
353 38632 : if (creds == NULL) {
354 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
355 0 : return NULL;
356 : }
357 38632 : return PyString_FromStringOrNULL(cli_credentials_get_realm(creds));
358 : }
359 :
360 15572 : static PyObject *py_creds_set_realm(PyObject *self, PyObject *args)
361 : {
362 4 : char *newval;
363 15572 : enum credentials_obtained obt = CRED_SPECIFIED;
364 15572 : int _obt = obt;
365 15572 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
366 15572 : if (creds == NULL) {
367 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
368 0 : return NULL;
369 : }
370 :
371 15572 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
372 0 : return NULL;
373 : }
374 15572 : obt = _obt;
375 :
376 15572 : return PyBool_FromLong(cli_credentials_set_realm(creds, newval, obt));
377 : }
378 :
379 1016 : static PyObject *py_creds_get_bind_dn(PyObject *self, PyObject *unused)
380 : {
381 1016 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
382 1016 : if (creds == NULL) {
383 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
384 0 : return NULL;
385 : }
386 1016 : return PyString_FromStringOrNULL(cli_credentials_get_bind_dn(creds));
387 : }
388 :
389 550 : static PyObject *py_creds_set_bind_dn(PyObject *self, PyObject *args)
390 : {
391 1 : char *newval;
392 550 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
393 550 : if (creds == NULL) {
394 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
395 0 : return NULL;
396 : }
397 550 : if (!PyArg_ParseTuple(args, "z", &newval))
398 0 : return NULL;
399 :
400 550 : return PyBool_FromLong(cli_credentials_set_bind_dn(creds, newval));
401 : }
402 :
403 12563 : static PyObject *py_creds_get_workstation(PyObject *self, PyObject *unused)
404 : {
405 12563 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
406 12563 : if (creds == NULL) {
407 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
408 0 : return NULL;
409 : }
410 12563 : return PyString_FromStringOrNULL(cli_credentials_get_workstation(creds));
411 : }
412 :
413 18753 : static PyObject *py_creds_set_workstation(PyObject *self, PyObject *args)
414 : {
415 1 : char *newval;
416 18753 : enum credentials_obtained obt = CRED_SPECIFIED;
417 18753 : int _obt = obt;
418 18753 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
419 18753 : if (creds == NULL) {
420 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
421 0 : return NULL;
422 : }
423 :
424 18753 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
425 0 : return NULL;
426 : }
427 18753 : obt = _obt;
428 :
429 18753 : return PyBool_FromLong(cli_credentials_set_workstation(creds, newval, obt));
430 : }
431 :
432 91 : static PyObject *py_creds_is_anonymous(PyObject *self, PyObject *unused)
433 : {
434 91 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
435 91 : if (creds == NULL) {
436 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
437 0 : return NULL;
438 : }
439 91 : return PyBool_FromLong(cli_credentials_is_anonymous(creds));
440 : }
441 :
442 1981 : static PyObject *py_creds_set_anonymous(PyObject *self, PyObject *unused)
443 : {
444 1981 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
445 1981 : if (creds == NULL) {
446 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
447 0 : return NULL;
448 : }
449 1981 : cli_credentials_set_anonymous(creds);
450 1981 : Py_RETURN_NONE;
451 : }
452 :
453 9024 : static PyObject *py_creds_authentication_requested(PyObject *self, PyObject *unused)
454 : {
455 9024 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
456 9024 : if (creds == NULL) {
457 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
458 0 : return NULL;
459 : }
460 9024 : return PyBool_FromLong(cli_credentials_authentication_requested(creds));
461 : }
462 :
463 1 : static PyObject *py_creds_wrong_password(PyObject *self, PyObject *unused)
464 : {
465 1 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
466 1 : if (creds == NULL) {
467 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
468 0 : return NULL;
469 : }
470 1 : return PyBool_FromLong(cli_credentials_wrong_password(creds));
471 : }
472 :
473 14315 : static PyObject *py_creds_set_cmdline_callbacks(PyObject *self, PyObject *unused)
474 : {
475 14315 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
476 14315 : if (creds == NULL) {
477 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
478 0 : return NULL;
479 : }
480 14315 : return PyBool_FromLong(cli_credentials_set_cmdline_callbacks(creds));
481 : }
482 :
483 6533 : static PyObject *py_creds_parse_string(PyObject *self, PyObject *args)
484 : {
485 13 : char *newval;
486 6533 : enum credentials_obtained obt = CRED_SPECIFIED;
487 6533 : int _obt = obt;
488 6533 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
489 6533 : if (creds == NULL) {
490 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
491 0 : return NULL;
492 : }
493 :
494 6533 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
495 0 : return NULL;
496 : }
497 6533 : obt = _obt;
498 :
499 6533 : cli_credentials_parse_string(creds, newval, obt);
500 6533 : Py_RETURN_NONE;
501 : }
502 :
503 7 : static PyObject *py_creds_parse_file(PyObject *self, PyObject *args)
504 : {
505 7 : char *newval;
506 7 : enum credentials_obtained obt = CRED_SPECIFIED;
507 7 : int _obt = obt;
508 7 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
509 7 : if (creds == NULL) {
510 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
511 0 : return NULL;
512 : }
513 :
514 7 : if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
515 0 : return NULL;
516 : }
517 7 : obt = _obt;
518 :
519 7 : cli_credentials_parse_file(creds, newval, obt);
520 7 : Py_RETURN_NONE;
521 : }
522 :
523 1 : static PyObject *py_cli_credentials_set_password_will_be_nt_hash(PyObject *self, PyObject *args)
524 : {
525 1 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
526 1 : PyObject *py_val = NULL;
527 1 : bool val = false;
528 :
529 1 : if (!PyArg_ParseTuple(args, "O!", &PyBool_Type, &py_val)) {
530 0 : return NULL;
531 : }
532 1 : val = PyObject_IsTrue(py_val);
533 :
534 1 : cli_credentials_set_password_will_be_nt_hash(creds, val);
535 1 : Py_RETURN_NONE;
536 : }
537 :
538 1286 : static PyObject *py_creds_get_nt_hash(PyObject *self, PyObject *unused)
539 : {
540 12 : PyObject *ret;
541 1286 : struct samr_Password *ntpw = NULL;
542 1286 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
543 1286 : if (creds == NULL) {
544 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
545 0 : return NULL;
546 : }
547 1286 : ntpw = cli_credentials_get_nt_hash(creds, creds);
548 :
549 1286 : ret = PyBytes_FromStringAndSize(discard_const_p(char, ntpw->hash), 16);
550 1286 : TALLOC_FREE(ntpw);
551 1274 : return ret;
552 : }
553 :
554 94 : static PyObject *py_creds_set_nt_hash(PyObject *self, PyObject *args)
555 : {
556 94 : PyObject *py_cp = Py_None;
557 94 : const struct samr_Password *pwd = NULL;
558 94 : enum credentials_obtained obt = CRED_SPECIFIED;
559 94 : int _obt = obt;
560 94 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
561 94 : if (creds == NULL) {
562 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
563 0 : return NULL;
564 : }
565 :
566 94 : if (!PyArg_ParseTuple(args, "O|i", &py_cp, &_obt)) {
567 0 : return NULL;
568 : }
569 94 : obt = _obt;
570 :
571 94 : if (!py_check_dcerpc_type(py_cp, "samba.dcerpc.samr", "Password")) {
572 : /* py_check_dcerpc_type sets TypeError */
573 0 : return NULL;
574 : }
575 :
576 94 : pwd = pytalloc_get_type(py_cp, struct samr_Password);
577 94 : if (pwd == NULL) {
578 : /* pytalloc_get_type sets TypeError */
579 0 : return NULL;
580 : }
581 :
582 94 : return PyBool_FromLong(cli_credentials_set_nt_hash(creds, pwd, obt));
583 : }
584 :
585 909 : static PyObject *py_creds_get_kerberos_state(PyObject *self, PyObject *unused)
586 : {
587 0 : int state;
588 909 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
589 909 : if (creds == NULL) {
590 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
591 0 : return NULL;
592 : }
593 909 : state = cli_credentials_get_kerberos_state(creds);
594 909 : return PyLong_FromLong(state);
595 : }
596 :
597 13915 : static PyObject *py_creds_set_kerberos_state(PyObject *self, PyObject *args)
598 : {
599 2 : int state;
600 13915 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
601 13915 : if (creds == NULL) {
602 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
603 0 : return NULL;
604 : }
605 13915 : if (!PyArg_ParseTuple(args, "i", &state))
606 0 : return NULL;
607 :
608 13915 : cli_credentials_set_kerberos_state(creds, state, CRED_SPECIFIED);
609 13915 : Py_RETURN_NONE;
610 : }
611 :
612 80 : static PyObject *py_creds_set_krb_forwardable(PyObject *self, PyObject *args)
613 : {
614 2 : int state;
615 80 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
616 80 : if (creds == NULL) {
617 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
618 0 : return NULL;
619 : }
620 80 : if (!PyArg_ParseTuple(args, "i", &state))
621 0 : return NULL;
622 :
623 80 : cli_credentials_set_krb_forwardable(creds, state);
624 80 : Py_RETURN_NONE;
625 : }
626 :
627 :
628 0 : static PyObject *py_creds_get_forced_sasl_mech(PyObject *self, PyObject *unused)
629 : {
630 0 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
631 0 : if (creds == NULL) {
632 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
633 0 : return NULL;
634 : }
635 0 : return PyString_FromStringOrNULL(cli_credentials_get_forced_sasl_mech(creds));
636 : }
637 :
638 0 : static PyObject *py_creds_set_forced_sasl_mech(PyObject *self, PyObject *args)
639 : {
640 0 : char *newval;
641 0 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
642 0 : if (creds == NULL) {
643 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
644 0 : return NULL;
645 : }
646 :
647 0 : if (!PyArg_ParseTuple(args, "s", &newval)) {
648 0 : return NULL;
649 : }
650 :
651 0 : cli_credentials_set_forced_sasl_mech(creds, newval);
652 0 : Py_RETURN_NONE;
653 : }
654 :
655 6 : static PyObject *py_creds_set_conf(PyObject *self, PyObject *args)
656 : {
657 6 : PyObject *py_lp_ctx = Py_None;
658 6 : struct loadparm_context *lp_ctx;
659 6 : TALLOC_CTX *mem_ctx;
660 6 : struct cli_credentials *creds;
661 6 : bool ok;
662 :
663 6 : creds = PyCredentials_AsCliCredentials(self);
664 6 : if (creds == NULL) {
665 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
666 0 : return NULL;
667 : }
668 :
669 6 : if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) {
670 0 : return NULL;
671 : }
672 :
673 6 : mem_ctx = talloc_new(NULL);
674 6 : if (mem_ctx == NULL) {
675 0 : PyErr_NoMemory();
676 0 : return NULL;
677 : }
678 :
679 6 : lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
680 6 : if (lp_ctx == NULL) {
681 0 : talloc_free(mem_ctx);
682 0 : return NULL;
683 : }
684 :
685 6 : ok = cli_credentials_set_conf(creds, lp_ctx);
686 6 : talloc_free(mem_ctx);
687 6 : if (!ok) {
688 0 : return NULL;
689 : }
690 :
691 6 : Py_RETURN_NONE;
692 : }
693 :
694 19699 : static PyObject *py_creds_guess(PyObject *self, PyObject *args)
695 : {
696 19699 : PyObject *py_lp_ctx = Py_None;
697 118 : struct loadparm_context *lp_ctx;
698 118 : TALLOC_CTX *mem_ctx;
699 118 : struct cli_credentials *creds;
700 118 : bool ok;
701 :
702 19699 : creds = PyCredentials_AsCliCredentials(self);
703 19699 : if (creds == NULL) {
704 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
705 0 : return NULL;
706 : }
707 :
708 19699 : if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
709 0 : return NULL;
710 :
711 19699 : mem_ctx = talloc_new(NULL);
712 19699 : if (mem_ctx == NULL) {
713 0 : PyErr_NoMemory();
714 0 : return NULL;
715 : }
716 :
717 19699 : lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
718 19699 : if (lp_ctx == NULL) {
719 0 : talloc_free(mem_ctx);
720 0 : return NULL;
721 : }
722 :
723 19699 : ok = cli_credentials_guess(creds, lp_ctx);
724 19699 : talloc_free(mem_ctx);
725 19699 : if (!ok) {
726 0 : return NULL;
727 : }
728 :
729 19699 : Py_RETURN_NONE;
730 : }
731 :
732 5139 : static PyObject *py_creds_set_machine_account(PyObject *self, PyObject *args)
733 : {
734 5139 : PyObject *py_lp_ctx = Py_None;
735 22 : struct loadparm_context *lp_ctx;
736 22 : NTSTATUS status;
737 22 : struct cli_credentials *creds;
738 22 : TALLOC_CTX *mem_ctx;
739 :
740 5139 : creds = PyCredentials_AsCliCredentials(self);
741 5139 : if (creds == NULL) {
742 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
743 0 : return NULL;
744 : }
745 :
746 5139 : if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
747 0 : return NULL;
748 :
749 5139 : mem_ctx = talloc_new(NULL);
750 5139 : if (mem_ctx == NULL) {
751 0 : PyErr_NoMemory();
752 0 : return NULL;
753 : }
754 :
755 5139 : lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
756 5139 : if (lp_ctx == NULL) {
757 0 : talloc_free(mem_ctx);
758 0 : return NULL;
759 : }
760 :
761 5139 : status = cli_credentials_set_machine_account(creds, lp_ctx);
762 5139 : talloc_free(mem_ctx);
763 :
764 5139 : PyErr_NTSTATUS_IS_ERR_RAISE(status);
765 :
766 4401 : Py_RETURN_NONE;
767 : }
768 :
769 1874 : static PyObject *PyCredentialCacheContainer_from_ccache_container(struct ccache_container *ccc)
770 : {
771 1874 : return pytalloc_reference(&PyCredentialCacheContainer, ccc);
772 : }
773 :
774 :
775 1874 : static PyObject *py_creds_get_named_ccache(PyObject *self, PyObject *args)
776 : {
777 1874 : PyObject *py_lp_ctx = Py_None;
778 1874 : char *ccache_name = NULL;
779 0 : struct loadparm_context *lp_ctx;
780 0 : struct ccache_container *ccc;
781 0 : struct tevent_context *event_ctx;
782 0 : int ret;
783 0 : const char *error_string;
784 0 : struct cli_credentials *creds;
785 0 : TALLOC_CTX *mem_ctx;
786 :
787 1874 : creds = PyCredentials_AsCliCredentials(self);
788 1874 : if (creds == NULL) {
789 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
790 0 : return NULL;
791 : }
792 :
793 1874 : if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name))
794 0 : return NULL;
795 :
796 1874 : mem_ctx = talloc_new(NULL);
797 1874 : if (mem_ctx == NULL) {
798 0 : PyErr_NoMemory();
799 0 : return NULL;
800 : }
801 :
802 1874 : lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
803 1874 : if (lp_ctx == NULL) {
804 0 : talloc_free(mem_ctx);
805 0 : return NULL;
806 : }
807 :
808 1874 : event_ctx = samba_tevent_context_init(mem_ctx);
809 :
810 1874 : ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
811 : ccache_name, &ccc, &error_string);
812 1874 : talloc_unlink(mem_ctx, lp_ctx);
813 1874 : if (ret == 0) {
814 1874 : talloc_steal(ccc, event_ctx);
815 1874 : talloc_free(mem_ctx);
816 1874 : return PyCredentialCacheContainer_from_ccache_container(ccc);
817 : }
818 :
819 0 : PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
820 :
821 0 : talloc_free(mem_ctx);
822 0 : return NULL;
823 : }
824 :
825 1931 : static PyObject *py_creds_set_named_ccache(PyObject *self, PyObject *args)
826 : {
827 1931 : struct loadparm_context *lp_ctx = NULL;
828 1931 : enum credentials_obtained obt = CRED_SPECIFIED;
829 1931 : const char *error_string = NULL;
830 1931 : TALLOC_CTX *mem_ctx = NULL;
831 1931 : char *newval = NULL;
832 1931 : PyObject *py_lp_ctx = Py_None;
833 1931 : int _obt = obt;
834 0 : int ret;
835 1931 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
836 1931 : if (creds == NULL) {
837 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
838 0 : return NULL;
839 : }
840 :
841 1931 : if (!PyArg_ParseTuple(args, "s|iO", &newval, &_obt, &py_lp_ctx))
842 0 : return NULL;
843 1931 : obt = _obt;
844 :
845 1931 : mem_ctx = talloc_new(NULL);
846 1931 : if (mem_ctx == NULL) {
847 0 : PyErr_NoMemory();
848 0 : return NULL;
849 : }
850 :
851 1931 : lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
852 1931 : if (lp_ctx == NULL) {
853 0 : talloc_free(mem_ctx);
854 0 : return NULL;
855 : }
856 :
857 1931 : ret = cli_credentials_set_ccache(creds,
858 : lp_ctx,
859 : newval, obt,
860 : &error_string);
861 :
862 1931 : if (ret != 0) {
863 0 : PyErr_SetString(PyExc_RuntimeError,
864 0 : error_string != NULL ? error_string : "NULL");
865 0 : talloc_free(mem_ctx);
866 0 : return NULL;
867 : }
868 :
869 1931 : talloc_free(mem_ctx);
870 1931 : Py_RETURN_NONE;
871 : }
872 :
873 12940 : static PyObject *py_creds_set_gensec_features(PyObject *self, PyObject *args)
874 : {
875 5 : unsigned int gensec_features;
876 12940 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
877 12940 : if (creds == NULL) {
878 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
879 0 : return NULL;
880 : }
881 :
882 12940 : if (!PyArg_ParseTuple(args, "I", &gensec_features))
883 0 : return NULL;
884 :
885 12940 : cli_credentials_set_gensec_features(creds,
886 : gensec_features,
887 : CRED_SPECIFIED);
888 :
889 12940 : Py_RETURN_NONE;
890 : }
891 :
892 12940 : static PyObject *py_creds_get_gensec_features(PyObject *self, PyObject *args)
893 : {
894 5 : unsigned int gensec_features;
895 12940 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
896 12940 : if (creds == NULL) {
897 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
898 0 : return NULL;
899 : }
900 :
901 12940 : gensec_features = cli_credentials_get_gensec_features(creds);
902 12940 : return PyLong_FromLong(gensec_features);
903 : }
904 :
905 45 : static PyObject *py_creds_new_client_authenticator(PyObject *self,
906 : PyObject *args)
907 : {
908 0 : struct netr_Authenticator auth;
909 45 : struct cli_credentials *creds = NULL;
910 45 : struct netlogon_creds_CredentialState *nc = NULL;
911 45 : PyObject *ret = NULL;
912 0 : NTSTATUS status;
913 :
914 45 : creds = PyCredentials_AsCliCredentials(self);
915 45 : if (creds == NULL) {
916 0 : PyErr_SetString(PyExc_RuntimeError,
917 : "Failed to get credentials from python");
918 0 : return NULL;
919 : }
920 :
921 45 : nc = creds->netlogon_creds;
922 45 : if (nc == NULL) {
923 3 : PyErr_SetString(PyExc_ValueError,
924 : "No netlogon credentials cannot make "
925 : "client authenticator");
926 3 : return NULL;
927 : }
928 :
929 42 : status = netlogon_creds_client_authenticator(nc, &auth);
930 42 : if (!NT_STATUS_IS_OK(status)) {
931 0 : PyErr_SetString(PyExc_ValueError,
932 : "Failed to create client authenticator");
933 0 : return NULL;
934 : }
935 :
936 42 : ret = Py_BuildValue("{s"PYARG_BYTES_LEN"si}",
937 : "credential",
938 : (const char *) &auth.cred, sizeof(auth.cred),
939 : "timestamp", auth.timestamp);
940 42 : return ret;
941 : }
942 :
943 3023 : static PyObject *py_creds_set_secure_channel_type(PyObject *self, PyObject *args)
944 : {
945 1 : unsigned int channel_type;
946 3023 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
947 3023 : if (creds == NULL) {
948 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
949 0 : return NULL;
950 : }
951 :
952 3023 : if (!PyArg_ParseTuple(args, "I", &channel_type))
953 0 : return NULL;
954 :
955 3023 : cli_credentials_set_secure_channel_type(
956 : creds,
957 : channel_type);
958 :
959 3023 : Py_RETURN_NONE;
960 : }
961 :
962 8021 : static PyObject *py_creds_get_secure_channel_type(PyObject *self, PyObject *args)
963 : {
964 8021 : enum netr_SchannelType channel_type = SEC_CHAN_NULL;
965 8021 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
966 8021 : if (creds == NULL) {
967 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
968 0 : return NULL;
969 : }
970 :
971 8021 : channel_type = cli_credentials_get_secure_channel_type(creds);
972 :
973 8021 : return PyLong_FromLong(channel_type);
974 : }
975 :
976 114 : static PyObject *py_creds_get_aes256_key(PyObject *self, PyObject *args)
977 : {
978 114 : struct loadparm_context *lp_ctx = NULL;
979 114 : TALLOC_CTX *mem_ctx = NULL;
980 114 : PyObject *py_lp_ctx = Py_None;
981 114 : const char *salt = NULL;
982 0 : DATA_BLOB aes_256;
983 0 : int code;
984 114 : PyObject *ret = NULL;
985 114 : struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
986 114 : if (creds == NULL) {
987 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
988 0 : return NULL;
989 : }
990 :
991 114 : if (!PyArg_ParseTuple(args, "s|O", &salt, &py_lp_ctx))
992 0 : return NULL;
993 :
994 114 : mem_ctx = talloc_new(NULL);
995 114 : if (mem_ctx == NULL) {
996 0 : PyErr_NoMemory();
997 0 : return NULL;
998 : }
999 :
1000 114 : lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
1001 114 : if (lp_ctx == NULL) {
1002 0 : talloc_free(mem_ctx);
1003 0 : return NULL;
1004 : }
1005 :
1006 114 : code = cli_credentials_get_aes256_key(creds,
1007 : mem_ctx,
1008 : lp_ctx,
1009 : salt,
1010 : &aes_256);
1011 114 : if (code != 0) {
1012 0 : PyErr_SetString(PyExc_RuntimeError,
1013 : "Failed to generate AES256 key");
1014 0 : talloc_free(mem_ctx);
1015 0 : return NULL;
1016 : }
1017 :
1018 114 : ret = PyBytes_FromStringAndSize((const char *)aes_256.data,
1019 114 : aes_256.length);
1020 114 : talloc_free(mem_ctx);
1021 114 : return ret;
1022 : }
1023 :
1024 4 : static PyObject *py_creds_encrypt_netr_crypt_password(PyObject *self,
1025 : PyObject *args)
1026 : {
1027 4 : DATA_BLOB data = data_blob_null;
1028 4 : struct cli_credentials *creds = NULL;
1029 4 : struct netr_CryptPassword *pwd = NULL;
1030 0 : NTSTATUS status;
1031 4 : PyObject *py_cp = Py_None;
1032 :
1033 4 : creds = PyCredentials_AsCliCredentials(self);
1034 4 : if (creds == NULL) {
1035 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1036 0 : return NULL;
1037 : }
1038 :
1039 4 : if (!PyArg_ParseTuple(args, "O", &py_cp)) {
1040 0 : return NULL;
1041 : }
1042 :
1043 4 : pwd = pytalloc_get_type(py_cp, struct netr_CryptPassword);
1044 4 : if (pwd == NULL) {
1045 : /* pytalloc_get_type sets TypeError */
1046 0 : return NULL;
1047 : }
1048 4 : data.length = sizeof(struct netr_CryptPassword);
1049 4 : data.data = (uint8_t *)pwd;
1050 4 : status = netlogon_creds_session_encrypt(creds->netlogon_creds, data);
1051 :
1052 4 : PyErr_NTSTATUS_IS_ERR_RAISE(status);
1053 :
1054 4 : Py_RETURN_NONE;
1055 : }
1056 :
1057 82 : static PyObject *py_creds_encrypt_samr_password(PyObject *self,
1058 : PyObject *args)
1059 : {
1060 82 : DATA_BLOB data = data_blob_null;
1061 82 : struct cli_credentials *creds = NULL;
1062 82 : struct samr_Password *pwd = NULL;
1063 0 : NTSTATUS status;
1064 82 : PyObject *py_cp = Py_None;
1065 :
1066 82 : creds = PyCredentials_AsCliCredentials(self);
1067 82 : if (creds == NULL) {
1068 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1069 0 : return NULL;
1070 : }
1071 :
1072 82 : if (creds->netlogon_creds == NULL) {
1073 0 : PyErr_Format(PyExc_ValueError, "NetLogon credentials not set");
1074 0 : return NULL;
1075 : }
1076 :
1077 82 : if (!PyArg_ParseTuple(args, "O", &py_cp)) {
1078 0 : return NULL;
1079 : }
1080 :
1081 82 : if (!py_check_dcerpc_type(py_cp, "samba.dcerpc.samr", "Password")) {
1082 : /* py_check_dcerpc_type sets TypeError */
1083 0 : return NULL;
1084 : }
1085 :
1086 82 : pwd = pytalloc_get_type(py_cp, struct samr_Password);
1087 82 : if (pwd == NULL) {
1088 : /* pytalloc_get_type sets TypeError */
1089 0 : return NULL;
1090 : }
1091 82 : data = data_blob_const(pwd->hash, sizeof(pwd->hash));
1092 82 : status = netlogon_creds_session_encrypt(creds->netlogon_creds, data);
1093 :
1094 82 : PyErr_NTSTATUS_IS_ERR_RAISE(status);
1095 :
1096 82 : Py_RETURN_NONE;
1097 : }
1098 :
1099 1223 : static PyObject *py_creds_get_smb_signing(PyObject *self, PyObject *unused)
1100 : {
1101 5 : enum smb_signing_setting signing_state;
1102 1223 : struct cli_credentials *creds = NULL;
1103 :
1104 1223 : creds = PyCredentials_AsCliCredentials(self);
1105 1223 : if (creds == NULL) {
1106 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1107 0 : return NULL;
1108 : }
1109 :
1110 1223 : signing_state = cli_credentials_get_smb_signing(creds);
1111 1223 : return PyLong_FromLong(signing_state);
1112 : }
1113 :
1114 2438 : static PyObject *py_creds_set_smb_signing(PyObject *self, PyObject *args)
1115 : {
1116 2 : enum smb_signing_setting signing_state;
1117 2438 : struct cli_credentials *creds = NULL;
1118 2438 : enum credentials_obtained obt = CRED_SPECIFIED;
1119 :
1120 2438 : creds = PyCredentials_AsCliCredentials(self);
1121 2438 : if (creds == NULL) {
1122 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1123 0 : return NULL;
1124 : }
1125 2438 : if (!PyArg_ParseTuple(args, "i|i", &signing_state, &obt)) {
1126 0 : return NULL;
1127 : }
1128 :
1129 2438 : switch (signing_state) {
1130 2436 : case SMB_SIGNING_DEFAULT:
1131 : case SMB_SIGNING_OFF:
1132 : case SMB_SIGNING_IF_REQUIRED:
1133 : case SMB_SIGNING_DESIRED:
1134 : case SMB_SIGNING_REQUIRED:
1135 2438 : break;
1136 0 : default:
1137 0 : PyErr_Format(PyExc_TypeError, "Invalid signing state value");
1138 0 : return NULL;
1139 : }
1140 :
1141 2438 : cli_credentials_set_smb_signing(creds, signing_state, obt);
1142 2438 : Py_RETURN_NONE;
1143 : }
1144 :
1145 44 : static PyObject *py_creds_get_smb_ipc_signing(PyObject *self, PyObject *unused)
1146 : {
1147 5 : enum smb_signing_setting signing_state;
1148 44 : struct cli_credentials *creds = NULL;
1149 :
1150 44 : creds = PyCredentials_AsCliCredentials(self);
1151 44 : if (creds == NULL) {
1152 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1153 0 : return NULL;
1154 : }
1155 :
1156 44 : signing_state = cli_credentials_get_smb_ipc_signing(creds);
1157 44 : return PyLong_FromLong(signing_state);
1158 : }
1159 :
1160 80 : static PyObject *py_creds_set_smb_ipc_signing(PyObject *self, PyObject *args)
1161 : {
1162 2 : enum smb_signing_setting signing_state;
1163 80 : struct cli_credentials *creds = NULL;
1164 80 : enum credentials_obtained obt = CRED_SPECIFIED;
1165 :
1166 80 : creds = PyCredentials_AsCliCredentials(self);
1167 80 : if (creds == NULL) {
1168 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1169 0 : return NULL;
1170 : }
1171 80 : if (!PyArg_ParseTuple(args, "i|i", &signing_state, &obt)) {
1172 0 : return NULL;
1173 : }
1174 :
1175 80 : switch (signing_state) {
1176 78 : case SMB_SIGNING_DEFAULT:
1177 : case SMB_SIGNING_OFF:
1178 : case SMB_SIGNING_IF_REQUIRED:
1179 : case SMB_SIGNING_DESIRED:
1180 : case SMB_SIGNING_REQUIRED:
1181 80 : break;
1182 0 : default:
1183 0 : PyErr_Format(PyExc_TypeError, "Invalid signing state value");
1184 0 : return NULL;
1185 : }
1186 :
1187 80 : cli_credentials_set_smb_ipc_signing(creds, signing_state, obt);
1188 80 : Py_RETURN_NONE;
1189 : }
1190 :
1191 5 : static PyObject *py_creds_get_smb_encryption(PyObject *self, PyObject *unused)
1192 : {
1193 5 : enum smb_encryption_setting encryption_state;
1194 5 : struct cli_credentials *creds = NULL;
1195 :
1196 5 : creds = PyCredentials_AsCliCredentials(self);
1197 5 : if (creds == NULL) {
1198 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1199 0 : return NULL;
1200 : }
1201 :
1202 5 : encryption_state = cli_credentials_get_smb_encryption(creds);
1203 5 : return PyLong_FromLong(encryption_state);
1204 : }
1205 :
1206 18 : static PyObject *py_creds_set_smb_encryption(PyObject *self, PyObject *args)
1207 : {
1208 2 : enum smb_encryption_setting encryption_state;
1209 18 : struct cli_credentials *creds = NULL;
1210 18 : enum credentials_obtained obt = CRED_SPECIFIED;
1211 :
1212 18 : creds = PyCredentials_AsCliCredentials(self);
1213 18 : if (creds == NULL) {
1214 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1215 0 : return NULL;
1216 : }
1217 18 : if (!PyArg_ParseTuple(args, "i|i", &encryption_state, &obt)) {
1218 0 : return NULL;
1219 : }
1220 :
1221 18 : switch (encryption_state) {
1222 16 : case SMB_ENCRYPTION_DEFAULT:
1223 : case SMB_ENCRYPTION_OFF:
1224 : case SMB_ENCRYPTION_IF_REQUIRED:
1225 : case SMB_ENCRYPTION_DESIRED:
1226 : case SMB_ENCRYPTION_REQUIRED:
1227 18 : break;
1228 0 : default:
1229 0 : PyErr_Format(PyExc_TypeError, "Invalid encryption state value");
1230 0 : return NULL;
1231 : }
1232 :
1233 18 : (void)cli_credentials_set_smb_encryption(creds, encryption_state, obt);
1234 18 : Py_RETURN_NONE;
1235 : }
1236 :
1237 0 : static PyObject *py_creds_get_krb5_fast_armor_credentials(PyObject *self, PyObject *unused)
1238 : {
1239 0 : struct cli_credentials *creds = NULL;
1240 0 : struct cli_credentials *fast_creds = NULL;
1241 :
1242 0 : creds = PyCredentials_AsCliCredentials(self);
1243 0 : if (creds == NULL) {
1244 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1245 0 : return NULL;
1246 : }
1247 :
1248 0 : fast_creds = cli_credentials_get_krb5_fast_armor_credentials(creds);
1249 0 : if (fast_creds == NULL) {
1250 0 : Py_RETURN_NONE;
1251 : }
1252 :
1253 0 : return PyCredentials_from_cli_credentials(fast_creds);
1254 : }
1255 :
1256 13 : static PyObject *py_creds_set_krb5_fast_armor_credentials(PyObject *self, PyObject *args)
1257 : {
1258 13 : struct cli_credentials *creds = NULL;
1259 0 : PyObject *pyfast_creds;
1260 13 : struct cli_credentials *fast_creds = NULL;
1261 13 : int fast_armor_required = 0;
1262 0 : NTSTATUS status;
1263 :
1264 13 : creds = PyCredentials_AsCliCredentials(self);
1265 13 : if (creds == NULL) {
1266 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1267 0 : return NULL;
1268 : }
1269 13 : if (!PyArg_ParseTuple(args, "Op", &pyfast_creds, &fast_armor_required)) {
1270 0 : return NULL;
1271 : }
1272 13 : if (pyfast_creds == Py_None) {
1273 2 : fast_creds = NULL;
1274 : } else {
1275 11 : fast_creds = PyCredentials_AsCliCredentials(pyfast_creds);
1276 11 : if (fast_creds == NULL) {
1277 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1278 0 : return NULL;
1279 : }
1280 : }
1281 :
1282 13 : status = cli_credentials_set_krb5_fast_armor_credentials(creds,
1283 : fast_creds,
1284 : fast_armor_required);
1285 :
1286 13 : PyErr_NTSTATUS_IS_ERR_RAISE(status);
1287 13 : Py_RETURN_NONE;
1288 : }
1289 :
1290 0 : static PyObject *py_creds_get_krb5_require_fast_armor(PyObject *self, PyObject *unused)
1291 : {
1292 0 : bool krb5_fast_armor_required;
1293 0 : struct cli_credentials *creds = NULL;
1294 :
1295 0 : creds = PyCredentials_AsCliCredentials(self);
1296 0 : if (creds == NULL) {
1297 0 : PyErr_Format(PyExc_TypeError, "Credentials expected");
1298 0 : return NULL;
1299 : }
1300 :
1301 0 : krb5_fast_armor_required = cli_credentials_get_krb5_require_fast_armor(creds);
1302 0 : return PyBool_FromLong(krb5_fast_armor_required);
1303 : }
1304 :
1305 : static PyMethodDef py_creds_methods[] = {
1306 : {
1307 : .ml_name = "get_username",
1308 : .ml_meth = py_creds_get_username,
1309 : .ml_flags = METH_NOARGS,
1310 : .ml_doc = "S.get_username() -> username\nObtain username.",
1311 : },
1312 : {
1313 : .ml_name = "set_username",
1314 : .ml_meth = py_creds_set_username,
1315 : .ml_flags = METH_VARARGS,
1316 : .ml_doc = "S.set_username(name[, credentials.SPECIFIED]) -> None\n"
1317 : "Change username.",
1318 : },
1319 : {
1320 : .ml_name = "get_principal",
1321 : .ml_meth = py_creds_get_principal,
1322 : .ml_flags = METH_NOARGS,
1323 : .ml_doc = "S.get_principal() -> user@realm\nObtain user principal.",
1324 : },
1325 : {
1326 : .ml_name = "set_principal",
1327 : .ml_meth = py_creds_set_principal,
1328 : .ml_flags = METH_VARARGS,
1329 : .ml_doc = "S.set_principal(name[, credentials.SPECIFIED]) -> None\n"
1330 : "Change principal.",
1331 : },
1332 : {
1333 : .ml_name = "get_password",
1334 : .ml_meth = py_creds_get_password,
1335 : .ml_flags = METH_NOARGS,
1336 : .ml_doc = "S.get_password() -> password\n"
1337 : "Obtain password.",
1338 : },
1339 : {
1340 : .ml_name = "get_ntlm_username_domain",
1341 : .ml_meth = py_creds_get_ntlm_username_domain,
1342 : .ml_flags = METH_NOARGS,
1343 : .ml_doc = "S.get_ntlm_username_domain() -> (domain, username)\n"
1344 : "Obtain NTLM username and domain, split up either as (DOMAIN, user) or (\"\", \"user@realm\").",
1345 : },
1346 : {
1347 : .ml_name = "get_ntlm_response",
1348 : .ml_meth = PY_DISCARD_FUNC_SIG(PyCFunction,
1349 : py_creds_get_ntlm_response),
1350 : .ml_flags = METH_VARARGS | METH_KEYWORDS,
1351 : .ml_doc = "S.get_ntlm_response"
1352 : "(flags, challenge[, target_info]) -> "
1353 : "(flags, lm_response, nt_response, lm_session_key, nt_session_key)\n"
1354 : "Obtain LM or NTLM response.",
1355 : },
1356 : {
1357 : .ml_name = "set_password",
1358 : .ml_meth = py_creds_set_password,
1359 : .ml_flags = METH_VARARGS,
1360 : .ml_doc = "S.set_password(password[, credentials.SPECIFIED]) -> None\n"
1361 : "Change password.",
1362 : },
1363 : {
1364 : .ml_name = "set_utf16_password",
1365 : .ml_meth = py_creds_set_utf16_password,
1366 : .ml_flags = METH_VARARGS,
1367 : .ml_doc = "S.set_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
1368 : "Change password.",
1369 : },
1370 : {
1371 : .ml_name = "get_old_password",
1372 : .ml_meth = py_creds_get_old_password,
1373 : .ml_flags = METH_NOARGS,
1374 : .ml_doc = "S.get_old_password() -> password\n"
1375 : "Obtain old password.",
1376 : },
1377 : {
1378 : .ml_name = "set_old_password",
1379 : .ml_meth = py_creds_set_old_password,
1380 : .ml_flags = METH_VARARGS,
1381 : .ml_doc = "S.set_old_password(password[, credentials.SPECIFIED]) -> None\n"
1382 : "Change old password.",
1383 : },
1384 : {
1385 : .ml_name = "set_old_utf16_password",
1386 : .ml_meth = py_creds_set_old_utf16_password,
1387 : .ml_flags = METH_VARARGS,
1388 : .ml_doc = "S.set_old_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
1389 : "Change old password.",
1390 : },
1391 : {
1392 : .ml_name = "get_domain",
1393 : .ml_meth = py_creds_get_domain,
1394 : .ml_flags = METH_NOARGS,
1395 : .ml_doc = "S.get_domain() -> domain\n"
1396 : "Obtain domain name.",
1397 : },
1398 : {
1399 : .ml_name = "set_domain",
1400 : .ml_meth = py_creds_set_domain,
1401 : .ml_flags = METH_VARARGS,
1402 : .ml_doc = "S.set_domain(domain[, credentials.SPECIFIED]) -> None\n"
1403 : "Change domain name.",
1404 : },
1405 : {
1406 : .ml_name = "get_realm",
1407 : .ml_meth = py_creds_get_realm,
1408 : .ml_flags = METH_NOARGS,
1409 : .ml_doc = "S.get_realm() -> realm\n"
1410 : "Obtain realm name.",
1411 : },
1412 : {
1413 : .ml_name = "set_realm",
1414 : .ml_meth = py_creds_set_realm,
1415 : .ml_flags = METH_VARARGS,
1416 : .ml_doc = "S.set_realm(realm[, credentials.SPECIFIED]) -> None\n"
1417 : "Change realm name.",
1418 : },
1419 : {
1420 : .ml_name = "get_bind_dn",
1421 : .ml_meth = py_creds_get_bind_dn,
1422 : .ml_flags = METH_NOARGS,
1423 : .ml_doc = "S.get_bind_dn() -> bind dn\n"
1424 : "Obtain bind DN.",
1425 : },
1426 : {
1427 : .ml_name = "set_bind_dn",
1428 : .ml_meth = py_creds_set_bind_dn,
1429 : .ml_flags = METH_VARARGS,
1430 : .ml_doc = "S.set_bind_dn(bind_dn) -> None\n"
1431 : "Change bind DN.",
1432 : },
1433 : {
1434 : .ml_name = "is_anonymous",
1435 : .ml_meth = py_creds_is_anonymous,
1436 : .ml_flags = METH_NOARGS,
1437 : },
1438 : {
1439 : .ml_name = "set_anonymous",
1440 : .ml_meth = py_creds_set_anonymous,
1441 : .ml_flags = METH_NOARGS,
1442 : .ml_doc = "S.set_anonymous() -> None\n"
1443 : "Use anonymous credentials.",
1444 : },
1445 : {
1446 : .ml_name = "get_workstation",
1447 : .ml_meth = py_creds_get_workstation,
1448 : .ml_flags = METH_NOARGS,
1449 : },
1450 : {
1451 : .ml_name = "set_workstation",
1452 : .ml_meth = py_creds_set_workstation,
1453 : .ml_flags = METH_VARARGS,
1454 : },
1455 : {
1456 : .ml_name = "authentication_requested",
1457 : .ml_meth = py_creds_authentication_requested,
1458 : .ml_flags = METH_NOARGS,
1459 : },
1460 : {
1461 : .ml_name = "wrong_password",
1462 : .ml_meth = py_creds_wrong_password,
1463 : .ml_flags = METH_NOARGS,
1464 : .ml_doc = "S.wrong_password() -> bool\n"
1465 : "Indicate the returned password was incorrect.",
1466 : },
1467 : {
1468 : .ml_name = "set_cmdline_callbacks",
1469 : .ml_meth = py_creds_set_cmdline_callbacks,
1470 : .ml_flags = METH_NOARGS,
1471 : .ml_doc = "S.set_cmdline_callbacks() -> bool\n"
1472 : "Use command-line to obtain credentials not explicitly set.",
1473 : },
1474 : {
1475 : .ml_name = "parse_string",
1476 : .ml_meth = py_creds_parse_string,
1477 : .ml_flags = METH_VARARGS,
1478 : .ml_doc = "S.parse_string(text[, credentials.SPECIFIED]) -> None\n"
1479 : "Parse credentials string.",
1480 : },
1481 : {
1482 : .ml_name = "parse_file",
1483 : .ml_meth = py_creds_parse_file,
1484 : .ml_flags = METH_VARARGS,
1485 : .ml_doc = "S.parse_file(filename[, credentials.SPECIFIED]) -> None\n"
1486 : "Parse credentials file.",
1487 : },
1488 : {
1489 : .ml_name = "set_password_will_be_nt_hash",
1490 : .ml_meth = py_cli_credentials_set_password_will_be_nt_hash,
1491 : .ml_flags = METH_VARARGS,
1492 : .ml_doc = "S.set_password_will_be_nt_hash(bool) -> None\n"
1493 : "Alters the behaviour of S.set_password() "
1494 : "to expect the NTHASH as hexstring.",
1495 : },
1496 : {
1497 : .ml_name = "get_nt_hash",
1498 : .ml_meth = py_creds_get_nt_hash,
1499 : .ml_flags = METH_NOARGS,
1500 : },
1501 : {
1502 : .ml_name = "set_nt_hash",
1503 : .ml_meth = py_creds_set_nt_hash,
1504 : .ml_flags = METH_VARARGS,
1505 : .ml_doc = "S.set_net_sh(samr_Password[, credentials.SPECIFIED]) -> bool\n"
1506 : "Change NT hash.",
1507 : },
1508 : {
1509 : .ml_name = "get_kerberos_state",
1510 : .ml_meth = py_creds_get_kerberos_state,
1511 : .ml_flags = METH_NOARGS,
1512 : },
1513 : {
1514 : .ml_name = "set_kerberos_state",
1515 : .ml_meth = py_creds_set_kerberos_state,
1516 : .ml_flags = METH_VARARGS,
1517 : },
1518 : {
1519 : .ml_name = "set_krb_forwardable",
1520 : .ml_meth = py_creds_set_krb_forwardable,
1521 : .ml_flags = METH_VARARGS,
1522 : },
1523 : {
1524 : .ml_name = "set_conf",
1525 : .ml_meth = py_creds_set_conf,
1526 : .ml_flags = METH_VARARGS,
1527 : },
1528 : {
1529 : .ml_name = "guess",
1530 : .ml_meth = py_creds_guess,
1531 : .ml_flags = METH_VARARGS,
1532 : },
1533 : {
1534 : .ml_name = "set_machine_account",
1535 : .ml_meth = py_creds_set_machine_account,
1536 : .ml_flags = METH_VARARGS,
1537 : },
1538 : {
1539 : .ml_name = "get_named_ccache",
1540 : .ml_meth = py_creds_get_named_ccache,
1541 : .ml_flags = METH_VARARGS,
1542 : },
1543 : {
1544 : .ml_name = "set_named_ccache",
1545 : .ml_meth = py_creds_set_named_ccache,
1546 : .ml_flags = METH_VARARGS,
1547 : .ml_doc = "S.set_named_ccache(krb5_ccache_name, obtained, lp) -> None\n"
1548 : "Set credentials to KRB5 Credentials Cache (by name).",
1549 : },
1550 : {
1551 : .ml_name = "set_gensec_features",
1552 : .ml_meth = py_creds_set_gensec_features,
1553 : .ml_flags = METH_VARARGS,
1554 : },
1555 : {
1556 : .ml_name = "get_gensec_features",
1557 : .ml_meth = py_creds_get_gensec_features,
1558 : .ml_flags = METH_NOARGS,
1559 : },
1560 : {
1561 : .ml_name = "get_forced_sasl_mech",
1562 : .ml_meth = py_creds_get_forced_sasl_mech,
1563 : .ml_flags = METH_NOARGS,
1564 : .ml_doc = "S.get_forced_sasl_mech() -> SASL mechanism\nObtain forced SASL mechanism.",
1565 : },
1566 : {
1567 : .ml_name = "set_forced_sasl_mech",
1568 : .ml_meth = py_creds_set_forced_sasl_mech,
1569 : .ml_flags = METH_VARARGS,
1570 : .ml_doc = "S.set_forced_sasl_mech(name) -> None\n"
1571 : "Set forced SASL mechanism.",
1572 : },
1573 : {
1574 : .ml_name = "new_client_authenticator",
1575 : .ml_meth = py_creds_new_client_authenticator,
1576 : .ml_flags = METH_NOARGS,
1577 : .ml_doc = "S.new_client_authenticator() -> Authenticator\n"
1578 : "Get a new client NETLOGON_AUTHENTICATOR"},
1579 : {
1580 : .ml_name = "set_secure_channel_type",
1581 : .ml_meth = py_creds_set_secure_channel_type,
1582 : .ml_flags = METH_VARARGS,
1583 : },
1584 : {
1585 : .ml_name = "get_secure_channel_type",
1586 : .ml_meth = py_creds_get_secure_channel_type,
1587 : .ml_flags = METH_VARARGS,
1588 : },
1589 : {
1590 : .ml_name = "get_aes256_key",
1591 : .ml_meth = py_creds_get_aes256_key,
1592 : .ml_flags = METH_VARARGS,
1593 : .ml_doc = "S.get_aes256_key(salt[, lp]) -> bytes\n"
1594 : "Generate an AES256 key using the current password and\n"
1595 : "the specified salt",
1596 : },
1597 : {
1598 : .ml_name = "encrypt_netr_crypt_password",
1599 : .ml_meth = py_creds_encrypt_netr_crypt_password,
1600 : .ml_flags = METH_VARARGS,
1601 : .ml_doc = "S.encrypt_netr_crypt_password(password) -> None\n"
1602 : "Encrypt the supplied password using the session key and\n"
1603 : "the negotiated encryption algorithm in place\n"
1604 : "i.e. it overwrites the original data"},
1605 : {
1606 : .ml_name = "encrypt_samr_password",
1607 : .ml_meth = py_creds_encrypt_samr_password,
1608 : .ml_flags = METH_VARARGS,
1609 : .ml_doc = "S.encrypt_samr_password(password) -> None\n"
1610 : "Encrypt the supplied password using the session key and\n"
1611 : "the negotiated encryption algorithm in place\n"
1612 : "i.e. it overwrites the original data"
1613 : },
1614 : {
1615 : .ml_name = "get_smb_signing",
1616 : .ml_meth = py_creds_get_smb_signing,
1617 : .ml_flags = METH_NOARGS,
1618 : },
1619 : {
1620 : .ml_name = "set_smb_signing",
1621 : .ml_meth = py_creds_set_smb_signing,
1622 : .ml_flags = METH_VARARGS,
1623 : },
1624 : {
1625 : .ml_name = "get_smb_ipc_signing",
1626 : .ml_meth = py_creds_get_smb_ipc_signing,
1627 : .ml_flags = METH_NOARGS,
1628 : },
1629 : {
1630 : .ml_name = "set_smb_ipc_signing",
1631 : .ml_meth = py_creds_set_smb_ipc_signing,
1632 : .ml_flags = METH_VARARGS,
1633 : },
1634 : {
1635 : .ml_name = "get_smb_encryption",
1636 : .ml_meth = py_creds_get_smb_encryption,
1637 : .ml_flags = METH_NOARGS,
1638 : },
1639 : {
1640 : .ml_name = "set_smb_encryption",
1641 : .ml_meth = py_creds_set_smb_encryption,
1642 : .ml_flags = METH_VARARGS,
1643 : },
1644 : {
1645 : .ml_name = "get_krb5_fast_armor_credentials",
1646 : .ml_meth = py_creds_get_krb5_fast_armor_credentials,
1647 : .ml_flags = METH_NOARGS,
1648 : .ml_doc = "S.get_krb5_fast_armor_credentials() -> Credentials\n"
1649 : "Get the Kerberos FAST credentials set on this credentials object"
1650 : },
1651 : {
1652 : .ml_name = "set_krb5_fast_armor_credentials",
1653 : .ml_meth = py_creds_set_krb5_fast_armor_credentials,
1654 : .ml_flags = METH_VARARGS,
1655 : .ml_doc = "S.set_krb5_fast_armor_credentials(credentials, required) -> None\n"
1656 : "Set Kerberos FAST credentials for this credentials object, and if FAST armoring must be used."
1657 : },
1658 : {
1659 : .ml_name = "get_krb5_require_fast_armor",
1660 : .ml_meth = py_creds_get_krb5_require_fast_armor,
1661 : .ml_flags = METH_NOARGS,
1662 : .ml_doc = "S.get_krb5_fast_armor() -> bool\n"
1663 : "Indicate if Kerberos FAST armor is required"
1664 : },
1665 : { .ml_name = NULL }
1666 : };
1667 :
1668 : static struct PyModuleDef moduledef = {
1669 : PyModuleDef_HEAD_INIT,
1670 : .m_name = "credentials",
1671 : .m_doc = "Credentials management.",
1672 : .m_size = -1,
1673 : .m_methods = py_creds_methods,
1674 : };
1675 :
1676 : PyTypeObject PyCredentials = {
1677 : .tp_name = "credentials.Credentials",
1678 : .tp_new = py_creds_new,
1679 : .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
1680 : .tp_methods = py_creds_methods,
1681 : };
1682 :
1683 1858 : static PyObject *py_ccache_name(PyObject *self, PyObject *unused)
1684 : {
1685 1858 : struct ccache_container *ccc = NULL;
1686 1858 : char *name = NULL;
1687 1858 : PyObject *py_name = NULL;
1688 0 : int ret;
1689 :
1690 1858 : ccc = pytalloc_get_type(self, struct ccache_container);
1691 :
1692 1858 : ret = krb5_cc_get_full_name(ccc->smb_krb5_context->krb5_context,
1693 : ccc->ccache, &name);
1694 1858 : if (ret == 0) {
1695 1858 : py_name = PyString_FromStringOrNULL(name);
1696 1858 : krb5_free_string(ccc->smb_krb5_context->krb5_context, name);
1697 : } else {
1698 0 : PyErr_SetString(PyExc_RuntimeError,
1699 : "Failed to get ccache name");
1700 0 : return NULL;
1701 : }
1702 1858 : return py_name;
1703 : }
1704 :
1705 : static PyMethodDef py_ccache_container_methods[] = {
1706 : { "get_name", py_ccache_name, METH_NOARGS,
1707 : "S.get_name() -> name\nObtain KRB5 credentials cache name." },
1708 : {0}
1709 : };
1710 :
1711 : PyTypeObject PyCredentialCacheContainer = {
1712 : .tp_name = "credentials.CredentialCacheContainer",
1713 : .tp_flags = Py_TPFLAGS_DEFAULT,
1714 : .tp_methods = py_ccache_container_methods,
1715 : };
1716 :
1717 7550 : MODULE_INIT_FUNC(credentials)
1718 : {
1719 192 : PyObject *m;
1720 7550 : if (pytalloc_BaseObject_PyType_Ready(&PyCredentials) < 0)
1721 0 : return NULL;
1722 :
1723 7550 : if (pytalloc_BaseObject_PyType_Ready(&PyCredentialCacheContainer) < 0)
1724 0 : return NULL;
1725 :
1726 7550 : m = PyModule_Create(&moduledef);
1727 7550 : if (m == NULL)
1728 0 : return NULL;
1729 :
1730 7550 : PyModule_AddObject(m, "UNINITIALISED", PyLong_FromLong(CRED_UNINITIALISED));
1731 7550 : PyModule_AddObject(m, "SMB_CONF", PyLong_FromLong(CRED_SMB_CONF));
1732 7550 : PyModule_AddObject(m, "CALLBACK", PyLong_FromLong(CRED_CALLBACK));
1733 7550 : PyModule_AddObject(m, "GUESS_ENV", PyLong_FromLong(CRED_GUESS_ENV));
1734 7550 : PyModule_AddObject(m, "GUESS_FILE", PyLong_FromLong(CRED_GUESS_FILE));
1735 7550 : PyModule_AddObject(m, "CALLBACK_RESULT", PyLong_FromLong(CRED_CALLBACK_RESULT));
1736 7550 : PyModule_AddObject(m, "SPECIFIED", PyLong_FromLong(CRED_SPECIFIED));
1737 :
1738 7550 : PyModule_AddObject(m, "AUTO_USE_KERBEROS", PyLong_FromLong(CRED_USE_KERBEROS_DESIRED));
1739 7550 : PyModule_AddObject(m, "DONT_USE_KERBEROS", PyLong_FromLong(CRED_USE_KERBEROS_DISABLED));
1740 7550 : PyModule_AddObject(m, "MUST_USE_KERBEROS", PyLong_FromLong(CRED_USE_KERBEROS_REQUIRED));
1741 :
1742 7550 : PyModule_AddObject(m, "AUTO_KRB_FORWARDABLE", PyLong_FromLong(CRED_AUTO_KRB_FORWARDABLE));
1743 7550 : PyModule_AddObject(m, "NO_KRB_FORWARDABLE", PyLong_FromLong(CRED_NO_KRB_FORWARDABLE));
1744 7550 : PyModule_AddObject(m, "FORCE_KRB_FORWARDABLE", PyLong_FromLong(CRED_FORCE_KRB_FORWARDABLE));
1745 7550 : PyModule_AddObject(m, "CLI_CRED_NTLM2", PyLong_FromLong(CLI_CRED_NTLM2));
1746 7550 : PyModule_AddObject(m, "CLI_CRED_NTLMv2_AUTH", PyLong_FromLong(CLI_CRED_NTLMv2_AUTH));
1747 7550 : PyModule_AddObject(m, "CLI_CRED_LANMAN_AUTH", PyLong_FromLong(CLI_CRED_LANMAN_AUTH));
1748 7550 : PyModule_AddObject(m, "CLI_CRED_NTLM_AUTH", PyLong_FromLong(CLI_CRED_NTLM_AUTH));
1749 7550 : PyModule_AddObject(m, "CLI_CRED_CLEAR_AUTH", PyLong_FromLong(CLI_CRED_CLEAR_AUTH));
1750 :
1751 7550 : PyModule_AddObject(m, "SMB_SIGNING_DEFAULT", PyLong_FromLong(SMB_SIGNING_DEFAULT));
1752 7550 : PyModule_AddObject(m, "SMB_SIGNING_OFF", PyLong_FromLong(SMB_SIGNING_OFF));
1753 7550 : PyModule_AddObject(m, "SMB_SIGNING_IF_REQUIRED", PyLong_FromLong(SMB_SIGNING_IF_REQUIRED));
1754 7550 : PyModule_AddObject(m, "SMB_SIGNING_DESIRED", PyLong_FromLong(SMB_SIGNING_DESIRED));
1755 7550 : PyModule_AddObject(m, "SMB_SIGNING_REQUIRED", PyLong_FromLong(SMB_SIGNING_REQUIRED));
1756 :
1757 7550 : PyModule_AddObject(m, "SMB_ENCRYPTION_DEFAULT", PyLong_FromLong(SMB_ENCRYPTION_DEFAULT));
1758 7550 : PyModule_AddObject(m, "SMB_ENCRYPTION_OFF", PyLong_FromLong(SMB_ENCRYPTION_OFF));
1759 7550 : PyModule_AddObject(m, "SMB_ENCRYPTION_IF_REQUIRED", PyLong_FromLong(SMB_ENCRYPTION_IF_REQUIRED));
1760 7550 : PyModule_AddObject(m, "SMB_ENCRYPTION_DESIRED", PyLong_FromLong(SMB_ENCRYPTION_DESIRED));
1761 7550 : PyModule_AddObject(m, "SMB_ENCRYPTION_REQUIRED", PyLong_FromLong(SMB_ENCRYPTION_REQUIRED));
1762 :
1763 6300 : Py_INCREF(&PyCredentials);
1764 7550 : PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials);
1765 6300 : Py_INCREF(&PyCredentialCacheContainer);
1766 7550 : PyModule_AddObject(m, "CredentialCacheContainer", (PyObject *)&PyCredentialCacheContainer);
1767 7550 : return m;
1768 : }
|
