2 Unix SMB/CIFS implementation.
3 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "python/py3compat.h"
22 #include "pycredentials.h"
23 #include "param/param.h"
24 #include "lib/cmdline/credentials.h"
25 #include "auth/credentials/credentials_internal.h"
26 #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */
27 #include "librpc/gen_ndr/netlogon.h"
28 #include "libcli/util/pyerrors.h"
29 #include "libcli/auth/libcli_auth.h"
30 #include "param/pyparam.h"
32 #include "libcli/auth/libcli_auth.h"
33 #include "auth/credentials/credentials_internal.h"
35 void initcredentials(void);
37 static PyObject *PyString_FromStringOrNULL(const char *str)
41 return PyStr_FromString(str);
44 static PyObject *py_creds_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
46 return pytalloc_steal(type, cli_credentials_init(NULL));
49 static PyObject *py_creds_get_username(PyObject *self, PyObject *unused)
51 return PyString_FromStringOrNULL(cli_credentials_get_username(PyCredentials_AsCliCredentials(self)));
54 static PyObject *py_creds_set_username(PyObject *self, PyObject *args)
57 enum credentials_obtained obt = CRED_SPECIFIED;
60 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
65 return PyBool_FromLong(cli_credentials_set_username(PyCredentials_AsCliCredentials(self), newval, obt));
68 static PyObject *py_creds_get_ntlm_username_domain(PyObject *self, PyObject *unused)
70 TALLOC_CTX *frame = talloc_stackframe();
71 const char *user = NULL;
72 const char *domain = NULL;
74 cli_credentials_get_ntlm_username_domain(PyCredentials_AsCliCredentials(self),
75 frame, &user, &domain);
76 ret = Py_BuildValue("(OO)",
77 PyString_FromStringOrNULL(user),
78 PyString_FromStringOrNULL(domain));
83 static PyObject *py_creds_get_ntlm_response(PyObject *self, PyObject *args, PyObject *kwargs)
85 TALLOC_CTX *frame = talloc_stackframe();
88 struct timeval tv_now;
89 NTTIME server_timestamp;
90 DATA_BLOB challenge = data_blob_null;
91 DATA_BLOB target_info = data_blob_null;
93 DATA_BLOB lm_response = data_blob_null;
94 DATA_BLOB nt_response = data_blob_null;
95 DATA_BLOB lm_session_key = data_blob_null;
96 DATA_BLOB nt_session_key = data_blob_null;
97 const char *kwnames[] = { "flags", "challenge",
101 tv_now = timeval_current();
102 server_timestamp = timeval_to_nttime(&tv_now);
104 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "is#|s#",
105 discard_const_p(char *, kwnames),
110 &target_info.length)) {
114 status = cli_credentials_get_ntlm_response(PyCredentials_AsCliCredentials(self),
119 &lm_response, &nt_response,
120 &lm_session_key, &nt_session_key);
122 if (!NT_STATUS_IS_OK(status)) {
123 PyErr_SetNTSTATUS(status);
128 ret = Py_BuildValue("{sis" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN
129 "s" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN "}",
132 (const char *)lm_response.data, lm_response.length,
134 (const char *)nt_response.data, nt_response.length,
136 (const char *)lm_session_key.data, lm_session_key.length,
138 (const char *)nt_session_key.data, nt_session_key.length);
143 static PyObject *py_creds_get_principal(PyObject *self, PyObject *unused)
145 TALLOC_CTX *frame = talloc_stackframe();
146 PyObject *ret = PyString_FromStringOrNULL(cli_credentials_get_principal(PyCredentials_AsCliCredentials(self), frame));
151 static PyObject *py_creds_set_principal(PyObject *self, PyObject *args)
154 enum credentials_obtained obt = CRED_SPECIFIED;
157 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
162 return PyBool_FromLong(cli_credentials_set_principal(PyCredentials_AsCliCredentials(self), newval, obt));
165 static PyObject *py_creds_get_password(PyObject *self, PyObject *unused)
167 return PyString_FromStringOrNULL(cli_credentials_get_password(PyCredentials_AsCliCredentials(self)));
170 static PyObject *py_creds_set_password(PyObject *self, PyObject *args)
173 enum credentials_obtained obt = CRED_SPECIFIED;
176 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
181 return PyBool_FromLong(cli_credentials_set_password(PyCredentials_AsCliCredentials(self), newval, obt));
184 static PyObject *py_creds_set_utf16_password(PyObject *self, PyObject *args)
186 enum credentials_obtained obt = CRED_SPECIFIED;
188 PyObject *newval = NULL;
189 DATA_BLOB blob = data_blob_null;
194 if (!PyArg_ParseTuple(args, "O|i", &newval, &_obt)) {
199 result = PyBytes_AsStringAndSize(newval, (char **)&blob.data, &size);
201 PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
206 ok = cli_credentials_set_utf16_password(PyCredentials_AsCliCredentials(self),
209 return PyBool_FromLong(ok);
212 static PyObject *py_creds_get_old_password(PyObject *self, PyObject *unused)
214 return PyString_FromStringOrNULL(cli_credentials_get_old_password(PyCredentials_AsCliCredentials(self)));
217 static PyObject *py_creds_set_old_password(PyObject *self, PyObject *args)
220 enum credentials_obtained obt = CRED_SPECIFIED;
223 if (!PyArg_ParseTuple(args, "s|i", &oldval, &_obt)) {
228 return PyBool_FromLong(cli_credentials_set_old_password(PyCredentials_AsCliCredentials(self), oldval, obt));
231 static PyObject *py_creds_set_old_utf16_password(PyObject *self, PyObject *args)
233 PyObject *oldval = NULL;
234 DATA_BLOB blob = data_blob_null;
239 if (!PyArg_ParseTuple(args, "O", &oldval)) {
243 result = PyBytes_AsStringAndSize(oldval, (char **)&blob.data, &size);
245 PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
250 ok = cli_credentials_set_old_utf16_password(PyCredentials_AsCliCredentials(self),
253 return PyBool_FromLong(ok);
256 static PyObject *py_creds_get_domain(PyObject *self, PyObject *unused)
258 return PyString_FromStringOrNULL(cli_credentials_get_domain(PyCredentials_AsCliCredentials(self)));
261 static PyObject *py_creds_set_domain(PyObject *self, PyObject *args)
264 enum credentials_obtained obt = CRED_SPECIFIED;
267 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
272 return PyBool_FromLong(cli_credentials_set_domain(PyCredentials_AsCliCredentials(self), newval, obt));
275 static PyObject *py_creds_get_realm(PyObject *self, PyObject *unused)
277 return PyString_FromStringOrNULL(cli_credentials_get_realm(PyCredentials_AsCliCredentials(self)));
280 static PyObject *py_creds_set_realm(PyObject *self, PyObject *args)
283 enum credentials_obtained obt = CRED_SPECIFIED;
286 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
291 return PyBool_FromLong(cli_credentials_set_realm(PyCredentials_AsCliCredentials(self), newval, obt));
294 static PyObject *py_creds_get_bind_dn(PyObject *self, PyObject *unused)
296 return PyString_FromStringOrNULL(cli_credentials_get_bind_dn(PyCredentials_AsCliCredentials(self)));
299 static PyObject *py_creds_set_bind_dn(PyObject *self, PyObject *args)
302 if (!PyArg_ParseTuple(args, "s", &newval))
305 return PyBool_FromLong(cli_credentials_set_bind_dn(PyCredentials_AsCliCredentials(self), newval));
308 static PyObject *py_creds_get_workstation(PyObject *self, PyObject *unused)
310 return PyString_FromStringOrNULL(cli_credentials_get_workstation(PyCredentials_AsCliCredentials(self)));
313 static PyObject *py_creds_set_workstation(PyObject *self, PyObject *args)
316 enum credentials_obtained obt = CRED_SPECIFIED;
319 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
324 return PyBool_FromLong(cli_credentials_set_workstation(PyCredentials_AsCliCredentials(self), newval, obt));
327 static PyObject *py_creds_is_anonymous(PyObject *self, PyObject *unused)
329 return PyBool_FromLong(cli_credentials_is_anonymous(PyCredentials_AsCliCredentials(self)));
332 static PyObject *py_creds_set_anonymous(PyObject *self, PyObject *unused)
334 cli_credentials_set_anonymous(PyCredentials_AsCliCredentials(self));
338 static PyObject *py_creds_authentication_requested(PyObject *self, PyObject *unused)
340 return PyBool_FromLong(cli_credentials_authentication_requested(PyCredentials_AsCliCredentials(self)));
343 static PyObject *py_creds_wrong_password(PyObject *self, PyObject *unused)
345 return PyBool_FromLong(cli_credentials_wrong_password(PyCredentials_AsCliCredentials(self)));
348 static PyObject *py_creds_set_cmdline_callbacks(PyObject *self, PyObject *unused)
350 return PyBool_FromLong(cli_credentials_set_cmdline_callbacks(PyCredentials_AsCliCredentials(self)));
353 static PyObject *py_creds_parse_string(PyObject *self, PyObject *args)
356 enum credentials_obtained obt = CRED_SPECIFIED;
359 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
364 cli_credentials_parse_string(PyCredentials_AsCliCredentials(self), newval, obt);
368 static PyObject *py_creds_parse_file(PyObject *self, PyObject *args)
371 enum credentials_obtained obt = CRED_SPECIFIED;
374 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
379 cli_credentials_parse_file(PyCredentials_AsCliCredentials(self), newval, obt);
383 static PyObject *py_cli_credentials_set_password_will_be_nt_hash(PyObject *self, PyObject *args)
385 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
386 PyObject *py_val = NULL;
389 if (!PyArg_ParseTuple(args, "O!", &PyBool_Type, &py_val)) {
392 val = PyObject_IsTrue(py_val);
394 cli_credentials_set_password_will_be_nt_hash(creds, val);
398 static PyObject *py_creds_get_nt_hash(PyObject *self, PyObject *unused)
401 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
402 struct samr_Password *ntpw = cli_credentials_get_nt_hash(creds, creds);
404 ret = PyBytes_FromStringAndSize(discard_const_p(char, ntpw->hash), 16);
409 static PyObject *py_creds_get_kerberos_state(PyObject *self, PyObject *unused)
411 int state = cli_credentials_get_kerberos_state(PyCredentials_AsCliCredentials(self));
412 return PyInt_FromLong(state);
415 static PyObject *py_creds_set_kerberos_state(PyObject *self, PyObject *args)
418 if (!PyArg_ParseTuple(args, "i", &state))
421 cli_credentials_set_kerberos_state(PyCredentials_AsCliCredentials(self), state);
425 static PyObject *py_creds_set_krb_forwardable(PyObject *self, PyObject *args)
428 if (!PyArg_ParseTuple(args, "i", &state))
431 cli_credentials_set_krb_forwardable(PyCredentials_AsCliCredentials(self), state);
436 static PyObject *py_creds_get_forced_sasl_mech(PyObject *self, PyObject *unused)
438 return PyString_FromStringOrNULL(cli_credentials_get_forced_sasl_mech(PyCredentials_AsCliCredentials(self)));
441 static PyObject *py_creds_set_forced_sasl_mech(PyObject *self, PyObject *args)
444 enum credentials_obtained obt = CRED_SPECIFIED;
447 if (!PyArg_ParseTuple(args, "s", &newval)) {
452 cli_credentials_set_forced_sasl_mech(PyCredentials_AsCliCredentials(self), newval);
456 static PyObject *py_creds_guess(PyObject *self, PyObject *args)
458 PyObject *py_lp_ctx = Py_None;
459 struct loadparm_context *lp_ctx;
461 struct cli_credentials *creds;
463 creds = PyCredentials_AsCliCredentials(self);
465 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
468 mem_ctx = talloc_new(NULL);
469 if (mem_ctx == NULL) {
474 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
475 if (lp_ctx == NULL) {
476 talloc_free(mem_ctx);
480 cli_credentials_guess(creds, lp_ctx);
482 talloc_free(mem_ctx);
487 static PyObject *py_creds_set_machine_account(PyObject *self, PyObject *args)
489 PyObject *py_lp_ctx = Py_None;
490 struct loadparm_context *lp_ctx;
492 struct cli_credentials *creds;
495 creds = PyCredentials_AsCliCredentials(self);
497 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
500 mem_ctx = talloc_new(NULL);
501 if (mem_ctx == NULL) {
506 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
507 if (lp_ctx == NULL) {
508 talloc_free(mem_ctx);
512 status = cli_credentials_set_machine_account(creds, lp_ctx);
513 talloc_free(mem_ctx);
515 PyErr_NTSTATUS_IS_ERR_RAISE(status);
520 static PyObject *PyCredentialCacheContainer_from_ccache_container(struct ccache_container *ccc)
522 return pytalloc_reference(&PyCredentialCacheContainer, ccc);
526 static PyObject *py_creds_get_named_ccache(PyObject *self, PyObject *args)
528 PyObject *py_lp_ctx = Py_None;
530 struct loadparm_context *lp_ctx;
531 struct ccache_container *ccc;
532 struct tevent_context *event_ctx;
534 const char *error_string;
535 struct cli_credentials *creds;
538 creds = PyCredentials_AsCliCredentials(self);
540 if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name))
543 mem_ctx = talloc_new(NULL);
544 if (mem_ctx == NULL) {
549 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
550 if (lp_ctx == NULL) {
551 talloc_free(mem_ctx);
555 event_ctx = samba_tevent_context_init(mem_ctx);
557 ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
558 ccache_name, &ccc, &error_string);
559 talloc_unlink(mem_ctx, lp_ctx);
561 talloc_steal(ccc, event_ctx);
562 talloc_free(mem_ctx);
563 return PyCredentialCacheContainer_from_ccache_container(ccc);
566 PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
568 talloc_free(mem_ctx);
572 static PyObject *py_creds_set_gensec_features(PyObject *self, PyObject *args)
574 unsigned int gensec_features;
576 if (!PyArg_ParseTuple(args, "I", &gensec_features))
579 cli_credentials_set_gensec_features(PyCredentials_AsCliCredentials(self), gensec_features);
584 static PyObject *py_creds_get_gensec_features(PyObject *self, PyObject *args)
586 unsigned int gensec_features;
588 gensec_features = cli_credentials_get_gensec_features(PyCredentials_AsCliCredentials(self));
589 return PyInt_FromLong(gensec_features);
592 static PyObject *py_creds_new_client_authenticator(PyObject *self,
595 struct netr_Authenticator auth;
596 struct cli_credentials *creds = NULL;
597 struct netlogon_creds_CredentialState *nc = NULL;
598 PyObject *ret = NULL;
600 creds = PyCredentials_AsCliCredentials(self);
602 PyErr_SetString(PyExc_RuntimeError,
603 "Failed to get credentials from python");
607 nc = creds->netlogon_creds;
609 PyErr_SetString(PyExc_ValueError,
610 "No netlogon credentials cannot make "
611 "client authenticator");
615 netlogon_creds_client_authenticator(
618 ret = Py_BuildValue("{ss#si}",
620 (const char *) &auth.cred, sizeof(auth.cred),
621 "timestamp", auth.timestamp);
625 static PyObject *py_creds_set_secure_channel_type(PyObject *self, PyObject *args)
627 unsigned int channel_type;
629 if (!PyArg_ParseTuple(args, "I", &channel_type))
632 cli_credentials_set_secure_channel_type(
633 PyCredentials_AsCliCredentials(self),
639 static PyObject *py_creds_encrypt_netr_crypt_password(PyObject *self,
642 DATA_BLOB data = data_blob_null;
643 struct cli_credentials *creds = NULL;
644 struct netr_CryptPassword *pwd = NULL;
646 PyObject *py_cp = Py_None;
648 creds = PyCredentials_AsCliCredentials(self);
650 if (!PyArg_ParseTuple(args, "|O", &py_cp)) {
653 pwd = pytalloc_get_type(py_cp, struct netr_CryptPassword);
654 data.length = sizeof(struct netr_CryptPassword);
655 data.data = (uint8_t *)pwd;
656 status = netlogon_creds_session_encrypt(creds->netlogon_creds, data);
658 PyErr_NTSTATUS_IS_ERR_RAISE(status);
663 static PyMethodDef py_creds_methods[] = {
664 { "get_username", py_creds_get_username, METH_NOARGS,
665 "S.get_username() -> username\nObtain username." },
666 { "set_username", py_creds_set_username, METH_VARARGS,
667 "S.set_username(name[, credentials.SPECIFIED]) -> None\n"
668 "Change username." },
669 { "get_principal", py_creds_get_principal, METH_NOARGS,
670 "S.get_principal() -> user@realm\nObtain user principal." },
671 { "set_principal", py_creds_set_principal, METH_VARARGS,
672 "S.set_principal(name[, credentials.SPECIFIED]) -> None\n"
673 "Change principal." },
674 { "get_password", py_creds_get_password, METH_NOARGS,
675 "S.get_password() -> password\n"
676 "Obtain password." },
677 { "get_ntlm_username_domain", py_creds_get_ntlm_username_domain, METH_NOARGS,
678 "S.get_ntlm_username_domain() -> (domain, username)\n"
679 "Obtain NTLM username and domain, split up either as (DOMAIN, user) or (\"\", \"user@realm\")." },
680 { "get_ntlm_response", (PyCFunction)py_creds_get_ntlm_response, METH_VARARGS | METH_KEYWORDS,
681 "S.get_ntlm_response"
682 "(flags, challenge[, target_info]) -> "
683 "(flags, lm_response, nt_response, lm_session_key, nt_session_key)\n"
684 "Obtain LM or NTLM response." },
685 { "set_password", py_creds_set_password, METH_VARARGS,
686 "S.set_password(password[, credentials.SPECIFIED]) -> None\n"
687 "Change password." },
688 { "set_utf16_password", py_creds_set_utf16_password, METH_VARARGS,
689 "S.set_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
690 "Change password." },
691 { "get_old_password", py_creds_get_old_password, METH_NOARGS,
692 "S.get_old_password() -> password\n"
693 "Obtain old password." },
694 { "set_old_password", py_creds_set_old_password, METH_VARARGS,
695 "S.set_old_password(password[, credentials.SPECIFIED]) -> None\n"
696 "Change old password." },
697 { "set_old_utf16_password", py_creds_set_old_utf16_password, METH_VARARGS,
698 "S.set_old_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
699 "Change old password." },
700 { "get_domain", py_creds_get_domain, METH_NOARGS,
701 "S.get_domain() -> domain\n"
702 "Obtain domain name." },
703 { "set_domain", py_creds_set_domain, METH_VARARGS,
704 "S.set_domain(domain[, credentials.SPECIFIED]) -> None\n"
705 "Change domain name." },
706 { "get_realm", py_creds_get_realm, METH_NOARGS,
707 "S.get_realm() -> realm\n"
708 "Obtain realm name." },
709 { "set_realm", py_creds_set_realm, METH_VARARGS,
710 "S.set_realm(realm[, credentials.SPECIFIED]) -> None\n"
711 "Change realm name." },
712 { "get_bind_dn", py_creds_get_bind_dn, METH_NOARGS,
713 "S.get_bind_dn() -> bind dn\n"
715 { "set_bind_dn", py_creds_set_bind_dn, METH_VARARGS,
716 "S.set_bind_dn(bind_dn) -> None\n"
718 { "is_anonymous", py_creds_is_anonymous, METH_NOARGS,
720 { "set_anonymous", py_creds_set_anonymous, METH_NOARGS,
721 "S.set_anonymous() -> None\n"
722 "Use anonymous credentials." },
723 { "get_workstation", py_creds_get_workstation, METH_NOARGS,
725 { "set_workstation", py_creds_set_workstation, METH_VARARGS,
727 { "authentication_requested", py_creds_authentication_requested, METH_NOARGS,
729 { "wrong_password", py_creds_wrong_password, METH_NOARGS,
730 "S.wrong_password() -> bool\n"
731 "Indicate the returned password was incorrect." },
732 { "set_cmdline_callbacks", py_creds_set_cmdline_callbacks, METH_NOARGS,
733 "S.set_cmdline_callbacks() -> bool\n"
734 "Use command-line to obtain credentials not explicitly set." },
735 { "parse_string", py_creds_parse_string, METH_VARARGS,
736 "S.parse_string(text[, credentials.SPECIFIED]) -> None\n"
737 "Parse credentials string." },
738 { "parse_file", py_creds_parse_file, METH_VARARGS,
739 "S.parse_file(filename[, credentials.SPECIFIED]) -> None\n"
740 "Parse credentials file." },
741 { "set_password_will_be_nt_hash",
742 py_cli_credentials_set_password_will_be_nt_hash, METH_VARARGS,
743 "S.set_password_will_be_nt_hash(bool) -> None\n"
744 "Alters the behaviour of S.set_password() "
745 "to expect the NTHASH as hexstring." },
746 { "get_nt_hash", py_creds_get_nt_hash, METH_NOARGS,
748 { "get_kerberos_state", py_creds_get_kerberos_state, METH_NOARGS,
750 { "set_kerberos_state", py_creds_set_kerberos_state, METH_VARARGS,
752 { "set_krb_forwardable", py_creds_set_krb_forwardable, METH_VARARGS,
754 { "guess", py_creds_guess, METH_VARARGS, NULL },
755 { "set_machine_account", py_creds_set_machine_account, METH_VARARGS, NULL },
756 { "get_named_ccache", py_creds_get_named_ccache, METH_VARARGS, NULL },
757 { "set_gensec_features", py_creds_set_gensec_features, METH_VARARGS, NULL },
758 { "get_gensec_features", py_creds_get_gensec_features, METH_NOARGS, NULL },
759 { "get_forced_sasl_mech", py_creds_get_forced_sasl_mech, METH_NOARGS,
760 "S.get_forced_sasl_mech() -> SASL mechanism\nObtain forced SASL mechanism." },
761 { "set_forced_sasl_mech", py_creds_set_forced_sasl_mech, METH_VARARGS,
762 "S.set_forced_sasl_mech(name) -> None\n"
763 "Set forced SASL mechanism." },
764 { "new_client_authenticator",
765 py_creds_new_client_authenticator,
767 "S.new_client_authenticator() -> Authenticator\n"
768 "Get a new client NETLOGON_AUTHENTICATOR"},
769 { "set_secure_channel_type", py_creds_set_secure_channel_type,
770 METH_VARARGS, NULL },
771 { "encrypt_netr_crypt_password",
772 py_creds_encrypt_netr_crypt_password,
774 "S.encrypt_netr_crypt_password(password) -> NTSTATUS\n"
775 "Encrypt the supplied password using the session key and\n"
776 "the negotiated encryption algorithm in place\n"
777 "i.e. it overwrites the original data"},
781 static struct PyModuleDef moduledef = {
782 PyModuleDef_HEAD_INIT,
783 .m_name = "credentials",
784 .m_doc = "Credentials management.",
786 .m_methods = py_creds_methods,
789 PyTypeObject PyCredentials = {
790 .tp_name = "credentials.Credentials",
791 .tp_new = py_creds_new,
792 .tp_flags = Py_TPFLAGS_DEFAULT,
793 .tp_methods = py_creds_methods,
797 PyTypeObject PyCredentialCacheContainer = {
798 .tp_name = "credentials.CredentialCacheContainer",
799 .tp_flags = Py_TPFLAGS_DEFAULT,
802 MODULE_INIT_FUNC(credentials)
805 if (pytalloc_BaseObject_PyType_Ready(&PyCredentials) < 0)
808 if (pytalloc_BaseObject_PyType_Ready(&PyCredentialCacheContainer) < 0)
811 m = PyModule_Create(&moduledef);
815 PyModule_AddObject(m, "UNINITIALISED", PyInt_FromLong(CRED_UNINITIALISED));
816 PyModule_AddObject(m, "CALLBACK", PyInt_FromLong(CRED_CALLBACK));
817 PyModule_AddObject(m, "GUESS_ENV", PyInt_FromLong(CRED_GUESS_ENV));
818 PyModule_AddObject(m, "GUESS_FILE", PyInt_FromLong(CRED_GUESS_FILE));
819 PyModule_AddObject(m, "CALLBACK_RESULT", PyInt_FromLong(CRED_CALLBACK_RESULT));
820 PyModule_AddObject(m, "SPECIFIED", PyInt_FromLong(CRED_SPECIFIED));
822 PyModule_AddObject(m, "AUTO_USE_KERBEROS", PyInt_FromLong(CRED_AUTO_USE_KERBEROS));
823 PyModule_AddObject(m, "DONT_USE_KERBEROS", PyInt_FromLong(CRED_DONT_USE_KERBEROS));
824 PyModule_AddObject(m, "MUST_USE_KERBEROS", PyInt_FromLong(CRED_MUST_USE_KERBEROS));
826 PyModule_AddObject(m, "AUTO_KRB_FORWARDABLE", PyInt_FromLong(CRED_AUTO_KRB_FORWARDABLE));
827 PyModule_AddObject(m, "NO_KRB_FORWARDABLE", PyInt_FromLong(CRED_NO_KRB_FORWARDABLE));
828 PyModule_AddObject(m, "FORCE_KRB_FORWARDABLE", PyInt_FromLong(CRED_FORCE_KRB_FORWARDABLE));
829 PyModule_AddObject(m, "CLI_CRED_NTLM2", PyInt_FromLong(CLI_CRED_NTLM2));
830 PyModule_AddObject(m, "CLI_CRED_NTLMv2_AUTH", PyInt_FromLong(CLI_CRED_NTLMv2_AUTH));
831 PyModule_AddObject(m, "CLI_CRED_LANMAN_AUTH", PyInt_FromLong(CLI_CRED_LANMAN_AUTH));
832 PyModule_AddObject(m, "CLI_CRED_NTLM_AUTH", PyInt_FromLong(CLI_CRED_NTLM_AUTH));
833 PyModule_AddObject(m, "CLI_CRED_CLEAR_AUTH", PyInt_FromLong(CLI_CRED_CLEAR_AUTH));
835 Py_INCREF(&PyCredentials);
836 PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials);
837 Py_INCREF(&PyCredentialCacheContainer);
838 PyModule_AddObject(m, "CredentialCacheContainer", (PyObject *)&PyCredentialCacheContainer);