source4/auth/credentials/pycredentials.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
   4
   5    This program is free software; you can redistribute it and/or modify
   6    it under the terms of the GNU General Public License as published by
   7    the Free Software Foundation; either version 3 of the License, or
   8    (at your option) any later version.
   9
  10    This program is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13    GNU General Public License for more details.
  14
  15    You should have received a copy of the GNU General Public License
  16    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17 */
  18
  19 #include "includes.h"
  20 #include "pycredentials.h"
  21 #include "param/param.h"
  22 #include "lib/cmdline/credentials.h"
  23 #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */
  24 #include "libcli/util/pyerrors.h"
  25
  26 /* Here until param/param.i gets rewritten in "manual" C */
  27 extern struct loadparm_context *lp_from_py_object(PyObject *py_obj);
  28
  29 struct cli_credentials *cli_credentials_from_py_object(PyObject *py_obj)
  30 {
  31     if (py_obj == Py_None) {
  32         return cli_credentials_init_anon(NULL);
  33     }
  34
  35     /* FIXME: Check type? */
  36     return PyCredentials_AsCliCredentials(py_obj);
  37 }
  38
  39 static PyObject *PyString_FromStringOrNULL(const char *str)
  40 {
  41         if (str == NULL)
  42                 return Py_None;
  43         return PyString_FromString(str);
  44 }
  45
  46 static PyObject *py_creds_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
  47 {
  48         return py_talloc_import(type, cli_credentials_init(NULL));
  49 }
  50
  51 static PyObject *py_creds_get_username(py_talloc_Object *self)
  52 {
  53         return PyString_FromStringOrNULL(cli_credentials_get_username(self->ptr));
  54 }
  55
  56 static PyObject *py_creds_set_username(py_talloc_Object *self, PyObject *args)
  57 {
  58         char *newval;
  59         enum credentials_obtained obt = CRED_SPECIFIED;
  60         if (!PyArg_ParseTuple(args, "s|i", &newval, &obt))
  61                 return NULL;
  62
  63         return PyBool_FromLong(cli_credentials_set_username(self->ptr, newval, obt));
  64 }
  65
  66 static PyObject *py_creds_get_password(py_talloc_Object *self)
  67 {
  68         return PyString_FromStringOrNULL(cli_credentials_get_password(self->ptr));
  69 }
  70
  71
  72 static PyObject *py_creds_set_password(py_talloc_Object *self, PyObject *args)
  73 {
  74         char *newval;
  75         enum credentials_obtained obt = CRED_SPECIFIED;
  76         if (!PyArg_ParseTuple(args, "s|i", &newval, &obt))
  77                 return NULL;
  78
  79         return PyBool_FromLong(cli_credentials_set_password(self->ptr, newval, obt));
  80 }
  81
  82 static PyObject *py_creds_get_domain(py_talloc_Object *self)
  83 {
  84         return PyString_FromStringOrNULL(cli_credentials_get_domain(self->ptr));
  85 }
  86
  87 static PyObject *py_creds_set_domain(py_talloc_Object *self, PyObject *args)
  88 {
  89         char *newval;
  90         enum credentials_obtained obt = CRED_SPECIFIED;
  91         if (!PyArg_ParseTuple(args, "s|i", &newval, &obt))
  92                 return NULL;
  93
  94         return PyBool_FromLong(cli_credentials_set_domain(self->ptr, newval, obt));
  95 }
  96
  97 static PyObject *py_creds_get_realm(py_talloc_Object *self)
  98 {
  99         return PyString_FromStringOrNULL(cli_credentials_get_realm(self->ptr));
 100 }
 101
 102 static PyObject *py_creds_set_realm(py_talloc_Object *self, PyObject *args)
 103 {
 104         char *newval;
 105         enum credentials_obtained obt = CRED_SPECIFIED;
 106         if (!PyArg_ParseTuple(args, "s|i", &newval, &obt))
 107                 return NULL;
 108
 109         return PyBool_FromLong(cli_credentials_set_realm(self->ptr, newval, obt));
 110 }
 111
 112 static PyObject *py_creds_get_bind_dn(py_talloc_Object *self)
 113 {
 114         return PyString_FromStringOrNULL(cli_credentials_get_bind_dn(self->ptr));
 115 }
 116
 117 static PyObject *py_creds_set_bind_dn(py_talloc_Object *self, PyObject *args)
 118 {
 119         char *newval;
 120         if (!PyArg_ParseTuple(args, "s", &newval))
 121                 return NULL;
 122
 123         return PyBool_FromLong(cli_credentials_set_bind_dn(self->ptr, newval));
 124 }
 125
 126 static PyObject *py_creds_get_workstation(py_talloc_Object *self)
 127 {
 128         return PyString_FromStringOrNULL(cli_credentials_get_workstation(self->ptr));
 129 }
 130
 131 static PyObject *py_creds_set_workstation(py_talloc_Object *self, PyObject *args)
 132 {
 133         char *newval;
 134         enum credentials_obtained obt = CRED_SPECIFIED;
 135         if (!PyArg_ParseTuple(args, "s|i", &newval, &obt))
 136                 return NULL;
 137
 138         return PyBool_FromLong(cli_credentials_set_workstation(self->ptr, newval, obt));
 139 }
 140
 141 static PyObject *py_creds_is_anonymous(py_talloc_Object *self)
 142 {
 143         return PyBool_FromLong(cli_credentials_is_anonymous(self->ptr));
 144 }
 145
 146 static PyObject *py_creds_set_anonymous(py_talloc_Object *self)
 147 {
 148         cli_credentials_set_anonymous(self->ptr);
 149         return Py_None;
 150 }
 151
 152 static PyObject *py_creds_authentication_requested(py_talloc_Object *self)
 153 {
 154         return PyBool_FromLong(cli_credentials_authentication_requested(self->ptr));
 155 }
 156
 157 static PyObject *py_creds_wrong_password(py_talloc_Object *self)
 158 {
 159         return PyBool_FromLong(cli_credentials_wrong_password(self->ptr));
 160 }
 161
 162 static PyObject *py_creds_set_cmdline_callbacks(py_talloc_Object *self)
 163 {
 164         return PyBool_FromLong(cli_credentials_set_cmdline_callbacks(self->ptr));
 165 }
 166
 167 static PyObject *py_creds_parse_string(py_talloc_Object *self, PyObject *args)
 168 {
 169         char *newval;
 170         enum credentials_obtained obt = CRED_SPECIFIED;
 171         if (!PyArg_ParseTuple(args, "s|i", &newval, &obt))
 172                 return NULL;
 173
 174         cli_credentials_parse_string(self->ptr, newval, obt);
 175         return Py_None;
 176 }
 177
 178 static PyObject *py_creds_get_nt_hash(py_talloc_Object *self)
 179 {
 180         const struct samr_Password *ntpw = cli_credentials_get_nt_hash(self->ptr, self->ptr);
 181
 182         return PyString_FromStringAndSize((char *)ntpw->hash, 16);
 183 }
 184
 185 static PyObject *py_creds_set_kerberos_state(py_talloc_Object *self, PyObject *args)
 186 {
 187         int state;
 188         if (!PyArg_ParseTuple(args, "i", &state))
 189                 return NULL;
 190
 191         cli_credentials_set_kerberos_state(self->ptr, state);
 192         return Py_None;
 193 }
 194
 195 static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args)
 196 {
 197         PyObject *py_lp_ctx = Py_None;
 198         struct loadparm_context *lp_ctx;
 199         if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
 200                 return NULL;
 201
 202         lp_ctx = lp_from_py_object(py_lp_ctx);
 203         if (lp_ctx == NULL)
 204                 return NULL;
 205
 206         cli_credentials_guess(self->ptr, lp_ctx);
 207
 208         return Py_None;
 209 }
 210
 211 static PyObject *py_creds_set_machine_account(py_talloc_Object *self, PyObject *args)
 212 {
 213         PyObject *py_lp_ctx = Py_None;
 214         struct loadparm_context *lp_ctx;
 215         NTSTATUS status;
 216         if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
 217                 return NULL;
 218
 219         lp_ctx = lp_from_py_object(py_lp_ctx);
 220         if (lp_ctx == NULL)
 221                 return NULL;
 222
 223         status = cli_credentials_set_machine_account(self->ptr, lp_ctx);
 224         PyErr_NTSTATUS_IS_ERR_RAISE(status);
 225
 226         return Py_None;
 227 }
 228
 229 static PyMethodDef py_creds_methods[] = {
 230         { "get_username", (PyCFunction)py_creds_get_username, METH_NOARGS,
 231                 "S.get_username() -> username\nObtain username." },
 232         { "set_username", (PyCFunction)py_creds_set_username, METH_VARARGS,
 233                 "S.set_username(name, obtained=CRED_SPECIFIED) -> None\n"
 234                 "Change username." },
 235         { "get_password", (PyCFunction)py_creds_get_password, METH_NOARGS,
 236                 "S.get_password() -> password\n"
 237                 "Obtain password." },
 238         { "set_password", (PyCFunction)py_creds_set_password, METH_VARARGS,
 239                 "S.set_password(password, obtained=CRED_SPECIFIED) -> None\n"
 240                 "Change password." },
 241         { "get_domain", (PyCFunction)py_creds_get_domain, METH_NOARGS,
 242                 "S.get_domain() -> domain\n"
 243                 "Obtain domain name." },
 244         { "set_domain", (PyCFunction)py_creds_set_domain, METH_VARARGS,
 245                 "S.set_domain(domain, obtained=CRED_SPECIFIED) -> None\n"
 246                 "Change domain name." },
 247         { "get_realm", (PyCFunction)py_creds_get_realm, METH_NOARGS,
 248                 "S.get_realm() -> realm\n"
 249                 "Obtain realm name." },
 250         { "set_realm", (PyCFunction)py_creds_set_realm, METH_VARARGS,
 251                 "S.set_realm(realm, obtained=CRED_SPECIFIED) -> None\n"
 252                 "Change realm name." },
 253         { "get_bind_dn", (PyCFunction)py_creds_get_bind_dn, METH_NOARGS,
 254                 "S.get_bind_dn() -> bind dn\n"
 255                 "Obtain bind DN." },
 256         { "set_bind_dn", (PyCFunction)py_creds_set_bind_dn, METH_VARARGS,
 257                 "S.set_bind_dn(bind_dn) -> None\n"
 258                 "Change bind DN." },
 259         { "is_anonymous", (PyCFunction)py_creds_is_anonymous, METH_NOARGS,
 260                 NULL },
 261         { "set_anonymous", (PyCFunction)py_creds_set_anonymous, METH_NOARGS,
 262                 "S.set_anonymous() -> None\n"
 263                 "Use anonymous credentials." },
 264         { "get_workstation", (PyCFunction)py_creds_get_workstation, METH_NOARGS,
 265                 NULL },
 266         { "set_workstation", (PyCFunction)py_creds_set_workstation, METH_VARARGS,
 267                 NULL },
 268         { "authentication_requested", (PyCFunction)py_creds_authentication_requested, METH_NOARGS,
 269                 NULL },
 270         { "wrong_password", (PyCFunction)py_creds_wrong_password, METH_NOARGS,
 271                 "S.wrong_password() -> bool\n"
 272                 "Indicate the returned password was incorrect." },
 273         { "set_cmdline_callbacks", (PyCFunction)py_creds_set_cmdline_callbacks, METH_NOARGS,
 274                 "S.set_cmdline_callbacks() -> bool\n"
 275                 "Use command-line to obtain credentials not explicitly set." },
 276         { "parse_string", (PyCFunction)py_creds_parse_string, METH_VARARGS,
 277                 "S.parse_string(text, obtained=CRED_SPECIFIED) -> None\n"
 278                 "Parse credentials string." },
 279         { "get_nt_hash", (PyCFunction)py_creds_get_nt_hash, METH_NOARGS,
 280                 NULL },
 281         { "set_kerberos_state", (PyCFunction)py_creds_set_kerberos_state, METH_VARARGS,
 282                 NULL },
 283         { "guess", (PyCFunction)py_creds_guess, METH_VARARGS, NULL },
 284         { "set_machine_account", (PyCFunction)py_creds_set_machine_account, METH_VARARGS, NULL },
 285         { NULL }
 286 };
 287
 288 PyTypeObject PyCredentials = {
 289         .tp_name = "Credentials",
 290         .tp_basicsize = sizeof(py_talloc_Object),
 291         .tp_dealloc = py_talloc_dealloc,
 292         .tp_new = py_creds_new,
 293         .tp_flags = Py_TPFLAGS_DEFAULT,
 294         .tp_methods = py_creds_methods,
 295 };
 296
 297 void initcredentials(void)
 298 {
 299         PyObject *m;
 300
 301         if (PyType_Ready(&PyCredentials) < 0)
 302                 return;
 303
 304         m = Py_InitModule3("credentials", NULL, "Credentials management.");
 305         if (m == NULL)
 306                 return;
 307
 308         PyModule_AddObject(m, "AUTO_USE_KERBEROS", PyInt_FromLong(CRED_AUTO_USE_KERBEROS));
 309         PyModule_AddObject(m, "DONT_USE_KERBEROS", PyInt_FromLong(CRED_DONT_USE_KERBEROS));
 310         PyModule_AddObject(m, "MUST_USE_KERBEROS", PyInt_FromLong(CRED_MUST_USE_KERBEROS));
 311
 312         Py_INCREF(&PyCredentials);
 313         PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials);
 314 }