search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
[Samba/bb.git] / source / python / py_lsa.c
blob6095fdfc677f0fa1ef0561ce59621521647cba4e
1 /*
2 Python wrappers for DCERPC/SMB client routines.
3
4 Copyright (C) Tim Potter, 2002
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "python/py_lsa.h"
21
22 PyObject *new_lsa_policy_hnd_object(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
23 POLICY_HND *pol)
24 {
25 lsa_policy_hnd_object *o;
26
27 o = PyObject_New(lsa_policy_hnd_object, &lsa_policy_hnd_type);
28
29 o->cli = cli;
30 o->mem_ctx = mem_ctx;
31 memcpy(&o->pol, pol, sizeof(POLICY_HND));
32
33 return (PyObject*)o;
34 }
35
36 /*
37 * Exceptions raised by this module
38 */
39
40 PyObject *lsa_error; /* This indicates a non-RPC related error
41 such as name lookup failure */
42
43 PyObject *lsa_ntstatus; /* This exception is raised when a RPC call
44 returns a status code other than
45 NT_STATUS_OK */
46
47 /*
48 * Open/close lsa handles
49 */
50
51 static PyObject *lsa_open_policy(PyObject *self, PyObject *args,
52 PyObject *kw)
53 {
54 static char *kwlist[] = { "servername", "creds", "access", NULL };
55 char *server, *errstr;
56 PyObject *creds = NULL, *result = NULL;
57 uint32 desired_access = GENERIC_EXECUTE_ACCESS;
58 struct cli_state *cli = NULL;
59 NTSTATUS ntstatus;
60 TALLOC_CTX *mem_ctx = NULL;
61 POLICY_HND hnd;
62
63 if (!PyArg_ParseTupleAndKeywords(
64 args, kw, "s|Oi", kwlist, &server, &creds, &desired_access))
65 return NULL;
66
67 if (creds && creds != Py_None && !PyDict_Check(creds)) {
68 PyErr_SetString(PyExc_TypeError,
69 "credentials must be dictionary or None");
70 return NULL;
71 }
72
73 if (server[0] != '\\' || server[1] != '\\') {
74 PyErr_SetString(PyExc_ValueError, "UNC name required");
75 return NULL;
76 }
77
78 server += 2;
79
80 if (!(cli = open_pipe_creds(server, creds, PI_LSARPC, &errstr))) {
81 PyErr_SetString(lsa_error, errstr);
82 free(errstr);
83 return NULL;
84 }
85
86 if (!(mem_ctx = talloc_init("lsa_open_policy"))) {
87 PyErr_SetString(lsa_error, "unable to init talloc context\n");
88 goto done;
89 }
90
91 ntstatus = rpccli_lsa_open_policy(
92 cli->pipe_list, mem_ctx, True, desired_access, &hnd);
93
94 if (!NT_STATUS_IS_OK(ntstatus)) {
95 PyErr_SetObject(lsa_ntstatus, py_ntstatus_tuple(ntstatus));
96 goto done;
97 }
98
99 result = new_lsa_policy_hnd_object(cli->pipe_list, mem_ctx, &hnd);
100
101 done:
102 if (!result) {
103 if (cli)
104 cli_shutdown(cli);
105
106 talloc_destroy(mem_ctx);
107 }
108
109 return result;
110 }
111
112 static PyObject *lsa_close(PyObject *self, PyObject *args, PyObject *kw)
113 {
114 PyObject *po;
115 lsa_policy_hnd_object *hnd;
116 NTSTATUS result;
117
118 /* Parse parameters */
119
120 if (!PyArg_ParseTuple(args, "O!", &lsa_policy_hnd_type, &po))
121 return NULL;
122
123 hnd = (lsa_policy_hnd_object *)po;
124
125 /* Call rpc function */
126
127 result = rpccli_lsa_Close(hnd->cli, hnd->mem_ctx, &hnd->pol);
128
129 /* Cleanup samba stuff */
130
131 cli_shutdown(hnd->cli);
132 talloc_destroy(hnd->mem_ctx);
133
134 /* Return value */
135
136 Py_INCREF(Py_None);
137 return Py_None;
138 }
139
140 static PyObject *lsa_lookup_names(PyObject *self, PyObject *args)
141 {
142 PyObject *py_names, *result = NULL;
143 NTSTATUS ntstatus;
144 lsa_policy_hnd_object *hnd = (lsa_policy_hnd_object *)self;
145 int num_names, i;
146 const char **names;
147 DOM_SID *sids;
148 TALLOC_CTX *mem_ctx = NULL;
149 enum lsa_SidType *name_types;
150
151 if (!PyArg_ParseTuple(args, "O", &py_names))
152 return NULL;
153
154 if (!PyList_Check(py_names) && !PyString_Check(py_names)) {
155 PyErr_SetString(PyExc_TypeError, "must be list or string");
156 return NULL;
157 }
158
159 if (!(mem_ctx = talloc_init("lsa_lookup_names"))) {
160 PyErr_SetString(lsa_error, "unable to init talloc context\n");
161 goto done;
162 }
163
164 if (PyList_Check(py_names)) {
165
166 /* Convert list to char ** array */
167
168 num_names = PyList_Size(py_names);
169 names = (const char **)_talloc(mem_ctx, num_names * sizeof(char *));
170
171 for (i = 0; i < num_names; i++) {
172 PyObject *obj = PyList_GetItem(py_names, i);
173
174 names[i] = talloc_strdup(mem_ctx, PyString_AsString(obj));
175 }
176
177 } else {
178
179 /* Just a single element */
180
181 num_names = 1;
182 names = (const char **)_talloc(mem_ctx, sizeof(char *));
183
184 names[0] = PyString_AsString(py_names);
185 }
186
187 ntstatus = rpccli_lsa_lookup_names(
188 hnd->cli, mem_ctx, &hnd->pol, num_names, names,
189 NULL, 1, &sids, &name_types);
190
191 if (!NT_STATUS_IS_OK(ntstatus) && NT_STATUS_V(ntstatus) != 0x107) {
192 PyErr_SetObject(lsa_ntstatus, py_ntstatus_tuple(ntstatus));
193 goto done;
194 }
195
196 result = PyList_New(num_names);
197
198 for (i = 0; i < num_names; i++) {
199 PyObject *sid_obj, *obj;
200
201 py_from_SID(&sid_obj, &sids[i]);
202
203 obj = Py_BuildValue("(Ni)", sid_obj, name_types[i]);
204
205 PyList_SetItem(result, i, obj);
206 }
207
208 done:
209 talloc_destroy(mem_ctx);
210
211 return result;
212 }
213
214 static PyObject *lsa_lookup_sids(PyObject *self, PyObject *args,
215 PyObject *kw)
216 {
217 PyObject *py_sids, *result = NULL;
218 NTSTATUS ntstatus;
219 int num_sids, i;
220 char **domains, **names;
221 uint32 *types;
222 lsa_policy_hnd_object *hnd = (lsa_policy_hnd_object *)self;
223 TALLOC_CTX *mem_ctx = NULL;
224 DOM_SID *sids;
225
226 if (!PyArg_ParseTuple(args, "O", &py_sids))
227 return NULL;
228
229 if (!PyList_Check(py_sids) && !PyString_Check(py_sids)) {
230 PyErr_SetString(PyExc_TypeError, "must be list or string");
231 return NULL;
232 }
233
234 if (!(mem_ctx = talloc_init("lsa_lookup_sids"))) {
235 PyErr_SetString(lsa_error, "unable to init talloc context\n");
236 goto done;
237 }
238
239 if (PyList_Check(py_sids)) {
240
241 /* Convert dictionary to char ** array */
242
243 num_sids = PyList_Size(py_sids);
244 sids = (DOM_SID *)_talloc(mem_ctx, num_sids * sizeof(DOM_SID));
245
246 memset(sids, 0, num_sids * sizeof(DOM_SID));
247
248 for (i = 0; i < num_sids; i++) {
249 PyObject *obj = PyList_GetItem(py_sids, i);
250
251 if (!string_to_sid(&sids[i], PyString_AsString(obj))) {
252 PyErr_SetString(PyExc_ValueError, "string_to_sid failed");
253 goto done;
254 }
255 }
256
257 } else {
258
259 /* Just a single element */
260
261 num_sids = 1;
262 sids = (DOM_SID *)_talloc(mem_ctx, sizeof(DOM_SID));
263
264 if (!string_to_sid(&sids[0], PyString_AsString(py_sids))) {
265 PyErr_SetString(PyExc_ValueError, "string_to_sid failed");
266 goto done;
267 }
268 }
269
270 ntstatus = rpccli_lsa_lookup_sids(
271 hnd->cli, mem_ctx, &hnd->pol, num_sids, sids, &domains,
272 &names, &types);
273
274 if (!NT_STATUS_IS_OK(ntstatus)) {
275 PyErr_SetObject(lsa_ntstatus, py_ntstatus_tuple(ntstatus));
276 goto done;
277 }
278
279 result = PyList_New(num_sids);
280
281 for (i = 0; i < num_sids; i++) {
282 PyObject *obj;
283
284 obj = Py_BuildValue("{sssssi}", "username", names[i],
285 "domain", domains[i], "name_type",
286 types[i]);
287
288 PyList_SetItem(result, i, obj);
289 }
290
291 done:
292 talloc_destroy(mem_ctx);
293
294 return result;
295 }
296
297 static PyObject *lsa_enum_trust_dom(PyObject *self, PyObject *args)
298 {
299 lsa_policy_hnd_object *hnd = (lsa_policy_hnd_object *)self;
300 NTSTATUS ntstatus;
301 uint32 enum_ctx = 0, num_domains, i;
302 char **domain_names;
303 DOM_SID *domain_sids;
304 PyObject *result;
305
306 if (!PyArg_ParseTuple(args, ""))
307 return NULL;
308
309 ntstatus = rpccli_lsa_enum_trust_dom(
310 hnd->cli, hnd->mem_ctx, &hnd->pol, &enum_ctx,
311 &num_domains, &domain_names, &domain_sids);
312
313 if (!NT_STATUS_IS_OK(ntstatus)) {
314 PyErr_SetObject(lsa_ntstatus, py_ntstatus_tuple(ntstatus));
315 return NULL;
316 }
317
318 result = PyList_New(num_domains);
319
320 for (i = 0; i < num_domains; i++) {
321 fstring sid_str;
322
323 sid_to_string(sid_str, &domain_sids[i]);
324 PyList_SetItem(
325 result, i,
326 Py_BuildValue("(ss)", domain_names[i], sid_str));
327 }
328
329 return result;
330 }
331
332 /*
333 * Method dispatch tables
334 */
335
336 static PyMethodDef lsa_hnd_methods[] = {
337
338 /* SIDs<->names */
339
340 { "lookup_sids", (PyCFunction)lsa_lookup_sids,
341 METH_VARARGS | METH_KEYWORDS,
342 "Convert sids to names." },
343
344 { "lookup_names", (PyCFunction)lsa_lookup_names,
345 METH_VARARGS | METH_KEYWORDS,
346 "Convert names to sids." },
347
348 /* Trusted domains */
349
350 { "enum_trusted_domains", (PyCFunction)lsa_enum_trust_dom,
351 METH_VARARGS,
352 "Enumerate trusted domains." },
353
354 { NULL }
355 };
356
357 static void py_lsa_policy_hnd_dealloc(PyObject* self)
358 {
359 PyObject_Del(self);
360 }
361
362 static PyObject *py_lsa_policy_hnd_getattr(PyObject *self, char *attrname)
363 {
364 return Py_FindMethod(lsa_hnd_methods, self, attrname);
365 }
366
367 PyTypeObject lsa_policy_hnd_type = {
368 PyObject_HEAD_INIT(NULL)
369 0,
370 "LSA Policy Handle",
371 sizeof(lsa_policy_hnd_object),
372 0,
373 py_lsa_policy_hnd_dealloc, /*tp_dealloc*/
374 0, /*tp_print*/
375 py_lsa_policy_hnd_getattr, /*tp_getattr*/
376 0, /*tp_setattr*/
377 0, /*tp_compare*/
378 0, /*tp_repr*/
379 0, /*tp_as_number*/
380 0, /*tp_as_sequence*/
381 0, /*tp_as_mapping*/
382 0, /*tp_hash */
383 };
384
385 static PyMethodDef lsa_methods[] = {
386
387 /* Open/close lsa handles */
388
389 { "open_policy", (PyCFunction)lsa_open_policy,
390 METH_VARARGS | METH_KEYWORDS,
391 "Open a policy handle" },
392
393 { "close", (PyCFunction)lsa_close,
394 METH_VARARGS,
395 "Close a policy handle" },
396
397 /* Other stuff - this should really go into a samba config module
398 but for the moment let's leave it here. */
399
400 { "setup_logging", (PyCFunction)py_setup_logging,
401 METH_VARARGS | METH_KEYWORDS,
402 "Set up debug logging.\n"
403 "\n"
404 "Initialises Samba's debug logging system. One argument is expected which\n"
405 "is a boolean specifying whether debugging is interactive and sent to stdout\n"
406 "or logged to a file.\n"
407 "\n"
408 "Example:\n"
409 "\n"
410 ">>> lsa.setup_logging(interactive = 1)" },
411
412 { "get_debuglevel", (PyCFunction)get_debuglevel,
413 METH_VARARGS,
414 "Set the current debug level.\n"
415 "\n"
416 "Example:\n"
417 "\n"
418 ">>> lsa.get_debuglevel()\n"
419 "0" },
420
421 { "set_debuglevel", (PyCFunction)set_debuglevel,
422 METH_VARARGS,
423 "Get the current debug level.\n"
424 "\n"
425 "Example:\n"
426 "\n"
427 ">>> lsa.set_debuglevel(10)" },
428
429 { NULL }
430 };
431
432 static struct const_vals {
433 char *name;
434 uint32 value;
435 } module_const_vals[] = {
436 { NULL }
437 };
438
439 static void const_init(PyObject *dict)
440 {
441 struct const_vals *tmp;
442 PyObject *obj;
443
444 for (tmp = module_const_vals; tmp->name; tmp++) {
445 obj = PyInt_FromLong(tmp->value);
446 PyDict_SetItemString(dict, tmp->name, obj);
447 Py_DECREF(obj);
448 }
449 }
450
451 /*
452 * Module initialisation
453 */
454
455 void initlsa(void)
456 {
457 PyObject *module, *dict;
458
459 /* Initialise module */
460
461 module = Py_InitModule("lsa", lsa_methods);
462 dict = PyModule_GetDict(module);
463
464 lsa_error = PyErr_NewException("lsa.error", NULL, NULL);
465 PyDict_SetItemString(dict, "error", lsa_error);
466
467 lsa_ntstatus = PyErr_NewException("lsa.ntstatus", NULL, NULL);
468 PyDict_SetItemString(dict, "ntstatus", lsa_ntstatus);
469
470 /* Initialise policy handle object */
471
472 lsa_policy_hnd_type.ob_type = &PyType_Type;
473
474 /* Initialise constants */
475
476 const_init(dict);
477
478 /* Do samba initialisation */
479
480 py_samba_init();
481
482 setup_logging("lsa", True);
483 DEBUGLEVEL = 10;
484 }