2 Unix SMB/CIFS implementation.
3 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "python/py3compat.h"
22 #include "python/modules.h"
23 #include "pycredentials.h"
24 #include "param/param.h"
25 #include "auth/credentials/credentials_internal.h"
26 #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */
27 #include "librpc/gen_ndr/netlogon.h"
28 #include "libcli/util/pyerrors.h"
29 #include "libcli/auth/libcli_auth.h"
30 #include "param/pyparam.h"
32 #include "libcli/auth/libcli_auth.h"
33 #include "system/kerberos.h"
34 #include "auth/kerberos/kerberos.h"
35 #include "libcli/smb/smb_constants.h"
37 void initcredentials(void);
39 static PyObject *py_creds_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
41 return pytalloc_steal(type, cli_credentials_init(NULL));
44 static PyObject *py_creds_get_username(PyObject *self, PyObject *unused)
46 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
48 PyErr_Format(PyExc_TypeError, "Credentials expected");
51 return PyString_FromStringOrNULL(cli_credentials_get_username(creds));
54 static PyObject *py_creds_set_username(PyObject *self, PyObject *args)
57 enum credentials_obtained obt = CRED_SPECIFIED;
59 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
61 PyErr_Format(PyExc_TypeError, "Credentials expected");
65 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
70 return PyBool_FromLong(cli_credentials_set_username(creds, newval, obt));
73 static PyObject *py_creds_get_ntlm_username_domain(PyObject *self, PyObject *unused)
75 TALLOC_CTX *frame = talloc_stackframe();
76 const char *user = NULL;
77 const char *domain = NULL;
79 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
81 PyErr_Format(PyExc_TypeError, "Credentials expected");
84 cli_credentials_get_ntlm_username_domain(creds,
85 frame, &user, &domain);
86 ret = Py_BuildValue("(ss)",
94 static PyObject *py_creds_get_ntlm_response(PyObject *self, PyObject *args, PyObject *kwargs)
96 TALLOC_CTX *frame = talloc_stackframe();
99 struct timeval tv_now;
100 NTTIME server_timestamp;
101 DATA_BLOB challenge = data_blob_null;
102 DATA_BLOB target_info = data_blob_null;
104 DATA_BLOB lm_response = data_blob_null;
105 DATA_BLOB nt_response = data_blob_null;
106 DATA_BLOB lm_session_key = data_blob_null;
107 DATA_BLOB nt_session_key = data_blob_null;
108 const char *kwnames[] = { "flags", "challenge",
111 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
113 PyErr_Format(PyExc_TypeError, "Credentials expected");
117 tv_now = timeval_current();
118 server_timestamp = timeval_to_nttime(&tv_now);
120 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "is#|s#",
121 discard_const_p(char *, kwnames),
126 &target_info.length)) {
130 status = cli_credentials_get_ntlm_response(creds,
135 &lm_response, &nt_response,
136 &lm_session_key, &nt_session_key);
138 if (!NT_STATUS_IS_OK(status)) {
139 PyErr_SetNTSTATUS(status);
144 ret = Py_BuildValue("{sis" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN
145 "s" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN "}",
148 (const char *)lm_response.data, lm_response.length,
150 (const char *)nt_response.data, nt_response.length,
152 (const char *)lm_session_key.data, lm_session_key.length,
154 (const char *)nt_session_key.data, nt_session_key.length);
159 static PyObject *py_creds_get_principal(PyObject *self, PyObject *unused)
161 TALLOC_CTX *frame = talloc_stackframe();
162 PyObject *ret = NULL;
163 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
165 PyErr_Format(PyExc_TypeError, "Credentials expected");
168 ret = PyString_FromStringOrNULL(cli_credentials_get_principal(creds, frame));
173 static PyObject *py_creds_set_principal(PyObject *self, PyObject *args)
176 enum credentials_obtained obt = CRED_SPECIFIED;
178 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
180 PyErr_Format(PyExc_TypeError, "Credentials expected");
184 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
189 return PyBool_FromLong(cli_credentials_set_principal(creds, newval, obt));
192 static PyObject *py_creds_get_password(PyObject *self, PyObject *unused)
194 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
196 PyErr_Format(PyExc_TypeError, "Credentials expected");
199 return PyString_FromStringOrNULL(cli_credentials_get_password(creds));
202 static PyObject *py_creds_set_password(PyObject *self, PyObject *args)
204 const char *newval = NULL;
205 enum credentials_obtained obt = CRED_SPECIFIED;
207 PyObject *result = NULL;
208 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
210 PyErr_Format(PyExc_TypeError, "Credentials expected");
214 if (!PyArg_ParseTuple(args, PYARG_STR_UNI"|i", "utf8", &newval, &_obt)) {
219 result = PyBool_FromLong(cli_credentials_set_password(creds, newval, obt));
220 PyMem_Free(discard_const_p(void*, newval));
224 static PyObject *py_creds_set_utf16_password(PyObject *self, PyObject *args)
226 enum credentials_obtained obt = CRED_SPECIFIED;
228 PyObject *newval = NULL;
229 DATA_BLOB blob = data_blob_null;
233 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
235 PyErr_Format(PyExc_TypeError, "Credentials expected");
239 if (!PyArg_ParseTuple(args, "O|i", &newval, &_obt)) {
244 result = PyBytes_AsStringAndSize(newval, (char **)&blob.data, &size);
246 PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
251 ok = cli_credentials_set_utf16_password(creds,
254 return PyBool_FromLong(ok);
257 static PyObject *py_creds_get_old_password(PyObject *self, PyObject *unused)
259 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
261 PyErr_Format(PyExc_TypeError, "Credentials expected");
264 return PyString_FromStringOrNULL(cli_credentials_get_old_password(creds));
267 static PyObject *py_creds_set_old_password(PyObject *self, PyObject *args)
270 enum credentials_obtained obt = CRED_SPECIFIED;
272 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
274 PyErr_Format(PyExc_TypeError, "Credentials expected");
278 if (!PyArg_ParseTuple(args, "s|i", &oldval, &_obt)) {
283 return PyBool_FromLong(cli_credentials_set_old_password(creds, oldval, obt));
286 static PyObject *py_creds_set_old_utf16_password(PyObject *self, PyObject *args)
288 PyObject *oldval = NULL;
289 DATA_BLOB blob = data_blob_null;
293 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
295 PyErr_Format(PyExc_TypeError, "Credentials expected");
299 if (!PyArg_ParseTuple(args, "O", &oldval)) {
303 result = PyBytes_AsStringAndSize(oldval, (char **)&blob.data, &size);
305 PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
310 ok = cli_credentials_set_old_utf16_password(creds,
313 return PyBool_FromLong(ok);
316 static PyObject *py_creds_get_domain(PyObject *self, PyObject *unused)
318 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
320 PyErr_Format(PyExc_TypeError, "Credentials expected");
323 return PyString_FromStringOrNULL(cli_credentials_get_domain(creds));
326 static PyObject *py_creds_set_domain(PyObject *self, PyObject *args)
329 enum credentials_obtained obt = CRED_SPECIFIED;
331 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
333 PyErr_Format(PyExc_TypeError, "Credentials expected");
337 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
342 return PyBool_FromLong(cli_credentials_set_domain(creds, newval, obt));
345 static PyObject *py_creds_get_realm(PyObject *self, PyObject *unused)
347 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
349 PyErr_Format(PyExc_TypeError, "Credentials expected");
352 return PyString_FromStringOrNULL(cli_credentials_get_realm(creds));
355 static PyObject *py_creds_set_realm(PyObject *self, PyObject *args)
358 enum credentials_obtained obt = CRED_SPECIFIED;
360 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
362 PyErr_Format(PyExc_TypeError, "Credentials expected");
366 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
371 return PyBool_FromLong(cli_credentials_set_realm(creds, newval, obt));
374 static PyObject *py_creds_get_bind_dn(PyObject *self, PyObject *unused)
376 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
378 PyErr_Format(PyExc_TypeError, "Credentials expected");
381 return PyString_FromStringOrNULL(cli_credentials_get_bind_dn(creds));
384 static PyObject *py_creds_set_bind_dn(PyObject *self, PyObject *args)
387 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
389 PyErr_Format(PyExc_TypeError, "Credentials expected");
392 if (!PyArg_ParseTuple(args, "z", &newval))
395 return PyBool_FromLong(cli_credentials_set_bind_dn(creds, newval));
398 static PyObject *py_creds_get_workstation(PyObject *self, PyObject *unused)
400 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
402 PyErr_Format(PyExc_TypeError, "Credentials expected");
405 return PyString_FromStringOrNULL(cli_credentials_get_workstation(creds));
408 static PyObject *py_creds_set_workstation(PyObject *self, PyObject *args)
411 enum credentials_obtained obt = CRED_SPECIFIED;
413 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
415 PyErr_Format(PyExc_TypeError, "Credentials expected");
419 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
424 return PyBool_FromLong(cli_credentials_set_workstation(creds, newval, obt));
427 static PyObject *py_creds_is_anonymous(PyObject *self, PyObject *unused)
429 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
431 PyErr_Format(PyExc_TypeError, "Credentials expected");
434 return PyBool_FromLong(cli_credentials_is_anonymous(creds));
437 static PyObject *py_creds_set_anonymous(PyObject *self, PyObject *unused)
439 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
441 PyErr_Format(PyExc_TypeError, "Credentials expected");
444 cli_credentials_set_anonymous(creds);
448 static PyObject *py_creds_authentication_requested(PyObject *self, PyObject *unused)
450 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
452 PyErr_Format(PyExc_TypeError, "Credentials expected");
455 return PyBool_FromLong(cli_credentials_authentication_requested(creds));
458 static PyObject *py_creds_wrong_password(PyObject *self, PyObject *unused)
460 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
462 PyErr_Format(PyExc_TypeError, "Credentials expected");
465 return PyBool_FromLong(cli_credentials_wrong_password(creds));
468 static PyObject *py_creds_set_cmdline_callbacks(PyObject *self, PyObject *unused)
470 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
472 PyErr_Format(PyExc_TypeError, "Credentials expected");
475 return PyBool_FromLong(cli_credentials_set_cmdline_callbacks(creds));
478 static PyObject *py_creds_parse_string(PyObject *self, PyObject *args)
481 enum credentials_obtained obt = CRED_SPECIFIED;
483 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
485 PyErr_Format(PyExc_TypeError, "Credentials expected");
489 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
494 cli_credentials_parse_string(creds, newval, obt);
498 static PyObject *py_creds_parse_file(PyObject *self, PyObject *args)
501 enum credentials_obtained obt = CRED_SPECIFIED;
503 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
505 PyErr_Format(PyExc_TypeError, "Credentials expected");
509 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
514 cli_credentials_parse_file(creds, newval, obt);
518 static PyObject *py_cli_credentials_set_password_will_be_nt_hash(PyObject *self, PyObject *args)
520 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
521 PyObject *py_val = NULL;
524 if (!PyArg_ParseTuple(args, "O!", &PyBool_Type, &py_val)) {
527 val = PyObject_IsTrue(py_val);
529 cli_credentials_set_password_will_be_nt_hash(creds, val);
533 static PyObject *py_creds_get_nt_hash(PyObject *self, PyObject *unused)
536 struct samr_Password *ntpw = NULL;
537 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
539 PyErr_Format(PyExc_TypeError, "Credentials expected");
542 ntpw = cli_credentials_get_nt_hash(creds, creds);
544 ret = PyBytes_FromStringAndSize(discard_const_p(char, ntpw->hash), 16);
549 static PyObject *py_creds_set_nt_hash(PyObject *self, PyObject *args)
551 PyObject *py_cp = Py_None;
552 const struct samr_Password *pwd = NULL;
553 enum credentials_obtained obt = CRED_SPECIFIED;
555 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
557 PyErr_Format(PyExc_TypeError, "Credentials expected");
561 if (!PyArg_ParseTuple(args, "O|i", &py_cp, &_obt)) {
566 pwd = pytalloc_get_type(py_cp, struct samr_Password);
568 /* pytalloc_get_type sets TypeError */
572 return PyBool_FromLong(cli_credentials_set_nt_hash(creds, pwd, obt));
575 static PyObject *py_creds_get_kerberos_state(PyObject *self, PyObject *unused)
578 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
580 PyErr_Format(PyExc_TypeError, "Credentials expected");
583 state = cli_credentials_get_kerberos_state(creds);
584 return PyLong_FromLong(state);
587 static PyObject *py_creds_set_kerberos_state(PyObject *self, PyObject *args)
590 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
592 PyErr_Format(PyExc_TypeError, "Credentials expected");
595 if (!PyArg_ParseTuple(args, "i", &state))
598 cli_credentials_set_kerberos_state(creds, state, CRED_SPECIFIED);
602 static PyObject *py_creds_set_krb_forwardable(PyObject *self, PyObject *args)
605 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
607 PyErr_Format(PyExc_TypeError, "Credentials expected");
610 if (!PyArg_ParseTuple(args, "i", &state))
613 cli_credentials_set_krb_forwardable(creds, state);
618 static PyObject *py_creds_get_forced_sasl_mech(PyObject *self, PyObject *unused)
620 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
622 PyErr_Format(PyExc_TypeError, "Credentials expected");
625 return PyString_FromStringOrNULL(cli_credentials_get_forced_sasl_mech(creds));
628 static PyObject *py_creds_set_forced_sasl_mech(PyObject *self, PyObject *args)
631 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
633 PyErr_Format(PyExc_TypeError, "Credentials expected");
637 if (!PyArg_ParseTuple(args, "s", &newval)) {
641 cli_credentials_set_forced_sasl_mech(creds, newval);
645 static PyObject *py_creds_set_conf(PyObject *self, PyObject *args)
647 PyObject *py_lp_ctx = Py_None;
648 struct loadparm_context *lp_ctx;
650 struct cli_credentials *creds;
653 creds = PyCredentials_AsCliCredentials(self);
655 PyErr_Format(PyExc_TypeError, "Credentials expected");
659 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx)) {
663 mem_ctx = talloc_new(NULL);
664 if (mem_ctx == NULL) {
669 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
670 if (lp_ctx == NULL) {
671 talloc_free(mem_ctx);
675 ok = cli_credentials_set_conf(creds, lp_ctx);
676 talloc_free(mem_ctx);
684 static PyObject *py_creds_guess(PyObject *self, PyObject *args)
686 PyObject *py_lp_ctx = Py_None;
687 struct loadparm_context *lp_ctx;
689 struct cli_credentials *creds;
692 creds = PyCredentials_AsCliCredentials(self);
694 PyErr_Format(PyExc_TypeError, "Credentials expected");
698 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
701 mem_ctx = talloc_new(NULL);
702 if (mem_ctx == NULL) {
707 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
708 if (lp_ctx == NULL) {
709 talloc_free(mem_ctx);
713 ok = cli_credentials_guess(creds, lp_ctx);
714 talloc_free(mem_ctx);
722 static PyObject *py_creds_set_machine_account(PyObject *self, PyObject *args)
724 PyObject *py_lp_ctx = Py_None;
725 struct loadparm_context *lp_ctx;
727 struct cli_credentials *creds;
730 creds = PyCredentials_AsCliCredentials(self);
732 PyErr_Format(PyExc_TypeError, "Credentials expected");
736 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
739 mem_ctx = talloc_new(NULL);
740 if (mem_ctx == NULL) {
745 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
746 if (lp_ctx == NULL) {
747 talloc_free(mem_ctx);
751 status = cli_credentials_set_machine_account(creds, lp_ctx);
752 talloc_free(mem_ctx);
754 PyErr_NTSTATUS_IS_ERR_RAISE(status);
759 static PyObject *PyCredentialCacheContainer_from_ccache_container(struct ccache_container *ccc)
761 return pytalloc_reference(&PyCredentialCacheContainer, ccc);
765 static PyObject *py_creds_get_named_ccache(PyObject *self, PyObject *args)
767 PyObject *py_lp_ctx = Py_None;
768 char *ccache_name = NULL;
769 struct loadparm_context *lp_ctx;
770 struct ccache_container *ccc;
771 struct tevent_context *event_ctx;
773 const char *error_string;
774 struct cli_credentials *creds;
777 creds = PyCredentials_AsCliCredentials(self);
779 PyErr_Format(PyExc_TypeError, "Credentials expected");
783 if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name))
786 mem_ctx = talloc_new(NULL);
787 if (mem_ctx == NULL) {
792 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
793 if (lp_ctx == NULL) {
794 talloc_free(mem_ctx);
798 event_ctx = samba_tevent_context_init(mem_ctx);
800 ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
801 ccache_name, &ccc, &error_string);
802 talloc_unlink(mem_ctx, lp_ctx);
804 talloc_steal(ccc, event_ctx);
805 talloc_free(mem_ctx);
806 return PyCredentialCacheContainer_from_ccache_container(ccc);
809 PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
811 talloc_free(mem_ctx);
815 static PyObject *py_creds_set_named_ccache(PyObject *self, PyObject *args)
817 struct loadparm_context *lp_ctx = NULL;
818 enum credentials_obtained obt = CRED_SPECIFIED;
819 const char *error_string = NULL;
820 TALLOC_CTX *mem_ctx = NULL;
822 PyObject *py_lp_ctx = Py_None;
825 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
827 PyErr_Format(PyExc_TypeError, "Credentials expected");
831 if (!PyArg_ParseTuple(args, "s|iO", &newval, &_obt, &py_lp_ctx))
835 mem_ctx = talloc_new(NULL);
836 if (mem_ctx == NULL) {
841 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
842 if (lp_ctx == NULL) {
843 talloc_free(mem_ctx);
847 ret = cli_credentials_set_ccache(creds,
853 PyErr_SetString(PyExc_RuntimeError,
854 error_string != NULL ? error_string : "NULL");
855 talloc_free(mem_ctx);
859 talloc_free(mem_ctx);
863 static PyObject *py_creds_set_gensec_features(PyObject *self, PyObject *args)
865 unsigned int gensec_features;
866 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
868 PyErr_Format(PyExc_TypeError, "Credentials expected");
872 if (!PyArg_ParseTuple(args, "I", &gensec_features))
875 cli_credentials_set_gensec_features(creds,
882 static PyObject *py_creds_get_gensec_features(PyObject *self, PyObject *args)
884 unsigned int gensec_features;
885 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
887 PyErr_Format(PyExc_TypeError, "Credentials expected");
891 gensec_features = cli_credentials_get_gensec_features(creds);
892 return PyLong_FromLong(gensec_features);
895 static PyObject *py_creds_new_client_authenticator(PyObject *self,
898 struct netr_Authenticator auth;
899 struct cli_credentials *creds = NULL;
900 struct netlogon_creds_CredentialState *nc = NULL;
901 PyObject *ret = NULL;
904 creds = PyCredentials_AsCliCredentials(self);
906 PyErr_SetString(PyExc_RuntimeError,
907 "Failed to get credentials from python");
911 nc = creds->netlogon_creds;
913 PyErr_SetString(PyExc_ValueError,
914 "No netlogon credentials cannot make "
915 "client authenticator");
919 status = netlogon_creds_client_authenticator(nc, &auth);
920 if (!NT_STATUS_IS_OK(status)) {
921 PyErr_SetString(PyExc_ValueError,
922 "Failed to create client authenticator");
926 ret = Py_BuildValue("{s"PYARG_BYTES_LEN"si}",
928 (const char *) &auth.cred, sizeof(auth.cred),
929 "timestamp", auth.timestamp);
933 static PyObject *py_creds_set_secure_channel_type(PyObject *self, PyObject *args)
935 unsigned int channel_type;
936 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
938 PyErr_Format(PyExc_TypeError, "Credentials expected");
942 if (!PyArg_ParseTuple(args, "I", &channel_type))
945 cli_credentials_set_secure_channel_type(
952 static PyObject *py_creds_get_secure_channel_type(PyObject *self, PyObject *args)
954 enum netr_SchannelType channel_type = SEC_CHAN_NULL;
955 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
957 PyErr_Format(PyExc_TypeError, "Credentials expected");
961 channel_type = cli_credentials_get_secure_channel_type(creds);
963 return PyLong_FromLong(channel_type);
966 static PyObject *py_creds_get_aes256_key(PyObject *self, PyObject *args)
968 struct loadparm_context *lp_ctx = NULL;
969 TALLOC_CTX *mem_ctx = NULL;
970 PyObject *py_lp_ctx = Py_None;
971 const char *salt = NULL;
974 PyObject *ret = NULL;
975 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
977 PyErr_Format(PyExc_TypeError, "Credentials expected");
981 if (!PyArg_ParseTuple(args, "s|O", &salt, &py_lp_ctx))
984 mem_ctx = talloc_new(NULL);
985 if (mem_ctx == NULL) {
990 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
991 if (lp_ctx == NULL) {
992 talloc_free(mem_ctx);
996 code = cli_credentials_get_aes256_key(creds,
1002 PyErr_SetString(PyExc_RuntimeError,
1003 "Failed to generate AES256 key");
1004 talloc_free(mem_ctx);
1008 ret = PyBytes_FromStringAndSize((const char *)aes_256.data,
1010 talloc_free(mem_ctx);
1014 static PyObject *py_creds_encrypt_netr_crypt_password(PyObject *self,
1017 DATA_BLOB data = data_blob_null;
1018 struct cli_credentials *creds = NULL;
1019 struct netr_CryptPassword *pwd = NULL;
1021 PyObject *py_cp = Py_None;
1023 creds = PyCredentials_AsCliCredentials(self);
1024 if (creds == NULL) {
1025 PyErr_Format(PyExc_TypeError, "Credentials expected");
1029 if (!PyArg_ParseTuple(args, "O", &py_cp)) {
1033 pwd = pytalloc_get_type(py_cp, struct netr_CryptPassword);
1035 /* pytalloc_get_type sets TypeError */
1038 data.length = sizeof(struct netr_CryptPassword);
1039 data.data = (uint8_t *)pwd;
1040 status = netlogon_creds_session_encrypt(creds->netlogon_creds, data);
1042 PyErr_NTSTATUS_IS_ERR_RAISE(status);
1047 static PyObject *py_creds_encrypt_samr_password(PyObject *self,
1050 DATA_BLOB data = data_blob_null;
1051 struct cli_credentials *creds = NULL;
1052 struct samr_Password *pwd = NULL;
1054 PyObject *py_cp = Py_None;
1056 creds = PyCredentials_AsCliCredentials(self);
1057 if (creds == NULL) {
1058 PyErr_Format(PyExc_TypeError, "Credentials expected");
1062 if (creds->netlogon_creds == NULL) {
1063 PyErr_Format(PyExc_ValueError, "NetLogon credentials not set");
1067 if (!PyArg_ParseTuple(args, "O", &py_cp)) {
1071 pwd = pytalloc_get_type(py_cp, struct samr_Password);
1073 /* pytalloc_get_type sets TypeError */
1076 data = data_blob_const(pwd->hash, sizeof(pwd->hash));
1077 status = netlogon_creds_session_encrypt(creds->netlogon_creds, data);
1079 PyErr_NTSTATUS_IS_ERR_RAISE(status);
1084 static PyObject *py_creds_get_smb_signing(PyObject *self, PyObject *unused)
1086 enum smb_signing_setting signing_state;
1087 struct cli_credentials *creds = NULL;
1089 creds = PyCredentials_AsCliCredentials(self);
1090 if (creds == NULL) {
1091 PyErr_Format(PyExc_TypeError, "Credentials expected");
1095 signing_state = cli_credentials_get_smb_signing(creds);
1096 return PyLong_FromLong(signing_state);
1099 static PyObject *py_creds_set_smb_signing(PyObject *self, PyObject *args)
1101 enum smb_signing_setting signing_state;
1102 struct cli_credentials *creds = NULL;
1103 enum credentials_obtained obt = CRED_SPECIFIED;
1105 creds = PyCredentials_AsCliCredentials(self);
1106 if (creds == NULL) {
1107 PyErr_Format(PyExc_TypeError, "Credentials expected");
1110 if (!PyArg_ParseTuple(args, "i|i", &signing_state, &obt)) {
1114 switch (signing_state) {
1115 case SMB_SIGNING_DEFAULT:
1116 case SMB_SIGNING_OFF:
1117 case SMB_SIGNING_IF_REQUIRED:
1118 case SMB_SIGNING_DESIRED:
1119 case SMB_SIGNING_REQUIRED:
1122 PyErr_Format(PyExc_TypeError, "Invalid signing state value");
1126 cli_credentials_set_smb_signing(creds, signing_state, obt);
1130 static PyObject *py_creds_get_smb_ipc_signing(PyObject *self, PyObject *unused)
1132 enum smb_signing_setting signing_state;
1133 struct cli_credentials *creds = NULL;
1135 creds = PyCredentials_AsCliCredentials(self);
1136 if (creds == NULL) {
1137 PyErr_Format(PyExc_TypeError, "Credentials expected");
1141 signing_state = cli_credentials_get_smb_ipc_signing(creds);
1142 return PyLong_FromLong(signing_state);
1145 static PyObject *py_creds_set_smb_ipc_signing(PyObject *self, PyObject *args)
1147 enum smb_signing_setting signing_state;
1148 struct cli_credentials *creds = NULL;
1149 enum credentials_obtained obt = CRED_SPECIFIED;
1151 creds = PyCredentials_AsCliCredentials(self);
1152 if (creds == NULL) {
1153 PyErr_Format(PyExc_TypeError, "Credentials expected");
1156 if (!PyArg_ParseTuple(args, "i|i", &signing_state, &obt)) {
1160 switch (signing_state) {
1161 case SMB_SIGNING_DEFAULT:
1162 case SMB_SIGNING_OFF:
1163 case SMB_SIGNING_IF_REQUIRED:
1164 case SMB_SIGNING_DESIRED:
1165 case SMB_SIGNING_REQUIRED:
1168 PyErr_Format(PyExc_TypeError, "Invalid signing state value");
1172 cli_credentials_set_smb_ipc_signing(creds, signing_state, obt);
1176 static PyObject *py_creds_get_smb_encryption(PyObject *self, PyObject *unused)
1178 enum smb_encryption_setting encryption_state;
1179 struct cli_credentials *creds = NULL;
1181 creds = PyCredentials_AsCliCredentials(self);
1182 if (creds == NULL) {
1183 PyErr_Format(PyExc_TypeError, "Credentials expected");
1187 encryption_state = cli_credentials_get_smb_encryption(creds);
1188 return PyLong_FromLong(encryption_state);
1191 static PyObject *py_creds_set_smb_encryption(PyObject *self, PyObject *args)
1193 enum smb_encryption_setting encryption_state;
1194 struct cli_credentials *creds = NULL;
1195 enum credentials_obtained obt = CRED_SPECIFIED;
1197 creds = PyCredentials_AsCliCredentials(self);
1198 if (creds == NULL) {
1199 PyErr_Format(PyExc_TypeError, "Credentials expected");
1202 if (!PyArg_ParseTuple(args, "i|i", &encryption_state, &obt)) {
1206 switch (encryption_state) {
1207 case SMB_ENCRYPTION_DEFAULT:
1208 case SMB_ENCRYPTION_OFF:
1209 case SMB_ENCRYPTION_IF_REQUIRED:
1210 case SMB_ENCRYPTION_DESIRED:
1211 case SMB_ENCRYPTION_REQUIRED:
1214 PyErr_Format(PyExc_TypeError, "Invalid encryption state value");
1218 (void)cli_credentials_set_smb_encryption(creds, encryption_state, obt);
1222 static PyMethodDef py_creds_methods[] = {
1224 .ml_name = "get_username",
1225 .ml_meth = py_creds_get_username,
1226 .ml_flags = METH_NOARGS,
1227 .ml_doc = "S.get_username() -> username\nObtain username.",
1230 .ml_name = "set_username",
1231 .ml_meth = py_creds_set_username,
1232 .ml_flags = METH_VARARGS,
1233 .ml_doc = "S.set_username(name[, credentials.SPECIFIED]) -> None\n"
1237 .ml_name = "get_principal",
1238 .ml_meth = py_creds_get_principal,
1239 .ml_flags = METH_NOARGS,
1240 .ml_doc = "S.get_principal() -> user@realm\nObtain user principal.",
1243 .ml_name = "set_principal",
1244 .ml_meth = py_creds_set_principal,
1245 .ml_flags = METH_VARARGS,
1246 .ml_doc = "S.set_principal(name[, credentials.SPECIFIED]) -> None\n"
1247 "Change principal.",
1250 .ml_name = "get_password",
1251 .ml_meth = py_creds_get_password,
1252 .ml_flags = METH_NOARGS,
1253 .ml_doc = "S.get_password() -> password\n"
1257 .ml_name = "get_ntlm_username_domain",
1258 .ml_meth = py_creds_get_ntlm_username_domain,
1259 .ml_flags = METH_NOARGS,
1260 .ml_doc = "S.get_ntlm_username_domain() -> (domain, username)\n"
1261 "Obtain NTLM username and domain, split up either as (DOMAIN, user) or (\"\", \"user@realm\").",
1264 .ml_name = "get_ntlm_response",
1265 .ml_meth = PY_DISCARD_FUNC_SIG(PyCFunction,
1266 py_creds_get_ntlm_response),
1267 .ml_flags = METH_VARARGS | METH_KEYWORDS,
1268 .ml_doc = "S.get_ntlm_response"
1269 "(flags, challenge[, target_info]) -> "
1270 "(flags, lm_response, nt_response, lm_session_key, nt_session_key)\n"
1271 "Obtain LM or NTLM response.",
1274 .ml_name = "set_password",
1275 .ml_meth = py_creds_set_password,
1276 .ml_flags = METH_VARARGS,
1277 .ml_doc = "S.set_password(password[, credentials.SPECIFIED]) -> None\n"
1281 .ml_name = "set_utf16_password",
1282 .ml_meth = py_creds_set_utf16_password,
1283 .ml_flags = METH_VARARGS,
1284 .ml_doc = "S.set_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
1288 .ml_name = "get_old_password",
1289 .ml_meth = py_creds_get_old_password,
1290 .ml_flags = METH_NOARGS,
1291 .ml_doc = "S.get_old_password() -> password\n"
1292 "Obtain old password.",
1295 .ml_name = "set_old_password",
1296 .ml_meth = py_creds_set_old_password,
1297 .ml_flags = METH_VARARGS,
1298 .ml_doc = "S.set_old_password(password[, credentials.SPECIFIED]) -> None\n"
1299 "Change old password.",
1302 .ml_name = "set_old_utf16_password",
1303 .ml_meth = py_creds_set_old_utf16_password,
1304 .ml_flags = METH_VARARGS,
1305 .ml_doc = "S.set_old_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
1306 "Change old password.",
1309 .ml_name = "get_domain",
1310 .ml_meth = py_creds_get_domain,
1311 .ml_flags = METH_NOARGS,
1312 .ml_doc = "S.get_domain() -> domain\n"
1313 "Obtain domain name.",
1316 .ml_name = "set_domain",
1317 .ml_meth = py_creds_set_domain,
1318 .ml_flags = METH_VARARGS,
1319 .ml_doc = "S.set_domain(domain[, credentials.SPECIFIED]) -> None\n"
1320 "Change domain name.",
1323 .ml_name = "get_realm",
1324 .ml_meth = py_creds_get_realm,
1325 .ml_flags = METH_NOARGS,
1326 .ml_doc = "S.get_realm() -> realm\n"
1327 "Obtain realm name.",
1330 .ml_name = "set_realm",
1331 .ml_meth = py_creds_set_realm,
1332 .ml_flags = METH_VARARGS,
1333 .ml_doc = "S.set_realm(realm[, credentials.SPECIFIED]) -> None\n"
1334 "Change realm name.",
1337 .ml_name = "get_bind_dn",
1338 .ml_meth = py_creds_get_bind_dn,
1339 .ml_flags = METH_NOARGS,
1340 .ml_doc = "S.get_bind_dn() -> bind dn\n"
1344 .ml_name = "set_bind_dn",
1345 .ml_meth = py_creds_set_bind_dn,
1346 .ml_flags = METH_VARARGS,
1347 .ml_doc = "S.set_bind_dn(bind_dn) -> None\n"
1351 .ml_name = "is_anonymous",
1352 .ml_meth = py_creds_is_anonymous,
1353 .ml_flags = METH_NOARGS,
1356 .ml_name = "set_anonymous",
1357 .ml_meth = py_creds_set_anonymous,
1358 .ml_flags = METH_NOARGS,
1359 .ml_doc = "S.set_anonymous() -> None\n"
1360 "Use anonymous credentials.",
1363 .ml_name = "get_workstation",
1364 .ml_meth = py_creds_get_workstation,
1365 .ml_flags = METH_NOARGS,
1368 .ml_name = "set_workstation",
1369 .ml_meth = py_creds_set_workstation,
1370 .ml_flags = METH_VARARGS,
1373 .ml_name = "authentication_requested",
1374 .ml_meth = py_creds_authentication_requested,
1375 .ml_flags = METH_NOARGS,
1378 .ml_name = "wrong_password",
1379 .ml_meth = py_creds_wrong_password,
1380 .ml_flags = METH_NOARGS,
1381 .ml_doc = "S.wrong_password() -> bool\n"
1382 "Indicate the returned password was incorrect.",
1385 .ml_name = "set_cmdline_callbacks",
1386 .ml_meth = py_creds_set_cmdline_callbacks,
1387 .ml_flags = METH_NOARGS,
1388 .ml_doc = "S.set_cmdline_callbacks() -> bool\n"
1389 "Use command-line to obtain credentials not explicitly set.",
1392 .ml_name = "parse_string",
1393 .ml_meth = py_creds_parse_string,
1394 .ml_flags = METH_VARARGS,
1395 .ml_doc = "S.parse_string(text[, credentials.SPECIFIED]) -> None\n"
1396 "Parse credentials string.",
1399 .ml_name = "parse_file",
1400 .ml_meth = py_creds_parse_file,
1401 .ml_flags = METH_VARARGS,
1402 .ml_doc = "S.parse_file(filename[, credentials.SPECIFIED]) -> None\n"
1403 "Parse credentials file.",
1406 .ml_name = "set_password_will_be_nt_hash",
1407 .ml_meth = py_cli_credentials_set_password_will_be_nt_hash,
1408 .ml_flags = METH_VARARGS,
1409 .ml_doc = "S.set_password_will_be_nt_hash(bool) -> None\n"
1410 "Alters the behaviour of S.set_password() "
1411 "to expect the NTHASH as hexstring.",
1414 .ml_name = "get_nt_hash",
1415 .ml_meth = py_creds_get_nt_hash,
1416 .ml_flags = METH_NOARGS,
1419 .ml_name = "set_nt_hash",
1420 .ml_meth = py_creds_set_nt_hash,
1421 .ml_flags = METH_VARARGS,
1422 .ml_doc = "S.set_net_sh(samr_Password[, credentials.SPECIFIED]) -> bool\n"
1426 .ml_name = "get_kerberos_state",
1427 .ml_meth = py_creds_get_kerberos_state,
1428 .ml_flags = METH_NOARGS,
1431 .ml_name = "set_kerberos_state",
1432 .ml_meth = py_creds_set_kerberos_state,
1433 .ml_flags = METH_VARARGS,
1436 .ml_name = "set_krb_forwardable",
1437 .ml_meth = py_creds_set_krb_forwardable,
1438 .ml_flags = METH_VARARGS,
1441 .ml_name = "set_conf",
1442 .ml_meth = py_creds_set_conf,
1443 .ml_flags = METH_VARARGS,
1447 .ml_meth = py_creds_guess,
1448 .ml_flags = METH_VARARGS,
1451 .ml_name = "set_machine_account",
1452 .ml_meth = py_creds_set_machine_account,
1453 .ml_flags = METH_VARARGS,
1456 .ml_name = "get_named_ccache",
1457 .ml_meth = py_creds_get_named_ccache,
1458 .ml_flags = METH_VARARGS,
1461 .ml_name = "set_named_ccache",
1462 .ml_meth = py_creds_set_named_ccache,
1463 .ml_flags = METH_VARARGS,
1464 .ml_doc = "S.set_named_ccache(krb5_ccache_name, obtained, lp) -> None\n"
1465 "Set credentials to KRB5 Credentials Cache (by name).",
1468 .ml_name = "set_gensec_features",
1469 .ml_meth = py_creds_set_gensec_features,
1470 .ml_flags = METH_VARARGS,
1473 .ml_name = "get_gensec_features",
1474 .ml_meth = py_creds_get_gensec_features,
1475 .ml_flags = METH_NOARGS,
1478 .ml_name = "get_forced_sasl_mech",
1479 .ml_meth = py_creds_get_forced_sasl_mech,
1480 .ml_flags = METH_NOARGS,
1481 .ml_doc = "S.get_forced_sasl_mech() -> SASL mechanism\nObtain forced SASL mechanism.",
1484 .ml_name = "set_forced_sasl_mech",
1485 .ml_meth = py_creds_set_forced_sasl_mech,
1486 .ml_flags = METH_VARARGS,
1487 .ml_doc = "S.set_forced_sasl_mech(name) -> None\n"
1488 "Set forced SASL mechanism.",
1491 .ml_name = "new_client_authenticator",
1492 .ml_meth = py_creds_new_client_authenticator,
1493 .ml_flags = METH_NOARGS,
1494 .ml_doc = "S.new_client_authenticator() -> Authenticator\n"
1495 "Get a new client NETLOGON_AUTHENTICATOR"},
1497 .ml_name = "set_secure_channel_type",
1498 .ml_meth = py_creds_set_secure_channel_type,
1499 .ml_flags = METH_VARARGS,
1502 .ml_name = "get_secure_channel_type",
1503 .ml_meth = py_creds_get_secure_channel_type,
1504 .ml_flags = METH_VARARGS,
1507 .ml_name = "get_aes256_key",
1508 .ml_meth = py_creds_get_aes256_key,
1509 .ml_flags = METH_VARARGS,
1510 .ml_doc = "S.get_aes256_key(salt[, lp]) -> bytes\n"
1511 "Generate an AES256 key using the current password and\n"
1512 "the specified salt",
1515 .ml_name = "encrypt_netr_crypt_password",
1516 .ml_meth = py_creds_encrypt_netr_crypt_password,
1517 .ml_flags = METH_VARARGS,
1518 .ml_doc = "S.encrypt_netr_crypt_password(password) -> None\n"
1519 "Encrypt the supplied password using the session key and\n"
1520 "the negotiated encryption algorithm in place\n"
1521 "i.e. it overwrites the original data"},
1523 .ml_name = "encrypt_samr_password",
1524 .ml_meth = py_creds_encrypt_samr_password,
1525 .ml_flags = METH_VARARGS,
1526 .ml_doc = "S.encrypt_samr_password(password) -> None\n"
1527 "Encrypt the supplied password using the session key and\n"
1528 "the negotiated encryption algorithm in place\n"
1529 "i.e. it overwrites the original data"
1532 .ml_name = "get_smb_signing",
1533 .ml_meth = py_creds_get_smb_signing,
1534 .ml_flags = METH_NOARGS,
1537 .ml_name = "set_smb_signing",
1538 .ml_meth = py_creds_set_smb_signing,
1539 .ml_flags = METH_VARARGS,
1542 .ml_name = "get_smb_ipc_signing",
1543 .ml_meth = py_creds_get_smb_ipc_signing,
1544 .ml_flags = METH_NOARGS,
1547 .ml_name = "set_smb_ipc_signing",
1548 .ml_meth = py_creds_set_smb_ipc_signing,
1549 .ml_flags = METH_VARARGS,
1552 .ml_name = "get_smb_encryption",
1553 .ml_meth = py_creds_get_smb_encryption,
1554 .ml_flags = METH_NOARGS,
1557 .ml_name = "set_smb_encryption",
1558 .ml_meth = py_creds_set_smb_encryption,
1559 .ml_flags = METH_VARARGS,
1564 static struct PyModuleDef moduledef = {
1565 PyModuleDef_HEAD_INIT,
1566 .m_name = "credentials",
1567 .m_doc = "Credentials management.",
1569 .m_methods = py_creds_methods,
1572 PyTypeObject PyCredentials = {
1573 .tp_name = "credentials.Credentials",
1574 .tp_new = py_creds_new,
1575 .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE,
1576 .tp_methods = py_creds_methods,
1579 static PyObject *py_ccache_name(PyObject *self, PyObject *unused)
1581 struct ccache_container *ccc = NULL;
1583 PyObject *py_name = NULL;
1586 ccc = pytalloc_get_type(self, struct ccache_container);
1588 ret = krb5_cc_get_full_name(ccc->smb_krb5_context->krb5_context,
1589 ccc->ccache, &name);
1591 py_name = PyString_FromStringOrNULL(name);
1592 krb5_free_string(ccc->smb_krb5_context->krb5_context, name);
1594 PyErr_SetString(PyExc_RuntimeError,
1595 "Failed to get ccache name");
1601 static PyMethodDef py_ccache_container_methods[] = {
1602 { "get_name", py_ccache_name, METH_NOARGS,
1603 "S.get_name() -> name\nObtain KRB5 credentials cache name." },
1607 PyTypeObject PyCredentialCacheContainer = {
1608 .tp_name = "credentials.CredentialCacheContainer",
1609 .tp_flags = Py_TPFLAGS_DEFAULT,
1610 .tp_methods = py_ccache_container_methods,
1613 MODULE_INIT_FUNC(credentials)
1616 if (pytalloc_BaseObject_PyType_Ready(&PyCredentials) < 0)
1619 if (pytalloc_BaseObject_PyType_Ready(&PyCredentialCacheContainer) < 0)
1622 m = PyModule_Create(&moduledef);
1626 PyModule_AddObject(m, "UNINITIALISED", PyLong_FromLong(CRED_UNINITIALISED));
1627 PyModule_AddObject(m, "SMB_CONF", PyLong_FromLong(CRED_SMB_CONF));
1628 PyModule_AddObject(m, "CALLBACK", PyLong_FromLong(CRED_CALLBACK));
1629 PyModule_AddObject(m, "GUESS_ENV", PyLong_FromLong(CRED_GUESS_ENV));
1630 PyModule_AddObject(m, "GUESS_FILE", PyLong_FromLong(CRED_GUESS_FILE));
1631 PyModule_AddObject(m, "CALLBACK_RESULT", PyLong_FromLong(CRED_CALLBACK_RESULT));
1632 PyModule_AddObject(m, "SPECIFIED", PyLong_FromLong(CRED_SPECIFIED));
1634 PyModule_AddObject(m, "AUTO_USE_KERBEROS", PyLong_FromLong(CRED_USE_KERBEROS_DESIRED));
1635 PyModule_AddObject(m, "DONT_USE_KERBEROS", PyLong_FromLong(CRED_USE_KERBEROS_DISABLED));
1636 PyModule_AddObject(m, "MUST_USE_KERBEROS", PyLong_FromLong(CRED_USE_KERBEROS_REQUIRED));
1638 PyModule_AddObject(m, "AUTO_KRB_FORWARDABLE", PyLong_FromLong(CRED_AUTO_KRB_FORWARDABLE));
1639 PyModule_AddObject(m, "NO_KRB_FORWARDABLE", PyLong_FromLong(CRED_NO_KRB_FORWARDABLE));
1640 PyModule_AddObject(m, "FORCE_KRB_FORWARDABLE", PyLong_FromLong(CRED_FORCE_KRB_FORWARDABLE));
1641 PyModule_AddObject(m, "CLI_CRED_NTLM2", PyLong_FromLong(CLI_CRED_NTLM2));
1642 PyModule_AddObject(m, "CLI_CRED_NTLMv2_AUTH", PyLong_FromLong(CLI_CRED_NTLMv2_AUTH));
1643 PyModule_AddObject(m, "CLI_CRED_LANMAN_AUTH", PyLong_FromLong(CLI_CRED_LANMAN_AUTH));
1644 PyModule_AddObject(m, "CLI_CRED_NTLM_AUTH", PyLong_FromLong(CLI_CRED_NTLM_AUTH));
1645 PyModule_AddObject(m, "CLI_CRED_CLEAR_AUTH", PyLong_FromLong(CLI_CRED_CLEAR_AUTH));
1647 PyModule_AddObject(m, "SMB_SIGNING_DEFAULT", PyLong_FromLong(SMB_SIGNING_DEFAULT));
1648 PyModule_AddObject(m, "SMB_SIGNING_OFF", PyLong_FromLong(SMB_SIGNING_OFF));
1649 PyModule_AddObject(m, "SMB_SIGNING_IF_REQUIRED", PyLong_FromLong(SMB_SIGNING_IF_REQUIRED));
1650 PyModule_AddObject(m, "SMB_SIGNING_DESIRED", PyLong_FromLong(SMB_SIGNING_DESIRED));
1651 PyModule_AddObject(m, "SMB_SIGNING_REQUIRED", PyLong_FromLong(SMB_SIGNING_REQUIRED));
1653 PyModule_AddObject(m, "SMB_ENCRYPTION_DEFAULT", PyLong_FromLong(SMB_ENCRYPTION_DEFAULT));
1654 PyModule_AddObject(m, "SMB_ENCRYPTION_OFF", PyLong_FromLong(SMB_ENCRYPTION_OFF));
1655 PyModule_AddObject(m, "SMB_ENCRYPTION_IF_REQUIRED", PyLong_FromLong(SMB_ENCRYPTION_IF_REQUIRED));
1656 PyModule_AddObject(m, "SMB_ENCRYPTION_DESIRED", PyLong_FromLong(SMB_ENCRYPTION_DESIRED));
1657 PyModule_AddObject(m, "SMB_ENCRYPTION_REQUIRED", PyLong_FromLong(SMB_ENCRYPTION_REQUIRED));
1659 Py_INCREF(&PyCredentials);
1660 PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials);
1661 Py_INCREF(&PyCredentialCacheContainer);
1662 PyModule_AddObject(m, "CredentialCacheContainer", (PyObject *)&PyCredentialCacheContainer);