2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2008-2010
5 Copyright (C) Kamen Mazdrashki <kamen.mazdrashki@postpath.com> 2009
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "auth/credentials/pycredentials.h"
25 #include "libcli/security/security.h"
26 #include "lib/events/events.h"
27 #include "param/param.h"
28 #include "param/pyparam.h"
29 #include "lib/ldb/pyldb.h"
30 #include "auth/gensec/gensec.h"
31 #include "librpc/rpc/pyrpc.h"
36 struct libnet_context *libnet_ctx;
37 struct tevent_context *ev;
40 static PyObject *py_net_join(py_net_Object *self, PyObject *args, PyObject *kwargs)
46 const char *kwnames[] = { "domain_name", "netbios_name", "join_type", "level", NULL };
48 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "ssii:Join", discard_const_p(char *, kwnames),
49 &r.in.domain_name, &r.in.netbios_name,
50 &r.in.join_type, &r.in.level))
53 mem_ctx = talloc_new(self->mem_ctx);
55 status = libnet_Join(self->libnet_ctx, mem_ctx, &r);
56 if (NT_STATUS_IS_ERR(status)) {
57 PyErr_SetString(PyExc_RuntimeError, r.out.error_string?r.out.error_string:nt_errstr(status));
62 result = Py_BuildValue("sss", r.out.join_password,
63 dom_sid_string(mem_ctx, r.out.domain_sid),
71 static const char py_net_join_doc[] = "join(domain_name, netbios_name, join_type, level) -> (join_password, domain_sid, domain_name)\n\n" \
72 "Join the domain with the specified name.";
74 static PyObject *py_net_set_password(py_net_Object *self, PyObject *args, PyObject *kwargs)
76 union libnet_SetPassword r;
80 struct tevent_context *ev;
81 const char *kwnames[] = { "account_name", "domain_name", "newpassword", "credentials", NULL };
83 r.generic.level = LIBNET_SET_PASSWORD_GENERIC;
85 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sssO:set_password", discard_const_p(char *, kwnames),
86 &r.generic.in.account_name, &r.generic.in.domain_name,
87 &r.generic.in.newpassword, &py_creds)) {
91 /* FIXME: we really need to get a context from the caller or we may end
92 * up with 2 event contexts */
93 ev = s4_event_context_init(NULL);
94 mem_ctx = talloc_new(ev);
96 status = libnet_SetPassword(self->libnet_ctx, mem_ctx, &r);
97 if (NT_STATUS_IS_ERR(status)) {
98 PyErr_SetString(PyExc_RuntimeError,
99 r.generic.out.error_string?r.generic.out.error_string:nt_errstr(status));
100 talloc_free(mem_ctx);
104 talloc_free(mem_ctx);
109 static const char py_net_set_password_doc[] = "set_password(account_name, domain_name, newpassword) -> True\n\n" \
110 "Set password for a user. You must supply credential with enough rights to do this.\n\n" \
111 "Sample usage is:\n" \
112 "net.set_password(account_name=<account_name>,\n" \
113 " domain_name=domain_name,\n" \
114 " newpassword=new_pass)\n";
117 static PyObject *py_net_export_keytab(py_net_Object *self, PyObject *args, PyObject *kwargs)
119 struct libnet_export_keytab r;
121 const char *kwnames[] = { "keytab", NULL };
124 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s:export_keytab", discard_const_p(char *, kwnames),
125 &r.in.keytab_name)) {
129 mem_ctx = talloc_new(self->mem_ctx);
131 status = libnet_export_keytab(self->libnet_ctx, mem_ctx, &r);
132 if (NT_STATUS_IS_ERR(status)) {
133 PyErr_SetString(PyExc_RuntimeError,
134 r.out.error_string?r.out.error_string:nt_errstr(status));
135 talloc_free(mem_ctx);
139 talloc_free(mem_ctx);
144 static const char py_net_export_keytab_doc[] = "export_keytab(keytab, name)\n\n"
145 "Export the DC keytab to a keytab file.";
147 static PyObject *py_net_time(py_net_Object *self, PyObject *args, PyObject *kwargs)
149 const char *kwnames[] = { "server_name", NULL };
150 union libnet_RemoteTOD r;
157 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s",
158 discard_const_p(char *, kwnames), &r.generic.in.server_name))
161 r.generic.level = LIBNET_REMOTE_TOD_GENERIC;
163 mem_ctx = talloc_new(NULL);
164 if (mem_ctx == NULL) {
169 status = libnet_RemoteTOD(self->libnet_ctx, mem_ctx, &r);
170 if (!NT_STATUS_IS_OK(status)) {
171 PyErr_SetString(PyExc_RuntimeError,
172 r.generic.out.error_string?r.generic.out.error_string:nt_errstr(status));
173 talloc_free(mem_ctx);
177 ZERO_STRUCT(timestr);
178 tm = localtime(&r.generic.out.time);
179 strftime(timestr, sizeof(timestr)-1, "%c %Z",tm);
181 ret = PyString_FromString(timestr);
183 talloc_free(mem_ctx);
188 static const char py_net_time_doc[] = "time(server_name) -> timestr\n"
189 "Retrieve the remote time on a server";
191 static PyObject *py_net_user_create(py_net_Object *self, PyObject *args, PyObject *kwargs)
193 const char *kwnames[] = { "username", NULL };
196 struct libnet_CreateUser r;
198 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s", discard_const_p(char *, kwnames),
202 r.in.domain_name = cli_credentials_get_domain(self->libnet_ctx->cred);
204 mem_ctx = talloc_new(NULL);
205 if (mem_ctx == NULL) {
210 status = libnet_CreateUser(self->libnet_ctx, mem_ctx, &r);
211 if (!NT_STATUS_IS_OK(status)) {
212 PyErr_SetString(PyExc_RuntimeError, r.out.error_string?r.out.error_string:nt_errstr(status));
213 talloc_free(mem_ctx);
217 talloc_free(mem_ctx);
222 static const char py_net_create_user_doc[] = "create_user(username)\n"
223 "Create a new user.";
225 static PyObject *py_net_user_delete(py_net_Object *self, PyObject *args, PyObject *kwargs)
227 const char *kwnames[] = { "username", NULL };
230 struct libnet_DeleteUser r;
232 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s", discard_const_p(char *, kwnames),
236 r.in.domain_name = cli_credentials_get_domain(self->libnet_ctx->cred);
238 mem_ctx = talloc_new(NULL);
239 if (mem_ctx == NULL) {
244 status = libnet_DeleteUser(self->libnet_ctx, mem_ctx, &r);
245 if (!NT_STATUS_IS_OK(status)) {
246 PyErr_SetString(PyExc_RuntimeError, r.out.error_string?r.out.error_string:nt_errstr(status));
247 talloc_free(mem_ctx);
251 talloc_free(mem_ctx);
256 static const char py_net_delete_user_doc[] = "delete_user(username)\n"
259 static PyObject *py_dom_sid_FromSid(struct dom_sid *sid)
261 PyObject *mod_security, *dom_sid_Type;
263 mod_security = PyImport_ImportModule("samba.dcerpc.security");
264 if (mod_security == NULL)
267 dom_sid_Type = PyObject_GetAttrString(mod_security, "dom_sid");
268 if (dom_sid_Type == NULL)
271 return py_talloc_reference((PyTypeObject *)dom_sid_Type, sid);
274 static PyObject *py_net_vampire(py_net_Object *self, PyObject *args, PyObject *kwargs)
276 const char *kwnames[] = { "domain", "target_dir", NULL };
280 struct libnet_Vampire r;
282 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|z", discard_const_p(char *, kwnames),
283 &r.in.domain_name, &r.in.targetdir)) {
287 r.in.netbios_name = lpcfg_netbios_name(self->libnet_ctx->lp_ctx);
288 r.out.error_string = NULL;
290 mem_ctx = talloc_new(NULL);
291 if (mem_ctx == NULL) {
296 status = libnet_Vampire(self->libnet_ctx, mem_ctx, &r);
298 if (!NT_STATUS_IS_OK(status)) {
299 PyErr_SetString(PyExc_RuntimeError,
300 r.out.error_string ? r.out.error_string : nt_errstr(status));
301 talloc_free(mem_ctx);
305 ret = Py_BuildValue("(sO)", r.out.domain_name, py_dom_sid_FromSid(r.out.domain_sid));
307 talloc_free(mem_ctx);
312 struct replicate_state {
314 dcerpc_InterfaceObject *drs_pipe;
315 struct libnet_BecomeDC_StoreChunk chunk;
316 DATA_BLOB gensec_skey;
317 struct libnet_BecomeDC_Partition partition;
318 struct libnet_BecomeDC_Forest forest;
319 struct libnet_BecomeDC_DestDSA dest_dsa;
323 setup for replicate_chunk() calls
325 static PyObject *py_net_replicate_init(py_net_Object *self, PyObject *args, PyObject *kwargs)
327 const char *kwnames[] = { "samdb", "lp", "drspipe", NULL };
328 PyObject *py_ldb, *py_lp, *py_drspipe;
329 struct ldb_context *samdb;
330 struct loadparm_context *lp;
331 struct replicate_state *s;
334 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OOO",
335 discard_const_p(char *, kwnames),
336 &py_ldb, &py_lp, &py_drspipe)) {
340 s = talloc_zero(NULL, struct replicate_state);
343 lp = lpcfg_from_py_object(s, py_lp);
345 PyErr_SetString(PyExc_TypeError, "Expected lp object");
350 samdb = PyLdb_AsLdbContext(py_ldb);
352 PyErr_SetString(PyExc_TypeError, "Expected ldb object");
357 s->drs_pipe = (dcerpc_InterfaceObject *)(py_drspipe);
359 s->vampire_state = libnet_vampire_replicate_init(s, samdb, lp);
360 if (s->vampire_state == NULL) {
361 PyErr_SetString(PyExc_TypeError, "Failed to initialise vampire_state");
366 status = gensec_session_key(s->drs_pipe->pipe->conn->security_state.generic_state,
368 if (!NT_STATUS_IS_OK(status)) {
369 PyErr_Format(PyExc_RuntimeError, "Unable to get session key from drspipe: %s",
375 s->chunk.gensec_skey = &s->gensec_skey;
376 s->chunk.partition = &s->partition;
377 s->chunk.forest = &s->forest;
378 s->chunk.dest_dsa = &s->dest_dsa;
380 return PyCObject_FromTallocPtr(s);
385 process one replication chunk
387 static PyObject *py_net_replicate_chunk(py_net_Object *self, PyObject *args, PyObject *kwargs)
389 const char *kwnames[] = { "state", "level", "ctr", "schema", NULL };
390 PyObject *py_state, *py_ctr, *py_schema;
391 struct replicate_state *s;
393 NTSTATUS (*chunk_handler)(void *private_data, const struct libnet_BecomeDC_StoreChunk *c);
396 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "OIO|O",
397 discard_const_p(char *, kwnames),
398 &py_state, &level, &py_ctr, &py_schema)) {
402 s = talloc_get_type(PyCObject_AsVoidPtr(py_state), struct replicate_state);
404 PyErr_SetString(PyExc_TypeError, "Expected replication_state");
411 if (strcmp("drsuapi.DsGetNCChangesCtr1", Py_TYPE(py_ctr)->tp_name) != 0) {
412 PyErr_SetString(PyExc_TypeError, "Expected DsGetNCChangesCtr1 type for ctr");
416 s->chunk.ctr1 = py_talloc_get_ptr(py_ctr);
417 s->partition.nc = *s->chunk.ctr1->naming_context;
418 s->partition.more_data = s->chunk.ctr1->more_data;
419 s->partition.source_dsa_guid = s->chunk.ctr1->source_dsa_guid;
420 s->partition.source_dsa_invocation_id = s->chunk.ctr1->source_dsa_invocation_id;
421 s->partition.highwatermark = s->chunk.ctr1->new_highwatermark;
425 if (strcmp("drsuapi.DsGetNCChangesCtr6", Py_TYPE(py_ctr)->tp_name) != 0) {
426 PyErr_SetString(PyExc_TypeError, "Expected DsGetNCChangesCtr6 type for ctr");
430 s->chunk.ctr6 = py_talloc_get_ptr(py_ctr);
431 s->partition.nc = *s->chunk.ctr6->naming_context;
432 s->partition.more_data = s->chunk.ctr6->more_data;
433 s->partition.source_dsa_guid = s->chunk.ctr6->source_dsa_guid;
434 s->partition.source_dsa_invocation_id = s->chunk.ctr6->source_dsa_invocation_id;
435 s->partition.highwatermark = s->chunk.ctr6->new_highwatermark;
438 PyErr_Format(PyExc_TypeError, "Bad level %u in replicate_chunk", level);
442 chunk_handler = libnet_vampire_cb_store_chunk;
444 if (!PyBool_Check(py_schema)) {
445 PyErr_SetString(PyExc_TypeError, "Expected boolean schema");
448 if (py_schema == Py_True) {
449 chunk_handler = libnet_vampire_cb_schema_chunk;
453 s->chunk.ctr_level = level;
455 status = chunk_handler(s->vampire_state, &s->chunk);
456 if (!NT_STATUS_IS_OK(status)) {
457 PyErr_Format(PyExc_TypeError, "Failed to process chunk: %s", nt_errstr(status));
464 static const char py_net_vampire_doc[] = "vampire(domain, target_dir=None)\n"
467 static const char py_net_replicate_init_doc[] = "replicate_init(samdb, lp, drspipe)\n"
468 "Setup for replicate_chunk calls.";
470 static const char py_net_replicate_chunk_doc[] = "replicate_chunk(state, level, ctr, schema)\n"
471 "Process replication for one chunk";
473 static PyMethodDef net_obj_methods[] = {
474 {"join", (PyCFunction)py_net_join, METH_VARARGS|METH_KEYWORDS, py_net_join_doc},
475 {"set_password", (PyCFunction)py_net_set_password, METH_VARARGS|METH_KEYWORDS, py_net_set_password_doc},
476 {"export_keytab", (PyCFunction)py_net_export_keytab, METH_VARARGS|METH_KEYWORDS, py_net_export_keytab_doc},
477 {"time", (PyCFunction)py_net_time, METH_VARARGS|METH_KEYWORDS, py_net_time_doc},
478 {"create_user", (PyCFunction)py_net_user_create, METH_VARARGS|METH_KEYWORDS, py_net_create_user_doc},
479 {"delete_user", (PyCFunction)py_net_user_delete, METH_VARARGS|METH_KEYWORDS, py_net_delete_user_doc},
480 {"vampire", (PyCFunction)py_net_vampire, METH_VARARGS|METH_KEYWORDS, py_net_vampire_doc},
481 {"replicate_init", (PyCFunction)py_net_replicate_init, METH_VARARGS|METH_KEYWORDS, py_net_replicate_init_doc},
482 {"replicate_chunk", (PyCFunction)py_net_replicate_chunk, METH_VARARGS|METH_KEYWORDS, py_net_replicate_chunk_doc},
486 static void py_net_dealloc(py_net_Object *self)
488 talloc_free(self->mem_ctx);
491 static PyObject *net_obj_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
493 PyObject *py_creds, *py_lp = Py_None;
494 const char *kwnames[] = { "creds", "lp", NULL };
496 struct loadparm_context *lp;
498 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O|O",
499 discard_const_p(char *, kwnames), &py_creds, &py_lp))
502 ret = PyObject_New(py_net_Object, type);
507 /* FIXME: we really need to get a context from the caller or we may end
508 * up with 2 event contexts */
509 ret->ev = s4_event_context_init(NULL);
510 ret->mem_ctx = talloc_new(ret->ev);
512 lp = lpcfg_from_py_object(ret->mem_ctx, py_lp);
518 ret->libnet_ctx = libnet_context_init(ret->ev, lp);
519 if (ret->libnet_ctx == NULL) {
520 PyErr_SetString(PyExc_RuntimeError, "Unable to initialize net");
525 ret->libnet_ctx->cred = cli_credentials_from_py_object(py_creds);
526 if (ret->libnet_ctx->cred == NULL) {
527 PyErr_SetString(PyExc_TypeError, "Expected credentials object");
532 return (PyObject *)ret;
536 PyTypeObject py_net_Type = {
537 PyObject_HEAD_INIT(NULL) 0,
538 .tp_name = "net.Net",
539 .tp_basicsize = sizeof(py_net_Object),
540 .tp_dealloc = (destructor)py_net_dealloc,
541 .tp_methods = net_obj_methods,
542 .tp_new = net_obj_new,
549 if (PyType_Ready(&py_net_Type) < 0)
552 m = Py_InitModule3("net", NULL, NULL);
556 Py_INCREF(&py_net_Type);
557 PyModule_AddObject(m, "Net", (PyObject *)&py_net_Type);
558 PyModule_AddObject(m, "LIBNET_JOINDOMAIN_AUTOMATIC", PyInt_FromLong(LIBNET_JOINDOMAIN_AUTOMATIC));
559 PyModule_AddObject(m, "LIBNET_JOINDOMAIN_SPECIFIED", PyInt_FromLong(LIBNET_JOINDOMAIN_SPECIFIED));
560 PyModule_AddObject(m, "LIBNET_JOIN_AUTOMATIC", PyInt_FromLong(LIBNET_JOIN_AUTOMATIC));
561 PyModule_AddObject(m, "LIBNET_JOIN_SPECIFIED", PyInt_FromLong(LIBNET_JOIN_SPECIFIED));