2 Unix SMB/CIFS implementation.
3 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; either version 3 of the License, or
8 (at your option) any later version.
10 This program is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 GNU General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "python/py3compat.h"
22 #include "pycredentials.h"
23 #include "param/param.h"
24 #include "lib/cmdline/credentials.h"
25 #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */
26 #include "libcli/util/pyerrors.h"
27 #include "param/pyparam.h"
30 void initcredentials(void);
32 static PyObject *PyString_FromStringOrNULL(const char *str)
36 return PyStr_FromString(str);
39 static PyObject *py_creds_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
41 return pytalloc_steal(type, cli_credentials_init(NULL));
44 static PyObject *py_creds_get_username(PyObject *self, PyObject *unused)
46 return PyString_FromStringOrNULL(cli_credentials_get_username(PyCredentials_AsCliCredentials(self)));
49 static PyObject *py_creds_set_username(PyObject *self, PyObject *args)
52 enum credentials_obtained obt = CRED_SPECIFIED;
55 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
60 return PyBool_FromLong(cli_credentials_set_username(PyCredentials_AsCliCredentials(self), newval, obt));
63 static PyObject *py_creds_get_ntlm_username_domain(PyObject *self, PyObject *unused)
65 TALLOC_CTX *frame = talloc_stackframe();
66 const char *user = NULL;
67 const char *domain = NULL;
69 cli_credentials_get_ntlm_username_domain(PyCredentials_AsCliCredentials(self),
70 frame, &user, &domain);
71 ret = Py_BuildValue("(OO)",
72 PyString_FromStringOrNULL(user),
73 PyString_FromStringOrNULL(domain));
78 static PyObject *py_creds_get_ntlm_response(PyObject *self, PyObject *args, PyObject *kwargs)
80 TALLOC_CTX *frame = talloc_stackframe();
83 struct timeval tv_now;
84 NTTIME server_timestamp;
85 DATA_BLOB challenge = data_blob_null;
86 DATA_BLOB target_info = data_blob_null;
88 DATA_BLOB lm_response = data_blob_null;
89 DATA_BLOB nt_response = data_blob_null;
90 DATA_BLOB lm_session_key = data_blob_null;
91 DATA_BLOB nt_session_key = data_blob_null;
92 const char *kwnames[] = { "flags", "challenge",
96 tv_now = timeval_current();
97 server_timestamp = timeval_to_nttime(&tv_now);
99 if (!PyArg_ParseTupleAndKeywords(args, kwargs, "is#|s#",
100 discard_const_p(char *, kwnames),
105 &target_info.length)) {
109 status = cli_credentials_get_ntlm_response(PyCredentials_AsCliCredentials(self),
114 &lm_response, &nt_response,
115 &lm_session_key, &nt_session_key);
117 if (!NT_STATUS_IS_OK(status)) {
118 PyErr_SetNTSTATUS(status);
123 ret = Py_BuildValue("{sis" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN
124 "s" PYARG_BYTES_LEN "s" PYARG_BYTES_LEN "}",
127 (const char *)lm_response.data, lm_response.length,
129 (const char *)nt_response.data, nt_response.length,
131 (const char *)lm_session_key.data, lm_session_key.length,
133 (const char *)nt_session_key.data, nt_session_key.length);
138 static PyObject *py_creds_get_principal(PyObject *self, PyObject *unused)
140 TALLOC_CTX *frame = talloc_stackframe();
141 PyObject *ret = PyString_FromStringOrNULL(cli_credentials_get_principal(PyCredentials_AsCliCredentials(self), frame));
146 static PyObject *py_creds_set_principal(PyObject *self, PyObject *args)
149 enum credentials_obtained obt = CRED_SPECIFIED;
152 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
157 return PyBool_FromLong(cli_credentials_set_principal(PyCredentials_AsCliCredentials(self), newval, obt));
160 static PyObject *py_creds_get_password(PyObject *self, PyObject *unused)
162 return PyString_FromStringOrNULL(cli_credentials_get_password(PyCredentials_AsCliCredentials(self)));
165 static PyObject *py_creds_set_password(PyObject *self, PyObject *args)
168 enum credentials_obtained obt = CRED_SPECIFIED;
171 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
176 return PyBool_FromLong(cli_credentials_set_password(PyCredentials_AsCliCredentials(self), newval, obt));
179 static PyObject *py_creds_set_utf16_password(PyObject *self, PyObject *args)
181 enum credentials_obtained obt = CRED_SPECIFIED;
183 PyObject *newval = NULL;
184 DATA_BLOB blob = data_blob_null;
189 if (!PyArg_ParseTuple(args, "O|i", &newval, &_obt)) {
194 result = PyBytes_AsStringAndSize(newval, (char **)&blob.data, &size);
196 PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
201 ok = cli_credentials_set_utf16_password(PyCredentials_AsCliCredentials(self),
204 return PyBool_FromLong(ok);
207 static PyObject *py_creds_get_old_password(PyObject *self, PyObject *unused)
209 return PyString_FromStringOrNULL(cli_credentials_get_old_password(PyCredentials_AsCliCredentials(self)));
212 static PyObject *py_creds_set_old_password(PyObject *self, PyObject *args)
215 enum credentials_obtained obt = CRED_SPECIFIED;
218 if (!PyArg_ParseTuple(args, "s|i", &oldval, &_obt)) {
223 return PyBool_FromLong(cli_credentials_set_old_password(PyCredentials_AsCliCredentials(self), oldval, obt));
226 static PyObject *py_creds_set_old_utf16_password(PyObject *self, PyObject *args)
228 PyObject *oldval = NULL;
229 DATA_BLOB blob = data_blob_null;
234 if (!PyArg_ParseTuple(args, "O", &oldval)) {
238 result = PyBytes_AsStringAndSize(oldval, (char **)&blob.data, &size);
240 PyErr_SetString(PyExc_RuntimeError, "Failed to convert passed value to Bytes");
245 ok = cli_credentials_set_old_utf16_password(PyCredentials_AsCliCredentials(self),
248 return PyBool_FromLong(ok);
251 static PyObject *py_creds_get_domain(PyObject *self, PyObject *unused)
253 return PyString_FromStringOrNULL(cli_credentials_get_domain(PyCredentials_AsCliCredentials(self)));
256 static PyObject *py_creds_set_domain(PyObject *self, PyObject *args)
259 enum credentials_obtained obt = CRED_SPECIFIED;
262 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
267 return PyBool_FromLong(cli_credentials_set_domain(PyCredentials_AsCliCredentials(self), newval, obt));
270 static PyObject *py_creds_get_realm(PyObject *self, PyObject *unused)
272 return PyString_FromStringOrNULL(cli_credentials_get_realm(PyCredentials_AsCliCredentials(self)));
275 static PyObject *py_creds_set_realm(PyObject *self, PyObject *args)
278 enum credentials_obtained obt = CRED_SPECIFIED;
281 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
286 return PyBool_FromLong(cli_credentials_set_realm(PyCredentials_AsCliCredentials(self), newval, obt));
289 static PyObject *py_creds_get_bind_dn(PyObject *self, PyObject *unused)
291 return PyString_FromStringOrNULL(cli_credentials_get_bind_dn(PyCredentials_AsCliCredentials(self)));
294 static PyObject *py_creds_set_bind_dn(PyObject *self, PyObject *args)
297 if (!PyArg_ParseTuple(args, "s", &newval))
300 return PyBool_FromLong(cli_credentials_set_bind_dn(PyCredentials_AsCliCredentials(self), newval));
303 static PyObject *py_creds_get_workstation(PyObject *self, PyObject *unused)
305 return PyString_FromStringOrNULL(cli_credentials_get_workstation(PyCredentials_AsCliCredentials(self)));
308 static PyObject *py_creds_set_workstation(PyObject *self, PyObject *args)
311 enum credentials_obtained obt = CRED_SPECIFIED;
314 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
319 return PyBool_FromLong(cli_credentials_set_workstation(PyCredentials_AsCliCredentials(self), newval, obt));
322 static PyObject *py_creds_is_anonymous(PyObject *self, PyObject *unused)
324 return PyBool_FromLong(cli_credentials_is_anonymous(PyCredentials_AsCliCredentials(self)));
327 static PyObject *py_creds_set_anonymous(PyObject *self, PyObject *unused)
329 cli_credentials_set_anonymous(PyCredentials_AsCliCredentials(self));
333 static PyObject *py_creds_authentication_requested(PyObject *self, PyObject *unused)
335 return PyBool_FromLong(cli_credentials_authentication_requested(PyCredentials_AsCliCredentials(self)));
338 static PyObject *py_creds_wrong_password(PyObject *self, PyObject *unused)
340 return PyBool_FromLong(cli_credentials_wrong_password(PyCredentials_AsCliCredentials(self)));
343 static PyObject *py_creds_set_cmdline_callbacks(PyObject *self, PyObject *unused)
345 return PyBool_FromLong(cli_credentials_set_cmdline_callbacks(PyCredentials_AsCliCredentials(self)));
348 static PyObject *py_creds_parse_string(PyObject *self, PyObject *args)
351 enum credentials_obtained obt = CRED_SPECIFIED;
354 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
359 cli_credentials_parse_string(PyCredentials_AsCliCredentials(self), newval, obt);
363 static PyObject *py_creds_parse_file(PyObject *self, PyObject *args)
366 enum credentials_obtained obt = CRED_SPECIFIED;
369 if (!PyArg_ParseTuple(args, "s|i", &newval, &_obt)) {
374 cli_credentials_parse_file(PyCredentials_AsCliCredentials(self), newval, obt);
378 static PyObject *py_cli_credentials_set_password_will_be_nt_hash(PyObject *self, PyObject *args)
380 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
381 PyObject *py_val = NULL;
384 if (!PyArg_ParseTuple(args, "O!", &PyBool_Type, &py_val)) {
387 val = PyObject_IsTrue(py_val);
389 cli_credentials_set_password_will_be_nt_hash(creds, val);
393 static PyObject *py_creds_get_nt_hash(PyObject *self, PyObject *unused)
396 struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
397 struct samr_Password *ntpw = cli_credentials_get_nt_hash(creds, creds);
399 ret = PyBytes_FromStringAndSize(discard_const_p(char, ntpw->hash), 16);
404 static PyObject *py_creds_get_kerberos_state(PyObject *self, PyObject *unused)
406 int state = cli_credentials_get_kerberos_state(PyCredentials_AsCliCredentials(self));
407 return PyInt_FromLong(state);
410 static PyObject *py_creds_set_kerberos_state(PyObject *self, PyObject *args)
413 if (!PyArg_ParseTuple(args, "i", &state))
416 cli_credentials_set_kerberos_state(PyCredentials_AsCliCredentials(self), state);
420 static PyObject *py_creds_set_krb_forwardable(PyObject *self, PyObject *args)
423 if (!PyArg_ParseTuple(args, "i", &state))
426 cli_credentials_set_krb_forwardable(PyCredentials_AsCliCredentials(self), state);
431 static PyObject *py_creds_get_forced_sasl_mech(PyObject *self, PyObject *unused)
433 return PyString_FromStringOrNULL(cli_credentials_get_forced_sasl_mech(PyCredentials_AsCliCredentials(self)));
436 static PyObject *py_creds_set_forced_sasl_mech(PyObject *self, PyObject *args)
439 enum credentials_obtained obt = CRED_SPECIFIED;
442 if (!PyArg_ParseTuple(args, "s", &newval)) {
447 cli_credentials_set_forced_sasl_mech(PyCredentials_AsCliCredentials(self), newval);
451 static PyObject *py_creds_guess(PyObject *self, PyObject *args)
453 PyObject *py_lp_ctx = Py_None;
454 struct loadparm_context *lp_ctx;
456 struct cli_credentials *creds;
458 creds = PyCredentials_AsCliCredentials(self);
460 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
463 mem_ctx = talloc_new(NULL);
464 if (mem_ctx == NULL) {
469 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
470 if (lp_ctx == NULL) {
471 talloc_free(mem_ctx);
475 cli_credentials_guess(creds, lp_ctx);
477 talloc_free(mem_ctx);
482 static PyObject *py_creds_set_machine_account(PyObject *self, PyObject *args)
484 PyObject *py_lp_ctx = Py_None;
485 struct loadparm_context *lp_ctx;
487 struct cli_credentials *creds;
490 creds = PyCredentials_AsCliCredentials(self);
492 if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
495 mem_ctx = talloc_new(NULL);
496 if (mem_ctx == NULL) {
501 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
502 if (lp_ctx == NULL) {
503 talloc_free(mem_ctx);
507 status = cli_credentials_set_machine_account(creds, lp_ctx);
508 talloc_free(mem_ctx);
510 PyErr_NTSTATUS_IS_ERR_RAISE(status);
515 static PyObject *PyCredentialCacheContainer_from_ccache_container(struct ccache_container *ccc)
517 return pytalloc_reference(&PyCredentialCacheContainer, ccc);
521 static PyObject *py_creds_get_named_ccache(PyObject *self, PyObject *args)
523 PyObject *py_lp_ctx = Py_None;
525 struct loadparm_context *lp_ctx;
526 struct ccache_container *ccc;
527 struct tevent_context *event_ctx;
529 const char *error_string;
530 struct cli_credentials *creds;
533 creds = PyCredentials_AsCliCredentials(self);
535 if (!PyArg_ParseTuple(args, "|Os", &py_lp_ctx, &ccache_name))
538 mem_ctx = talloc_new(NULL);
539 if (mem_ctx == NULL) {
544 lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
545 if (lp_ctx == NULL) {
546 talloc_free(mem_ctx);
550 event_ctx = samba_tevent_context_init(mem_ctx);
552 ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
553 ccache_name, &ccc, &error_string);
554 talloc_unlink(mem_ctx, lp_ctx);
556 talloc_steal(ccc, event_ctx);
557 talloc_free(mem_ctx);
558 return PyCredentialCacheContainer_from_ccache_container(ccc);
561 PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
563 talloc_free(mem_ctx);
567 static PyObject *py_creds_set_gensec_features(PyObject *self, PyObject *args)
569 unsigned int gensec_features;
571 if (!PyArg_ParseTuple(args, "I", &gensec_features))
574 cli_credentials_set_gensec_features(PyCredentials_AsCliCredentials(self), gensec_features);
579 static PyObject *py_creds_get_gensec_features(PyObject *self, PyObject *args)
581 unsigned int gensec_features;
583 gensec_features = cli_credentials_get_gensec_features(PyCredentials_AsCliCredentials(self));
584 return PyInt_FromLong(gensec_features);
587 static PyObject *py_creds_set_secure_channel_type(PyObject *self, PyObject *args)
589 unsigned int channel_type;
591 if (!PyArg_ParseTuple(args, "I", &channel_type))
594 cli_credentials_set_secure_channel_type(
595 PyCredentials_AsCliCredentials(self),
602 static PyMethodDef py_creds_methods[] = {
603 { "get_username", py_creds_get_username, METH_NOARGS,
604 "S.get_username() -> username\nObtain username." },
605 { "set_username", py_creds_set_username, METH_VARARGS,
606 "S.set_username(name[, credentials.SPECIFIED]) -> None\n"
607 "Change username." },
608 { "get_principal", py_creds_get_principal, METH_NOARGS,
609 "S.get_principal() -> user@realm\nObtain user principal." },
610 { "set_principal", py_creds_set_principal, METH_VARARGS,
611 "S.set_principal(name[, credentials.SPECIFIED]) -> None\n"
612 "Change principal." },
613 { "get_password", py_creds_get_password, METH_NOARGS,
614 "S.get_password() -> password\n"
615 "Obtain password." },
616 { "get_ntlm_username_domain", py_creds_get_ntlm_username_domain, METH_NOARGS,
617 "S.get_ntlm_username_domain() -> (domain, username)\n"
618 "Obtain NTLM username and domain, split up either as (DOMAIN, user) or (\"\", \"user@realm\")." },
619 { "get_ntlm_response", (PyCFunction)py_creds_get_ntlm_response, METH_VARARGS | METH_KEYWORDS,
620 "S.get_ntlm_response"
621 "(flags, challenge[, target_info]) -> "
622 "(flags, lm_response, nt_response, lm_session_key, nt_session_key)\n"
623 "Obtain LM or NTLM response." },
624 { "set_password", py_creds_set_password, METH_VARARGS,
625 "S.set_password(password[, credentials.SPECIFIED]) -> None\n"
626 "Change password." },
627 { "set_utf16_password", py_creds_set_utf16_password, METH_VARARGS,
628 "S.set_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
629 "Change password." },
630 { "get_old_password", py_creds_get_old_password, METH_NOARGS,
631 "S.get_old_password() -> password\n"
632 "Obtain old password." },
633 { "set_old_password", py_creds_set_old_password, METH_VARARGS,
634 "S.set_old_password(password[, credentials.SPECIFIED]) -> None\n"
635 "Change old password." },
636 { "set_old_utf16_password", py_creds_set_old_utf16_password, METH_VARARGS,
637 "S.set_old_utf16_password(password[, credentials.SPECIFIED]) -> None\n"
638 "Change old password." },
639 { "get_domain", py_creds_get_domain, METH_NOARGS,
640 "S.get_domain() -> domain\n"
641 "Obtain domain name." },
642 { "set_domain", py_creds_set_domain, METH_VARARGS,
643 "S.set_domain(domain[, credentials.SPECIFIED]) -> None\n"
644 "Change domain name." },
645 { "get_realm", py_creds_get_realm, METH_NOARGS,
646 "S.get_realm() -> realm\n"
647 "Obtain realm name." },
648 { "set_realm", py_creds_set_realm, METH_VARARGS,
649 "S.set_realm(realm[, credentials.SPECIFIED]) -> None\n"
650 "Change realm name." },
651 { "get_bind_dn", py_creds_get_bind_dn, METH_NOARGS,
652 "S.get_bind_dn() -> bind dn\n"
654 { "set_bind_dn", py_creds_set_bind_dn, METH_VARARGS,
655 "S.set_bind_dn(bind_dn) -> None\n"
657 { "is_anonymous", py_creds_is_anonymous, METH_NOARGS,
659 { "set_anonymous", py_creds_set_anonymous, METH_NOARGS,
660 "S.set_anonymous() -> None\n"
661 "Use anonymous credentials." },
662 { "get_workstation", py_creds_get_workstation, METH_NOARGS,
664 { "set_workstation", py_creds_set_workstation, METH_VARARGS,
666 { "authentication_requested", py_creds_authentication_requested, METH_NOARGS,
668 { "wrong_password", py_creds_wrong_password, METH_NOARGS,
669 "S.wrong_password() -> bool\n"
670 "Indicate the returned password was incorrect." },
671 { "set_cmdline_callbacks", py_creds_set_cmdline_callbacks, METH_NOARGS,
672 "S.set_cmdline_callbacks() -> bool\n"
673 "Use command-line to obtain credentials not explicitly set." },
674 { "parse_string", py_creds_parse_string, METH_VARARGS,
675 "S.parse_string(text[, credentials.SPECIFIED]) -> None\n"
676 "Parse credentials string." },
677 { "parse_file", py_creds_parse_file, METH_VARARGS,
678 "S.parse_file(filename[, credentials.SPECIFIED]) -> None\n"
679 "Parse credentials file." },
680 { "set_password_will_be_nt_hash",
681 py_cli_credentials_set_password_will_be_nt_hash, METH_VARARGS,
682 "S.set_password_will_be_nt_hash(bool) -> None\n"
683 "Alters the behaviour of S.set_password() "
684 "to expect the NTHASH as hexstring." },
685 { "get_nt_hash", py_creds_get_nt_hash, METH_NOARGS,
687 { "get_kerberos_state", py_creds_get_kerberos_state, METH_NOARGS,
689 { "set_kerberos_state", py_creds_set_kerberos_state, METH_VARARGS,
691 { "set_krb_forwardable", py_creds_set_krb_forwardable, METH_VARARGS,
693 { "guess", py_creds_guess, METH_VARARGS, NULL },
694 { "set_machine_account", py_creds_set_machine_account, METH_VARARGS, NULL },
695 { "get_named_ccache", py_creds_get_named_ccache, METH_VARARGS, NULL },
696 { "set_gensec_features", py_creds_set_gensec_features, METH_VARARGS, NULL },
697 { "get_gensec_features", py_creds_get_gensec_features, METH_NOARGS, NULL },
698 { "get_forced_sasl_mech", py_creds_get_forced_sasl_mech, METH_NOARGS,
699 "S.get_forced_sasl_mech() -> SASL mechanism\nObtain forced SASL mechanism." },
700 { "set_forced_sasl_mech", py_creds_set_forced_sasl_mech, METH_VARARGS,
701 "S.set_forced_sasl_mech(name) -> None\n"
702 "Set forced SASL mechanism." },
703 { "set_secure_channel_type", py_creds_set_secure_channel_type,
704 METH_VARARGS, NULL },
708 static struct PyModuleDef moduledef = {
709 PyModuleDef_HEAD_INIT,
710 .m_name = "credentials",
711 .m_doc = "Credentials management.",
713 .m_methods = py_creds_methods,
716 PyTypeObject PyCredentials = {
717 .tp_name = "credentials.Credentials",
718 .tp_new = py_creds_new,
719 .tp_flags = Py_TPFLAGS_DEFAULT,
720 .tp_methods = py_creds_methods,
724 PyTypeObject PyCredentialCacheContainer = {
725 .tp_name = "credentials.CredentialCacheContainer",
726 .tp_flags = Py_TPFLAGS_DEFAULT,
729 MODULE_INIT_FUNC(credentials)
732 if (pytalloc_BaseObject_PyType_Ready(&PyCredentials) < 0)
735 if (pytalloc_BaseObject_PyType_Ready(&PyCredentialCacheContainer) < 0)
738 m = PyModule_Create(&moduledef);
742 PyModule_AddObject(m, "UNINITIALISED", PyInt_FromLong(CRED_UNINITIALISED));
743 PyModule_AddObject(m, "CALLBACK", PyInt_FromLong(CRED_CALLBACK));
744 PyModule_AddObject(m, "GUESS_ENV", PyInt_FromLong(CRED_GUESS_ENV));
745 PyModule_AddObject(m, "GUESS_FILE", PyInt_FromLong(CRED_GUESS_FILE));
746 PyModule_AddObject(m, "CALLBACK_RESULT", PyInt_FromLong(CRED_CALLBACK_RESULT));
747 PyModule_AddObject(m, "SPECIFIED", PyInt_FromLong(CRED_SPECIFIED));
749 PyModule_AddObject(m, "AUTO_USE_KERBEROS", PyInt_FromLong(CRED_AUTO_USE_KERBEROS));
750 PyModule_AddObject(m, "DONT_USE_KERBEROS", PyInt_FromLong(CRED_DONT_USE_KERBEROS));
751 PyModule_AddObject(m, "MUST_USE_KERBEROS", PyInt_FromLong(CRED_MUST_USE_KERBEROS));
753 PyModule_AddObject(m, "AUTO_KRB_FORWARDABLE", PyInt_FromLong(CRED_AUTO_KRB_FORWARDABLE));
754 PyModule_AddObject(m, "NO_KRB_FORWARDABLE", PyInt_FromLong(CRED_NO_KRB_FORWARDABLE));
755 PyModule_AddObject(m, "FORCE_KRB_FORWARDABLE", PyInt_FromLong(CRED_FORCE_KRB_FORWARDABLE));
756 PyModule_AddObject(m, "CLI_CRED_NTLM2", PyInt_FromLong(CLI_CRED_NTLM2));
757 PyModule_AddObject(m, "CLI_CRED_NTLMv2_AUTH", PyInt_FromLong(CLI_CRED_NTLMv2_AUTH));
758 PyModule_AddObject(m, "CLI_CRED_LANMAN_AUTH", PyInt_FromLong(CLI_CRED_LANMAN_AUTH));
759 PyModule_AddObject(m, "CLI_CRED_NTLM_AUTH", PyInt_FromLong(CLI_CRED_NTLM_AUTH));
760 PyModule_AddObject(m, "CLI_CRED_CLEAR_AUTH", PyInt_FromLong(CLI_CRED_CLEAR_AUTH));
762 Py_INCREF(&PyCredentials);
763 PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials);
764 Py_INCREF(&PyCredentialCacheContainer);
765 PyModule_AddObject(m, "CredentialCacheContainer", (PyObject *)&PyCredentialCacheContainer);