2008-12-16 00:16:02 +01:00
/*
Unix SMB / CIFS implementation .
Samba utility functions
2011-08-10 15:15:18 +02:00
Copyright ( C ) Jelmer Vernooij < jelmer @ samba . org > 2008 - 2010
2008-12-16 00:16:02 +01:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
2009-01-08 12:20:20 +01:00
# include <Python.h>
2016-12-20 10:53:23 +01:00
# include "py3compat.h"
2022-09-19 23:12:59 +02:00
# include "libcli/security/sddl.h"
2008-12-16 00:16:02 +01:00
# include "libcli/security/security.h"
2008-12-21 21:10:40 +01:00
static void PyType_AddMethods ( PyTypeObject * type , PyMethodDef * methods )
{
PyObject * dict ;
int i ;
if ( type - > tp_dict = = NULL )
type - > tp_dict = PyDict_New ( ) ;
dict = type - > tp_dict ;
for ( i = 0 ; methods [ i ] . ml_name ; i + + ) {
2009-01-22 14:37:59 +01:00
PyObject * descr ;
if ( methods [ i ] . ml_flags & METH_CLASS )
2009-01-22 14:49:51 +01:00
descr = PyCFunction_New ( & methods [ i ] , ( PyObject * ) type ) ;
2009-01-22 14:37:59 +01:00
else
descr = PyDescr_NewMethod ( type , & methods [ i ] ) ;
2008-12-21 21:10:40 +01:00
PyDict_SetItemString ( dict , methods [ i ] . ml_name ,
descr ) ;
2019-01-31 17:01:26 +00:00
Py_CLEAR ( descr ) ;
2008-12-21 21:10:40 +01:00
}
}
2009-12-30 21:46:32 +01:00
static PyObject * py_dom_sid_split ( PyObject * py_self , PyObject * args )
{
2011-08-10 15:15:18 +02:00
struct dom_sid * self = pytalloc_get_ptr ( py_self ) ;
2009-12-30 21:46:32 +01:00
struct dom_sid * domain_sid ;
TALLOC_CTX * mem_ctx ;
uint32_t rid ;
NTSTATUS status ;
PyObject * py_domain_sid ;
mem_ctx = talloc_new ( NULL ) ;
if ( mem_ctx = = NULL ) {
PyErr_NoMemory ( ) ;
return NULL ;
}
status = dom_sid_split_rid ( mem_ctx , self , & domain_sid , & rid ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
PyErr_SetString ( PyExc_RuntimeError , " dom_sid_split_rid failed " ) ;
talloc_free ( mem_ctx ) ;
return NULL ;
}
2011-08-10 15:15:18 +02:00
py_domain_sid = pytalloc_steal ( & dom_sid_Type , domain_sid ) ;
2009-12-30 21:46:32 +01:00
talloc_free ( mem_ctx ) ;
return Py_BuildValue ( " (OI) " , py_domain_sid, rid) ;
}
2016-12-20 10:53:23 +01:00
static PyObject * py_dom_sid_richcmp ( PyObject * py_self , PyObject * py_other , int op )
{
struct dom_sid * self = pytalloc_get_ptr ( py_self ) , * other ;
int val ;
other = pytalloc_get_ptr ( py_other ) ;
if ( other = = NULL ) {
Py_INCREF ( Py_NotImplemented ) ;
return Py_NotImplemented ;
}
val = dom_sid_compare ( self , other ) ;
switch ( op ) {
case Py_EQ : if ( val = = 0 ) Py_RETURN_TRUE ; else Py_RETURN_FALSE ;
case Py_NE : if ( val ! = 0 ) Py_RETURN_TRUE ; else Py_RETURN_FALSE ;
case Py_LT : if ( val < 0 ) Py_RETURN_TRUE ; else Py_RETURN_FALSE ;
case Py_GT : if ( val > 0 ) Py_RETURN_TRUE ; else Py_RETURN_FALSE ;
case Py_LE : if ( val < = 0 ) Py_RETURN_TRUE ; else Py_RETURN_FALSE ;
case Py_GE : if ( val > = 0 ) Py_RETURN_TRUE ; else Py_RETURN_FALSE ;
}
Py_INCREF ( Py_NotImplemented ) ;
return Py_NotImplemented ;
}
2008-12-16 00:16:02 +01:00
2009-02-02 13:00:47 +01:00
static PyObject * py_dom_sid_str ( PyObject * py_self )
2008-12-16 00:16:02 +01:00
{
2011-08-10 15:15:18 +02:00
struct dom_sid * self = pytalloc_get_ptr ( py_self ) ;
2018-12-16 17:12:19 +01:00
struct dom_sid_buf buf ;
2019-06-07 10:45:52 +02:00
PyObject * ret = PyUnicode_FromString ( dom_sid_str_buf ( self , & buf ) ) ;
2008-12-16 00:16:02 +01:00
return ret ;
}
2009-02-02 13:00:47 +01:00
static PyObject * py_dom_sid_repr ( PyObject * py_self )
2008-12-16 00:16:02 +01:00
{
2011-08-10 15:15:18 +02:00
struct dom_sid * self = pytalloc_get_ptr ( py_self ) ;
2018-12-16 17:12:19 +01:00
struct dom_sid_buf buf ;
2019-06-07 11:08:55 +02:00
PyObject * ret = PyUnicode_FromFormat (
2018-12-16 17:12:19 +01:00
" dom_sid('%s') " , dom_sid_str_buf ( self , & buf ) ) ;
2008-12-16 00:16:02 +01:00
return ret ;
}
2008-12-21 21:10:40 +01:00
static int py_dom_sid_init ( PyObject * self , PyObject * args , PyObject * kwargs )
2008-12-21 18:03:27 +01:00
{
2008-12-21 21:10:40 +01:00
char * str = NULL ;
2011-08-10 15:15:18 +02:00
struct dom_sid * sid = pytalloc_get_ptr ( self ) ;
2008-12-21 21:10:40 +01:00
const char * kwnames [ ] = { " str " , NULL } ;
2008-12-21 18:03:27 +01:00
2008-12-21 21:10:40 +01:00
if ( ! PyArg_ParseTupleAndKeywords ( args , kwargs , " |s " , discard_const_p ( char * , kwnames ) , & str ) )
return - 1 ;
2008-12-21 18:03:27 +01:00
2008-12-21 21:10:40 +01:00
if ( str ! = NULL & & ! dom_sid_parse ( str , sid ) ) {
2023-04-12 21:34:47 +12:00
PyErr_Format ( PyExc_ValueError ,
" Unable to parse string: '%s' " , str ) ;
2008-12-21 21:10:40 +01:00
return - 1 ;
}
return 0 ;
2008-12-21 18:03:27 +01:00
}
2009-12-30 21:46:32 +01:00
static PyMethodDef py_dom_sid_extra_methods [ ] = {
{ " split " , ( PyCFunction ) py_dom_sid_split , METH_NOARGS ,
" S.split() -> (domain_sid, rid) \n "
" Split a domain sid " } ,
2020-05-05 13:47:39 +12:00
{ 0 }
2009-12-30 21:46:32 +01:00
} ;
2008-12-21 21:10:40 +01:00
static void py_dom_sid_patch ( PyTypeObject * type )
{
type - > tp_init = py_dom_sid_init ;
type - > tp_str = py_dom_sid_str ;
type - > tp_repr = py_dom_sid_repr ;
2016-12-20 10:53:23 +01:00
type - > tp_richcompare = py_dom_sid_richcmp ;
2009-12-30 21:46:32 +01:00
PyType_AddMethods ( type , py_dom_sid_extra_methods ) ;
2008-12-21 21:10:40 +01:00
}
# define PY_DOM_SID_PATCH py_dom_sid_patch
2008-12-21 18:03:27 +01:00
static PyObject * py_descriptor_sacl_add ( PyObject * self , PyObject * args )
{
2011-08-10 15:15:18 +02:00
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
NTSTATUS status ;
struct security_ace * ace ;
PyObject * py_ace ;
2023-03-16 10:11:05 +01:00
Py_ssize_t idx = - 1 ;
2008-12-21 18:03:27 +01:00
2023-03-16 10:11:05 +01:00
if ( ! PyArg_ParseTuple ( args , " O|n " , & py_ace , & idx ) )
2008-12-21 18:03:27 +01:00
return NULL ;
2011-08-10 15:15:18 +02:00
ace = pytalloc_get_ptr ( py_ace ) ;
2023-03-16 10:11:05 +01:00
status = security_descriptor_sacl_insert ( desc , ace , idx ) ;
2008-12-21 18:03:27 +01:00
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
2009-01-06 04:13:57 +01:00
Py_RETURN_NONE ;
2008-12-21 18:03:27 +01:00
}
static PyObject * py_descriptor_dacl_add ( PyObject * self , PyObject * args )
{
2011-08-10 15:15:18 +02:00
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
NTSTATUS status ;
struct security_ace * ace ;
PyObject * py_ace ;
2023-03-16 10:11:05 +01:00
Py_ssize_t idx = - 1 ;
2008-12-21 18:03:27 +01:00
2023-03-16 10:11:05 +01:00
if ( ! PyArg_ParseTuple ( args , " O|n " , & py_ace , & idx ) )
2008-12-21 18:03:27 +01:00
return NULL ;
2011-08-10 15:15:18 +02:00
ace = pytalloc_get_ptr ( py_ace ) ;
2008-12-21 18:03:27 +01:00
2023-03-16 10:11:05 +01:00
status = security_descriptor_dacl_insert ( desc , ace , idx ) ;
2008-12-21 18:03:27 +01:00
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
2009-01-06 04:13:57 +01:00
Py_RETURN_NONE ;
2008-12-21 18:03:27 +01:00
}
static PyObject * py_descriptor_dacl_del ( PyObject * self , PyObject * args )
{
2011-08-10 15:15:18 +02:00
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
NTSTATUS status ;
struct dom_sid * sid ;
PyObject * py_sid ;
if ( ! PyArg_ParseTuple ( args , " O " , & py_sid ) )
return NULL ;
2011-08-10 15:15:18 +02:00
sid = pytalloc_get_ptr ( py_sid ) ;
2008-12-21 18:03:27 +01:00
status = security_descriptor_dacl_del ( desc , sid ) ;
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
2009-01-06 04:13:57 +01:00
Py_RETURN_NONE ;
2008-12-21 18:03:27 +01:00
}
static PyObject * py_descriptor_sacl_del ( PyObject * self , PyObject * args )
{
2011-08-10 15:15:18 +02:00
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
NTSTATUS status ;
struct dom_sid * sid ;
PyObject * py_sid ;
if ( ! PyArg_ParseTuple ( args , " O " , & py_sid ) )
return NULL ;
2011-08-10 15:15:18 +02:00
sid = pytalloc_get_ptr ( py_sid ) ;
2008-12-21 18:03:27 +01:00
status = security_descriptor_sacl_del ( desc , sid ) ;
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
2009-01-06 04:13:57 +01:00
Py_RETURN_NONE ;
2008-12-21 18:03:27 +01:00
}
2022-09-19 23:01:34 +02:00
static PyObject * py_descriptor_dacl_del_ace ( PyObject * self , PyObject * args )
{
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
NTSTATUS status ;
struct security_ace * ace = NULL ;
PyObject * py_ace = Py_None ;
if ( ! PyArg_ParseTuple ( args , " O! " , & security_ace_Type , & py_ace ) )
return NULL ;
if ( ! PyObject_TypeCheck ( py_ace , & security_ace_Type ) ) {
PyErr_SetString ( PyExc_TypeError ,
" expected security.security_ace "
" for first argument to .dacl_del_ace " ) ;
return NULL ;
}
ace = pytalloc_get_ptr ( py_ace ) ;
status = security_descriptor_dacl_del_ace ( desc , ace ) ;
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
Py_RETURN_NONE ;
}
static PyObject * py_descriptor_sacl_del_ace ( PyObject * self , PyObject * args )
{
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
NTSTATUS status ;
struct security_ace * ace = NULL ;
PyObject * py_ace = Py_None ;
if ( ! PyArg_ParseTuple ( args , " O! " , & security_ace_Type , & py_ace ) )
return NULL ;
if ( ! PyObject_TypeCheck ( py_ace , & security_ace_Type ) ) {
PyErr_SetString ( PyExc_TypeError ,
" expected security.security_ace "
" for first argument to .sacl_del_ace " ) ;
return NULL ;
}
ace = pytalloc_get_ptr ( py_ace ) ;
status = security_descriptor_sacl_del_ace ( desc , ace ) ;
PyErr_NTSTATUS_IS_ERR_RAISE ( status ) ;
Py_RETURN_NONE ;
}
2008-12-21 18:03:27 +01:00
static PyObject * py_descriptor_new ( PyTypeObject * self , PyObject * args , PyObject * kwargs )
{
2011-08-10 15:15:18 +02:00
return pytalloc_steal ( self , security_descriptor_initialise ( NULL ) ) ;
2009-01-22 14:37:59 +01:00
}
static PyObject * py_descriptor_from_sddl ( PyObject * self , PyObject * args )
{
struct security_descriptor * secdesc ;
char * sddl ;
PyObject * py_sid ;
struct dom_sid * sid ;
2009-09-17 19:56:02 +04:00
if ( ! PyArg_ParseTuple ( args , " sO! " , & sddl , & dom_sid_Type , & py_sid ) )
2009-01-22 14:37:59 +01:00
return NULL ;
2017-08-09 13:57:13 +12:00
if ( ! PyObject_TypeCheck ( py_sid , & dom_sid_Type ) ) {
PyErr_SetString ( PyExc_TypeError ,
" expected security.dom_sid "
" for second argument to .from_sddl " ) ;
return NULL ;
}
2011-08-10 15:15:18 +02:00
sid = pytalloc_get_ptr ( py_sid ) ;
2009-01-22 14:37:59 +01:00
secdesc = sddl_decode ( NULL , sddl , sid ) ;
if ( secdesc = = NULL ) {
2023-04-12 17:34:35 +12:00
PyErr_SetString ( PyExc_ValueError , " Unable to parse SDDL " ) ;
2009-01-22 14:37:59 +01:00
return NULL ;
}
2011-08-10 15:15:18 +02:00
return pytalloc_steal ( ( PyTypeObject * ) self , secdesc ) ;
2009-01-22 14:37:59 +01:00
}
2008-12-21 18:03:27 +01:00
2009-04-20 15:03:21 +02:00
static PyObject * py_descriptor_as_sddl ( PyObject * self , PyObject * args )
2009-01-22 14:49:51 +01:00
{
2009-04-20 15:03:21 +02:00
struct dom_sid * sid ;
PyObject * py_sid = Py_None ;
2011-08-10 15:15:18 +02:00
struct security_descriptor * desc = pytalloc_get_ptr ( self ) ;
2009-01-22 14:49:51 +01:00
char * text ;
PyObject * ret ;
2009-09-17 19:56:02 +04:00
if ( ! PyArg_ParseTuple ( args , " |O! " , & dom_sid_Type , & py_sid ) )
2009-04-20 15:03:21 +02:00
return NULL ;
2009-04-23 17:18:23 +03:00
if ( py_sid ! = Py_None )
2011-08-10 15:15:18 +02:00
sid = pytalloc_get_ptr ( py_sid ) ;
2009-04-20 15:03:21 +02:00
else
sid = NULL ;
2009-01-22 14:49:51 +01:00
text = sddl_encode ( NULL , desc , sid ) ;
2023-07-20 12:22:45 +12:00
if ( text = = NULL ) {
PyErr_SetString ( PyExc_ValueError , " Unable to encode SDDL " ) ;
return NULL ;
}
2009-01-22 14:49:51 +01:00
2019-06-07 10:45:52 +02:00
ret = PyUnicode_FromString ( text ) ;
2009-01-22 14:49:51 +01:00
talloc_free ( text ) ;
return ret ;
}
2008-12-21 21:10:40 +01:00
static PyMethodDef py_descriptor_extra_methods [ ] = {
{ " sacl_add " , ( PyCFunction ) py_descriptor_sacl_add , METH_VARARGS ,
" S.sacl_add(ace) -> None \n "
" Add a security ace to this security descriptor " } ,
{ " dacl_add " , ( PyCFunction ) py_descriptor_dacl_add , METH_VARARGS ,
2008-12-21 18:03:27 +01:00
NULL } ,
2008-12-21 21:10:40 +01:00
{ " dacl_del " , ( PyCFunction ) py_descriptor_dacl_del , METH_VARARGS ,
NULL } ,
{ " sacl_del " , ( PyCFunction ) py_descriptor_sacl_del , METH_VARARGS ,
NULL } ,
2022-09-19 23:01:34 +02:00
{ " dacl_del_ace " , ( PyCFunction ) py_descriptor_dacl_del_ace , METH_VARARGS ,
NULL } ,
{ " sacl_del_ace " , ( PyCFunction ) py_descriptor_sacl_del_ace , METH_VARARGS ,
NULL } ,
{ " from_sddl " , ( PyCFunction ) py_descriptor_from_sddl , METH_VARARGS | METH_CLASS ,
2009-01-22 14:37:59 +01:00
NULL } ,
2009-04-20 15:03:21 +02:00
{ " as_sddl " , ( PyCFunction ) py_descriptor_as_sddl , METH_VARARGS ,
2009-01-22 14:49:51 +01:00
NULL } ,
2020-05-05 13:47:39 +12:00
{ 0 }
2008-12-21 21:10:40 +01:00
} ;
2021-04-16 17:22:12 +02:00
static PyObject * py_descriptor_richcmp (
PyObject * py_self , PyObject * py_other , int op )
{
struct security_descriptor * self = pytalloc_get_ptr ( py_self ) ;
struct security_descriptor * other = pytalloc_get_ptr ( py_other ) ;
bool eq ;
if ( other = = NULL ) {
Py_INCREF ( Py_NotImplemented ) ;
return Py_NotImplemented ;
}
eq = security_descriptor_equal ( self , other ) ;
switch ( op ) {
case Py_EQ :
if ( eq ) {
Py_RETURN_TRUE ;
} else {
Py_RETURN_FALSE ;
}
break ;
case Py_NE :
if ( eq ) {
Py_RETURN_FALSE ;
} else {
Py_RETURN_TRUE ;
}
break ;
default :
break ;
}
2021-05-03 14:42:10 +12:00
Py_RETURN_NOTIMPLEMENTED ;
2021-04-16 17:22:12 +02:00
}
2008-12-21 21:10:40 +01:00
static void py_descriptor_patch ( PyTypeObject * type )
{
type - > tp_new = py_descriptor_new ;
2021-04-16 17:22:12 +02:00
type - > tp_richcompare = py_descriptor_richcmp ;
2008-12-21 21:10:40 +01:00
PyType_AddMethods ( type , py_descriptor_extra_methods ) ;
}
# define PY_DESCRIPTOR_PATCH py_descriptor_patch
2008-12-21 18:03:27 +01:00
static PyObject * py_token_is_sid ( PyObject * self , PyObject * args )
{
PyObject * py_sid ;
struct dom_sid * sid ;
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
if ( ! PyArg_ParseTuple ( args , " O " , & py_sid ) )
return NULL ;
2011-08-10 15:15:18 +02:00
sid = pytalloc_get_ptr ( py_sid ) ;
2008-12-21 18:03:27 +01:00
return PyBool_FromLong ( security_token_is_sid ( token , sid ) ) ;
}
static PyObject * py_token_has_sid ( PyObject * self , PyObject * args )
{
PyObject * py_sid ;
struct dom_sid * sid ;
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
if ( ! PyArg_ParseTuple ( args , " O " , & py_sid ) )
return NULL ;
2011-08-10 15:15:18 +02:00
sid = pytalloc_get_ptr ( py_sid ) ;
2008-12-21 18:03:27 +01:00
return PyBool_FromLong ( security_token_has_sid ( token , sid ) ) ;
}
2019-05-02 19:35:56 +01:00
static PyObject * py_token_is_anonymous ( PyObject * self ,
PyObject * Py_UNUSED ( ignored ) )
2008-12-21 18:03:27 +01:00
{
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
return PyBool_FromLong ( security_token_is_anonymous ( token ) ) ;
}
2019-05-02 19:35:56 +01:00
static PyObject * py_token_is_system ( PyObject * self ,
PyObject * Py_UNUSED ( ignored ) )
2008-12-21 18:03:27 +01:00
{
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
return PyBool_FromLong ( security_token_is_system ( token ) ) ;
}
2019-05-02 19:35:56 +01:00
static PyObject * py_token_has_builtin_administrators ( PyObject * self ,
PyObject * Py_UNUSED ( ignored ) )
2008-12-21 18:03:27 +01:00
{
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
return PyBool_FromLong ( security_token_has_builtin_administrators ( token ) ) ;
}
2019-05-02 19:35:56 +01:00
static PyObject * py_token_has_nt_authenticated_users ( PyObject * self ,
PyObject * Py_UNUSED ( ignored ) )
2008-12-21 18:03:27 +01:00
{
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
return PyBool_FromLong ( security_token_has_nt_authenticated_users ( token ) ) ;
}
static PyObject * py_token_has_privilege ( PyObject * self , PyObject * args )
{
int priv ;
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
if ( ! PyArg_ParseTuple ( args , " i " , & priv ) )
return NULL ;
return PyBool_FromLong ( security_token_has_privilege ( token , priv ) ) ;
}
static PyObject * py_token_set_privilege ( PyObject * self , PyObject * args )
{
int priv ;
2011-08-10 15:15:18 +02:00
struct security_token * token = pytalloc_get_ptr ( self ) ;
2008-12-21 18:03:27 +01:00
if ( ! PyArg_ParseTuple ( args , " i " , & priv ) )
return NULL ;
security_token_set_privilege ( token , priv ) ;
2009-01-06 04:13:57 +01:00
Py_RETURN_NONE ;
2008-12-21 18:03:27 +01:00
}
static PyObject * py_token_new ( PyTypeObject * self , PyObject * args , PyObject * kwargs )
{
2011-08-10 15:15:18 +02:00
return pytalloc_steal ( self , security_token_initialise ( NULL ) ) ;
2008-12-21 18:03:27 +01:00
}
2008-12-21 21:10:40 +01:00
static PyMethodDef py_token_extra_methods [ ] = {
{ " is_sid " , ( PyCFunction ) py_token_is_sid , METH_VARARGS ,
" S.is_sid(sid) -> bool \n "
" Check whether this token is of the specified SID. " } ,
{ " has_sid " , ( PyCFunction ) py_token_has_sid , METH_VARARGS ,
NULL } ,
{ " is_anonymous " , ( PyCFunction ) py_token_is_anonymous , METH_NOARGS ,
2021-04-28 16:48:55 +12:00
" S.is_anonymous() -> bool \n "
2008-12-21 21:10:40 +01:00
" Check whether this is an anonymous token. " } ,
{ " is_system " , ( PyCFunction ) py_token_is_system , METH_NOARGS ,
NULL } ,
{ " has_builtin_administrators " , ( PyCFunction ) py_token_has_builtin_administrators , METH_NOARGS ,
NULL } ,
{ " has_nt_authenticated_users " , ( PyCFunction ) py_token_has_nt_authenticated_users , METH_NOARGS ,
NULL } ,
{ " has_privilege " , ( PyCFunction ) py_token_has_privilege , METH_VARARGS ,
NULL } ,
{ " set_privilege " , ( PyCFunction ) py_token_set_privilege , METH_VARARGS ,
2008-12-21 18:03:27 +01:00
NULL } ,
2020-05-05 13:47:39 +12:00
{ 0 }
2008-12-21 21:10:40 +01:00
} ;
# define PY_TOKEN_PATCH py_token_patch
static void py_token_patch ( PyTypeObject * type )
{
type - > tp_new = py_token_new ;
PyType_AddMethods ( type , py_token_extra_methods ) ;
}
2008-12-21 18:25:59 +01:00
static PyObject * py_privilege_name ( PyObject * self , PyObject * args )
{
int priv ;
2019-07-05 23:01:39 +12:00
const char * name = NULL ;
if ( ! PyArg_ParseTuple ( args , " i " , & priv ) ) {
return NULL ;
}
name = sec_privilege_name ( priv ) ;
if ( name = = NULL ) {
PyErr_Format ( PyExc_ValueError ,
" Invalid privilege LUID: %d " , priv ) ;
2008-12-21 18:25:59 +01:00
return NULL ;
2019-07-05 23:01:39 +12:00
}
2008-12-21 18:25:59 +01:00
2019-07-05 23:01:39 +12:00
return PyUnicode_FromString ( name ) ;
2008-12-21 18:25:59 +01:00
}
static PyObject * py_privilege_id ( PyObject * self , PyObject * args )
{
char * name ;
if ( ! PyArg_ParseTuple ( args , " s " , & name ) )
return NULL ;
2020-03-15 10:36:59 +13:00
return PyLong_FromLong ( sec_privilege_id ( name ) ) ;
2008-12-21 18:25:59 +01:00
}
2019-05-02 19:35:56 +01:00
static PyObject * py_random_sid ( PyObject * self ,
PyObject * Py_UNUSED ( ignored ) )
2008-12-21 18:25:59 +01:00
{
struct dom_sid * sid ;
PyObject * ret ;
2021-04-15 12:05:34 +02:00
char * str = talloc_asprintf (
NULL ,
" S-1-5-21-% " PRIu32 " -% " PRIu32 " -% " PRIu32 ,
generate_random ( ) ,
generate_random ( ) ,
generate_random ( ) ) ;
2008-12-21 18:25:59 +01:00
sid = dom_sid_parse_talloc ( NULL , str ) ;
talloc_free ( str ) ;
2011-08-10 15:15:18 +02:00
ret = pytalloc_steal ( & dom_sid_Type , sid ) ;
2008-12-21 18:25:59 +01:00
return ret ;
}
2008-12-21 18:46:59 +01:00
2008-12-21 21:10:40 +01:00
static PyMethodDef py_mod_security_extra_methods [ ] = {
{ " random_sid " , ( PyCFunction ) py_random_sid , METH_NOARGS , NULL } ,
{ " privilege_id " , ( PyCFunction ) py_privilege_id , METH_VARARGS , NULL } ,
2008-12-21 18:46:59 +01:00
{ " privilege_name " , ( PyCFunction ) py_privilege_name , METH_VARARGS , NULL } ,
2020-05-05 13:47:39 +12:00
{ 0 }
2008-12-21 21:10:40 +01:00
} ;
static void py_mod_security_patch ( PyObject * m )
{
int i ;
for ( i = 0 ; py_mod_security_extra_methods [ i ] . ml_name ; i + + ) {
PyObject * descr = PyCFunction_New ( & py_mod_security_extra_methods [ i ] , NULL ) ;
PyModule_AddObject ( m , py_mod_security_extra_methods [ i ] . ml_name ,
descr ) ;
}
}
# define PY_MOD_SECURITY_PATCH py_mod_security_patch
2022-09-19 23:11:37 +02:00
static PyObject * py_security_ace_equal ( PyObject * py_self , PyObject * py_other , int op )
{
struct security_ace * self = pytalloc_get_ptr ( py_self ) ;
struct security_ace * other = NULL ;
bool eq ;
if ( ! PyObject_TypeCheck ( py_other , & security_ace_Type ) ) {
eq = false ;
} else {
other = pytalloc_get_ptr ( py_other ) ;
eq = security_ace_equal ( self , other ) ;
}
switch ( op ) {
case Py_EQ :
if ( eq ) {
Py_RETURN_TRUE ;
} else {
Py_RETURN_FALSE ;
}
break ;
case Py_NE :
if ( eq ) {
Py_RETURN_FALSE ;
} else {
Py_RETURN_TRUE ;
}
break ;
default :
break ;
}
Py_RETURN_NOTIMPLEMENTED ;
}
2022-09-19 23:12:59 +02:00
static PyObject * py_security_ace_as_sddl ( PyObject * self , PyObject * args )
{
struct security_ace * ace = pytalloc_get_ptr ( self ) ;
PyObject * py_sid = Py_None ;
struct dom_sid * sid = NULL ;
char * text = NULL ;
PyObject * ret = Py_None ;
if ( ! PyArg_ParseTuple ( args , " O! " , & dom_sid_Type , & py_sid ) )
return NULL ;
if ( ! PyObject_TypeCheck ( py_sid , & dom_sid_Type ) ) {
PyErr_SetString ( PyExc_TypeError ,
" expected security.dom_sid "
" for second argument to .sddl_encode_ace " ) ;
return NULL ;
}
sid = pytalloc_get_ptr ( py_sid ) ;
text = sddl_encode_ace ( NULL , ace , sid ) ;
if ( text = = NULL ) {
return NULL ;
}
ret = PyUnicode_FromString ( text ) ;
talloc_free ( text ) ;
return ret ;
}
static PyMethodDef py_security_ace_extra_methods [ ] = {
{ " as_sddl " , ( PyCFunction ) py_security_ace_as_sddl , METH_VARARGS , NULL } ,
{ 0 }
} ;
2022-09-19 23:11:37 +02:00
# define PY_ACE_PATCH py_security_ace_patch
static void py_security_ace_patch ( PyTypeObject * type )
{
type - > tp_richcompare = py_security_ace_equal ;
2022-09-19 23:12:59 +02:00
PyType_AddMethods ( type , py_security_ace_extra_methods ) ;
2022-09-19 23:11:37 +02:00
}