mirror of
https://github.com/samba-team/samba.git
synced 2025-01-18 06:04:06 +03:00
pycredentials: add py_creds_encrypt_netr_PasswordInfo helper
This will replace py_creds_encrypt_samr_password in the next steps and prepares the introduction of netr_ServerAuthenticateKerberos(). BUG: https://bugzilla.samba.org/show_bug.cgi?id=15425 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> (cherry picked from commit fac378485f5f15ac0a11c3d82207c4bc780bfb80)
This commit is contained in:
parent
7f1db18b44
commit
254440c71a
@ -1107,6 +1107,68 @@ static PyObject *py_creds_encrypt_samr_password(PyObject *self,
|
|||||||
Py_RETURN_NONE;
|
Py_RETURN_NONE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static PyObject *py_creds_encrypt_netr_PasswordInfo(PyObject *self,
|
||||||
|
PyObject *args,
|
||||||
|
PyObject *kwargs)
|
||||||
|
{
|
||||||
|
const char * const kwnames[] = {
|
||||||
|
"info",
|
||||||
|
"auth_type",
|
||||||
|
"auth_level",
|
||||||
|
NULL
|
||||||
|
};
|
||||||
|
struct cli_credentials *creds = NULL;
|
||||||
|
PyObject *py_info = Py_None;
|
||||||
|
enum netr_LogonInfoClass level = NetlogonInteractiveInformation;
|
||||||
|
union netr_LogonLevel logon = { .password = NULL, };
|
||||||
|
uint8_t auth_type = DCERPC_AUTH_TYPE_NONE;
|
||||||
|
uint8_t auth_level = DCERPC_AUTH_LEVEL_NONE;
|
||||||
|
NTSTATUS status;
|
||||||
|
bool ok;
|
||||||
|
|
||||||
|
creds = PyCredentials_AsCliCredentials(self);
|
||||||
|
if (creds == NULL) {
|
||||||
|
PyErr_Format(PyExc_TypeError, "Credentials expected");
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (creds->netlogon_creds == NULL) {
|
||||||
|
PyErr_Format(PyExc_ValueError, "NetLogon credentials not set");
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!PyArg_ParseTupleAndKeywords(args, kwargs, "Obb",
|
||||||
|
discard_const_p(char *, kwnames),
|
||||||
|
&py_info, &auth_type, &auth_level))
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
ok = py_check_dcerpc_type(py_info,
|
||||||
|
"samba.dcerpc.netlogon",
|
||||||
|
"netr_PasswordInfo");
|
||||||
|
if (!ok) {
|
||||||
|
/* py_check_dcerpc_type sets TypeError */
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
logon.password = pytalloc_get_type(py_info, struct netr_PasswordInfo);
|
||||||
|
if (logon.password == NULL) {
|
||||||
|
/* pytalloc_get_type sets TypeError */
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
status = netlogon_creds_encrypt_samlogon_logon(creds->netlogon_creds,
|
||||||
|
level,
|
||||||
|
&logon,
|
||||||
|
auth_type,
|
||||||
|
auth_level);
|
||||||
|
|
||||||
|
PyErr_NTSTATUS_IS_ERR_RAISE(status);
|
||||||
|
|
||||||
|
Py_RETURN_NONE;
|
||||||
|
}
|
||||||
|
|
||||||
static PyObject *py_creds_get_smb_signing(PyObject *self, PyObject *unused)
|
static PyObject *py_creds_get_smb_signing(PyObject *self, PyObject *unused)
|
||||||
{
|
{
|
||||||
enum smb_signing_setting signing_state;
|
enum smb_signing_setting signing_state;
|
||||||
@ -1622,6 +1684,17 @@ static PyMethodDef py_creds_methods[] = {
|
|||||||
"the negotiated encryption algorithm in place\n"
|
"the negotiated encryption algorithm in place\n"
|
||||||
"i.e. it overwrites the original data"
|
"i.e. it overwrites the original data"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
.ml_name = "encrypt_netr_PasswordInfo",
|
||||||
|
.ml_meth = PY_DISCARD_FUNC_SIG(PyCFunction,
|
||||||
|
py_creds_encrypt_netr_PasswordInfo),
|
||||||
|
.ml_flags = METH_VARARGS | METH_KEYWORDS,
|
||||||
|
.ml_doc = "S.encrypt_netr_PasswordInfo(info, "
|
||||||
|
"auth_type, auth_level) -> None\n"
|
||||||
|
"Encrypt the supplied password info using the session key and\n"
|
||||||
|
"the negotiated encryption algorithm in place\n"
|
||||||
|
"i.e. it overwrites the original data"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
.ml_name = "get_smb_signing",
|
.ml_name = "get_smb_signing",
|
||||||
.ml_meth = py_creds_get_smb_signing,
|
.ml_meth = py_creds_get_smb_signing,
|
||||||
|
Loading…
x
Reference in New Issue
Block a user