Migrate 'net export keytab' to python.

source4/libnet/py_net.c

@@ -90,12 +90,12 @@ static PyObject *py_net_join(PyObject *cls, PyObject *args, PyObject *kwargs)
 
 	talloc_free(mem_ctx);
 
-	if (result == NULL)
-		return NULL;
-
 	return result;
 }
 
+static const char py_net_join_doc[] = "join(domain_name, netbios_name, join_type, level) -> (join_password, domain_sid, domain_name)\n\n" \
+"Join the domain with the specified name.";
+
 static PyObject *py_net_set_password(PyObject *cls, PyObject *args, PyObject *kwargs)
 {
 	union libnet_SetPassword r;
@@ -109,7 +109,7 @@ static PyObject *py_net_set_password(PyObject *cls, PyObject *args, PyObject *kw
 
 	r.generic.level = LIBNET_SET_PASSWORD_GENERIC;
 
-	if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sssO:SetPassword", discard_const_p(char *, kwnames),
+	if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sssO:set_password", discard_const_p(char *, kwnames),
 					 &r.generic.in.account_name, &r.generic.in.domain_name,
 					 &r.generic.in.newpassword, &py_creds)) {
 		return NULL;
@@ -135,28 +135,72 @@ static PyObject *py_net_set_password(PyObject *cls, PyObject *args, PyObject *kw
 		return NULL;
 	}
 
+	talloc_free(mem_ctx);
+
 	Py_RETURN_NONE;
 }
 
-static const char py_net_join_doc[] = "join(domain_name, netbios_name, join_type, level) -> (join_password, domain_sid, domain_name)\n\n" \
-"Join the domain with the specified name.";
-
-static const char py_net_set_password_doc[] = "SetPassword(account_name, domain_name, newpassword) -> True\n\n" \
+static const char py_net_set_password_doc[] = "set_password(account_name, domain_name, newpassword) -> True\n\n" \
 "Set password for a user. You must supply credential with enough rights to do this.\n\n" \
 "Sample usage is:\n" \
 "creds = samba.credentials.Credentials()\n" \
 "creds.set_username('admin_user')\n" \
 "creds.set_domain('domain_name')\n" \
 "creds.set_password('pass')\n\n" \
-"net.SetPassword(account_name=<account_name>,\n" \
+"net.set_password(account_name=<account_name>,\n" \
 "                domain_name=creds.get_domain(),\n" \
 "                newpassword=new_pass,\n" \
 "                credentials=creds)\n";
 
 
+static PyObject *py_net_export_keytab(PyObject *cls, PyObject *args, PyObject *kwargs)
+{
+	struct libnet_export_keytab r;
+	struct tevent_context *ev;
+	TALLOC_CTX *mem_ctx;
+	const char *kwnames[] = { "keytab", "creds", NULL };
+	struct libnet_context *libnet_ctx;
+	PyObject *py_creds;
+	struct cli_credentials *creds;
+	NTSTATUS status;
+
+	if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sO:export_keytab", discard_const_p(char *, kwnames),
+					 &r.in.keytab_name, &py_creds)) {
+		return NULL;
+	}
+
+	creds = cli_credentials_from_py_object(py_creds);
+	if (creds == NULL) {
+		PyErr_SetString(PyExc_TypeError, "Expected credentials object");
+		return NULL;
+	}
+
+	/* FIXME: we really need to get a context from the caller or we may end
+	 * up with 2 event contexts */
+	ev = s4_event_context_init(NULL);
+	mem_ctx = talloc_new(ev);
+
+	libnet_ctx = py_net_ctx(cls, ev, creds);
+
+	status = libnet_export_keytab(libnet_ctx, mem_ctx, &r);
+	if (NT_STATUS_IS_ERR(status)) {
+		PyErr_SetString(PyExc_RuntimeError, r.out.error_string);
+		talloc_free(mem_ctx);
+		return NULL;
+	}
+
+	talloc_free(mem_ctx);
+
+	Py_RETURN_NONE;
+}
+
+static const char py_net_export_keytab_doc[] = "export_keytab(keytab, name)\n\n"
+"Export the DC keytab to a keytab file.";
+
 static struct PyMethodDef net_methods[] = {
-	{"Join", (PyCFunction)py_net_join, METH_VARARGS|METH_KEYWORDS, py_net_join_doc},
-	{"SetPassword", (PyCFunction)py_net_set_password, METH_VARARGS|METH_KEYWORDS, py_net_set_password_doc},
+	{"join", (PyCFunction)py_net_join, METH_VARARGS|METH_KEYWORDS, py_net_join_doc},
+	{"set_password", (PyCFunction)py_net_set_password, METH_VARARGS|METH_KEYWORDS, py_net_set_password_doc},
+	{"export_keytab", (PyCFunction)py_net_export_keytab, METH_VARARGS|METH_KEYWORDS, py_net_export_keytab_doc},
 	{NULL }
 };
 
@@ -164,4 +208,3 @@ void initnet(void)
 {
 	Py_InitModule3("net", net_methods, NULL);
 }
-

source4/scripting/python/samba/netcmd/__init__.py

@@ -147,3 +147,5 @@ from samba.netcmd.netacl import cmd_acl
 commands["acl"] = cmd_acl()
 from samba.netcmd.fsmo import cmd_fsmo
 commands["fsmo"] = cmd_fsmo()
+from samba.netcmd.export import cmd_export
+commands["export"] = cmd_export()

source4/scripting/python/samba/netcmd/export.py

@@ -0,0 +1,57 @@
+#!/usr/bin/python
+#
+# Export keytab
+#
+# Copyright Jelmer Vernooij 2010 <jelmer@samba.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+
+import samba.getopt as options
+
+from samba import net
+
+from samba.netcmd import (
+    Command,
+    SuperCommand,
+    )
+
+class cmd_export_keytab(Command):
+    """Dumps kerberos keys of the domain into a keytab."""
+    synopsis = "%prog export keytab <keytab>"
+
+    takes_optiongroups = {
+        "sambaopts": options.SambaOptions,
+        "credopts": options.CredentialsOptions,
+        "versionopts": options.VersionOptions,
+        }
+
+    takes_options = [
+        ]
+
+    takes_args = ["keytab"]
+
+    def run(self, keytab, credopts=None, sambaopts=None, versionopts=None):
+        lp = sambaopts.get_loadparm()
+        creds = credopts.get_credentials(lp)
+        # FIXME: Obtain net context
+        net.export_keytab(keytab=keytab, creds=creds)
+
+
+class cmd_export(SuperCommand):
+    """Dumps the sam of the domain we are joined to."""
+
+    subcommands = {}
+    subcommands["keytab"] = cmd_export_keytab()
+

source4/utils/net/config.mk

@@ -44,8 +44,7 @@ net_OBJ_FILES = $(addprefix $(utilssrcdir)/net/,  \
 		net_time.o \
 		net_join.o \
 		net_vampire.o \
-		net_user.o \
-		net_export_keytab.o)
+		net_user.o)
 
 
 $(eval $(call proto_header_template,$(utilssrcdir)/net/net_proto.h,$(net_OBJ_FILES:.o=.c)))

source4/utils/net/net.c

@@ -200,7 +200,6 @@ static const struct net_functable net_functable[] = {
 	{"time", "get remote server's time\n", net_time, net_time_usage},
 	{"join", "join a domain\n", net_join, net_join_usage},
 	{"samdump", "dump the sam of a domain\n", net_samdump, net_samdump_usage},
-	{"export", "dump the sam of this domain\n", net_export, net_export_usage},
 	{"vampire", "join and syncronise an AD domain onto the local server\n", net_vampire, net_vampire_usage},
 	{"samsync", "synchronise into the local ldb the sam of an NT4 domain\n", net_samsync_ldb, net_samsync_ldb_usage},
 	{"user", "manage user accounts\n", net_user, net_user_usage},

source4/utils/net/net_export_keytab.c

@@ -1,110 +0,0 @@
-/* 
-   Samba Unix/Linux SMB client library 
-   Distributed SMB/CIFS Server Management Utility 
-
-   Copyright (C) 2004 Stefan Metzmacher <metze@samba.org>
-   Copyright (C) 2005 Andrew Bartlett <abartlet@samba.org>
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "utils/net/net.h"
-#include "libnet/libnet.h"
-#include "param/param.h"
-
-static int net_export_keytab_usage(struct net_context *ctx, int argc, const char **argv)
-{
-	d_printf("net export keytab <keytab>\n");
-	return 0;	
-}
-
-static int net_export_keytab_help(struct net_context *ctx, int argc, const char **argv)
-{
-	d_printf("Dumps kerberos keys of the domain into a keytab.\n");
-	return 0;	
-}
-
-static int net_export_keytab(struct net_context *ctx, int argc, const char **argv) 
-{
-	NTSTATUS status;
-	struct libnet_context *libnetctx;
-	struct libnet_export_keytab r;
-
-	switch (argc) {
-	case 0:
-		return net_export_keytab_usage(ctx, argc, argv);
-		break;
-	case 1:
-		r.in.keytab_name = argv[0];
-		break;
-	}
-
-	libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx);
-	if (!libnetctx) {
-		return -1;	
-	}
-	libnetctx->cred = ctx->credentials;
-
-	r.out.error_string = NULL;
-
-	status = libnet_export_keytab(libnetctx, ctx, &r);
-	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(0,("libnet_export_keytab returned %s: %s\n",
-			 nt_errstr(status),
-			 r.out.error_string));
-		return -1;
-	}
-
-	talloc_free(libnetctx);
-
-	return 0;
-}
-
-/* main function table */
-static const struct net_functable net_export_functable[] = {
-	{"keytab", "dump keys into a keytab\n", net_export_keytab, net_export_keytab_usage},
-	{NULL, NULL, NULL, NULL}
-};
-
-int net_export(struct net_context *ctx, int argc, const char **argv) 
-{
-	int rc;
-
-	switch (argc) {
-	case 0:
-		rc = net_export_usage(ctx, argc, argv);
-		return rc;
-	case 1:
-	default:
-		rc = net_run_function(ctx, argc, argv, net_export_functable, 
-				      net_export_usage);
-		return rc;
-	}
-
-	return 0;
-}
-
-int net_export_usage(struct net_context *ctx, int argc, const char **argv)
-{
-	d_printf("net export keytab <keytab>\n");
-	return 0;	
-}
-
-int net_export_help(struct net_context *ctx, int argc, const char **argv)
-{
-	d_printf("Dumps the sam of the domain we are joined to.\n");
-	return 0;	
-}
-