diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-03-22 16:40:40 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-03-29 02:37:29 +0200 |
commit | 43f52fc425d8b59596a1f3917ac41a0631477393 (patch) | |
tree | 72b0e0cf4e9081366a154718ba805d8d2f2ea044 /auth/credentials | |
parent | f1603598d6cf956ae9923191371d598288e14cc9 (diff) | |
download | samba-43f52fc425d8b59596a1f3917ac41a0631477393.tar.gz |
pycredentials: Add bindings for get_ntlm_response()
This should make testing of SamLogon from python practical
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'auth/credentials')
-rw-r--r-- | auth/credentials/pycredentials.c | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c index 3bac26dbd4c..7f03f1f3496 100644 --- a/auth/credentials/pycredentials.c +++ b/auth/credentials/pycredentials.c @@ -75,6 +75,61 @@ static PyObject *py_creds_get_ntlm_username_domain(PyObject *self, PyObject *unu return ret; } +static PyObject *py_creds_get_ntlm_response(PyObject *self, PyObject *args, PyObject *kwargs) +{ + TALLOC_CTX *frame = talloc_stackframe(); + PyObject *ret = NULL; + int flags; + struct timeval tv_now; + NTTIME server_timestamp; + DATA_BLOB challenge = data_blob_null; + DATA_BLOB target_info = data_blob_null; + NTSTATUS status; + DATA_BLOB lm_response = data_blob_null; + DATA_BLOB nt_response = data_blob_null; + DATA_BLOB lm_session_key = data_blob_null; + DATA_BLOB nt_session_key = data_blob_null; + const char *kwnames[] = { "flags", "challenge", + "target_info", "server_timestamp", + NULL }; + + tv_now = timeval_current(); + server_timestamp = timeval_to_nttime(&tv_now); + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "is#|s#K", + discard_const_p(char *, kwnames), + &flags, &challenge, &target_info.data, &target_info.length)) { + return NULL; + } + + status = cli_credentials_get_ntlm_response(PyCredentials_AsCliCredentials(self), + frame, &flags, + challenge, + &server_timestamp, + target_info, + &lm_response, &nt_response, + &lm_session_key, &nt_session_key); + + if (!NT_STATUS_IS_OK(status)) { + PyErr_SetNTSTATUS(status); + TALLOC_FREE(frame); + return NULL; + } + + ret = Py_BuildValue("{siss#ss#ss#ss#}", + "flags", flags, + "lm_reponse", + (const char *)lm_response.data, lm_response.length, + "nt_response", + (const char *)nt_response.data, nt_response.length, + "lm_session_key", + (const char *)lm_session_key.data, lm_session_key.length, + "nt_session_key", + (const char *)nt_session_key.data, nt_session_key.length); + TALLOC_FREE(frame); + return ret; +} + static PyObject *py_creds_get_principal(PyObject *self, PyObject *unused) { TALLOC_CTX *frame = talloc_stackframe(); @@ -542,6 +597,11 @@ static PyMethodDef py_creds_methods[] = { { "get_ntlm_username_domain", py_creds_get_ntlm_username_domain, METH_NOARGS, "S.get_ntlm_username_domain() -> (domain, username)\n" "Obtain NTLM username and domain, split up either as (DOMAIN, user) or (\"\", \"user@realm\")." }, + { "get_ntlm_response", (PyCFunction)py_creds_get_ntlm_response, METH_VARARGS | METH_KEYWORDS, + "S.get_ntlm_username_domain" + "(flags, challenge, target_info[, server_timestamp]) -> " + "(flags, lm_response, nt_response, lm_session_key, nt_session_key)\n" + "Obtain LM or NTLM response." }, { "set_password", py_creds_set_password, METH_VARARGS, "S.set_password(password[, credentials.SPECIFIED]) -> None\n" "Change password." }, @@ -672,6 +732,11 @@ MODULE_INIT_FUNC(credentials) PyModule_AddObject(m, "AUTO_KRB_FORWARDABLE", PyInt_FromLong(CRED_AUTO_KRB_FORWARDABLE)); PyModule_AddObject(m, "NO_KRB_FORWARDABLE", PyInt_FromLong(CRED_NO_KRB_FORWARDABLE)); PyModule_AddObject(m, "FORCE_KRB_FORWARDABLE", PyInt_FromLong(CRED_FORCE_KRB_FORWARDABLE)); + PyModule_AddObject(m, "CLI_CRED_NTLM2", PyInt_FromLong(CLI_CRED_NTLM2)); + PyModule_AddObject(m, "CLI_CRED_NTLMv2_AUTH", PyInt_FromLong(CLI_CRED_NTLMv2_AUTH)); + PyModule_AddObject(m, "CLI_CRED_LANMAN_AUTH", PyInt_FromLong(CLI_CRED_LANMAN_AUTH)); + PyModule_AddObject(m, "CLI_CRED_NTLM_AUTH", PyInt_FromLong(CLI_CRED_NTLM_AUTH)); + PyModule_AddObject(m, "CLI_CRED_CLEAR_AUTH", PyInt_FromLong(CLI_CRED_CLEAR_AUTH)); Py_INCREF(&PyCredentials); PyModule_AddObject(m, "Credentials", (PyObject *)&PyCredentials); |