From eb6cb6e673e430cb8bb0be326f61c547ae42dfa1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 11 Jul 2018 16:48:40 +1200 Subject: python: Add samba.auth.session_info_fill_unix() This fills in the unix portions of the token needed by smbd and the pysmbd bindings Signed-off-by: Andrew Bartlett Pair-programmed-with: Joe Guo Signed-off-by: Joe Guo Reviewed-by: Douglas Bagnall --- python/samba/tests/auth.py | 11 +++++++++ source4/auth/pyauth.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/python/samba/tests/auth.py b/python/samba/tests/auth.py index 6318bec40a0..27284721d3e 100644 --- a/python/samba/tests/auth.py +++ b/python/samba/tests/auth.py @@ -87,3 +87,14 @@ class AuthAdminSessionTests(samba.tests.TestCase): self.assertFalse(self.admin_session.security_token.is_system()) self.assertFalse(self.admin_session.security_token.is_anonymous()) self.assertTrue(self.admin_session.security_token.has_builtin_administrators()) + + def test_session_info_unix_details(self): + samba.auth.session_info_fill_unix(session_info = self.admin_session, + lp_ctx=self.lp, + user_name="Administrator") + self.assertEqual(self.admin_session.unix_info.sanitized_username, + 'Administrator') + self.assertEqual(self.admin_session.unix_info.unix_name, + self.lp.get('workgroup').upper() + + self.lp.get('winbind separator') + 'Administrator') + self.assertIsNotNone(self.admin_session.unix_token) diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c index fc22637564d..ada89ef0c8f 100644 --- a/source4/auth/pyauth.c +++ b/source4/auth/pyauth.c @@ -164,6 +164,63 @@ static PyObject *py_user_session(PyObject *module, PyObject *args, PyObject *kwa return PyAuthSession_FromSession(session); } +static PyObject *py_session_info_fill_unix(PyObject *module, + PyObject *args, + PyObject *kwargs) +{ + NTSTATUS nt_status; + char *user_name = NULL; + struct loadparm_context *lp_ctx = NULL; + struct auth_session_info *session_info; + PyObject *py_lp_ctx = Py_None; + PyObject *py_session = Py_None; + TALLOC_CTX *frame; + + const char * const kwnames[] = { "session_info", + "user_name", + "lp_ctx", + NULL }; + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "Oz|O", + discard_const_p(char *, kwnames), + &py_session, + &user_name, + &py_lp_ctx)) { + return NULL; + } + + if (!py_check_dcerpc_type(py_session, + "samba.dcerpc.auth", + "session_info")) { + return NULL; + } + session_info = pytalloc_get_type(py_session, + struct auth_session_info); + if (!session_info) { + PyErr_Format(PyExc_TypeError, + "Expected auth_session_info for session_info argument got %s", + talloc_get_name(pytalloc_get_ptr(py_session))); + return NULL; + } + + frame = talloc_stackframe(); + + lp_ctx = lpcfg_from_py_object(frame, py_lp_ctx); + if (lp_ctx == NULL) { + TALLOC_FREE(frame); + return NULL; + } + + nt_status = auth_session_info_fill_unix(lp_ctx, + user_name, + session_info); + TALLOC_FREE(frame); + if (!NT_STATUS_IS_OK(nt_status)) { + PyErr_NTSTATUS_IS_ERR_RAISE(nt_status); + } + + Py_RETURN_NONE; +} + static const char **PyList_AsStringList(TALLOC_CTX *mem_ctx, PyObject *list, const char *paramname) @@ -304,6 +361,10 @@ static PyMethodDef py_auth_methods[] = { { "system_session", (PyCFunction)py_system_session, METH_VARARGS, NULL }, { "admin_session", (PyCFunction)py_admin_session, METH_VARARGS, NULL }, { "user_session", (PyCFunction)py_user_session, METH_VARARGS|METH_KEYWORDS, NULL }, + { "session_info_fill_unix", + (PyCFunction)py_session_info_fill_unix, + METH_VARARGS|METH_KEYWORDS, + NULL }, { NULL }, }; -- cgit v1.2.1