00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021 #include "python/py_common.h"
00022
00023
00024
00025 BOOL py_from_SID(PyObject **obj, DOM_SID *sid)
00026 {
00027 fstring sidstr;
00028
00029 if (!sid) {
00030 Py_INCREF(Py_None);
00031 *obj = Py_None;
00032 return True;
00033 }
00034
00035 if (!sid_to_string(sidstr, sid))
00036 return False;
00037
00038 *obj = PyString_FromString(sidstr);
00039
00040 return True;
00041 }
00042
00043 BOOL py_to_SID(DOM_SID *sid, PyObject *obj)
00044 {
00045 if (!PyString_Check(obj))
00046 return False;
00047
00048 return string_to_sid(sid, PyString_AsString(obj));
00049 }
00050
00051 BOOL py_from_ACE(PyObject **dict, SEC_ACE *ace)
00052 {
00053 PyObject *obj;
00054
00055 if (!ace) {
00056 Py_INCREF(Py_None);
00057 *dict = Py_None;
00058 return True;
00059 }
00060
00061 *dict = Py_BuildValue("{sisisi}", "type", ace->type,
00062 "flags", ace->flags,
00063 "mask", ace->access_mask);
00064
00065 if (py_from_SID(&obj, &ace->trustee)) {
00066 PyDict_SetItemString(*dict, "trustee", obj);
00067 Py_DECREF(obj);
00068 }
00069
00070 return True;
00071 }
00072
00073 BOOL py_to_ACE(SEC_ACE *ace, PyObject *dict)
00074 {
00075 PyObject *obj;
00076 uint8 ace_type, ace_flags;
00077 DOM_SID trustee;
00078 SEC_ACCESS sec_access;
00079
00080 if (!PyDict_Check(dict))
00081 return False;
00082
00083 if (!(obj = PyDict_GetItemString(dict, "type")) ||
00084 !PyInt_Check(obj))
00085 return False;
00086
00087 ace_type = PyInt_AsLong(obj);
00088
00089 if (!(obj = PyDict_GetItemString(dict, "flags")) ||
00090 !PyInt_Check(obj))
00091 return False;
00092
00093 ace_flags = PyInt_AsLong(obj);
00094
00095 if (!(obj = PyDict_GetItemString(dict, "trustee")) ||
00096 !PyString_Check(obj))
00097 return False;
00098
00099 if (!py_to_SID(&trustee, obj))
00100 return False;
00101
00102 if (!(obj = PyDict_GetItemString(dict, "mask")) ||
00103 !PyInt_Check(obj))
00104 return False;
00105
00106 sec_access = PyInt_AsLong(obj);
00107
00108 init_sec_ace(ace, &trustee, ace_type, sec_access, ace_flags);
00109
00110
00111
00112 ace->size = SEC_ACE_HEADER_SIZE + sid_size(&trustee);
00113
00114 return True;
00115 }
00116
00117 BOOL py_from_ACL(PyObject **dict, SEC_ACL *acl)
00118 {
00119 PyObject *ace_list;
00120 int i;
00121
00122 if (!acl) {
00123 Py_INCREF(Py_None);
00124 *dict = Py_None;
00125 return True;
00126 }
00127
00128 ace_list = PyList_New(acl->num_aces);
00129
00130 for (i = 0; i < acl->num_aces; i++) {
00131 PyObject *obj;
00132
00133 if (py_from_ACE(&obj, &acl->aces[i]))
00134 PyList_SetItem(ace_list, i, obj);
00135 }
00136
00137 *dict = Py_BuildValue("{sisN}", "revision", acl->revision,
00138 "ace_list", ace_list);
00139
00140 return True;
00141 }
00142
00143 BOOL py_to_ACL(SEC_ACL *acl, PyObject *dict, TALLOC_CTX *mem_ctx)
00144 {
00145 PyObject *obj;
00146 uint32 i;
00147
00148 if (!(obj = PyDict_GetItemString(dict, "revision")) ||
00149 !PyInt_Check(obj))
00150 return False;
00151
00152 acl->revision = PyInt_AsLong(obj);
00153
00154 if (!(obj = PyDict_GetItemString(dict, "ace_list")) ||
00155 !PyList_Check(obj))
00156 return False;
00157
00158 acl->num_aces = PyList_Size(obj);
00159
00160 acl->aces = _talloc(mem_ctx, acl->num_aces * sizeof(SEC_ACE));
00161 acl->size = SEC_ACL_HEADER_SIZE;
00162
00163 for (i = 0; i < acl->num_aces; i++) {
00164 PyObject *py_ace = PyList_GetItem(obj, i);
00165
00166 if (!py_to_ACE(&acl->aces[i], py_ace))
00167 return False;
00168
00169 acl->size += acl->aces[i].size;
00170 }
00171
00172 return True;
00173 }
00174
00175 BOOL py_from_SECDESC(PyObject **dict, SEC_DESC *sd)
00176 {
00177 PyObject *obj;
00178
00179 *dict = PyDict_New();
00180
00181 obj = PyInt_FromLong(sd->revision);
00182 PyDict_SetItemString(*dict, "revision", obj);
00183 Py_DECREF(obj);
00184
00185 obj = PyInt_FromLong(sd->type);
00186 PyDict_SetItemString(*dict, "type", obj);
00187 Py_DECREF(obj);
00188
00189 if (py_from_SID(&obj, sd->owner_sid)) {
00190 PyDict_SetItemString(*dict, "owner_sid", obj);
00191 Py_DECREF(obj);
00192 }
00193
00194 if (py_from_SID(&obj, sd->group_sid)) {
00195 PyDict_SetItemString(*dict, "group_sid", obj);
00196 Py_DECREF(obj);
00197 }
00198
00199 if (py_from_ACL(&obj, sd->dacl)) {
00200 PyDict_SetItemString(*dict, "dacl", obj);
00201 Py_DECREF(obj);
00202 }
00203
00204 if (py_from_ACL(&obj, sd->sacl)) {
00205 PyDict_SetItemString(*dict, "sacl", obj);
00206 Py_DECREF(obj);
00207 }
00208
00209 return True;
00210 }
00211
00212 BOOL py_to_SECDESC(SEC_DESC **sd, PyObject *dict, TALLOC_CTX *mem_ctx)
00213 {
00214 PyObject *obj;
00215 uint16 revision;
00216 uint16 type = SEC_DESC_SELF_RELATIVE;
00217 DOM_SID owner_sid, group_sid;
00218 SEC_ACL sacl, dacl;
00219 BOOL got_dacl = False, got_sacl = False;
00220 BOOL got_owner_sid = False, got_group_sid = False;
00221
00222 ZERO_STRUCT(dacl); ZERO_STRUCT(sacl);
00223 ZERO_STRUCT(owner_sid); ZERO_STRUCT(group_sid);
00224
00225 if (!(obj = PyDict_GetItemString(dict, "revision")))
00226 return False;
00227
00228 revision = PyInt_AsLong(obj);
00229
00230 if ((obj = PyDict_GetItemString(dict, "type"))) {
00231 if (obj != Py_None) {
00232 type = PyInt_AsLong(obj);
00233 }
00234 }
00235
00236 if ((obj = PyDict_GetItemString(dict, "owner_sid"))) {
00237
00238 if (obj != Py_None) {
00239
00240 if (!py_to_SID(&owner_sid, obj))
00241 return False;
00242
00243 got_owner_sid = True;
00244 }
00245 }
00246
00247 if ((obj = PyDict_GetItemString(dict, "group_sid"))) {
00248
00249 if (obj != Py_None) {
00250
00251 if (!py_to_SID(&group_sid, obj))
00252 return False;
00253
00254 got_group_sid = True;
00255 }
00256 }
00257
00258 if ((obj = PyDict_GetItemString(dict, "dacl"))) {
00259
00260 if (obj != Py_None) {
00261
00262 if (!py_to_ACL(&dacl, obj, mem_ctx))
00263 return False;
00264
00265 got_dacl = True;
00266 }
00267 }
00268
00269 if ((obj = PyDict_GetItemString(dict, "sacl"))) {
00270
00271 if (obj != Py_None) {
00272
00273 if (!py_to_ACL(&sacl, obj, mem_ctx))
00274 return False;
00275
00276 got_sacl = True;
00277 }
00278 }
00279
00280 #if 0
00281 *sd = make_sec_desc(mem_ctx, revision,
00282 got_owner_sid ? &owner_sid : NULL,
00283 got_group_sid ? &group_sid : NULL,
00284 got_sacl ? &sacl : NULL,
00285 got_dacl ? &dacl : NULL);
00286 #else
00287 {
00288 size_t sd_size;
00289
00290 *sd = make_sec_desc(mem_ctx, revision, type,
00291 got_owner_sid ? &owner_sid : NULL,
00292 got_group_sid ? &group_sid : NULL,
00293 got_sacl ? &sacl : NULL,
00294 got_dacl ? &dacl : NULL, &sd_size);
00295 }
00296 #endif
00297
00298 return True;
00299 }