1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
GSSAPI="BASE" # This ensures that a full module is generated by Cython
from gssapi.raw.cython_types cimport *
from gssapi.raw.ext_buffer_sets cimport *
from gssapi.raw.misc import GSSError
from gssapi.raw.oids cimport OID
from gssapi.raw.creds cimport Creds
from gssapi.raw.sec_contexts cimport SecurityContext
cdef extern from "python_gssapi_ext.h":
OM_uint32 gss_inquire_cred_by_oid(OM_uint32 *minor_status,
const gss_cred_id_t cred_handle,
const gss_OID desired_object,
gss_buffer_set_t *data_set) nogil
OM_uint32 gss_inquire_sec_context_by_oid(OM_uint32 *minor_status,
const gss_ctx_id_t context_handle,
const gss_OID desired_object,
gss_buffer_set_t *data_set) nogil
OM_uint32 gss_set_sec_context_option(OM_uint32 *minor_status,
gss_ctx_id_t *context_handle,
const gss_OID desired_object,
const gss_buffer_t value) nogil
def inquire_cred_by_oid(Creds cred_handle not None,
OID desired_aspect not None):
cdef gss_buffer_set_t *data_set_ptr = NULL
cdef gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET
cdef OM_uint32 maj_stat, min_stat
data_set_ptr = &data_set
with nogil:
maj_stat = gss_inquire_cred_by_oid(&min_stat, cred_handle.raw_creds,
&desired_aspect.raw_oid,
data_set_ptr)
if maj_stat == GSS_S_COMPLETE:
py_tokens = []
if data_set != GSS_C_NO_BUFFER_SET:
for i in range(data_set.count):
token = data_set.elements[i]
py_tokens.append((<char*>token.value)[:token.length])
gss_release_buffer_set(&min_stat, &data_set)
return py_tokens
else:
raise GSSError(maj_stat, min_stat)
def inquire_sec_context_by_oid(SecurityContext context not None,
OID desired_aspect not None):
cdef gss_buffer_set_t *data_set_ptr = NULL
cdef gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET
cdef OM_uint32 maj_stat, min_stat
data_set_ptr = &data_set
with nogil:
maj_stat = gss_inquire_sec_context_by_oid(&min_stat, context.raw_ctx,
&desired_aspect.raw_oid,
data_set_ptr)
if maj_stat == GSS_S_COMPLETE:
py_tokens = []
if data_set != GSS_C_NO_BUFFER_SET:
for i in range(data_set.count):
token = data_set.elements[i]
py_tokens.append((<char*>token.value)[:token.length])
gss_release_buffer_set(&min_stat, &data_set)
return py_tokens
else:
raise GSSError(maj_stat, min_stat)
def set_sec_context_option(OID desired_aspect not None,
SecurityContext context=None,
value=None):
cdef gss_buffer_desc value_buffer
if value is not None:
value_buffer = gss_buffer_desc(len(value), value)
else:
# GSS_C_EMPTY_BUFFER
value_buffer = gss_buffer_desc(0, NULL)
cdef SecurityContext output_context = context
if output_context is None:
output_context = SecurityContext()
cdef OM_uint32 maj_stat, min_stat
with nogil:
maj_stat = gss_set_sec_context_option(&min_stat,
&output_context.raw_ctx,
&desired_aspect.raw_oid,
&value_buffer)
if maj_stat == GSS_S_COMPLETE:
return output_context
else:
raise GSSError(maj_stat, min_stat)
|
