1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
|
# cython: language_level=2
#
# Copyright (c) SAS Institute Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
from libc cimport stdlib
cdef extern from "Python.h":
object PyErr_SetFromErrno(exc)
object PyBytes_FromStringAndSize(char *str, Py_ssize_t size)
cdef extern from "keyutils.h" nogil:
int c_KEY_SPEC_THREAD_KEYRING "KEY_SPEC_THREAD_KEYRING"
int c_KEY_SPEC_PROCESS_KEYRING "KEY_SPEC_PROCESS_KEYRING"
int c_KEY_SPEC_SESSION_KEYRING "KEY_SPEC_SESSION_KEYRING"
int c_KEY_SPEC_USER_KEYRING "KEY_SPEC_USER_KEYRING"
int c_KEY_SPEC_USER_SESSION_KEYRING "KEY_SPEC_USER_SESSION_KEYRING"
int c_KEY_POS_VIEW "KEY_POS_VIEW"
int c_KEY_POS_READ "KEY_POS_READ"
int c_KEY_POS_WRITE "KEY_POS_WRITE"
int c_KEY_POS_SEARCH "KEY_POS_SEARCH"
int c_KEY_POS_LINK "KEY_POS_LINK"
int c_KEY_POS_SETATTR "KEY_POS_SETATTR"
int c_KEY_POS_ALL "KEY_POS_ALL"
int c_KEY_USR_VIEW "KEY_USR_VIEW"
int c_KEY_USR_READ "KEY_USR_READ"
int c_KEY_USR_WRITE "KEY_USR_WRITE"
int c_KEY_USR_SEARCH "KEY_USR_SEARCH"
int c_KEY_USR_LINK "KEY_USR_LINK"
int c_KEY_USR_SETATTR "KEY_USR_SETATTR"
int c_KEY_USR_ALL "KEY_USR_ALL"
int c_KEY_GRP_VIEW "KEY_GRP_VIEW"
int c_KEY_GRP_READ "KEY_GRP_READ"
int c_KEY_GRP_WRITE "KEY_GRP_WRITE"
int c_KEY_GRP_SEARCH "KEY_GRP_SEARCH"
int c_KEY_GRP_LINK "KEY_GRP_LINK"
int c_KEY_GRP_SETATTR "KEY_GRP_SETATTR"
int c_KEY_GRP_ALL "KEY_GRP_ALL"
int c_KEY_OTH_VIEW "KEY_OTH_VIEW"
int c_KEY_OTH_READ "KEY_OTH_READ"
int c_KEY_OTH_WRITE "KEY_OTH_WRITE"
int c_KEY_OTH_SEARCH "KEY_OTH_SEARCH"
int c_KEY_OTH_LINK "KEY_OTH_LINK"
int c_KEY_OTH_SETATTR "KEY_OTH_SETATTR"
int c_KEY_OTH_ALL "KEY_OTH_ALL"
int c_ENOKEY "ENOKEY"
int c_EKEYEXPIRED "EKEYEXPIRED"
int c_EKEYREVOKED "EKEYREVOKED"
int c_EKEYREJECTED "EKEYREJECTED"
int c_add_key "add_key"(char *key_type, char *description, void *payload,
int plen, int keyring)
int c_request_key "request_key"(char *key_type, char *description,
char *callout_info, int keyring)
int c_search "keyctl_search"(int keyring, char *key_type,
char *description, int destination)
int c_update "keyctl_update"(int key, const void *payload, size_t plen)
int c_read_alloc "keyctl_read_alloc"(int key, void **bufptr)
int c_join_session_keyring "keyctl_join_session_keyring"(char *name)
int c_session_to_parent "keyctl_session_to_parent"()
int c_link "keyctl_link"(int key, int keyring)
int c_unlink "keyctl_unlink"(int key, int keyring)
int c_revoke "keyctl_revoke"(int key)
int c_setperm "keyctl_setperm"(int key, int perm)
int c_set_timeout "keyctl_set_timeout" (int key, int timeout)
int c_clear "keyctl_clear" (int keyring)
int c_describe_alloc "keyctl_describe_alloc" (int key, char **bufptr)
class error(Exception):
pass
class constants:
KEY_SPEC_THREAD_KEYRING = c_KEY_SPEC_THREAD_KEYRING
KEY_SPEC_PROCESS_KEYRING = c_KEY_SPEC_PROCESS_KEYRING
KEY_SPEC_SESSION_KEYRING = c_KEY_SPEC_SESSION_KEYRING
KEY_SPEC_USER_KEYRING = c_KEY_SPEC_USER_KEYRING
KEY_SPEC_USER_SESSION_KEYRING = c_KEY_SPEC_USER_SESSION_KEYRING
ENOKEY = c_ENOKEY
EKEYEXPIRED = c_EKEYEXPIRED
EKEYREVOKED = c_EKEYREVOKED
EKEYREJECTED = c_EKEYREJECTED
KEY_POS_VIEW = c_KEY_POS_VIEW
KEY_POS_READ = c_KEY_POS_READ
KEY_POS_WRITE = c_KEY_POS_WRITE
KEY_POS_SEARCH = c_KEY_POS_SEARCH
KEY_POS_LINK = c_KEY_POS_LINK
KEY_POS_SETATTR = c_KEY_POS_SETATTR
KEY_POS_ALL = c_KEY_POS_ALL
KEY_USR_VIEW = c_KEY_USR_VIEW
KEY_USR_READ = c_KEY_USR_READ
KEY_USR_WRITE = c_KEY_USR_WRITE
KEY_USR_SEARCH = c_KEY_USR_SEARCH
KEY_USR_LINK = c_KEY_USR_LINK
KEY_USR_SETATTR = c_KEY_USR_SETATTR
KEY_USR_ALL = c_KEY_USR_ALL
KEY_GRP_VIEW = c_KEY_GRP_VIEW
KEY_GRP_READ = c_KEY_GRP_READ
KEY_GRP_WRITE = c_KEY_GRP_WRITE
KEY_GRP_SEARCH = c_KEY_GRP_SEARCH
KEY_GRP_LINK = c_KEY_GRP_LINK
KEY_GRP_SETATTR = c_KEY_GRP_SETATTR
KEY_GRP_ALL = c_KEY_GRP_ALL
KEY_OTH_VIEW = c_KEY_OTH_VIEW
KEY_OTH_READ = c_KEY_OTH_READ
KEY_OTH_WRITE = c_KEY_OTH_WRITE
KEY_OTH_SEARCH = c_KEY_OTH_SEARCH
KEY_OTH_LINK = c_KEY_OTH_LINK
KEY_OTH_SETATTR = c_KEY_OTH_SETATTR
KEY_OTH_ALL = c_KEY_OTH_ALL
def add_key(bytes key_type, bytes description, bytes payload, int keyring):
cdef int rc
cdef char *key_type_p = key_type
cdef char *desc_p = description
cdef int payload_len
cdef char *payload_p
if payload is None:
payload_p = NULL
payload_len = 0
else:
payload_p = payload
payload_len = len(payload)
with nogil:
rc = c_add_key(key_type_p, desc_p, payload_p, payload_len, keyring)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return rc
def request_key(bytes key_type, bytes description, bytes callout_info, int keyring):
cdef char *key_type_p = key_type
cdef char *desc_p = description
cdef char *callout_p
cdef int rc
if callout_info is None:
callout_p = NULL
else:
callout_p = callout_info
with nogil:
rc = c_request_key(key_type_p, desc_p, callout_p, keyring)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return rc
def search(int keyring, bytes key_type, bytes description, int destination):
cdef char *key_type_p = key_type
cdef char *desc_p = description
cdef int rc
with nogil:
rc = c_search(keyring, key_type_p, desc_p, destination)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return rc
def update_key(int key, bytes payload):
cdef int rc
cdef int payload_len
cdef char *payload_p
if payload is None:
payload_p = NULL
payload_len = 0
else:
payload_p = payload
payload_len = len(payload)
with nogil:
rc = c_update(key, payload_p, payload_len)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def read_key(int key):
cdef int size
cdef void *ptr
cdef bytes obj
with nogil:
size = c_read_alloc(key, &ptr)
if size < 0:
PyErr_SetFromErrno(error)
else:
obj = PyBytes_FromStringAndSize(<char*>ptr, size)
stdlib.free(ptr)
return obj
def describe_key(int key):
cdef int size
cdef char *ptr
cdef bytes obj
with nogil:
size = c_describe_alloc(key, &ptr)
if size < 0:
PyErr_SetFromErrno(error)
else:
obj = PyBytes_FromStringAndSize(<char*>ptr, size)
stdlib.free(ptr)
return obj
def join_session_keyring(name):
cdef char *name_p
cdef int rc
if name is None:
name_p = NULL
else:
name_p = name
with nogil:
rc = c_join_session_keyring(name_p)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return rc
def session_to_parent():
cdef int rc
with nogil:
rc = c_session_to_parent()
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def link(int key, int keyring):
cdef int rc
with nogil:
rc = c_link(key, keyring)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def unlink(int key, int keyring):
cdef int rc
with nogil:
rc = c_unlink(key, keyring)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def revoke(int key):
cdef int rc
with nogil:
rc = c_revoke(key)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def set_perm(int key, int perm):
cdef int rc
cdef int keyperm
with nogil:
rc = c_setperm(key, perm)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def set_timeout(int key, int timeout):
cdef int rc
with nogil:
rc = c_set_timeout(key, timeout)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
def clear(int keyring):
cdef int rc
with nogil:
rc = c_clear(keyring)
if rc < 0:
PyErr_SetFromErrno(error)
else:
return None
|
