a {a5@s\dZdZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z ddZd d ZGd d d e Z d dZddZddZd&ddZdZddZddZddZddZddZd d!Zd"d#Zd$d%ZejZejZejZej Z ej!Z!ej"Z"ej#Z#ej$Z$ej"Z"ej%Z%ej&Z&ej'Z'ej(Z(ej)Z)ej*Z*ej+Z+ej,Z,ej-Z-ej.Z.ej/Z/ej0Z0dS)'zSamba 4.ZrestructuredTextN)_glue)Ldb) string_typescCsZddg}|D]@}tjtjtjt|}tjtj|dr |Sq tddS)z&Return the top level source directory.z../../..z ../../../..Zsource4z)unable to find top level source directoryN)ospathnormpathjoindirname__file__exists RuntimeError)pathsptopdirr0/usr/lib/python3/dist-packages/samba/__init__.pysource_tree_topdir#s  rcCs$z t}WntyYdS0dS)z?Return True if we are running from within the samba source treeFT)rr )rrrrin_source_tree-s   rc@s`eZdZdZdddZddejfddZdd Zd d Z d d Z ddZ dddZ dddZ dS)raSimple Samba-specific LDB subclass that takes care of setting up the modules dir, credentials pointers, etc. Please note that this is intended to be for all Samba LDB files, not necessarily the Sam database. For Sam-specific helper functions see samdb.py. Nrc Cs|dur||n|tjtjd|dur@|||durR|||durd| || dd}| |dur| d} | dur| r|t jO}|d|dur||||dS)ahOpens a Samba Ldb file. :param url: Optional LDB URL to open :param lp: Optional loadparm object :param modules_dir: Optional modules directory :param session_info: Optional session information :param credentials: Optional credentials, defaults to anonymous. :param flags: Optional LDB flags :param options: Additional options (optional) This is different from a regular Ldb file in that the Samba-specific modules-dir is used by default and that credentials and session_info can be passed through (required by some modules). NldbcSs t|dSN)print)ltextrrrmsgdszLdb.__init__..msgz ldb:nosynci)Zset_modules_dirrrrsambaZparam modules_dirZset_session_infoZset_credentialsZ set_loadparmZregister_samba_handlersZset_utf8_casefoldgetrZ FLG_NOSYNCZset_create_permsZconnect) selfZurlZlprZ session_infoZ credentialsflagsZoptionsrZnosync_prrr__init__?s&        z Ldb.__init__cCsb|||||g}t|dks.|d|dur2dSt|d|}t|dksRJ|||S)aGSearch for one attribute as a string. :param basedn: BaseDN for the search. :param attribute: Name of the attribute :param expression: Optional search expression. :param scope: Search scope (defaults to base). :return: Value of attribute as a string or None if it wasn't found. rN)searchlensetZschema_format_valuepop)rZ attributebasedn expressionscoperesvaluesrrr searchoneus z Ldb.searchonec Csz|j|tjgdd}WnJtjyb}z0|j\}}|tjkrLWYd}~dSWYd}~n d}~00z|D]}||jdgqjWn<tjy}z"|j\}}|tjkrWYd}~n d}~00dS)zErases user and computer objects from our AD. This is needed since the 'samldb' module denies the deletion of primary groups. Therefore all groups shouldn't be primary somewhere anymore. z+(|(objectclass=user)(objectclass=computer)))baser'attrsr&Nrelax:0)r!r SCOPE_SUBTREELdbErrorargsERR_NO_SUCH_OBJECTdeletedn)rr3r(errorerrnoestrrrrrerase_users_computerss       zLdb.erase_users_computersc Cs d}|||j|tjdgddgdD]V}z||jdgWq(tjy|}z"|j\}}|tjkrhWYd}~q(d}~00q(|j|tjdgddgd}t |dksJd D]V}z||dgWqtjy}z"|j\}}|tjkrWYd}~qd}~00qdS) z~Erase this ldb. :note: Removes all records, except those that are controlled by Samba4's schema. zJ(&(|(objectclass=*)(distinguishedName=*))(!(distinguishedName=@BASEINFO)))zshow_deleted:0zshow_recycled:0)controlsr-Nr)z @SUBCLASSESz@MODULESz@OPTIONSz @PARTITIONz @KLUDGEACL) r7r!rr.r2r3r/r0r1r")rr%rr4r5r6r(attrrrrerase_except_schema_controlleds0        z"Ldb.erase_except_schema_controlledc Csf|dD]T}z||dgWq tjy^}z"|j\}}|tjkrJWYd}~q d}~00q dS)z%Erase this ldb, removing all records.)z @INDEXLISTz @ATTRIBUTESr-N)r;r2rr/r0r1)rr:r4r5r6rrrerases  z Ldb.erasecCs<t|d}||Wdn1s.0YdS)zHLoad a LDIF file. :param ldif_path: Path to LDIF file. rN)openadd_ldifread)rZ ldif_pathZ ldif_filerrrload_ldif_file_adds zLdb.load_ldif_file_addcCs2||D]"\}}|tjks J|||q dS)zJAdd data based on a LDIF string. :param ldif: LDIF text. N) parse_ldifrZCHANGETYPE_NONEaddrZldifr9Z changetyperrrrr?sz Ldb.add_ldifcCs<||D],\}}|tjkr*|||q |||q dS)zQModify database based on a LDIF string. :param ldif: LDIF text. N)rBrZCHANGETYPE_ADDrCZmodifyrDrrr modify_ldifs zLdb.modify_ldif)NNNNNrN)N)N)__name__ __module__ __qualname____doc__rrZ SCOPE_BASEr*r7r;r<rAr?rErrrrr6s 6 ) rcCsV|D]H\}}t|ts&Jd|t|ts@Jd||f|d||}q|S)zSubstitute strings of the form ${NAME} in str, replacing with substitutions from values. :param text: Text in which to subsitute. :param values: Dictionary with keys and values. z%r is not a stringzValue %r for %s is not a stringz${%s})items isinstancerreplace)rr)namevaluerrrsubstitute_vars rOcCs>d|vr dS|d}|d|}td|||ddS)zCheck that all substitution variables in a string have been replaced. If not, raise an exception. :param text: The text to search for substitution variables z${N}z!Not all variables substituted: %sr )find Exception)rZ var_startZvar_endrrrcheck_all_substituteds  rScCsTt|ddd2}|}|dur2t||}t|Wdn1sF0Y|S)zRead a file and sub in variables found in it :param file_name: File to be read (typically from setup directory) param subst_vars: Optional variables to subsitute in the file. r=zutf-8)encodingN)r>r@rOrS) file_name subst_varsZ data_filedatarrrread_and_sub_files  &rXcCsPtj|rt|t||}t|d}z||W|n |0dS)zSetup a file in the private dir. :param template: Path of the template file. :param fname: Path of the file to create. :param subst_vars: Substitution variables. wN)rrr unlinkrXr>writeclose)templatefnamerVrWfrrr setup_file$s     r`cCs|p|dvS)Nz !#$%&'()-.@^_{}~)isalnum)crrris_valid_netbios_char9srdcCs,t|tkrdS|D]}t|sdSqdS)z1Check whether a name is valid as a NetBIOS name. FT)r"MAX_NETBIOS_NAME_LENrd)rMxrrrvalid_netbios_name=s  rgcCs`tr@tjt||}|tjvr0tjd|t|tj|<ntd||f|gdtj|<dS)aImport the bundled version of a package. :note: This should only be called if the system version of the package is not adequate. :param modulename: Module name to import :param location: Location to add to sys.path (can be relative to ${srcdir}/${source_tree_container}) :param source_tree_container: Directory under source root that contains the bundled third party modules. :param namespace: Namespace to import module from, when not in source tree rz%s.%s)fromlistN) rrrrrsysinsert __import__modules) modulenamelocationsource_tree_container namespaceZ extra_pathrrrimport_bundled_packageHs  rqc Cs4z t|Wn"ty.t||dddYn0dS)zAdd a location to sys.path if a third party dependency can't be found. :param modulename: Module name to import :param location: Location to add to sys.path (can be relative to ${srcdir}/third_party) Z third_partyzsamba.third_party)rorpN)rk ImportErrorrq)rmrnrrrensure_third_party_moduleas  rscCsdd|dS)z.return a DN from a DNS name domain/forest rootzDC=z,DC=.)rsplit)Z dnsdomainrrrdn_from_dns_namepsrvcCs ttSr)inttimerrrrcurrent_unix_timeusrycCsJdgt|}tt|D]*}t||tr4||n t||||<q|S)Nr)r"rangerKrword)stringZblobirrrstring_to_byte_arrayys(r~cCsddlm}|||S)Nr)arcfour_crypt_blob)Z samba.cryptor)keyrWrrrrarcfour_encrypts r)N)1rIZ __docformat__rrirxrZ samba.paramrrZ samba._ldbrZ_LdbZ samba.compatrrrrOrSrXr`rerdrgrqrsrvryr~rversionZ interface_ipsZ fault_setupZset_debug_levelZget_debug_levelZ unix2nttimeZ nttime2stringZ nttime2unixZgenerate_random_passwordZ generate_random_machine_passwordZcheck_password_qualityZgenerate_random_bytesZ strcasecmp_mZstrstr_mZis_ntvfs_fileserver_builtZis_heimdal_builtZ NTSTATUSErrorZ HRESULTErrorZ WERRORErrorZDsExtendedErrorrrrrs^     @