From bd76d0460bfd295ac15cb9f0ac7b8718a982ee79 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 18 Nov 2024 18:49:40 +0100
Subject: [PATCH] pycredentials: add creds.[g|s]et_netlogon_creds()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---
 auth/credentials/pycredentials.c | 89 ++++++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)

diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c
index 641bbc76287..3517530e2df 100644
--- a/auth/credentials/pycredentials.c
+++ b/auth/credentials/pycredentials.c
@@ -972,6 +972,85 @@ static PyObject *py_creds_get_secure_channel_type(PyObject *self, PyObject *args
 	return PyLong_FromLong(channel_type);
 }
 
+static PyObject *py_creds_get_netlogon_creds(PyObject *self, PyObject *unused)
+{
+	struct cli_credentials *creds = NULL;
+	struct netlogon_creds_CredentialState *ncreds = NULL;
+	PyObject *py_ncreds = Py_None;
+
+	creds = PyCredentials_AsCliCredentials(self);
+	if (creds == NULL) {
+		PyErr_Format(PyExc_TypeError, "Credentials expected");
+		return NULL;
+	}
+
+	if (creds->netlogon_creds == NULL) {
+		Py_RETURN_NONE;
+	}
+
+	ncreds = netlogon_creds_copy(NULL, creds->netlogon_creds);
+	if (ncreds == NULL) {
+		PyErr_NoMemory();
+		return NULL;
+	}
+
+	py_ncreds = py_return_ndr_struct("samba.dcerpc.schannel",
+					 "netlogon_creds_CredentialState",
+					 ncreds,
+					 ncreds);
+	if (py_ncreds == NULL) {
+		TALLOC_FREE(ncreds);
+		return NULL;
+	}
+
+	return py_ncreds;
+}
+
+static PyObject *py_creds_set_netlogon_creds(PyObject *self, PyObject *args)
+{
+	struct cli_credentials *creds = NULL;
+	const struct netlogon_creds_CredentialState *ncreds = NULL;
+	PyObject *py_ncreds = Py_None;
+
+	creds = PyCredentials_AsCliCredentials(self);
+	if (creds == NULL) {
+		PyErr_Format(PyExc_TypeError, "Credentials expected");
+		return NULL;
+	}
+
+	if (!PyArg_ParseTuple(args, "O", &py_ncreds))
+		return NULL;
+
+	if (py_ncreds == Py_None) {
+		ncreds = NULL;
+	} else {
+		bool ok;
+
+		ok = py_check_dcerpc_type(py_ncreds,
+				  "samba.dcerpc.schannel",
+				  "netlogon_creds_CredentialState");
+		if (!ok) {
+			/* py_check_dcerpc_type sets TypeError */
+			return NULL;
+		}
+
+		ncreds = pytalloc_get_type(py_ncreds,
+					   struct netlogon_creds_CredentialState);
+		if (ncreds == NULL) {
+			/* pytalloc_get_type sets TypeError */
+			return NULL;
+		}
+	}
+
+	cli_credentials_set_netlogon_creds(creds, ncreds);
+	if (ncreds != NULL && creds->netlogon_creds == NULL) {
+		PyErr_NoMemory();
+		return NULL;
+	}
+
+	Py_RETURN_NONE;
+}
+
 static PyObject *py_creds_set_kerberos_salt_principal(PyObject *self, PyObject *args)
 {
 	char *salt_principal = NULL;
@@ -1673,6 +1752,16 @@ static PyMethodDef py_creds_methods[] = {
 		.ml_meth  = py_creds_get_secure_channel_type,
 		.ml_flags = METH_VARARGS,
 	},
+	{
+		.ml_name  = "get_netlogon_creds",
+		.ml_meth  = py_creds_get_netlogon_creds,
+		.ml_flags = METH_NOARGS,
+	},
+	{
+		.ml_name  = "set_netlogon_creds",
+		.ml_meth  = py_creds_set_netlogon_creds,
+		.ml_flags = METH_VARARGS,
+	},
 	{
 		.ml_name  = "set_kerberos_salt_principal",
 		.ml_meth  = py_creds_set_kerberos_salt_principal,
-- 
2.47.3