search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
directory xml moved to common
[webkpasswd.git] / kadm.py
blob79b157ac4e20af89c4ef43f891b87ebe573f566c
1
2 import re
3 from ctypes import *
4 from admin import *
5
6 class Kadm5:
7 """
8 This class handles kadm5 client library.
9 """
10
11 def __init__(self):
12 self.codes = self.getDefined("/usr/include/kadm5/kadm_err.h")
13 self.kadm = cdll.LoadLibrary('libkadm5clnt.so')
14
15 def getDefined(self, filename):
16 """
17 Reads error codes from filename and puts them to the dictionary
18 """
19 codes = {}
20 file = open(filename, 'r')
21 for line in file:
22 pattern = "(#define)\s+(\S+)\s+\((\S+)L\)"
23 if re.match(pattern, line):
24 out = re.match(pattern, line)
25 codes[out.group(3)] = out.group(2)
26 return codes
27
28 def checkResult(self, result):
29 """
30 Check the result returned by called libraries and print error if something went wrong
31 """
32 if result != 0:
33 c = str(result)
34 print self.__class__.__name__ + ": " + self.codes.get(c, 'unknown')+" ("+c+")"
35 return False
36 return True
37
38 def krb5_chpass_principal(self, pclient, ppassw, ppassw_new, prealm, pservice):
39 """
40 Changes password for principal
41 """
42
43 client = c_char_p(pclient)
44 passw = c_char_p(ppassw)
45 passw_new = c_char_p(ppassw_new)
46 realm = c_char_p(prealm)
47 service = c_char_p(pservice)
48 db_args = c_char_p()
49 server_h = c_void_p()
50
51 # init context
52 context = krb5_context()
53 krb5_err = self.kadm.kadm5_init_krb5_context(byref(context))
54 if not self.checkResult(krb5_err):
55 return krb5_err
56
57 # get config params
58 params = kadm5_config_params()
59 krb5_err = self.kadm.kadm5_get_config_params(
60 context, c_int(0),
61 byref(params), byref(params))
62 if not self.checkResult(krb5_err):
63 self.kadm.krb5_free_context(context)
64 return krb5_err
65
66 # init kadm
67 krb5_err = self.kadm.kadm5_init(
68 context, client,
69 passw, service,
70 pointer(params),
71 krb5_ui_4(0x12345601), krb5_ui_4(0x12345702),
72 pointer(db_args), pointer(server_h))
73 if not self.checkResult(krb5_err):
74 self.kadm.krb5_free_context(context)
75 return krb5_err
76
77 # get principal structure
78 principal = krb5_principal()
79 krb5_err = self.kadm.krb5_parse_name(
80 context,
81 client,
82 pointer(principal))
83 if not self.checkResult(krb5_err):
84 self.kadm.krb5_free_context(context)
85 return krb5_err
86
87 # change password
88 krb5_err = self.kadm.kadm5_chpass_principal(
89 server_h,
90 principal,
91 passw_new)
92 if not self.checkResult(krb5_err):
93 self.kadm.krb5_free_context(context)
94 return krb5_err
95
96 # destroy context
97 self.kadm.krb5_free_context(context)
98 return 0
99
100 # for testing
101 if __name__ == '__main__':
102 client = "test@CDTEL.LOCAL"
103 passw = "testovac9pass"
104 passw_new = "dal39pass"
105 realm = "CDTEL.LOCAL"
106 service = "kadmin/cdtel00pceux509.uxkdc.cdtel.cz"
107
108 pwc = Kadm5()
109 pwc.krb5_chpass_principal(client, passw, passw_new, realm, service)
110
webkpasswd - changes kerberos password via web interface