g8 SSKJr SSKJr SSKJrJrJrJ r SSK J r SSKJ r J r SSKJr SSKJrJrJrJr SrS S jrS!S jrS rS rS r\\\R8\R8\\R8\\\S. rSr/SQr SS/r!/SQr""SS\5r#"SS\#5r$"SS\#5r%"SS\#5r&"SS\#5r'"SS\ 5r(g)"N) SCOPE_SUBTREE)Command CommandErrorOption SuperCommand)misc)MessageElementLdbError)string_is_guid)string_from_nt_timent_time_from_stringnt_nowtimedelta_from_nt_time_deltacHUR5nURS5 U$)NzACN=Master Root Keys,CN=Group Key Distribution Service,CN=Services)get_config_basedn add_child)ldbbase_dns B/usr/lib/python3/dist-packages/samba/netcmd/domain/kds/root_key.pyroot_key_base_dnr#s'##%G KM Nc[[U55(aSnOSnUcS/n[U5nSUSUS3nURU[UUS9n[ U5S:Xa[ S U35e[ U5S :wa[ S U35eUS$) Nnamedn*z$(&(objectClass = msKds-ProvRootKey)(z = z)))scope expressionattrsrzno such root key: zduplicate root keys matching )r strrsearchrlenr)rrrkeyrrress rget_root_key_by_name_or_dnr%*sc$i   }s#GU#dV2'J **W( *   "C  3x1}/v677 3x1}:4&ABB q6MrcXUcS/n[U5nURU[SUS/S9nU$)Nrz!(objectClass = msKds-ProvRootKey)z"server_sort:1:1:msKds-UseStartTime)rrrcontrols)rr!r)rrnrr$s rget_sorted_root_keysr)FsD }s#G **W( C CD  FC JrcL[U5nUR5n[U5nUS:agSnUS:aU[U5S3- nOJUS:aU[US- 5S3- nO/US :aU[US - 5S 3- nOU[US - 5S 3- nUS::aUS- nU$US- nU$)z5Turn a datetime.timedelta into an approximate string.z about nowzabout xz secondsi <z minutesiiz hoursiQz daysrz agoz in the FUTURE)r total_secondsabsint)dtdsecsabsolutess r delta_stringr6Us %a (B   D4yH!|A#~ H h '' D HrM"#8 ,, I  HtO$%V ,, H *+,E 22 qy V  H  Hrc@[[R"U55$N)r rGUID)vs rguid_to_stringr;qs tyy| rc.[U5n[U5$r8)r0r )nt_times rstring_from_nt_time_stringr>us'lG w ''r) msKds-UseStartTimemsKds-CreateTimemsKds-RootKeyDatamsKds-SecretAgreementParam objectGUIDmsKds-KDFParammsKds-PublicKeyLengthmsKds-PrivateKeyLength msKds-Versionc[RUS5n[U[5(dU"U5$[ U5S:Xa U"US5$UVs/sH o2"U5PM sn$s snf)z^Convert an attribute into a printable form, using the attribute name to guess the best format.c[U5$r8)r )xs rencode_by_key..s3q6rrr)ENCODERSget isinstancer r")kr:fnrJs r encode_by_keyrRs_ a) *B a ( (!u  1v{!A$x 1aBqE1  sA')rr?r@rArB) whenCreated whenChangedrCzmsKds-KDFAlgorithmIDrDz msKds-SecretAgreementAlgorithmIDrErFrGzmsKds-DomainIDcnc*\rSrSrSrSSjrSrg)RootKeyCommandz=Base class with a common method for presenting root key data.NcxUS:XaT0nUbXFS'UR5H%upxU(d U[;aM[Xx5Xg'M' URU5 gUc [ 5n[ USS5n [ USS5n [ X- 5n [ X- 5n UbURU5 URSUS35 URS[U 5S U S 35 URS [U 5S U S 35 U(a:[H0nXSR5nURS US SU35 M2 UVs/sHow[[-;dMUPM n nU H)n[XqU5nURS US SU35 M+ URS5 gs snf)NjsonmessagezmsKds-createTimerr?zname rz created  ()z usable from z 14 ) items SECRET_ATTRSrR print_jsonrr0r6r[r hex BASE_ATTRS)selfmsg output_format show_secretspreamblenowoutrPr: create_time start_timecreate_delta_stringstart_delta_stringremaining_keyss rshow_root_key_message$RootKeyCommand.show_root_key_messages F "C#!)I #\(9&q,$ OOC  ;(C#01!45 12156 *;+<=)**:;   LL " uS[M*+ )*=k*J)K2NaMbbcde )*=j*I)J"M_L``abc !F1IMMO s1R&!-."&)OSZ,5N,N!SOAaQ(A LL3qfAaS) *  R Ps F7.F7)NFNN)__name__ __module__ __qualname____firstlineno____doc__rr__static_attributes__rtrrrWrWsG,0+0'+"& )rrWc \rSrSrSrSr\R\R\RS.r \ "SSSSS S 9\ "S S S 9\ "SSSSS9/r SSjr Srg)cmd_domain_kds_root_key_createzCreate a KDS root key object.%prog [-H ] [options] sambaoptscredoptshostopts--jsonOutput results in JSON format.rh store_constrZhelpdestactionconstz--use-start-timez#Use of the key begins at this time.r-v --verbose Be verbose store_truerrNcp0nUb[U5nXS'URXU5n U R"S0UD6n U R 5n [ SSn U(a U [- n [XU S9n[USS5nS[U5S[U[5- 5S3nSU S U3nU(aURUUUS 3S 9 gUS :Xa5U Vs0sH nUUU_M nnUR"SU[U 5S .UD6 gUR!U5 g![an [U 5SeSn A ff=fs snf)Nuse_start_time)rr?rz usable from r\r]zcreated root key z,  )rjrZ)r[rrt)r ValueErrorr ldb_connectnew_gkdi_root_key get_rdn_valuere VERBOSE_ATTRSr%r0r r6rrrprint_json_statusr r[)rfrrrrhrverbosekwargsnt_useerrguidrrgrnused_from_stringr[rPs rrun"cmd_domain_kds_root_key_create.runsm  % 0,^<+1'(xH=  " " ,V ,!1   ] "E(%@12156 *+>z+J*KL ,Z&(-B CDAG&dV2.>-?@   & &s'43:)2 ' @f $)./AaQiF/  " " I7s2w I& I LL !7 0"1o4/ 000sDD3 D0 D++D0rtNNNNNNrurvrwrxrysynopsisoptions SambaOptionsCredentialsOptions HostOptionstakes_optiongroupsr takes_optionsrrzrtrrr|r|st'+H))..'' x>#M I!(MNt[|LI M;?=A""rr|c \rSrSrSrSr\R\R\RS.r \ "SSS9\ "SS S S S S 9/r SSjr Srg)cmd_domain_kds_root_key_deleteizDelete a KDS root key.r~r--namezThe key to deleterrrrhrrZrNc@URXU5n[Xd5nUR UR 5 UR R 5n SU 3n US:XaURU 5 gURU 5 g![an[U5eSnAff=f)Nzdeleted root key rZ) rr%r rdeleterrrr[) rfrrrrrhrroot_keyrrr[s rr"cmd_domain_kds_root_key_delete.run)sxH= "1##M IM "rrc \rSrSrSrSr\R\R\RS.r \ "SSSSS 9\ "S S SS 9\ "S S SSSS9/r SSjr Srg)cmd_domain_kds_root_key_listi;zList KDS root keys.r~rrrrrr--show-secretsShow root key hashrrrhrrZrNclURXU5n[SSnU(a U[- nU(a U[- n[ Xx5n US:Xa`/n U R H<n 0n U R U 5 U R5Hup[X5X'M M> URU 5 g[U 5S:XaURS5 gUR[U 5S[U 5S:aSOSS35 [5nU H&n URU UUUS 9 URS5 M( g) NrZrzno root keys found.z root keyrr5r`z found. )rirk)rrerbrr)msgsappendrarRrcr"r[rrr)rfrrrrrirhrrr$rlrgmrPr:rks rr cmd_domain_kds_root_key_list.runMsxH=1   \ !E  ] "E"3. F "Cxx 1 IIKDA(.AD( OOC  s8q= LL. /  Cz#c(Q,3B*GyQRhC  & &s'44@+. ' 0 LL  rrtrrrtrrrr;sx+H))..'' t[|LI&:<Px>#M IMIM-1%rrc \rSrSrSrSr\R\R\RS.r \ "SSS9\ "SS S S 9\ "S S SS S 9\ "SSS S 9\ "SSSSSS9/r SSjr Srg)cmd_domain_kds_root_key_viewiuzView a root key object.r~rrz!Choose thhe key to view (by GUID)rz--latestzView the latest keyrrrrrrrrrrhrrZrNc TURXU5n [[-n U(a U [- n U(aU S/- n U(a9Ub [ S5e[ X5n [ U 5S:Xa [ S5eU Sn OUb [XU 5n O [ S5eURU UUS9 g)Nrz0It makes no sense to combine --name and --latestrzno root keys foundzPPLease use '--name ' or '--latest' (try the 'list' command to find names))ri) rrerrbrr)r"r%rr) rfrrrrrhrirlatestrrr$rgs rr cmd_domain_kds_root_key_view.runsxH=]*  \ !E  cUNE "#UVV&s2C3x1}"#788a&C  ,S>C IJ J ""3#00< # >rrt)NNNNNNNNrrtrrrrus!+H))..'' xABz 5lKt[|LI&:<Px>#M I M;?FJ$>rrcN\rSrSrSr\"5\"5\"5\"5S.r Sr g)cmd_domain_kds_root_keyiz*Manage key distribution service root keys.)createrlistviewrtN) rurvrwrxryr|rrr subcommandsrzrtrrrrs&41202,.,. Krrr8)NN)) samba.getoptgetoptrrr samba.netcmdrrrr samba.dcerpcrr r sambar samba.nt_timer r rrrr%r)r6r;r>bytesrdr0rMrRrerbrrWr|rrrrrtrrrs*DD( 99 8  8(52"')) ii !    $,.   +W+\4"^4"n "^ "F7>7t8>>8>vlr