2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2001,2002
6 Copyright (C) Jelmer Vernooij 2002,2003
7 Copyright (C) James Peach 2006
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 /* Handle command line options:
37 extern pstring user_socket_options;
38 extern BOOL AllowDebugChange;
39 extern BOOL override_logfile;
41 struct user_auth_info cmdline_auth_info;
43 static void set_logfile(poptContext con, const char * arg)
49 /* Find out basename of current program */
50 pname = strrchr_m(poptGetInvocationName(con),'/');
53 pname = poptGetInvocationName(con);
57 pstr_sprintf(logfile, "%s/log.%s", arg, pname);
58 lp_set_logfile(logfile);
61 static void popt_common_callback(poptContext con,
62 enum poptCallbackReason reason,
63 const struct poptOption *opt,
64 const char *arg, const void *data)
67 if (reason == POPT_CALLBACK_REASON_PRE) {
68 set_logfile(con, dyn_LOGFILEBASE);
75 debug_parse_levels(arg);
76 AllowDebugChange = False;
81 printf( "Version %s\n", SAMBA_VERSION_STRING);
87 pstrcpy(user_socket_options,arg);
93 pstrcpy(dyn_CONFIGFILE, arg);
99 set_global_myname(arg);
105 set_logfile(con, arg);
106 override_logfile = True;
107 pstr_sprintf(dyn_LOGFILEBASE, "%s", arg);
113 set_global_scope(arg);
119 set_global_myworkgroup(arg);
125 struct poptOption popt_common_connection[] = {
126 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
127 { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
129 { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
130 { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
131 { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
136 struct poptOption popt_common_samba[] = {
137 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, (void *)popt_common_callback },
138 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
139 { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
140 { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Base name for log files", "LOGFILEBASE" },
141 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
145 struct poptOption popt_common_version[] = {
146 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
147 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
152 /* Handle command line options:
179 static void popt_dynconfig_callback(poptContext con,
180 enum poptCallbackReason reason,
181 const struct poptOption *opt,
182 const char *arg, const void *data)
188 dyn_SBINDIR = SMB_STRDUP(arg);
194 dyn_BINDIR = SMB_STRDUP(arg);
200 dyn_SWATDIR = SMB_STRDUP(arg);
204 case DYN_LMHOSTSFILE:
206 pstrcpy(dyn_LMHOSTSFILE, arg);
212 pstrcpy(dyn_LIBDIR, arg);
218 fstrcpy(dyn_SHLIBEXT, arg);
224 pstrcpy(dyn_LOCKDIR, arg);
230 pstrcpy(dyn_PIDDIR, arg);
234 case DYN_SMB_PASSWD_FILE:
236 pstrcpy(dyn_SMB_PASSWD_FILE, arg);
240 case DYN_PRIVATE_DIR:
242 pstrcpy(dyn_PRIVATE_DIR, arg);
249 const struct poptOption popt_common_dynconfig[] = {
251 { NULL, '\0', POPT_ARG_CALLBACK, (void *)popt_dynconfig_callback },
253 { "sbindir", '\0' , POPT_ARG_STRING, NULL, DYN_SBINDIR,
254 "Path to sbin directory", "SBINDIR" },
255 { "bindir", '\0' , POPT_ARG_STRING, NULL, DYN_BINDIR,
256 "Path to bin directory", "BINDIR" },
257 { "swatdir", '\0' , POPT_ARG_STRING, NULL, DYN_SWATDIR,
258 "Path to SWAT installation directory", "SWATDIR" },
259 { "lmhostsfile", '\0' , POPT_ARG_STRING, NULL, DYN_LMHOSTSFILE,
260 "Path to lmhosts file", "LMHOSTSFILE" },
261 { "libdir", '\0' , POPT_ARG_STRING, NULL, DYN_LIBDIR,
262 "Path to shared library directory", "LIBDIR" },
263 { "shlibext", '\0' , POPT_ARG_STRING, NULL, DYN_SHLIBEXT,
264 "Shared library extension", "SHLIBEXT" },
265 { "lockdir", '\0' , POPT_ARG_STRING, NULL, DYN_LOCKDIR,
266 "Path to lock file directory", "LOCKDIR" },
267 { "piddir", '\0' , POPT_ARG_STRING, NULL, DYN_PIDDIR,
268 "Path to PID file directory", "PIDDIR" },
269 { "smb-passwd-file", '\0' , POPT_ARG_STRING, NULL, DYN_SMB_PASSWD_FILE,
270 "Path to smbpasswd file", "SMB_PASSWD_FILE" },
271 { "private-dir", '\0' , POPT_ARG_STRING, NULL, DYN_PRIVATE_DIR,
272 "Path to private data directory", "PRIVATE_DIR" },
277 /****************************************************************************
278 * get a password from a a file or file descriptor
280 * ****************************************************************************/
281 static void get_password_file(struct user_auth_info *a)
285 BOOL close_it = False;
289 if ((p = getenv("PASSWD_FD")) != NULL) {
290 pstrcpy(spec, "descriptor ");
292 sscanf(p, "%d", &fd);
294 } else if ((p = getenv("PASSWD_FILE")) != NULL) {
295 fd = sys_open(p, O_RDONLY, 0);
298 fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
299 spec, strerror(errno));
305 for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
306 p && p - pass < sizeof(pass);) {
307 switch (read(fd, p, 1)) {
309 if (*p != '\n' && *p != '\0') {
310 *++p = '\0'; /* advance p, and null-terminate pass */
315 *p = '\0'; /* null-terminate it, just in case... */
316 p = NULL; /* then force the loop condition to become false */
319 fprintf(stderr, "Error reading password from file %s: %s\n",
320 spec, "empty password\n");
325 fprintf(stderr, "Error reading password from file %s: %s\n",
326 spec, strerror(errno));
330 pstrcpy(a->password, pass);
335 static void get_credentials_file(const char *file, struct user_auth_info *info)
340 char *ptr, *val, *param;
342 if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
344 /* fail if we can't open the credentials file */
345 d_printf("ERROR: Unable to open credentials file!\n");
349 while (!x_feof(auth))
351 /* get a line from the file */
352 if (!x_fgets(buf, sizeof(buf), auth))
356 if ((len) && (buf[len-1]=='\n'))
364 /* break up the line into parameter & value.
365 * will need to eat a little whitespace possibly */
367 if (!(ptr = strchr_m (buf, '=')))
373 /* eat leading white space */
374 while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
377 if (strwicmp("password", param) == 0)
379 pstrcpy(info->password, val);
380 info->got_pass = True;
382 else if (strwicmp("username", param) == 0)
383 pstrcpy(info->username, val);
384 else if (strwicmp("domain", param) == 0)
385 set_global_myworkgroup(val);
386 memset(buf, 0, sizeof(buf));
391 /* Handle command line options:
393 * -A,--authentication-file
401 static void popt_common_credentials_callback(poptContext con,
402 enum poptCallbackReason reason,
403 const struct poptOption *opt,
404 const char *arg, const void *data)
408 if (reason == POPT_CALLBACK_REASON_PRE) {
409 cmdline_auth_info.use_kerberos = False;
410 cmdline_auth_info.got_pass = False;
411 cmdline_auth_info.signing_state = Undefined;
412 pstrcpy(cmdline_auth_info.username, "GUEST");
414 if (getenv("LOGNAME"))pstrcpy(cmdline_auth_info.username,getenv("LOGNAME"));
416 if (getenv("USER")) {
417 pstrcpy(cmdline_auth_info.username,getenv("USER"));
419 if ((p = strchr_m(cmdline_auth_info.username,'%'))) {
421 pstrcpy(cmdline_auth_info.password,p+1);
422 cmdline_auth_info.got_pass = True;
423 memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(cmdline_auth_info.password));
427 if (getenv("PASSWD")) {
428 pstrcpy(cmdline_auth_info.password,getenv("PASSWD"));
429 cmdline_auth_info.got_pass = True;
432 if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
433 get_password_file(&cmdline_auth_info);
434 cmdline_auth_info.got_pass = True;
445 pstrcpy(cmdline_auth_info.username,arg);
446 if ((lp=strchr_m(cmdline_auth_info.username,'%'))) {
448 pstrcpy(cmdline_auth_info.password,lp+1);
449 cmdline_auth_info.got_pass = True;
450 memset(strchr_m(arg,'%')+1,'X',strlen(cmdline_auth_info.password));
456 get_credentials_file(arg, &cmdline_auth_info);
461 d_printf("No kerberos support compiled in\n");
464 cmdline_auth_info.use_kerberos = True;
465 cmdline_auth_info.got_pass = True;
471 cmdline_auth_info.signing_state = -1;
472 if (strequal(arg, "off") || strequal(arg, "no") || strequal(arg, "false"))
473 cmdline_auth_info.signing_state = False;
474 else if (strequal(arg, "on") || strequal(arg, "yes") || strequal(arg, "true") ||
475 strequal(arg, "auto") )
476 cmdline_auth_info.signing_state = True;
477 else if (strequal(arg, "force") || strequal(arg, "required") || strequal(arg, "forced"))
478 cmdline_auth_info.signing_state = Required;
480 fprintf(stderr, "Unknown signing option %s\n", arg );
487 char *opt_password = NULL;
488 /* it is very useful to be able to make ads queries as the
489 machine account for testing purposes and for domain leave */
491 if (!secrets_init()) {
492 d_printf("ERROR: Unable to open secrets database\n");
496 opt_password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
499 d_printf("ERROR: Unable to fetch machine password\n");
502 pstr_sprintf(cmdline_auth_info.username, "%s$",
504 pstrcpy(cmdline_auth_info.password,opt_password);
505 SAFE_FREE(opt_password);
507 /* machine accounts only work with kerberos */
508 cmdline_auth_info.use_kerberos = True;
509 cmdline_auth_info.got_pass = True;
517 struct poptOption popt_common_credentials[] = {
518 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, (void *)popt_common_credentials_callback },
519 { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
520 { "no-pass", 'N', POPT_ARG_NONE, &cmdline_auth_info.got_pass, 0, "Don't ask for a password" },
521 { "kerberos", 'k', POPT_ARG_NONE, &cmdline_auth_info.use_kerberos, 'k', "Use kerberos (active directory) authentication" },
522 { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
523 { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
524 {"machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
git.samba.org / samba.git / blob