+++ /dev/null
-/*
- Unix SMB/CIFS implementation.
-
- Copyright (C) Jelmer Vernooij 2005
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "system/filesys.h"
-#include "auth/credentials/credentials.h"
-#include "lib/cmdline/credentials.h"
-
-static const char *cmdline_get_userpassword(struct cli_credentials *credentials)
-{
- TALLOC_CTX *mem_ctx = talloc_new(NULL);
- const char *prompt_name = cli_credentials_get_unparsed_name(credentials, mem_ctx);
- const char *prompt;
- static char pwd[256]; /* FIXME: Return a dup pwd and free it. */
- int rc;
-
- prompt = talloc_asprintf(mem_ctx, "Password for [%s]:",
- prompt_name);
-
- memset(pwd, '\0', sizeof(pwd));
- rc = samba_getpass(prompt, pwd, sizeof(pwd), false, false);
- talloc_free(mem_ctx);
- if (rc < 0) {
- return NULL;
- }
-
- return pwd;
-}
-
-bool s4_cli_credentials_set_cmdline_callbacks(struct cli_credentials *cred)
-{
- if (isatty(fileno(stdout))) {
- cli_credentials_set_password_callback(cred, cmdline_get_userpassword);
- return true;
- }
-
- return false;
-}
+++ /dev/null
-/*
- Unix SMB/CIFS implementation.
- Common popt routines
-
- Copyright (C) Tim Potter 2001,2002
- Copyright (C) Jelmer Vernooij 2002,2003,2005
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "version.h"
-#include "lib/cmdline/popt_common.h"
-#include "param/param.h"
-
-/* Handle command line options:
- * -d,--debuglevel
- * -s,--configfile
- * -O,--socket-options
- * -V,--version
- * -l,--log-base
- * -n,--netbios-name
- * -W,--workgroup
- * --realm
- * -i,--scope
- */
-
-enum {OPT_OPTION=1,OPT_LEAK_REPORT,OPT_LEAK_REPORT_FULL,OPT_DEBUG_STDERR};
-
-static struct cli_credentials *cmdline_credentials = NULL;
-
-void popt_set_cmdline_credentials(struct cli_credentials *creds)
-{
- cmdline_credentials = creds;
-}
-
-struct cli_credentials *popt_get_cmdline_credentials(void)
-{
- return cmdline_credentials;
-}
-
-void popt_free_cmdline_credentials(void)
-{
- TALLOC_FREE(cmdline_credentials);
-}
-
-struct loadparm_context *cmdline_lp_ctx = NULL;
-
-static void popt_version_callback(poptContext con,
- enum poptCallbackReason reason,
- const struct poptOption *opt,
- const char *arg, const void *data)
-{
- switch(opt->val) {
- case 'V':
- printf("Version %s\n", SAMBA_VERSION_STRING );
- exit(0);
- }
-}
-
-static void popt_s4_talloc_log_fn(const char *message)
-{
- DEBUG(0,("%s", message));
-}
-
-static void popt_samba_callback(poptContext con,
- enum poptCallbackReason reason,
- const struct poptOption *opt,
- const char *arg, const void *data)
-{
- const char *pname;
-
- if (reason == POPT_CALLBACK_REASON_POST) {
- if (lpcfg_configfile(cmdline_lp_ctx) == NULL) {
- lpcfg_load_default(cmdline_lp_ctx);
- }
- /* Hook any 'every Samba program must do this, after
- * the smb.conf is setup' functions here */
- return;
- }
-
- /* Find out basename of current program */
- pname = strrchr_m(poptGetInvocationName(con),'/');
-
- if (!pname)
- pname = poptGetInvocationName(con);
- else
- pname++;
-
- if (reason == POPT_CALLBACK_REASON_PRE) {
- /* Hook for 'almost the first thing to do in a samba program' here */
- /* setup for panics */
- fault_setup();
-
- /* and logging */
- setup_logging(pname, DEBUG_DEFAULT_STDOUT);
- talloc_set_log_fn(popt_s4_talloc_log_fn);
- talloc_set_abort_fn(smb_panic);
-
- cmdline_lp_ctx = loadparm_init_global(false);
- return;
- }
-
- switch(opt->val) {
-
- case OPT_LEAK_REPORT:
- talloc_enable_leak_report();
- break;
-
- case OPT_LEAK_REPORT_FULL:
- talloc_enable_leak_report_full();
- break;
-
- case OPT_OPTION:
- if (!lpcfg_set_option(cmdline_lp_ctx, arg)) {
- fprintf(stderr, "Error setting option '%s'\n", arg);
- exit(1);
- }
- break;
-
- case 'd':
- lpcfg_set_cmdline(cmdline_lp_ctx, "log level", arg);
- break;
-
- case OPT_DEBUG_STDERR:
- setup_logging(pname, DEBUG_STDERR);
- break;
-
- case 's':
- if (arg) {
- lpcfg_load(cmdline_lp_ctx, arg);
- }
- break;
-
- case 'l':
- if (arg) {
- char *new_logfile = talloc_asprintf(NULL, "%s/log.%s", arg, pname);
- lpcfg_set_cmdline(cmdline_lp_ctx, "log file", new_logfile);
- talloc_free(new_logfile);
- }
- break;
-
-
- }
-
-}
-
-
-static void popt_common_callback(poptContext con,
- enum poptCallbackReason reason,
- const struct poptOption *opt,
- const char *arg, const void *data)
-{
- struct loadparm_context *lp_ctx = cmdline_lp_ctx;
-
- switch(opt->val) {
- case 'O':
- if (arg) {
- lpcfg_set_cmdline(lp_ctx, "socket options", arg);
- }
- break;
-
- case 'W':
- lpcfg_set_cmdline(lp_ctx, "workgroup", arg);
- break;
-
- case 'r':
- lpcfg_set_cmdline(lp_ctx, "realm", arg);
- break;
-
- case 'n':
- lpcfg_set_cmdline(lp_ctx, "netbios name", arg);
- break;
-
- case 'i':
- lpcfg_set_cmdline(lp_ctx, "netbios scope", arg);
- break;
-
- case 'm':
- lpcfg_set_cmdline(lp_ctx, "client max protocol", arg);
- break;
-
- case 'R':
- lpcfg_set_cmdline(lp_ctx, "name resolve order", arg);
- break;
-
- case 'S':
- lpcfg_set_cmdline(lp_ctx, "client signing", arg);
- break;
-
- }
-}
-
-struct poptOption popt_common_connection4[] = {
- {
- .argInfo = POPT_ARG_CALLBACK,
- .arg = (void *)popt_common_callback,
- },
- {
- .longName = "name-resolve",
- .shortName = 'R',
- .argInfo = POPT_ARG_STRING,
- .val = 'R',
- .descrip = "Use these name resolution services only",
- .argDescrip = "NAME-RESOLVE-ORDER",
- },
- {
- .longName = "socket-options",
- .shortName = 'O',
- .argInfo = POPT_ARG_STRING,
- .val = 'O',
- .descrip = "socket options to use",
- .argDescrip = "SOCKETOPTIONS",
- },
- {
- .longName = "netbiosname",
- .shortName = 'n',
- .argInfo = POPT_ARG_STRING,
- .val = 'n',
- .descrip = "Primary netbios name",
- .argDescrip = "NETBIOSNAME",
- },
- {
- .longName = "signing",
- .shortName = 'S',
- .argInfo = POPT_ARG_STRING,
- .val = 'S',
- .descrip = "Set the client signing state",
- .argDescrip = "on|off|required",
- },
- {
- .longName = "workgroup",
- .shortName = 'W',
- .argInfo = POPT_ARG_STRING,
- .val = 'W',
- .descrip = "Set the workgroup name",
- .argDescrip = "WORKGROUP",
- },
- {
- .longName = "realm",
- .argInfo = POPT_ARG_STRING,
- .val = 'r',
- .descrip = "Set the realm name",
- .argDescrip = "REALM",
- },
- {
- .longName = "scope",
- .shortName = 'i',
- .argInfo = POPT_ARG_STRING,
- .val = 'i',
- .descrip = "Use this Netbios scope",
- .argDescrip = "SCOPE",
- },
- {
- .longName = "maxprotocol",
- .shortName = 'm',
- .argInfo = POPT_ARG_STRING,
- .val = 'm',
- .descrip = "Set max protocol level",
- .argDescrip = "MAXPROTOCOL",
- },
- POPT_TABLEEND
-};
-
-struct poptOption popt_common_samba4[] = {
- {
- .argInfo = POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST,
- .arg = (void *)popt_samba_callback,
- },
- {
- .longName = "debuglevel",
- .shortName = 'd',
- .argInfo = POPT_ARG_STRING,
- .val = 'd',
- .descrip = "Set debug level",
- .argDescrip = "DEBUGLEVEL",
- },
- {
- .longName = "debug-stderr",
- .argInfo = POPT_ARG_NONE,
- .val = OPT_DEBUG_STDERR,
- .descrip = "Send debug output to STDERR",
- },
- {
- .longName = "configfile",
- .shortName = 's',
- .argInfo = POPT_ARG_STRING,
- .val = 's',
- .descrip = "Use alternative configuration file",
- .argDescrip = "CONFIGFILE",
- },
- {
- .longName = "option",
- .argInfo = POPT_ARG_STRING,
- .val = OPT_OPTION,
- .descrip = "Set smb.conf option from command line",
- .argDescrip = "name=value",
- },
- {
- .longName = "log-basename",
- .shortName = 'l',
- .argInfo = POPT_ARG_STRING,
- .val = 'l',
- .descrip = "Basename for log/debug files",
- .argDescrip = "LOGFILEBASE",
- },
- {
- .longName = "leak-report",
- .argInfo = POPT_ARG_NONE,
- .val = OPT_LEAK_REPORT,
- .descrip = "enable talloc leak reporting on exit",
- },
- {
- .longName = "leak-report-full",
- .argInfo = POPT_ARG_NONE,
- .val = OPT_LEAK_REPORT_FULL,
- .descrip = "enable full talloc leak reporting on exit",
- },
- POPT_TABLEEND
-};
-
-struct poptOption popt_common_version4[] = {
- {
- .argInfo = POPT_ARG_CALLBACK,
- .arg = (void *)popt_version_callback,
- },
- {
- .longName = "version",
- .shortName = 'V',
- .argInfo = POPT_ARG_NONE,
- .val = 'V',
- .descrip = "Print version",
- },
- POPT_TABLEEND
-};
+++ /dev/null
-/*
- Unix SMB/CIFS implementation.
- Common popt arguments
- Copyright (C) Jelmer Vernooij 2003
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _POPT_COMMON_H
-#define _POPT_COMMON_H
-
-#include <popt.h>
-
-/* Common popt structures */
-extern struct poptOption popt_common_samba4[];
-extern struct poptOption popt_common_connection4[];
-extern struct poptOption popt_common_version4[];
-extern struct poptOption popt_common_credentials4[];
-
-#ifndef POPT_TABLEEND
-#define POPT_TABLEEND { NULL, '\0', 0, 0, 0, NULL, NULL }
-#endif
-
-#define POPT_COMMON_SAMBA { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_samba4, 0, "Common Samba options:", NULL },
-#define POPT_COMMON_CONNECTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_connection4, 0, "Connection options:", NULL },
-#define POPT_COMMON_VERSION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version4, 0, "Version options:", NULL },
-#define POPT_COMMON_CREDENTIALS { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_credentials4, 0, "Authentication options:", NULL },
-
-struct cli_credentials;
-
-void popt_set_cmdline_credentials(struct cli_credentials *creds);
-struct cli_credentials *popt_get_cmdline_credentials(void);
-void popt_free_cmdline_credentials(void);
-extern struct loadparm_context *cmdline_lp_ctx;
-
-#endif /* _POPT_COMMON_H */
+++ /dev/null
-/*
- Unix SMB/CIFS implementation.
- Credentials popt routines
-
- Copyright (C) Jelmer Vernooij 2002,2003,2005
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "lib/cmdline/popt_common.h"
-#include "lib/cmdline/credentials.h"
-#include "auth/credentials/credentials.h"
-#include "auth/gensec/gensec.h"
-#include "param/param.h"
-
-/* Handle command line options:
- * -U,--user
- * -A,--authentication-file
- * -k,--use-kerberos
- * -N,--no-pass
- * -S,--signing
- * -P,--machine-pass
- * --simple-bind-dn
- * --password
- * --krb5-ccache
- */
-
-static bool dont_ask;
-static bool machine_account_pending;
-
-enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT, OPT_KRB5_CCACHE };
-
-static void popt_common_credentials_callback(poptContext con,
- enum poptCallbackReason reason,
- const struct poptOption *opt,
- const char *arg, const void *data)
-{
- if (reason == POPT_CALLBACK_REASON_PRE) {
- popt_set_cmdline_credentials(cli_credentials_init(NULL));
- return;
- }
-
- if (reason == POPT_CALLBACK_REASON_POST) {
- cli_credentials_guess(popt_get_cmdline_credentials(),
- cmdline_lp_ctx);
-
- if (!dont_ask) {
- s4_cli_credentials_set_cmdline_callbacks(
- popt_get_cmdline_credentials());
- }
-
- if (machine_account_pending) {
- cli_credentials_set_machine_account(
- popt_get_cmdline_credentials(), cmdline_lp_ctx);
- }
-
- return;
-
- }
-
- switch(opt->val) {
- case 'U':
- {
- char *lp;
-
- cli_credentials_parse_string(
- popt_get_cmdline_credentials(), arg, CRED_SPECIFIED);
- /* This breaks the abstraction, including the const above */
- if ((lp=strchr_m(arg,'%'))) {
- lp[0]='\0';
- lp++;
- /* Try to prevent this showing up in ps */
- memset(lp,0,strlen(lp));
- }
- }
- break;
-
- case OPT_PASSWORD:
- cli_credentials_set_password(popt_get_cmdline_credentials(),
- arg, CRED_SPECIFIED);
- /* Try to prevent this showing up in ps */
- memset(discard_const(arg),0,strlen(arg));
- break;
-
- case 'A':
- cli_credentials_parse_file(popt_get_cmdline_credentials(),
- arg, CRED_SPECIFIED);
- break;
-
- case 'P':
- /* Later, after this is all over, get the machine account details from the secrets.ldb */
- machine_account_pending = true;
- break;
-
- case OPT_KERBEROS:
- {
- bool use_kerberos = true;
- /* Force us to only use kerberos */
- if (arg) {
- if (!set_boolean(arg, &use_kerberos)) {
- fprintf(stderr, "Error parsing -k %s. Should be "
- "-k [yes|no]\n", arg);
- exit(1);
- break;
- }
- }
-
- cli_credentials_set_kerberos_state(
- popt_get_cmdline_credentials(),
- use_kerberos
- ? CRED_USE_KERBEROS_REQUIRED
- : CRED_USE_KERBEROS_DISABLED,
- CRED_SPECIFIED);
- break;
- }
-
- case OPT_SIMPLE_BIND_DN:
- {
- cli_credentials_set_bind_dn(popt_get_cmdline_credentials(),
- arg);
- break;
- }
- case OPT_KRB5_CCACHE:
- {
- const char *error_string;
- if (cli_credentials_set_ccache(
- popt_get_cmdline_credentials(), cmdline_lp_ctx,
- arg, CRED_SPECIFIED,
- &error_string) != 0) {
- fprintf(stderr, "Error reading krb5 credentials cache: '%s' %s", arg, error_string);
- exit(1);
- }
- break;
- }
- case OPT_SIGN:
- {
- uint32_t gensec_features;
-
- gensec_features = cli_credentials_get_gensec_features(
- popt_get_cmdline_credentials());
-
- gensec_features |= GENSEC_FEATURE_SIGN;
- cli_credentials_set_gensec_features(
- popt_get_cmdline_credentials(),
- gensec_features,
- CRED_SPECIFIED);
- break;
- }
- case OPT_ENCRYPT:
- {
- uint32_t gensec_features;
-
- gensec_features = cli_credentials_get_gensec_features(
- popt_get_cmdline_credentials());
-
- gensec_features |= GENSEC_FEATURE_SEAL;
- cli_credentials_set_gensec_features(
- popt_get_cmdline_credentials(),
- gensec_features,
- CRED_SPECIFIED);
- break;
- }
- }
-}
-
-
-
-struct poptOption popt_common_credentials4[] = {
- {
- .argInfo = POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST,
- .arg = (void *)popt_common_credentials_callback,
- },
- {
- .longName = "user",
- .shortName = 'U',
- .argInfo = POPT_ARG_STRING,
- .val = 'U',
- .descrip = "Set the network username",
- .argDescrip = "[DOMAIN/]USERNAME[%PASSWORD]",
- },
- {
- .longName = "no-pass",
- .shortName = 'N',
- .argInfo = POPT_ARG_NONE,
- .arg = &dont_ask,
- .val = 'N',
- .descrip = "Don't ask for a password",
- },
- {
- .longName = "password",
- .argInfo = POPT_ARG_STRING,
- .val = OPT_PASSWORD,
- .descrip = "Password",
- },
- {
- .longName = "authentication-file",
- .shortName = 'A',
- .argInfo = POPT_ARG_STRING,
- .val = 'A',
- .descrip = "Get the credentials from a file",
- .argDescrip = "FILE",
- },
- {
- .longName = "machine-pass",
- .shortName = 'P',
- .argInfo = POPT_ARG_NONE,
- .val = 'P',
- .descrip = "Use stored machine account password",
- },
- {
- .longName = "simple-bind-dn",
- .argInfo = POPT_ARG_STRING,
- .val = OPT_SIMPLE_BIND_DN,
- .descrip = "DN to use for a simple bind",
- },
- {
- .longName = "kerberos",
- .shortName = 'k',
- .argInfo = POPT_ARG_STRING,
- .val = OPT_KERBEROS,
- .descrip = "Use Kerberos, -k [yes|no]",
- },
- {
- .longName = "krb5-ccache",
- .argInfo = POPT_ARG_STRING,
- .val = OPT_KRB5_CCACHE,
- .descrip = "Credentials cache location for Kerberos",
- },
- {
- .longName = "sign",
- .shortName = 'S',
- .argInfo = POPT_ARG_NONE,
- .val = OPT_SIGN,
- .descrip = "Sign connection to prevent modification in transit",
- },
- {
- .longName = "encrypt",
- .shortName = 'e',
- .argInfo = POPT_ARG_NONE,
- .val = OPT_ENCRYPT,
- .descrip = "Encrypt connection for privacy",
- },
- POPT_TABLEEND
-};
+++ /dev/null
-#!/usr/bin/env python
-
-bld.SAMBA_LIBRARY('cmdline-credentials',
- source='credentials.c',
- autoproto='credentials.h',
- public_deps='samba-credentials popt',
- deps='samba-util',
- private_library=True)
-
-bld.SAMBA_SUBSYSTEM('POPT_SAMBA',
- source='popt_common.c',
- public_deps='popt',
- header_path='samba',
- deps='talloc samba-hostconfig'
- )
-
-bld.SAMBA_SUBSYSTEM('POPT_CREDENTIALS',
- source='popt_credentials.c',
- autoproto='popt_credentials.h',
- public_deps='samba-credentials CREDENTIALS_SECRETS cmdline-credentials popt',
- deps='samba-util'
- )
-
bld.RECURSE('source4/lib/registry')
bld.RECURSE('source4/lib/messaging')
bld.RECURSE('source4/lib/events')
-bld.RECURSE('source4/lib/cmdline')
if bld.CHECK_FOR_THIRD_PARTY():
bld.RECURSE('third_party')
bld.RECURSE('source4/lib/stream')