#define USERSHARE_VALID 1
#define USERSHARE_PENDING_DELETE 2
-extern int extra_time_offset;
-
static bool defaults_saved = False;
struct param_opt_struct {
char *szDeletePrinterCommand;
char *szOs2DriverMap;
char *szLockDir;
+ char *szStateDir;
+ char *szCacheDir;
char *szPidDir;
char *szRootdir;
char *szDefaultService;
char *szLdapIdmapSuffix;
char *szLdapGroupSuffix;
int ldap_ssl;
+ bool ldap_ssl_ads;
char *szLdapSuffix;
char *szLdapAdminDn;
int ldap_debug_level;
bool bHostnameLookups;
bool bUnixExtensions;
bool bDisableNetbios;
- bool bUseKerberosKeytab;
+ char * szDedicatedKeytabFile;
+ int iKerberosMethod;
bool bDeferSharingViolations;
bool bEnablePrivileges;
bool bASUSupport;
int iminreceivefile;
struct param_opt_struct *param_opt;
int cups_connection_timeout;
+ char *szSMBPerfcountModule;
+ bool bMapUntrustedToDomain;
};
static struct global Globals;
static const struct enum_list enum_ldap_ssl[] = {
{LDAP_SSL_OFF, "no"},
- {LDAP_SSL_OFF, "No"},
{LDAP_SSL_OFF, "off"},
- {LDAP_SSL_OFF, "Off"},
{LDAP_SSL_START_TLS, "start tls"},
- {LDAP_SSL_START_TLS, "Start_tls"},
+ {LDAP_SSL_START_TLS, "start_tls"},
{-1, NULL}
};
static const struct enum_list enum_ldap_passwd_sync[] = {
{LDAP_PASSWD_SYNC_OFF, "no"},
- {LDAP_PASSWD_SYNC_OFF, "No"},
{LDAP_PASSWD_SYNC_OFF, "off"},
- {LDAP_PASSWD_SYNC_OFF, "Off"},
- {LDAP_PASSWD_SYNC_ON, "Yes"},
{LDAP_PASSWD_SYNC_ON, "yes"},
{LDAP_PASSWD_SYNC_ON, "on"},
- {LDAP_PASSWD_SYNC_ON, "On"},
- {LDAP_PASSWD_SYNC_ONLY, "Only"},
{LDAP_PASSWD_SYNC_ONLY, "only"},
{-1, NULL}
};
{-1, NULL}
};
+/* ADS kerberos ticket verification options */
+
+static const struct enum_list enum_kerberos_method[] = {
+ {KERBEROS_VERIFY_SECRETS, "default"},
+ {KERBEROS_VERIFY_SECRETS, "secrets only"},
+ {KERBEROS_VERIFY_SYSTEM_KEYTAB, "system keytab"},
+ {KERBEROS_VERIFY_DEDICATED_KEYTAB, "dedicated keytab"},
+ {KERBEROS_VERIFY_SECRETS_AND_KEYTAB, "secrets and keytab"},
+ {-1, NULL}
+};
+
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
* The FLAG_HIDE is explicit. Paramters set this way do NOT appear in any edit
.flags = FLAG_ADVANCED | FLAG_GLOBAL,
},
{
- .label = "use kerberos keytab",
- .type = P_BOOL,
+ .label = "dedicated keytab file",
+ .type = P_STRING,
.p_class = P_GLOBAL,
- .ptr = &Globals.bUseKerberosKeytab,
+ .ptr = &Globals.szDedicatedKeytabFile,
.special = NULL,
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "kerberos method",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.iKerberosMethod,
+ .special = NULL,
+ .enum_list = enum_kerberos_method,
+ .flags = FLAG_ADVANCED,
+ },
+ {
+ .label = "map untrusted to domain",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.bMapUntrustedToDomain,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL,
+ },
+
{N_("Logging Options"), P_SEP, P_SEPARATOR},
.ptr = &sDefault.bShareModes,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
+ .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL | FLAG_DEPRECATED,
},
{N_("Ldap Options"), P_SEP, P_SEPARATOR},
.enum_list = enum_ldap_ssl,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "ldap ssl ads",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.ldap_ssl_ads,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "ldap timeout",
.type = P_INTEGER,
.enum_list = NULL,
.flags = FLAG_HIDE,
},
+ {
+ .label = "state directory",
+ .type = P_STRING,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.szStateDir,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
+ {
+ .label = "cache directory",
+ .type = P_STRING,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.szCacheDir,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "pid directory",
.type = P_STRING,
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "perfcount module",
+ .type = P_STRING,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.szSMBPerfcountModule,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{N_("VFS module options"), P_SEP, P_SEPARATOR},
{
void *parm_ptr;
- if (parm.ptr == NULL); {
+ if (parm.ptr == NULL) {
return;
}
string_set(&Globals.szWorkgroup, lp_workgroup());
string_set(&Globals.szPasswdProgram, "");
- string_set(&Globals.szPidDir, get_dyn_PIDDIR());
string_set(&Globals.szLockDir, get_dyn_LOCKDIR());
+ string_set(&Globals.szStateDir, get_dyn_STATEDIR());
+ string_set(&Globals.szCacheDir, get_dyn_CACHEDIR());
+ string_set(&Globals.szPidDir, get_dyn_PIDDIR());
string_set(&Globals.szSocketAddress, "0.0.0.0");
- if (asprintf(&s, "Samba %s", SAMBA_VERSION_STRING) < 0) {
+ if (asprintf(&s, "Samba %s", samba_version_string()) < 0) {
smb_panic("init_globals: ENOMEM");
}
string_set(&Globals.szServerString, s);
string_set(&Globals.szLdapIdmapSuffix, "");
string_set(&Globals.szLdapAdminDn, "");
- Globals.ldap_ssl = LDAP_SSL_OFF;
+ Globals.ldap_ssl = LDAP_SSL_START_TLS;
+ Globals.ldap_ssl_ads = False;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = False;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
Globals.bRegistryShares = False;
Globals.iminreceivefile = 0;
+
+ Globals.bMapUntrustedToDomain = false;
}
/*******************************************************************
}
/*
- In this section all the functions that are used to access the
- parameters from the rest of the program are defined
+ In this section all the functions that are used to access the
+ parameters from the rest of the program are defined
*/
#define FN_GLOBAL_STRING(fn_name,ptr) \
FN_GLOBAL_STRING(lp_deleteprinter_cmd, &Globals.szDeletePrinterCommand)
FN_GLOBAL_STRING(lp_os2_driver_map, &Globals.szOs2DriverMap)
FN_GLOBAL_STRING(lp_lockdir, &Globals.szLockDir)
+/* If lp_statedir() and lp_cachedir() are explicitely set during the
+ * build process or in smb.conf, we use that value. Otherwise they
+ * default to the value of lp_lockdir(). */
+char *lp_statedir(void) {
+ if ((strcmp(get_dyn_STATEDIR(), get_dyn_LOCKDIR()) != 0) ||
+ (strcmp(get_dyn_STATEDIR(), Globals.szStateDir) != 0))
+ return(lp_string(*(char **)(&Globals.szStateDir) ?
+ *(char **)(&Globals.szStateDir) : ""));
+ else
+ return(lp_string(*(char **)(&Globals.szLockDir) ?
+ *(char **)(&Globals.szLockDir) : ""));
+}
+char *lp_cachedir(void) {
+ if ((strcmp(get_dyn_CACHEDIR(), get_dyn_LOCKDIR()) != 0) ||
+ (strcmp(get_dyn_CACHEDIR(), Globals.szCacheDir) != 0))
+ return(lp_string(*(char **)(&Globals.szCacheDir) ?
+ *(char **)(&Globals.szCacheDir) : ""));
+ else
+ return(lp_string(*(char **)(&Globals.szLockDir) ?
+ *(char **)(&Globals.szLockDir) : ""));
+}
FN_GLOBAL_STRING(lp_piddir, &Globals.szPidDir)
FN_GLOBAL_STRING(lp_mangling_method, &Globals.szManglingMethod)
FN_GLOBAL_INTEGER(lp_mangle_prefix, &Globals.mangle_prefix)
FN_GLOBAL_STRING(lp_wtmpdir, &Globals.szWtmpDir)
FN_GLOBAL_BOOL(lp_utmp, &Globals.bUtmp)
FN_GLOBAL_STRING(lp_rootdir, &Globals.szRootdir)
+FN_GLOBAL_STRING(lp_smb_perfcount_module, &Globals.szSMBPerfcountModule)
FN_GLOBAL_STRING(lp_defaultservice, &Globals.szDefaultService)
FN_GLOBAL_STRING(lp_msg_command, &Globals.szMsgCommand)
FN_GLOBAL_STRING(lp_get_quota_command, &Globals.szGetQuota)
FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)
FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
+FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads)
FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep)
FN_GLOBAL_BOOL(lp_stat_cache, &Globals.bStatCache)
FN_GLOBAL_INTEGER(lp_max_stat_cache_size, &Globals.iMaxStatCacheSize)
FN_GLOBAL_BOOL(lp_allow_trusted_domains, &Globals.bAllowTrustedDomains)
+FN_GLOBAL_BOOL(lp_map_untrusted_to_domain, &Globals.bMapUntrustedToDomain)
FN_GLOBAL_INTEGER(lp_restrict_anonymous, &Globals.restrict_anonymous)
FN_GLOBAL_BOOL(lp_lanman_auth, &Globals.bLanmanAuth)
FN_GLOBAL_BOOL(lp_ntlm_auth, &Globals.bNTLMAuth)
FN_GLOBAL_BOOL(lp_hostname_lookups, &Globals.bHostnameLookups)
FN_LOCAL_PARM_BOOL(lp_change_notify, bChangeNotify)
FN_LOCAL_PARM_BOOL(lp_kernel_change_notify, bKernelChangeNotify)
-FN_GLOBAL_BOOL(lp_use_kerberos_keytab, &Globals.bUseKerberosKeytab)
+FN_GLOBAL_STRING(lp_dedicated_keytab_file, &Globals.szDedicatedKeytabFile)
+FN_GLOBAL_INTEGER(lp_kerberos_method, &Globals.iKerberosMethod)
FN_GLOBAL_BOOL(lp_defer_sharing_violations, &Globals.bDeferSharingViolations)
FN_GLOBAL_BOOL(lp_enable_privileges, &Globals.bEnablePrivileges)
FN_GLOBAL_BOOL(lp_enable_asu_support, &Globals.bASUSupport)