0445877e7a9a4322fa06fb8e7f7f35dfcd2504b2
[bbaumbach/samba-autobuild/.git] / source4 / lib / cmdline / popt_common.c
1 /* 
2    Unix SMB/CIFS implementation.
3    Common popt routines
4
5    Copyright (C) Tim Potter 2001,2002
6    Copyright (C) Jelmer Vernooij 2002,2003
7
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #include "includes.h"
24 #include "version.h"
25 #include "dynconfig.h"
26 #include "system/filesys.h"
27 #include "system/passwd.h"
28 #include "lib/cmdline/popt_common.h"
29
30 /* Handle command line options:
31  *              -d,--debuglevel 
32  *              -s,--configfile 
33  *              -O,--socket-options 
34  *              -V,--version
35  *              -l,--log-base
36  *              -n,--netbios-name
37  *              -W,--workgroup
38  *              -i,--scope
39  */
40
41
42 enum {OPT_OPTION=1,OPT_LEAK_REPORT,OPT_LEAK_REPORT_FULL};
43
44 static struct cmdline_auth_info cmdline_auth_info;
45
46 static void popt_common_callback(poptContext con, 
47                            enum poptCallbackReason reason,
48                            const struct poptOption *opt,
49                            const char *arg, const void *data)
50 {
51         const char *pname;
52         
53         /* Find out basename of current program */
54         pname = strrchr_m(poptGetInvocationName(con),'/');
55
56         if (!pname)
57                 pname = poptGetInvocationName(con);
58         else 
59                 pname++;
60
61         if (reason == POPT_CALLBACK_REASON_PRE) {
62                 char *logfile = talloc_asprintf(NULL, "%s/log.%s", dyn_LOGFILEBASE, pname);
63                 lp_set_cmdline("log file", logfile);
64                 talloc_free(logfile);
65                 return;
66         }
67
68         switch(opt->val) {
69         case 'd':
70                 lp_set_cmdline("log level", arg);
71                 break;
72
73         case 'V':
74                 printf( "Version %s\n", SAMBA_VERSION_STRING );
75                 exit(0);
76                 break;
77
78         case 'O':
79                 if (arg) {
80                         lp_set_cmdline("socket options", arg);
81                 }
82                 break;
83
84         case 's':
85                 if (arg) {
86                         pstrcpy(dyn_CONFIGFILE, arg);
87                 }
88                 break;
89
90         case 'l':
91                 if (arg) {
92                         char *logfile = talloc_asprintf(NULL, "%s/log.%s", arg, pname);
93                         lp_set_cmdline("log file", logfile);
94                         talloc_free(logfile);
95                 }
96                 break;
97                 
98         case 'W':
99                 lp_set_cmdline("workgroup", arg);
100                 break;
101                 
102         case 'n':
103                 lp_set_cmdline("netbios name", arg);
104                 break;
105                 
106         case 'i':
107                 lp_set_cmdline("netbios scope", arg);
108                 break;
109
110         case 'm':
111                 lp_set_cmdline("max protocol", arg);
112                 break;
113
114         case 'R':
115                 lp_set_cmdline("name resolve order", arg);
116                 break;
117
118         case OPT_OPTION:
119                 if (!lp_set_option(arg)) {
120                         fprintf(stderr, "Error setting option '%s'\n", arg);
121                         exit(1);
122                 }
123                 break;
124
125         case OPT_LEAK_REPORT:
126                 talloc_enable_leak_report();
127                 break;
128
129         case OPT_LEAK_REPORT_FULL:
130                 talloc_enable_leak_report_full();
131                 break;
132         }
133 }
134
135 struct poptOption popt_common_connection[] = {
136         { NULL, 0, POPT_ARG_CALLBACK, popt_common_callback },
137         { "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" },
138         { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use", "SOCKETOPTIONS" },
139         { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
140         { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
141         { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
142         { "maxprotocol", 'm', POPT_ARG_STRING, NULL, 'm', "Set max protocol level", "MAXPROTOCOL" },
143         POPT_TABLEEND
144 };
145
146 struct poptOption popt_common_samba[] = {
147         { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, popt_common_callback },
148         { "debuglevel",   'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
149         { "configfile",   's', POPT_ARG_STRING, NULL, 's', "Use alternative configuration file", "CONFIGFILE" },
150         { "option",         0, POPT_ARG_STRING, NULL, OPT_OPTION, "Set smb.conf option from command line", "name=value" },
151         { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Basename for log/debug files", "LOGFILEBASE" },
152         { "leak-report",     0, POPT_ARG_NONE, NULL, OPT_LEAK_REPORT, "enable talloc leak reporting on exit", NULL },   
153         { "leak-report-full",0, POPT_ARG_NONE, NULL, OPT_LEAK_REPORT_FULL, "enable full talloc leak reporting on exit", NULL },
154         POPT_TABLEEND
155 };
156
157 struct poptOption popt_common_version[] = {
158         { NULL, 0, POPT_ARG_CALLBACK, popt_common_callback },
159         { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
160         POPT_TABLEEND
161 };
162
163
164
165 /****************************************************************************
166  * get a password from a a file or file descriptor
167  * exit on failure
168  * ****************************************************************************/
169 static void get_password_file(struct cmdline_auth_info *a)
170 {
171         int fd = -1;
172         char *p;
173         BOOL close_it = False;
174         pstring spec;
175         char pass[128];
176
177         if ((p = getenv("PASSWD_FD")) != NULL) {
178                 pstrcpy(spec, "descriptor ");
179                 pstrcat(spec, p);
180                 sscanf(p, "%d", &fd);
181                 close_it = False;
182         } else if ((p = getenv("PASSWD_FILE")) != NULL) {
183                 fd = open(p, O_RDONLY, 0);
184                 pstrcpy(spec, p);
185                 if (fd < 0) {
186                         fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
187                                         spec, strerror(errno));
188                         exit(1);
189                 }
190                 close_it = True;
191         }
192
193         for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
194                 p && p - pass < sizeof(pass);) {
195                 switch (read(fd, p, 1)) {
196                 case 1:
197                         if (*p != '\n' && *p != '\0') {
198                                 *++p = '\0'; /* advance p, and null-terminate pass */
199                                 break;
200                         }
201                 case 0:
202                         if (p - pass) {
203                                 *p = '\0'; /* null-terminate it, just in case... */
204                                 p = NULL; /* then force the loop condition to become false */
205                                 break;
206                         } else {
207                                 fprintf(stderr, "Error reading password from file %s: %s\n",
208                                                 spec, "empty password\n");
209                                 exit(1);
210                         }
211
212                 default:
213                         fprintf(stderr, "Error reading password from file %s: %s\n",
214                                         spec, strerror(errno));
215                         exit(1);
216                 }
217         }
218         pstrcpy(a->password, pass);
219         if (close_it)
220                 close(fd);
221 }
222
223 static void get_credentials_file(const char *file, struct cmdline_auth_info *info) 
224 {
225         XFILE *auth;
226         fstring buf;
227         uint16_t len = 0;
228         char *ptr, *val, *param;
229
230         if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
231         {
232                 /* fail if we can't open the credentials file */
233                 d_printf("ERROR: Unable to open credentials file!\n");
234                 exit(-1);
235         }
236
237         while (!x_feof(auth))
238         {
239                 /* get a line from the file */
240                 if (!x_fgets(buf, sizeof(buf), auth))
241                         continue;
242                 len = strlen(buf);
243
244                 if ((len) && (buf[len-1]=='\n'))
245                 {
246                         buf[len-1] = '\0';
247                         len--;
248                 }
249                 if (len == 0)
250                         continue;
251
252                 /* break up the line into parameter & value.
253                  * will need to eat a little whitespace possibly */
254                 param = buf;
255                 if (!(ptr = strchr_m (buf, '=')))
256                         continue;
257
258                 val = ptr+1;
259                 *ptr = '\0';
260
261                 /* eat leading white space */
262                 while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
263                         val++;
264
265                 if (strwicmp("password", param) == 0) {
266                         pstrcpy(info->password, val);
267                         info->got_pass = True;
268                 } else if (strwicmp("username", param) == 0) {
269                         pstrcpy(info->username, val);
270                 } else if (strwicmp("domain", param) == 0) {
271                         pstrcpy(info->domain,val);
272                         info->got_domain = True;
273                 }
274                 memset(buf, 0, sizeof(buf));
275         }
276         x_fclose(auth);
277 }
278
279 /* Handle command line options:
280  *              -U,--user
281  *              -A,--authentication-file
282  *              -k,--use-kerberos
283  *              -N,--no-pass
284  *              -S,--signing
285  *              -P --machine-pass
286  */
287
288
289 static void popt_common_credentials_callback(poptContext con, 
290                                                 enum poptCallbackReason reason,
291                                                 const struct poptOption *opt,
292                                                 const char *arg, const void *data)
293 {
294         char *p;
295
296         if (reason == POPT_CALLBACK_REASON_PRE) {
297                 cmdline_auth_info.use_kerberos = False;
298                 cmdline_auth_info.got_pass = False;
299                 pstrcpy(cmdline_auth_info.username, "GUEST");   
300
301                 if (getenv("LOGNAME"))pstrcpy(cmdline_auth_info.username,getenv("LOGNAME"));
302
303                 if (getenv("USER")) {
304                         pstring tmp;
305
306                         pstrcpy(cmdline_auth_info.username,getenv("USER"));
307
308                         pstrcpy(tmp,cmdline_auth_info.username);
309                         if ((p = strchr_m(tmp,'\\'))) {
310                                 *p = 0;
311                                 pstrcpy(cmdline_auth_info.domain,tmp);
312                                 cmdline_auth_info.got_domain = True;
313                                 pstrcpy(cmdline_auth_info.username,p+1);
314                         }
315
316                         if ((p = strchr_m(cmdline_auth_info.username,'%'))) {
317                                 *p = 0;
318                                 pstrcpy(cmdline_auth_info.password,p+1);
319                                 cmdline_auth_info.got_pass = True;
320                                 memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(cmdline_auth_info.password));
321                         }
322                 }
323
324                 if (getenv("DOMAIN")) {
325                         pstrcpy(cmdline_auth_info.domain,getenv("DOMAIN"));
326                         cmdline_auth_info.got_domain = True;
327                 }
328
329                 if (getenv("PASSWD")) {
330                         pstrcpy(cmdline_auth_info.password,getenv("PASSWD"));
331                         cmdline_auth_info.got_pass = True;
332                 }
333
334                 if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
335                         get_password_file(&cmdline_auth_info);
336                         cmdline_auth_info.got_pass = True;
337                 }
338
339                 return;
340         }
341
342         switch(opt->val) {
343         case 'U':
344                 {
345                         char *lp;
346                         pstring tmp;
347
348                         pstrcpy(cmdline_auth_info.username,arg);
349
350                         pstrcpy(tmp,cmdline_auth_info.username);
351                         if ((p = strchr_m(tmp,'\\'))) {
352                                 *p = 0;
353                                 pstrcpy(cmdline_auth_info.domain,tmp);
354                                 cmdline_auth_info.got_domain = True;
355                                 pstrcpy(cmdline_auth_info.username,p+1);
356                         }
357
358                         if ((lp=strchr_m(cmdline_auth_info.username,'%'))) {
359                                 *lp = 0;
360                                 pstrcpy(cmdline_auth_info.password,lp+1);
361                                 cmdline_auth_info.got_pass = True;
362                                 memset(strchr_m(arg,'%')+1,'X',strlen(cmdline_auth_info.password));
363                         }
364                 }
365                 break;
366
367         case 'A':
368                 get_credentials_file(arg, &cmdline_auth_info);
369                 break;
370
371         case 'k':
372 #ifndef HAVE_KRB5
373                 d_printf("No kerberos support compiled in\n");
374                 exit(1);
375 #else
376                 cmdline_auth_info.use_kerberos = True;
377                 cmdline_auth_info.got_pass = True;
378                 lp_set_cmdline("gensec:krb5", "True");
379                 lp_set_cmdline("gensec:ms_krb5", "True");
380 #endif
381                 break;
382
383         case 'S':
384                 lp_set_cmdline("client signing", arg);
385                 break;
386
387         case 'P':
388                 {
389                         char *opt_password = NULL;
390                         /* it is very useful to be able to make ads queries as the
391                            machine account for testing purposes and for domain leave */
392                         
393                         if (!secrets_init()) {
394                                 d_printf("ERROR: Unable to open secrets database\n");
395                                 exit(1);
396                         }
397                         
398                         opt_password = secrets_fetch_machine_password(lp_workgroup());
399                         
400                         if (!opt_password) {
401                                 d_printf("ERROR: Unable to fetch machine password\n");
402                                 exit(1);
403                         }
404                         snprintf(cmdline_auth_info.username, sizeof(cmdline_auth_info.username), 
405                                  "%s$", lp_netbios_name());
406                         pstrcpy(cmdline_auth_info.password,opt_password);
407                         free(opt_password);
408                         cmdline_auth_info.got_pass = True;
409
410                         pstrcpy(cmdline_auth_info.domain, lp_workgroup());
411                         cmdline_auth_info.got_domain = True;
412                         
413                         /* machine accounts only work with kerberos */
414                         cmdline_auth_info.use_kerberos = True;
415                 }
416                 break;
417         }
418 }
419
420
421
422 struct poptOption popt_common_credentials[] = {
423         { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, popt_common_credentials_callback },
424         { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
425         { "no-pass", 'N', POPT_ARG_NONE, &cmdline_auth_info.got_pass, 0, "Don't ask for a password" },
426         { "kerberos", 'k', POPT_ARG_NONE, &cmdline_auth_info.use_kerberos, 'k', "Use kerberos (active directory) authentication" },
427         { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
428         { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
429         { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
430         POPT_TABLEEND
431 };
432
433 void cmdline_set_username(const char *name)
434 {
435         pstrcpy(cmdline_auth_info.username, name);
436 }
437
438 const char *cmdline_get_username(void)
439 {
440         return cmdline_auth_info.username;
441 }
442
443 void cmdline_set_userdomain(const char *domain)
444 {
445         cmdline_auth_info.got_domain = True;
446         pstrcpy(cmdline_auth_info.domain, domain);
447 }
448
449 const char *cmdline_get_userdomain(void)
450 {
451         if (cmdline_auth_info.got_domain) {
452                 return cmdline_auth_info.domain;
453         }
454
455         /* I think this should be lp_netbios_name() 
456          * instead of lp_workgroup(), because if you're logged in 
457          * as domain user the getenv("USER") contains the domain
458          * and this code path isn't used
459          * --metze
460          */
461         return lp_netbios_name();
462 }
463
464 const char *cmdline_get_userpassword(void)
465 {
466         char *prompt;
467         char *ret;
468
469         if (cmdline_auth_info.got_pass) {
470                 return cmdline_auth_info.password;
471         }
472
473         prompt = talloc_asprintf(NULL, "Password for [%s\\%s]:", 
474                                  cmdline_get_userdomain(),
475                                  cmdline_get_username());
476
477         ret = getpass(prompt);
478
479         talloc_free(prompt);
480         return ret;
481 }
482
483 void cmdline_set_userpassword(const char *pass)
484 {
485         cmdline_auth_info.got_pass = True;
486         pstrcpy(cmdline_auth_info.password, pass);
487 }
488
489 void cmdline_set_use_kerberos(BOOL use_kerberos)
490 {
491         cmdline_auth_info.use_kerberos = use_kerberos;
492 }
493
494 BOOL cmdline_get_use_kerberos(void)
495 {
496         return cmdline_auth_info.use_kerberos;
497 }