#include "ads.h"
#include "../librpc/gen_ndr/svcctl.h"
#include "intl.h"
-#include "smb_signing.h"
+#include "../libcli/smb/smb_signing.h"
#include "dbwrap/dbwrap.h"
+#include "dbwrap/dbwrap_rbt.h"
#include "smbldap.h"
#include "../lib/util/bitmap.h"
/* SMB signing types. */
static const struct enum_list enum_smb_signing_vals[] = {
- {false, "No"},
- {false, "False"},
- {false, "0"},
- {false, "Off"},
- {false, "disabled"},
- {true, "Yes"},
- {true, "True"},
- {true, "1"},
- {true, "On"},
- {true, "enabled"},
- {Auto, "auto"},
- {Required, "required"},
- {Required, "mandatory"},
- {Required, "force"},
- {Required, "forced"},
- {Required, "enforced"},
+ {SMB_SIGNING_DEFAULT, "default"},
+ {SMB_SIGNING_OFF, "No"},
+ {SMB_SIGNING_OFF, "False"},
+ {SMB_SIGNING_OFF, "0"},
+ {SMB_SIGNING_OFF, "Off"},
+ {SMB_SIGNING_OFF, "disabled"},
+ {SMB_SIGNING_IF_REQUIRED, "if_required"},
+ {SMB_SIGNING_IF_REQUIRED, "Yes"},
+ {SMB_SIGNING_IF_REQUIRED, "True"},
+ {SMB_SIGNING_IF_REQUIRED, "1"},
+ {SMB_SIGNING_IF_REQUIRED, "On"},
+ {SMB_SIGNING_IF_REQUIRED, "enabled"},
+ {SMB_SIGNING_IF_REQUIRED, "auto"},
+ {SMB_SIGNING_REQUIRED, "required"},
+ {SMB_SIGNING_REQUIRED, "mandatory"},
+ {SMB_SIGNING_REQUIRED, "force"},
+ {SMB_SIGNING_REQUIRED, "forced"},
+ {SMB_SIGNING_REQUIRED, "enforced"},
{-1, NULL}
};
{-1, NULL}
};
+/* Server role options */
+static const struct enum_list enum_server_role[] = {
+ {ROLE_AUTO, "auto"},
+ {ROLE_STANDALONE, "standalone"},
+ {ROLE_DOMAIN_MEMBER, "member server"},
+ {ROLE_DOMAIN_MEMBER, "member"},
+ /* note that currently
+ ROLE_DOMAIN_CONTROLLER == ROLE_DOMAIN_BDC */
+ {ROLE_DOMAIN_CONTROLLER, "domain controller"},
+ {ROLE_DOMAIN_BDC, "backup domain controller"},
+ {ROLE_DOMAIN_BDC, "bdc"},
+ {ROLE_DOMAIN_BDC, "dc"},
+ {ROLE_DOMAIN_PDC, "primary domain controller"},
+ {ROLE_DOMAIN_PDC, "pdc"},
+ {-1, NULL}
+};
+
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
* The FLAG_HIDE is explicit. Parameters set this way do NOT appear in any edit
.enum_list = enum_config_backend,
.flags = FLAG_HIDE|FLAG_ADVANCED|FLAG_META,
},
+ {
+ .label = "server role",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .offset = GLOBAL_VAR(ServerRole),
+ .special = NULL,
+ .enum_list = enum_server_role,
+ .flags = FLAG_BASIC | FLAG_ADVANCED,
+ },
{N_("Security Options"), P_SEP, P_SEPARATOR},
.offset = LOCAL_VAR(bAclCheckPermissions),
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE | FLAG_DEPRECATED,
},
{
.label = "acl group control",
Globals.PrintcapCacheTime = 750; /* 12.5 minutes */
Globals.ConfigBackend = config_backend;
+ Globals.ServerRole = ROLE_STANDALONE;
/* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
/* Discovered by 2 days of pain by Don McCall @ HP :-). */
Globals.bUseSpnego = true;
Globals.bClientUseSpnego = true;
- Globals.client_signing = Auto;
- Globals.server_signing = false;
+ Globals.client_signing = SMB_SIGNING_DEFAULT;
+ Globals.server_signing = SMB_SIGNING_DEFAULT;
Globals.bDeferSharingViolations = true;
string_set(&Globals.smb_ports, SMB_PORTS);
FN_GLOBAL_INTEGER(lp_usershare_max_shares, iUsershareMaxShares)
FN_GLOBAL_CONST_STRING(lp_socket_options, szSocketOptions)
FN_GLOBAL_INTEGER(lp_config_backend, ConfigBackend)
+FN_GLOBAL_INTEGER(lp_server_role, ServerRole)
FN_GLOBAL_INTEGER(lp_smb2_max_read, ismb2_max_read)
FN_GLOBAL_INTEGER(lp_smb2_max_write, ismb2_max_write)
FN_GLOBAL_INTEGER(lp_smb2_max_trans, ismb2_max_trans)
i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
if (i < 0)
- return (false);
+ return false;
if (!(*(ServicePtrs[iDefaultService]->szPath))
|| strequal(ServicePtrs[iDefaultService]->szPath, lp_pathname(GLOBAL_SECTION_SNUM))) {
DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
user, ServicePtrs[i]->szPath ));
- return (true);
+ return true;
}
/***************************************************************************
int i = add_a_service(&sDefault, ipc_name);
if (i < 0)
- return (false);
+ return false;
if (asprintf(&comment, "IPC Service (%s)",
Globals.szServerString) < 0) {
- return (false);
+ return false;
}
string_set(&ServicePtrs[i]->szPath, tmpdir());
DEBUG(3, ("adding IPC service\n"));
SAFE_FREE(comment);
- return (true);
+ return true;
}
/***************************************************************************
int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
if (i < 0)
- return (false);
+ return false;
/* note that we do NOT default the availability flag to true - */
/* we take it from the default service passed. This allows all */
DEBUG(3, ("adding printer service %s\n", pszPrintername));
- return (true);
+ return true;
}
int iService = -1;
char *canon_name;
TDB_DATA data;
+ NTSTATUS status;
if (ServiceHash == NULL) {
return -1;
canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
- data = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name);
+ status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
+ &data);
- if ((data.dptr != NULL) && (data.dsize == sizeof(iService))) {
+ if (NT_STATUS_IS_OK(status) &&
+ (data.dptr != NULL) &&
+ (data.dsize == sizeof(iService)))
+ {
iService = *(int *)data.dptr;
}
}
f = f->next;
}
- return (false);
+ return false;
}
if (strchr(pszParmName, ':') == NULL) {
DEBUG(0, ("Ignoring unknown parameter \"%s\"\n",
pszParmName));
- return (true);
+ return true;
}
/*
? &Globals.param_opt : &ServicePtrs[snum]->param_opt;
set_param_opt(opt_list, pszParmName, pszParmValue, 0);
- return (true);
+ return true;
}
/* if it's already been set by the command line, then we don't
DEBUG(0,
("Global parameter %s found in service section!\n",
pszParmName));
- return (true);
+ return true;
}
parm_ptr = lp_local_ptr_by_snum(snum, &parm_table[parmnum]);
}
break;
}
- return (true);
+ return true;
}
/***************************************************************************
void *userdata)
{
if (!bInGlobalSection && bGlobalOnly)
- return (true);
+ return true;
DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
case P_SEP:
break;
}
- return (false);
+ return false;
}
/***************************************************************************
/* check for multiple global sections */
if (bInGlobalSection) {
DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
- return (true);
+ return true;
}
if (!bInGlobalSection && bGlobalOnly)
- return (true);
+ return true;
/* if we have a current service, tidy it up before moving on */
bRetval = true;
iServiceIndex = add_a_service(&sDefault, pszSectionName);
if (iServiceIndex < 0) {
DEBUG(0, ("Failed to add a new service\n"));
- return (false);
+ return false;
}
/* Clean all parametric options for service */
/* They will be added during parsing again */
free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
}
- return (bRetval);
+ return bRetval;
}
}
{
- TDB_DATA data = dbwrap_fetch_bystring(
- ServiceHash, canon_name, canon_name);
+ TDB_DATA data;
+ NTSTATUS status;
+
+ status = dbwrap_fetch_bystring(ServiceHash, canon_name,
+ canon_name, &data);
iService = -1;
- if ((data.dptr != NULL) && (data.dsize == sizeof(iService))) {
+ if (NT_STATUS_IS_OK(status) &&
+ (data.dptr != NULL) &&
+ (data.dsize == sizeof(iService)))
+ {
iService = *(int *)data.dptr;
}
}
}
return _lp_readraw();
}
+
+void _lp_set_server_role(int server_role)
+{
+ Globals.ServerRole = server_role;
+}
git.samba.org / ira / wip.git / blobdiff