Copyright (C) Stefan (metze) Metzmacher 2002
Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
Copyright (C) Michael Adam 2008
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "printing.h"
+#ifdef HAVE_SYS_SYSCTL_H
+#include <sys/sysctl.h>
+#endif
+
+#ifdef HAVE_HTTPCONNECTENCRYPT
+#include <cups/http.h>
+#endif
+
bool bLoaded = False;
-extern enum protocol_types Protocol;
extern userdom_struct current_user_info;
#ifndef GLOBAL_NAME
bool bWinbindOfflineLogon;
bool bWinbindNormalizeNames;
bool bWinbindRpcOnly;
+ bool bCreateKrb5Conf;
char *szIdmapBackend;
char *szIdmapAllocBackend;
char *szAddShareCommand;
char *szLdapGroupSuffix;
int ldap_ssl;
bool ldap_ssl_ads;
+ int ldap_deref;
+ int ldap_follow_referral;
char *szLdapSuffix;
char *szLdapAdminDn;
int ldap_debug_level;
int ldap_debug_threshold;
int iAclCompat;
char *szCupsServer;
+ int CupsEncrypt;
char *szIPrintServer;
char *ctdbdSocket;
char **szClusterAddresses;
bool clustering;
+ int ctdb_timeout;
int ldap_passwd_sync;
int ldap_replication_sleep;
int ldap_timeout; /* This is initialised in init_globals */
bool valid;
bool autoloaded;
int usershare;
- time_t usershare_last_mod;
+ struct timespec usershare_last_mod;
char *szService;
char *szPath;
char *szUsername;
True, /* valid */
False, /* not autoloaded */
0, /* not a usershare */
- (time_t)0, /* No last mod time */
+ {0, }, /* No last mod time */
NULL, /* szService */
NULL, /* szPath */
NULL, /* szUsername */
static void *lp_local_ptr(struct service *service, void *ptr);
+static void add_to_file_list(const char *fname, const char *subfname);
+
static const struct enum_list enum_protocol[] = {
+ {PROTOCOL_SMB2, "SMB2"},
{PROTOCOL_NT1, "NT1"},
{PROTOCOL_LANMAN2, "LANMAN2"},
{PROTOCOL_LANMAN1, "LANMAN1"},
{-1, NULL}
};
+/* LDAP Dereferencing Alias types */
+#define SAMBA_LDAP_DEREF_NEVER 0
+#define SAMBA_LDAP_DEREF_SEARCHING 1
+#define SAMBA_LDAP_DEREF_FINDING 2
+#define SAMBA_LDAP_DEREF_ALWAYS 3
+
+static const struct enum_list enum_ldap_deref[] = {
+ {SAMBA_LDAP_DEREF_NEVER, "never"},
+ {SAMBA_LDAP_DEREF_SEARCHING, "searching"},
+ {SAMBA_LDAP_DEREF_FINDING, "finding"},
+ {SAMBA_LDAP_DEREF_ALWAYS, "always"},
+ {-1, "auto"}
+};
+
static const struct enum_list enum_ldap_passwd_sync[] = {
{LDAP_PASSWD_SYNC_OFF, "no"},
{LDAP_PASSWD_SYNC_OFF, "off"},
{-1, NULL}
};
+
+
static const struct enum_list enum_bool_auto[] = {
{False, "No"},
{False, "False"},
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
- * The FLAG_HIDE is explicit. Paramters set this way do NOT appear in any edit
+ * The FLAG_HIDE is explicit. Parameters set this way do NOT appear in any edit
* screen in SWAT. This is used to exclude parameters as well as to squash all
* parameters that have been duplicated by pseudonyms.
*
* Set FLAG_SHARE and FLAG_PRINT to specifically display parameters in
* respective views.
*
- * NOTE2: Handling of duplicated (synonym) paramters:
+ * NOTE2: Handling of duplicated (synonym) parameters:
* Only the first occurance of a parameter should be enabled by FLAG_BASIC
* and/or FLAG_ADVANCED. All duplicates following the first mention should be
* set to FLAG_HIDE. ie: Make you must place the parameter that has the preferred
.ptr = &Globals.ConfigBackend,
.special = NULL,
.enum_list = enum_config_backend,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_HIDE|FLAG_ADVANCED|FLAG_META,
},
{N_("Security Options"), P_SEP, P_SEPARATOR},
.ptr = &sDefault.iWriteCacheSize,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_DEPRECATED,
+ .flags = FLAG_ADVANCED | FLAG_SHARE,
},
{
.label = "name cache timeout",
.enum_list = NULL,
.flags = FLAG_ADVANCED | FLAG_GLOBAL,
},
+ {
+ .label = "ctdb timeout",
+ .type = P_INTEGER,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.ctdb_timeout,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL,
+ },
{N_("Printing Options"), P_SEP, P_SEPARATOR},
.flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
},
{
+ .label = "cups encrypt",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.CupsEncrypt,
+ .special = NULL,
+ .enum_list = enum_bool_auto,
+ .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
+ },
+ {
+
.label = "cups connection timeout",
.type = P_INTEGER,
.p_class = P_GLOBAL,
.type = P_LIST,
.p_class = P_GLOBAL,
.ptr = &Globals.szInitLogonDelayedHosts,
+ .special = NULL,
+ .enum_list = NULL,
.flags = FLAG_ADVANCED,
},
.type = P_INTEGER,
.p_class = P_GLOBAL,
.ptr = &Globals.InitLogonDelay,
+ .special = NULL,
+ .enum_list = NULL,
.flags = FLAG_ADVANCED,
},
.flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
},
{
- .label = "access based share enum",
+ .label = "browsable",
.type = P_BOOL,
.p_class = P_LOCAL,
- .ptr = &sDefault.bAccessBasedShareEnum,
+ .ptr = &sDefault.bBrowseable,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE
+ .flags = FLAG_HIDE,
},
{
- .label = "browsable",
+ .label = "access based share enum",
.type = P_BOOL,
.p_class = P_LOCAL,
- .ptr = &sDefault.bBrowseable,
+ .ptr = &sDefault.bAccessBasedShareEnum,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_HIDE,
+ .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE
},
{
.label = "enhanced browsing",
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "ldap deref",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.ldap_deref,
+ .special = NULL,
+ .enum_list = enum_ldap_deref,
+ .flags = FLAG_ADVANCED,
+ },
+ {
+ .label = "ldap follow referral",
+ .type = P_ENUM,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.ldap_follow_referral,
+ .special = NULL,
+ .enum_list = enum_bool_auto,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "ldap timeout",
.type = P_INTEGER,
.ptr = &Globals.szConfigFile,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_HIDE,
+ .flags = FLAG_HIDE|FLAG_META,
},
{
.label = "preload",
.ptr = &sDefault.szInclude,
.special = handle_include,
.enum_list = NULL,
- .flags = FLAG_HIDE,
+ .flags = FLAG_HIDE|FLAG_META,
},
{
.label = "preexec",
.ptr = &sDefault.bFakeDirCreateTimes,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL,
},
{
.label = "panic action",
.enum_list = NULL,
.flags = FLAG_ADVANCED,
},
+ {
+ .label = "create krb5 conf",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.bCreateKrb5Conf,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
string_set(&pService->szLpqcommand, "vlp lpq %p");
string_set(&pService->szLprmcommand, "vlp lprm %p %j");
string_set(&pService->szLppausecommand, "vlp lppause %p %j");
- string_set(&pService->szLpresumecommand, "vlp lpresum %p %j");
+ string_set(&pService->szLpresumecommand, "vlp lpresume %p %j");
string_set(&pService->szQueuepausecommand, "vlp queuepause %p");
string_set(&pService->szQueueresumecommand, "vlp queueresume %p");
break;
#if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
{
- struct rlimit rl = {};
+ struct rlimit rl;
+
+ ZERO_STRUCT(rl);
if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
rlimit_max = rl.rlim_cur;
#endif
#endif
+ if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
+ DEBUG(2,("max_open_files: sysctl_max (%d) below "
+ "minimum Windows limit (%d)\n",
+ sysctl_max,
+ MIN_OPEN_FILES_WINDOWS));
+ sysctl_max = MIN_OPEN_FILES_WINDOWS;
+ }
+
+ if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
+ DEBUG(2,("rlimit_max: rlimit_max (%d) below "
+ "minimum Windows limit (%d)\n",
+ rlimit_max,
+ MIN_OPEN_FILES_WINDOWS));
+ rlimit_max = MIN_OPEN_FILES_WINDOWS;
+ }
+
return MIN(sysctl_max, rlimit_max);
}
Globals.bTimestampLogs = True;
string_set(&Globals.szLogLevel, "0");
Globals.bDebugPrefixTimestamp = False;
- Globals.bDebugHiresTimestamp = False;
+ Globals.bDebugHiresTimestamp = true;
Globals.bDebugPid = False;
Globals.bDebugUid = False;
Globals.bDebugClass = False;
#endif
Globals.bUnixExtensions = True;
Globals.bResetOnZeroVC = False;
+ Globals.bCreateKrb5Conf = true;
/* hostname lookups can be very expensive and are broken on
a large number of sites (tridge) */
Globals.bHostnameLookups = False;
- string_set(&Globals.szPassdbBackend, "smbpasswd");
+ string_set(&Globals.szPassdbBackend, "tdbsam");
string_set(&Globals.szLdapSuffix, "");
string_set(&Globals.szLdapMachineSuffix, "");
string_set(&Globals.szLdapUserSuffix, "");
string_set(&Globals.szLdapAdminDn, "");
Globals.ldap_ssl = LDAP_SSL_START_TLS;
Globals.ldap_ssl_ads = False;
+ Globals.ldap_deref = -1;
Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
Globals.ldap_delete_dn = False;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
+ Globals.ldap_follow_referral = Auto;
Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
Globals.ldap_page_size = LDAP_PAGE_SIZE;
string_set(&Globals.ctdbdSocket, "");
Globals.szClusterAddresses = NULL;
Globals.clustering = False;
+ Globals.ctdb_timeout = 0;
Globals.winbind_cache_time = 300; /* 5 minutes */
Globals.winbind_reconnect_delay = 30; /* 30 seconds */
#if 0
DEBUG(10, ("lp_string(%s)\n", s));
#endif
+ if (!s) {
+ return NULL;
+ }
ret = talloc_sub_basic(ctx,
get_current_username(),
FN_GLOBAL_BOOL(lp_winbind_offline_logon, &Globals.bWinbindOfflineLogon)
FN_GLOBAL_BOOL(lp_winbind_normalize_names, &Globals.bWinbindNormalizeNames)
FN_GLOBAL_BOOL(lp_winbind_rpc_only, &Globals.bWinbindRpcOnly)
+FN_GLOBAL_BOOL(lp_create_krb5_conf, &Globals.bCreateKrb5Conf)
FN_GLOBAL_CONST_STRING(lp_idmap_backend, &Globals.szIdmapBackend)
FN_GLOBAL_STRING(lp_idmap_alloc_backend, &Globals.szIdmapAllocBackend)
FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
FN_GLOBAL_BOOL(lp_ldap_ssl_ads, &Globals.ldap_ssl_ads)
+FN_GLOBAL_INTEGER(lp_ldap_deref, &Globals.ldap_deref)
+FN_GLOBAL_INTEGER(lp_ldap_follow_referral, &Globals.ldap_follow_referral)
FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep)
FN_GLOBAL_LIST(lp_svcctl_list, &Globals.szServicesList)
FN_LOCAL_STRING(lp_cups_options, szCupsOptions)
FN_GLOBAL_STRING(lp_cups_server, &Globals.szCupsServer)
+int lp_cups_encrypt(void)
+{
+#ifdef HAVE_HTTPCONNECTENCRYPT
+ switch (Globals.CupsEncrypt) {
+ case Auto:
+ Globals.CupsEncrypt = HTTP_ENCRYPT_REQUIRED;
+ break;
+ case True:
+ Globals.CupsEncrypt = HTTP_ENCRYPT_ALWAYS;
+ break;
+ case False:
+ Globals.CupsEncrypt = HTTP_ENCRYPT_NEVER;
+ break;
+ }
+#endif
+ return Globals.CupsEncrypt;
+}
FN_GLOBAL_STRING(lp_iprint_server, &Globals.szIPrintServer)
FN_GLOBAL_INTEGER(lp_cups_connection_timeout, &Globals.cups_connection_timeout)
FN_GLOBAL_CONST_STRING(lp_ctdbd_socket, &Globals.ctdbdSocket)
FN_GLOBAL_LIST(lp_cluster_addresses, &Globals.szClusterAddresses)
FN_GLOBAL_BOOL(lp_clustering, &Globals.clustering)
+FN_GLOBAL_INTEGER(lp_ctdb_timeout, &Globals.ctdb_timeout)
FN_LOCAL_STRING(lp_printcommand, szPrintcommand)
FN_LOCAL_STRING(lp_lpqcommand, szLpqcommand)
FN_LOCAL_STRING(lp_lprmcommand, szLprmcommand)
bool global_section = False;
char* param_key;
struct param_opt_struct *data;
-
+
if (snum >= iNumServices) return NULL;
-
+
if (snum < 0) {
data = Globals.param_opt;
global_section = True;
} else {
data = ServicePtrs[snum]->param_opt;
}
-
+
if (asprintf(¶m_key, "%s:%s", type, option) == -1) {
DEBUG(0,("asprintf failed!\n"));
return NULL;
}
string_free(¶m_key);
-
+
return NULL;
}
MISSING_PARAMETER(lp_bool);
return False;
}
-
+
if (!set_boolean(s, &ret)) {
DEBUG(0,("lp_bool(%s): value is not boolean!\n",s));
return False;
MISSING_PARAMETER(lp_enum);
return (-1);
}
-
+
for (i=0; _enum[i].name; i++) {
if (strequal(_enum[i].name,s))
return _enum[i].value;
char *lp_parm_talloc_string(int snum, const char *type, const char *option, const char *def)
{
struct param_opt_struct *data = get_parametrics(snum, type, option);
-
+
if (data == NULL||data->value==NULL) {
if (def) {
return lp_string(def);
const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
{
struct param_opt_struct *data = get_parametrics(snum, type, option);
-
+
if (data == NULL||data->value==NULL)
return def;
-
+
return data->value;
}
if (data == NULL||data->value==NULL)
return (const char **)def;
-
+
if (data->list==NULL) {
data->list = str_list_make_v3(talloc_autofree_context(), data->value, NULL);
}
int lp_parm_int(int snum, const char *type, const char *option, int def)
{
struct param_opt_struct *data = get_parametrics(snum, type, option);
-
+
if (data && data->value && *data->value)
return lp_int(data->value);
unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
{
struct param_opt_struct *data = get_parametrics(snum, type, option);
-
+
if (data && data->value && *data->value)
return lp_ulong(data->value);
bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
{
struct param_opt_struct *data = get_parametrics(snum, type, option);
-
+
if (data && data->value && *data->value)
return lp_bool(data->value);
const struct enum_list *_enum, int def)
{
struct param_opt_struct *data = get_parametrics(snum, type, option);
-
+
if (data && data->value && *data->value && _enum)
return lp_enum(data->value, _enum);
if (ServicePtrs[idx]->szService) {
char *canon_name = canonicalize_servicename(
ServicePtrs[idx]->szService );
-
+
dbwrap_delete_bystring(ServiceHash, canon_name );
TALLOC_FREE(canon_name);
}
if (i == iNumServices) {
struct service **tsp;
int *tinvalid;
-
+
tsp = SMB_REALLOC_ARRAY_KEEP_OLD_ON_ERROR(ServicePtrs, struct service *, num_to_alloc);
if (tsp == NULL) {
DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
copy_service(ServicePtrs[i], &tservice, NULL);
if (name)
string_set(&ServicePtrs[i]->szService, name);
-
+
DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
i, ServicePtrs[i]->szService));
if (!hash_a_service(ServicePtrs[i]->szService, i)) {
return (-1);
}
-
+
return (i);
}
{
int i;
+ if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
+ pszHomedir[0] == '\0') {
+ return false;
+ }
+
i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
if (i < 0)
ServicePtrs[i]->bOpLocks = False;
/* Printer services must be printable. */
ServicePtrs[i]->bPrint_ok = True;
-
+
DEBUG(3, ("adding printer service %s\n", pszPrintername));
return (True);
bitmap_copy(pserviceDest->copymap,
pserviceSource->copymap);
}
-
+
data = pserviceSource->param_opt;
while (data) {
set_param_opt(&pserviceDest->param_opt, data->key, data->value);
return false;
}
}
+ if (iServiceIndex >= 0) {
+ return service_ok(iServiceIndex);
+ }
return true;
}
-/*
- * process_registry_globals
+/**
+ * load a service from registry and activate it
*/
-static bool process_registry_globals(void)
+bool process_registry_service(const char *service_name)
{
WERROR werr;
struct smbconf_service *service = NULL;
goto done;
}
- ret = do_parameter("registry shares", "yes", NULL);
- if (!ret) {
- goto done;
- }
+ DEBUG(5, ("process_registry_service: service name %s\n", service_name));
- if (!smbconf_share_exists(conf_ctx, GLOBAL_NAME)) {
- /* nothing to read from the registry yet but make sure lp_load
- * doesn't return false */
+ if (!smbconf_share_exists(conf_ctx, service_name)) {
+ /*
+ * Registry does not contain data for this service (yet),
+ * but make sure lp_load doesn't return false.
+ */
ret = true;
goto done;
}
- werr = smbconf_get_share(conf_ctx, mem_ctx, GLOBAL_NAME, &service);
+ werr = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
return ret;
}
-static bool process_registry_shares(void)
+/*
+ * process_registry_globals
+ */
+static bool process_registry_globals(void)
+{
+ bool ret;
+
+ add_to_file_list(INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
+
+ ret = do_parameter("registry shares", "yes", NULL);
+ if (!ret) {
+ return ret;
+ }
+
+ return process_registry_service(GLOBAL_NAME);
+}
+
+bool process_registry_shares(void)
{
WERROR werr;
uint32_t count;
return ret;
}
+#define MAX_INCLUDE_DEPTH 100
+
+static uint8_t include_depth;
+
static struct file_lists {
struct file_lists *next;
char *name;
}
f->subfname = SMB_STRDUP(subfname);
if (!f->subfname) {
+ SAFE_FREE(f->name);
SAFE_FREE(f);
return;
}
if (t)
f->modtime = t;
}
+ return;
+}
+
+/**
+ * Free the file lists
+ */
+static void free_file_list(void)
+{
+ struct file_lists *f;
+ struct file_lists *next;
+
+ f = file_lists;
+ while( f ) {
+ next = f->next;
+ SAFE_FREE( f->name );
+ SAFE_FREE( f->subfname );
+ SAFE_FREE( f );
+ f = next;
+ }
+ file_lists = NULL;
}
+
/**
* Utility function for outsiders to check if we're running on registry.
*/
DEBUG(6, ("lp_file_list_changed()\n"));
- if (lp_config_backend_is_registry()) {
- struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
-
- if (conf_ctx == NULL) {
- return false;
- }
- if (smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL)) {
- DEBUGADD(6, ("registry config changed\n"));
- return true;
- }
- }
-
while (f) {
- char *n2 = NULL;
time_t mod_time;
- n2 = alloc_sub_basic(get_current_username(),
- current_user_info.domain,
- f->name);
- if (!n2) {
- return false;
- }
- DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
- f->name, n2, ctime(&f->modtime)));
-
- mod_time = file_modtime(n2);
-
- if (mod_time && ((f->modtime != mod_time) || (f->subfname == NULL) || (strcmp(n2, f->subfname) != 0))) {
- DEBUGADD(6,
- ("file %s modified: %s\n", n2,
- ctime(&mod_time)));
- f->modtime = mod_time;
- SAFE_FREE(f->subfname);
- f->subfname = n2; /* Passing ownership of
- return from alloc_sub_basic
- above. */
- return true;
+ if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
+ struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
+
+ if (conf_ctx == NULL) {
+ return false;
+ }
+ if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
+ NULL))
+ {
+ DEBUGADD(6, ("registry config changed\n"));
+ return true;
+ }
+ } else {
+ char *n2 = NULL;
+ n2 = talloc_sub_basic(talloc_tos(),
+ get_current_username(),
+ current_user_info.domain,
+ f->name);
+ if (!n2) {
+ return false;
+ }
+ DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
+ f->name, n2, ctime(&f->modtime)));
+
+ mod_time = file_modtime(n2);
+
+ if (mod_time &&
+ ((f->modtime != mod_time) ||
+ (f->subfname == NULL) ||
+ (strcmp(n2, f->subfname) != 0)))
+ {
+ DEBUGADD(6,
+ ("file %s modified: %s\n", n2,
+ ctime(&mod_time)));
+ f->modtime = mod_time;
+ SAFE_FREE(f->subfname);
+ f->subfname = SMB_STRDUP(n2);
+ TALLOC_FREE(n2);
+ return true;
+ }
+ TALLOC_FREE(n2);
}
- SAFE_FREE(n2);
f = f->next;
}
return (False);
static bool handle_netbios_name(int snum, const char *pszParmValue, char **ptr)
{
bool ret;
- char *netbios_name = alloc_sub_basic(get_current_username(),
- current_user_info.domain,
- pszParmValue);
+ char *netbios_name = talloc_sub_basic(
+ talloc_tos(), get_current_username(), current_user_info.domain,
+ pszParmValue);
ret = set_global_myname(netbios_name);
- SAFE_FREE(netbios_name);
+ TALLOC_FREE(netbios_name);
string_set(&Globals.szNetbiosName,global_myname());
DEBUG(4, ("handle_netbios_name: set global_myname to: %s\n",
static bool handle_workgroup(int snum, const char *pszParmValue, char **ptr)
{
bool ret;
-
+
ret = set_global_myworkgroup(pszParmValue);
string_set(&Globals.szWorkgroup,lp_workgroup());
-
+
return ret;
}
static bool handle_netbios_scope(int snum, const char *pszParmValue, char **ptr)
{
bool ret;
-
+
ret = set_global_scope(pszParmValue);
string_set(&Globals.szNetbiosScope,global_scope());
{
char *fname;
+ if (include_depth >= MAX_INCLUDE_DEPTH) {
+ DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
+ include_depth));
+ return false;
+ }
+
if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
if (!bAllowIncludeRegistry) {
return true;
}
if (bInGlobalSection) {
- return process_registry_globals();
+ bool ret;
+ include_depth++;
+ ret = process_registry_globals();
+ include_depth--;
+ return ret;
} else {
DEBUG(1, ("\"include = registry\" only effective "
"in %s section\n", GLOBAL_NAME));
}
}
- fname = alloc_sub_basic(get_current_username(),
- current_user_info.domain,
- pszParmValue);
+ fname = talloc_sub_basic(talloc_tos(), get_current_username(),
+ current_user_info.domain,
+ pszParmValue);
add_to_file_list(pszParmValue, fname);
string_set(ptr, fname);
if (file_exist(fname)) {
- bool ret = pm_process(fname, do_section, do_parameter, NULL);
- SAFE_FREE(fname);
+ bool ret;
+ include_depth++;
+ ret = pm_process(fname, do_section, do_parameter, NULL);
+ include_depth--;
+ TALLOC_FREE(fname);
return ret;
}
DEBUG(2, ("Can't find include file %s\n", fname));
- SAFE_FREE(fname);
+ TALLOC_FREE(fname);
return true;
}
{
int i;
struct param_opt_struct *data;
-
+
fprintf(f, "[global]\n");
for (i = 0; parm_table[i].label; i++)
if (parm_table[i].p_class == P_GLOBAL &&
+ !(parm_table[i].flags & FLAG_META) &&
parm_table[i].ptr &&
(i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr))) {
if (defaults_saved && is_default(i))
{
int i;
struct param_opt_struct *data;
-
+
if (pService != &sDefault)
fprintf(f, "[%s]\n", pService->szService);
for (i = 0; parm_table[i].label; i++) {
if (parm_table[i].p_class == P_LOCAL &&
+ !(parm_table[i].flags & FLAG_META) &&
parm_table[i].ptr &&
(*parm_table[i].label != '-') &&
(i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
{
-
int pdiff = PTR_DIFF(parm_table[i].ptr, &sDefault);
if (pService == &sDefault) {
for (i = 0; parm_table[i].label; i++) {
if (strwicmp(parm_table[i].label, parm_name) == 0 &&
+ !(parm_table[i].flags & FLAG_META) &&
(parm_table[i].p_class == p_class || parm_table[i].flags & flag) &&
parm_table[i].ptr &&
(*parm_table[i].label != '-') &&
&& (parm_table[*i].ptr ==
parm_table[(*i) - 1].ptr))
continue;
-
+
if (is_default(*i) && !allparameters)
continue;
home = get_user_home_dir(talloc_tos(), p);
- if (home && homes >= 0)
+ if (home && home[0] && homes >= 0)
lp_add_home(p, homes, p, home);
TALLOC_FREE(home);
get their sorry ass fired.
***************************************************************************/
-static bool check_usershare_stat(const char *fname, SMB_STRUCT_STAT *psbuf)
+static bool check_usershare_stat(const char *fname,
+ const SMB_STRUCT_STAT *psbuf)
{
- if (!S_ISREG(psbuf->st_mode)) {
+ if (!S_ISREG(psbuf->st_ex_mode)) {
DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
"not a regular file\n",
- fname, (unsigned int)psbuf->st_uid ));
+ fname, (unsigned int)psbuf->st_ex_uid ));
return False;
}
/* Ensure this doesn't have the other write bit set. */
- if (psbuf->st_mode & S_IWOTH) {
+ if (psbuf->st_ex_mode & S_IWOTH) {
DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
"public write. Refusing to allow as a usershare file.\n",
- fname, (unsigned int)psbuf->st_uid ));
+ fname, (unsigned int)psbuf->st_ex_uid ));
return False;
}
/* Should be 10k or less. */
- if (psbuf->st_size > MAX_USERSHARE_FILE_SIZE) {
+ if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
"too large (%u) to be a user share file.\n",
- fname, (unsigned int)psbuf->st_uid,
- (unsigned int)psbuf->st_size ));
+ fname, (unsigned int)psbuf->st_ex_uid,
+ (unsigned int)psbuf->st_ex_size ));
return False;
}
/* Ensure the owner of the usershare file has permission to share
this directory. */
- if (sys_stat(sharepath, &sbuf) == -1) {
+ if (sys_stat(sharepath, &sbuf, false) == -1) {
DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
servicename, sharepath, strerror(errno) ));
sys_closedir(dp);
sys_closedir(dp);
- if (!S_ISDIR(sbuf.st_mode)) {
+ if (!S_ISDIR(sbuf.st_ex_mode)) {
DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
servicename, sharepath ));
return USERSHARE_PATH_NOT_DIRECTORY;
if (lp_usershare_owner_only()) {
/* root can share anything. */
- if ((psbuf->st_uid != 0) && (sbuf.st_uid != psbuf->st_uid)) {
+ if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
return USERSHARE_PATH_NOT_ALLOWED;
}
}
/* Minimize the race condition by doing an lstat before we
open and fstat. Ensure this isn't a symlink link. */
- if (sys_lstat(fname, &lsbuf) != 0) {
+ if (sys_lstat(fname, &lsbuf, false) != 0) {
DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
fname, strerror(errno) ));
SAFE_FREE(fname);
TALLOC_FREE(canon_name);
}
- if (iService != -1 && ServicePtrs[iService]->usershare_last_mod == lsbuf.st_mtime) {
+ if (iService != -1 &&
+ timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
+ &lsbuf.st_ex_mtime) == 0) {
/* Nothing changed - Mark valid and return. */
DEBUG(10,("process_usershare_file: service %s not changed.\n",
service_name ));
}
/* Now fstat to be *SURE* it's a regular file. */
- if (sys_fstat(fd, &sbuf) != 0) {
+ if (sys_fstat(fd, &sbuf, false) != 0) {
close(fd);
DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
fname, strerror(errno) ));
}
/* Is it the same dev/inode as was lstated ? */
- if (lsbuf.st_dev != sbuf.st_dev || lsbuf.st_ino != sbuf.st_ino) {
+ if (lsbuf.st_ex_dev != sbuf.st_ex_dev || lsbuf.st_ex_ino != sbuf.st_ex_ino) {
close(fd);
DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
"Symlink spoofing going on ?\n", fname ));
close(fd);
if (lines == NULL) {
DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
- fname, (unsigned int)sbuf.st_uid ));
+ fname, (unsigned int)sbuf.st_ex_uid ));
SAFE_FREE(fname);
return -1;
}
}
/* And note when it was loaded. */
- ServicePtrs[iService]->usershare_last_mod = sbuf.st_mtime;
+ ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
string_set(&ServicePtrs[iService]->szPath, sharepath);
string_set(&ServicePtrs[iService]->comment, comment);
Checks if a usershare entry has been modified since last load.
***************************************************************************/
-static bool usershare_exists(int iService, time_t *last_mod)
+static bool usershare_exists(int iService, struct timespec *last_mod)
{
SMB_STRUCT_STAT lsbuf;
const char *usersharepath = Globals.szUsersharePath;
return false;
}
- if (sys_lstat(fname, &lsbuf) != 0) {
+ if (sys_lstat(fname, &lsbuf, false) != 0) {
SAFE_FREE(fname);
return false;
}
- if (!S_ISREG(lsbuf.st_mode)) {
+ if (!S_ISREG(lsbuf.st_ex_mode)) {
SAFE_FREE(fname);
return false;
}
SAFE_FREE(fname);
- *last_mod = lsbuf.st_mtime;
+ *last_mod = lsbuf.st_ex_mtime;
return true;
}
return -1;
}
- if (sys_stat(usersharepath, &sbuf) != 0) {
+ if (sys_stat(usersharepath, &sbuf, false) != 0) {
DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
usersharepath, strerror(errno) ));
return -1;
}
- if (!S_ISDIR(sbuf.st_mode)) {
+ if (!S_ISDIR(sbuf.st_ex_mode)) {
DEBUG(0,("load_usershare_service: %s is not a directory.\n",
usersharepath ));
return -1;
*/
#ifdef S_ISVTX
- if (sbuf.st_uid != 0 || !(sbuf.st_mode & S_ISVTX) || (sbuf.st_mode & S_IWOTH)) {
+ if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
#else
- if (sbuf.st_uid != 0 || (sbuf.st_mode & S_IWOTH)) {
+ if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
#endif
DEBUG(0,("load_usershare_service: directory %s is not owned by root "
"or does not have the sticky bit 't' set or is writable by anyone.\n",
return lp_numservices();
}
- if (sys_stat(usersharepath, &sbuf) != 0) {
+ if (sys_stat(usersharepath, &sbuf, false) != 0) {
DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
usersharepath, strerror(errno) ));
return ret;
*/
#ifdef S_ISVTX
- if (sbuf.st_uid != 0 || !(sbuf.st_mode & S_ISVTX) || (sbuf.st_mode & S_IWOTH)) {
+ if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
#else
- if (sbuf.st_uid != 0 || (sbuf.st_mode & S_IWOTH)) {
+ if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
#endif
DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
"or does not have the sticky bit 't' set or is writable by anyone.\n",
void gfree_loadparm(void)
{
- struct file_lists *f;
- struct file_lists *next;
int i;
- /* Free the file lists */
-
- f = file_lists;
- while( f ) {
- next = f->next;
- SAFE_FREE( f->name );
- SAFE_FREE( f->subfname );
- SAFE_FREE( f );
- f = next;
- }
- file_lists = NULL;
+ free_file_list();
/* Free resources allocated to services */
init_globals(! initialize_globals);
debug_init();
+ free_file_list();
+
if (save_defaults) {
init_locals();
lp_save_defaults();
iServiceIndex = -1;
if (lp_config_backend_is_file()) {
- n2 = alloc_sub_basic(get_current_username(),
+ n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
current_user_info.domain,
pszFname);
if (!n2) {
add_to_file_list(pszFname, n2);
bRetval = pm_process(n2, do_section, do_parameter, NULL);
- SAFE_FREE(n2);
+ TALLOC_FREE(n2);
/* finish up the last section */
DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
{
int iService;
fstring serviceName;
-
+
if (!pszServiceName) {
return GLOBAL_SECTION_SNUM;
}
-
+
for (iService = iNumServices - 1; iService >= 0; iService--) {
if (VALID(iService) && ServicePtrs[iService]->szService) {
/*
}
if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
- time_t last_mod;
+ struct timespec last_mod;
if (!usershare_exists(iService, &last_mod)) {
/* Remove the share security tdb entry for it. */
}
/* Has it been modified ? If so delete and reload. */
- if (ServicePtrs[iService]->usershare_last_mod < last_mod) {
+ if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
+ &last_mod) < 0) {
/* Remove it from the array. */
free_service_byindex(iService);
/* and now reload it. */
if (!*label) {
label = lp_servicename(snum);
}
-
+
/* This returns a 33 byte guarenteed null terminated string. */
ret = talloc_strndup(talloc_tos(), label, 32);
if (!ret) {
return PRINTCAP_NAME;
}
-/*******************************************************************
- Ensure we don't use sendfile if server smb signing is active.
-********************************************************************/
-
static uint32 spoolss_state;
bool lp_disable_spoolss( void )
Ensure we don't use sendfile if server smb signing is active.
********************************************************************/
-bool lp_use_sendfile(int snum)
+bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
{
+ bool sign_active = false;
+
/* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
- if (Protocol < PROTOCOL_NT1) {
- return False;
+ if (get_Protocol() < PROTOCOL_NT1) {
+ return false;
+ }
+ if (signing_state) {
+ sign_active = smb_signing_is_active(signing_state);
}
return (_lp_use_sendfile(snum) &&
(get_remote_arch() != RA_WIN95) &&
- !srv_is_signing_active());
+ !sign_active);
}
/*******************************************************************
const char *lp_socket_address(void)
{
char *sock_addr = Globals.szSocketAddress;
-
+
if (sock_addr[0] == '\0'){
string_set(&Globals.szSocketAddress, "0.0.0.0");
}
return Globals.szSocketAddress;
}
+
+void lp_set_passdb_backend(const char *backend)
+{
+ string_set(&Globals.szPassdbBackend, backend);
+}