#include "smb_server/smb_server.h"
#include "libcli/raw/signing.h"
#include "../lib/util/dlinklist.h"
+#include "../lib/util/parmlist.h"
#include "param/param.h"
#include "param/loadparm.h"
#include "libcli/raw/libcliraw.h"
+#include "rpc_server/common/common.h"
+#include "lib/socket/socket.h"
+#include "auth/gensec/gensec.h"
#define standard_sub_basic talloc_strdup
struct loadparm_global
{
enum server_role server_role;
+ enum sid_generator sid_generator;
const char **smb_ports;
char *ncalrpc_dir;
const char **szPasswordServers;
char *szSocketOptions;
char *szRealm;
+ char *szRealm_upper;
+ char *szRealm_lower;
const char **szWINSservers;
const char **szInterfaces;
char *szSocketAddress;
int bDisableNetbios;
int bRpcBigEndian;
char *szNTPSignDSocketDirectory;
- struct param_opt *param_opt;
+ struct parmlist_entry *param_opt;
};
int bMSDfsRoot;
int bStrictSync;
int bCIFileSystem;
- struct param_opt *param_opt;
+ struct parmlist_entry *param_opt;
char dummy[3]; /* for alignment */
};
-struct loadparm_context *global_loadparm = NULL;
-
#define NUMPARAMETERS (sizeof(parm_table) / sizeof(struct parm_struct))
/* prototypes for the special type handlers */
static bool handle_include(struct loadparm_context *lp_ctx,
const char *pszParmValue, char **ptr);
+static bool handle_realm(struct loadparm_context *lp_ctx,
+ const char *pszParmValue, char **ptr);
static bool handle_copy(struct loadparm_context *lp_ctx,
const char *pszParmValue, char **ptr);
static bool handle_debuglevel(struct loadparm_context *lp_ctx,
{-1, NULL}
};
+static const struct enum_list enum_sid_generator[] = {
+ {SID_GENERATOR_INTERNAL, "internal"},
+ {SID_GENERATOR_BACKEND, "backend"},
+ {-1, NULL}
+};
#define GLOBAL_VAR(name) offsetof(struct loadparm_global, name)
#define LOCAL_VAR(name) offsetof(struct loadparm_service, name)
static struct parm_struct parm_table[] = {
{"server role", P_ENUM, P_GLOBAL, GLOBAL_VAR(server_role), NULL, enum_server_role},
+ {"sid generator", P_ENUM, P_GLOBAL, GLOBAL_VAR(sid_generator), NULL, enum_sid_generator},
{"dos charset", P_STRING, P_GLOBAL, GLOBAL_VAR(dos_charset), NULL, NULL},
{"unix charset", P_STRING, P_GLOBAL, GLOBAL_VAR(unix_charset), NULL, NULL},
{"path", P_STRING, P_LOCAL, LOCAL_VAR(szPath), NULL, NULL},
{"directory", P_STRING, P_LOCAL, LOCAL_VAR(szPath), NULL, NULL},
{"workgroup", P_USTRING, P_GLOBAL, GLOBAL_VAR(szWorkgroup), NULL, NULL},
- {"realm", P_STRING, P_GLOBAL, GLOBAL_VAR(szRealm), NULL, NULL},
+ {"realm", P_STRING, P_GLOBAL, GLOBAL_VAR(szRealm), handle_realm, NULL},
{"netbios name", P_USTRING, P_GLOBAL, GLOBAL_VAR(szNetbiosName), NULL, NULL},
{"netbios aliases", P_LIST, P_GLOBAL, GLOBAL_VAR(szNetbiosAliases), NULL, NULL},
{"netbios scope", P_USTRING, P_GLOBAL, GLOBAL_VAR(szNetbiosScope), NULL, NULL},
int fn_name(struct loadparm_service *service, struct loadparm_service *sDefault) {return((service != NULL)? service->val : sDefault->val);}
_PUBLIC_ FN_GLOBAL_INTEGER(lp_server_role, server_role)
+_PUBLIC_ FN_GLOBAL_INTEGER(lp_sid_generator, sid_generator)
_PUBLIC_ FN_GLOBAL_LIST(lp_smb_ports, smb_ports)
_PUBLIC_ FN_GLOBAL_INTEGER(lp_nbt_port, nbt_port)
_PUBLIC_ FN_GLOBAL_INTEGER(lp_dgram_port, dgram_port)
_PUBLIC_ FN_GLOBAL_INTEGER(lp_web_port, web_port)
_PUBLIC_ FN_GLOBAL_STRING(lp_swat_directory, swat_directory)
_PUBLIC_ FN_GLOBAL_BOOL(lp_tls_enabled, tls_enabled)
-_PUBLIC_ FN_GLOBAL_STRING(lp_tls_keyfile, tls_keyfile)
-_PUBLIC_ FN_GLOBAL_STRING(lp_tls_certfile, tls_certfile)
-_PUBLIC_ FN_GLOBAL_STRING(lp_tls_cafile, tls_cafile)
-_PUBLIC_ FN_GLOBAL_STRING(lp_tls_crlfile, tls_crlfile)
-_PUBLIC_ FN_GLOBAL_STRING(lp_tls_dhpfile, tls_dhpfile)
_PUBLIC_ FN_GLOBAL_STRING(lp_share_backend, szShareBackend)
_PUBLIC_ FN_GLOBAL_STRING(lp_sam_url, szSAM_URL)
_PUBLIC_ FN_GLOBAL_STRING(lp_idmap_url, szIDMAP_URL)
_PUBLIC_ FN_GLOBAL_STRING(lp_passwd_chat, szPasswdChat)
_PUBLIC_ FN_GLOBAL_LIST(lp_passwordserver, szPasswordServers)
_PUBLIC_ FN_GLOBAL_LIST(lp_name_resolve_order, szNameResolveOrder)
-_PUBLIC_ FN_GLOBAL_STRING(lp_realm, szRealm)
+_PUBLIC_ FN_GLOBAL_STRING(lp_realm, szRealm_upper)
+_PUBLIC_ FN_GLOBAL_STRING(lp_dnsdomain, szRealm_lower)
_PUBLIC_ FN_GLOBAL_STRING(lp_socket_options, socket_options)
_PUBLIC_ FN_GLOBAL_STRING(lp_workgroup, szWorkgroup)
_PUBLIC_ FN_GLOBAL_STRING(lp_netbios_name, szNetbiosName)
_PUBLIC_ FN_GLOBAL_LIST(lp_interfaces, szInterfaces)
_PUBLIC_ FN_GLOBAL_STRING(lp_socket_address, szSocketAddress)
_PUBLIC_ FN_GLOBAL_LIST(lp_netbios_aliases, szNetbiosAliases)
-
_PUBLIC_ FN_GLOBAL_BOOL(lp_disable_netbios, bDisableNetbios)
_PUBLIC_ FN_GLOBAL_BOOL(lp_wins_support, bWINSsupport)
_PUBLIC_ FN_GLOBAL_BOOL(lp_wins_dns_proxy, bWINSdnsProxy)
_PUBLIC_ FN_GLOBAL_INTEGER(lp_security, security)
_PUBLIC_ FN_GLOBAL_BOOL(lp_paranoid_server_security, paranoid_server_security)
_PUBLIC_ FN_GLOBAL_INTEGER(lp_announce_as, announce_as)
+
const char *lp_servicename(const struct loadparm_service *service)
{
return lp_string((const char *)service->szService);
const char *type, const char *option)
{
char *vfskey;
- struct param_opt *data;
+ struct parmlist_entry *data;
if (lp_ctx == NULL)
return NULL;
int i;
struct loadparm_service tservice;
int num_to_alloc = lp_ctx->iNumServices + 1;
- struct param_opt *data, *pdata;
+ struct parmlist_entry *data, *pdata;
tservice = *pservice;
struct loadparm_service *service, struct parm_struct *parm)
{
if (service == NULL) {
- if (parm->class == P_LOCAL)
+ if (parm->pclass == P_LOCAL)
return ((char *)lp_ctx->sDefault)+parm->offset;
- else if (parm->class == P_GLOBAL)
+ else if (parm->pclass == P_GLOBAL)
return ((char *)lp_ctx->globals)+parm->offset;
else return NULL;
} else {
{
int i;
bool bcopyall = (pcopymapDest == NULL);
- struct param_opt *data, *pdata, *paramo;
+ struct parmlist_entry *data, *pdata, *paramo;
bool not_added;
for (i = 0; parm_table[i].label; i++)
- if (parm_table[i].offset != -1 && parm_table[i].class == P_LOCAL &&
+ if (parm_table[i].offset != -1 && parm_table[i].pclass == P_LOCAL &&
(bcopyall || pcopymapDest[i])) {
void *src_ptr =
((char *)pserviceSource) + parm_table[i].offset;
pdata = pdata->next;
}
if (not_added) {
- paramo = talloc(pserviceDest, struct param_opt);
+ paramo = talloc(pserviceDest, struct parmlist_entry);
if (paramo == NULL)
smb_panic("OOM");
paramo->key = talloc_reference(paramo, data->key);
return false;
}
+/***************************************************************************
+ Handle the "realm" parameter
+***************************************************************************/
+
+static bool handle_realm(struct loadparm_context *lp_ctx,
+ const char *pszParmValue, char **ptr)
+{
+ string_set(lp_ctx, ptr, pszParmValue);
+
+ lp_ctx->globals->szRealm_upper = strupper_talloc(lp_ctx, pszParmValue);
+ lp_ctx->globals->szRealm_lower = strlower_talloc(lp_ctx, pszParmValue);
+
+ return true;
+}
+
/***************************************************************************
Handle the include operation.
***************************************************************************/
static bool handle_logfile(struct loadparm_context *lp_ctx,
const char *pszParmValue, char **ptr)
{
- logfile = pszParmValue;
+ logfile = strdup(pszParmValue);
return true;
}
const char *pszParmName,
const char *pszParmValue, int flags)
{
- struct param_opt *paramo, *data;
+ struct parmlist_entry *paramo, *data;
char *name;
TALLOC_CTX *mem_ctx;
/* If we already have the option set, override it unless
it was a command line option and the new one isn't */
if (strcmp(paramo->key, name) == 0) {
- if ((paramo->flags & FLAG_CMDLINE) &&
+ if ((paramo->priority & FLAG_CMDLINE) &&
!(flags & FLAG_CMDLINE)) {
return true;
}
talloc_free(paramo->value);
paramo->value = talloc_strdup(paramo, pszParmValue);
- paramo->flags = flags;
+ paramo->priority = flags;
free(name);
return true;
}
}
- paramo = talloc(mem_ctx, struct param_opt);
+ paramo = talloc(mem_ctx, struct parmlist_entry);
if (!paramo)
smb_panic("OOM");
paramo->key = talloc_strdup(paramo, name);
paramo->value = talloc_strdup(paramo, pszParmValue);
- paramo->flags = flags;
+ paramo->priority = flags;
if (service == NULL) {
DLIST_ADD(lp_ctx->globals->param_opt, paramo);
} else {
return true;
}
- if (parm_table[parmnum].class == P_GLOBAL) {
+ if (parm_table[parmnum].pclass == P_GLOBAL) {
DEBUG(0,
("Global parameter %s found in service section!\n",
pszParmName));
* entries with the same data pointer */
for (i = 0; parm_table[i].label; i++)
if (parm_table[i].offset == parm_table[parmnum].offset &&
- parm_table[i].class == parm_table[parmnum].class)
+ parm_table[i].pclass == parm_table[parmnum].pclass)
service->copymap[i] = false;
return set_variable(service, parmnum, parm_ptr, pszParmName,
bool show_defaults)
{
int i;
- struct param_opt *data;
+ struct parmlist_entry *data;
fprintf(f, "# Global parameters\n[global]\n");
for (i = 0; parm_table[i].label; i++)
- if (parm_table[i].class == P_GLOBAL &&
+ if (parm_table[i].pclass == P_GLOBAL &&
parm_table[i].offset != -1 &&
(i == 0 || (parm_table[i].offset != parm_table[i - 1].offset))) {
if (!show_defaults && (lp_ctx->flags[i] & FLAG_DEFAULT))
static void dump_a_service(struct loadparm_service * pService, struct loadparm_service *sDefault, FILE * f)
{
int i;
- struct param_opt *data;
+ struct parmlist_entry *data;
if (pService != sDefault)
fprintf(f, "\n[%s]\n", pService->szService);
- for (i = 0; parm_table[i].label; i++)
- if (parm_table[i].class == P_LOCAL &&
+ for (i = 0; parm_table[i].label; i++) {
+ if (parm_table[i].pclass == P_LOCAL &&
parm_table[i].offset != -1 &&
(*parm_table[i].label != '-') &&
- (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset))) {
+ (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset)))
+ {
if (pService == sDefault) {
if (defaults_saved && is_default(sDefault, i))
continue;
print_parameter(&parm_table[i],
((char *)pService) + parm_table[i].offset, f);
fprintf(f, "\n");
+ }
}
if (pService->param_opt != NULL) {
for (data = pService->param_opt; data; data = data->next) {
}
/**
- * Return info about the next service in a service. snum==-1 gives the globals.
+ * Return info about the next parameter in a service.
+ * snum==-1 gives the globals.
* Return NULL when out of parameters.
*/
struct loadparm_service *pService = lp_ctx->services[snum];
for (; parm_table[*i].label; (*i)++) {
- if (parm_table[*i].class == P_LOCAL &&
+ if (parm_table[*i].pclass == P_LOCAL &&
parm_table[*i].offset != -1 &&
(*parm_table[*i].label != '-') &&
((*i) == 0 ||
static int lp_destructor(struct loadparm_context *lp_ctx)
{
- struct param_opt *data;
+ struct parmlist_entry *data;
if (lp_ctx->globals->param_opt != NULL) {
- struct param_opt *next;
+ struct parmlist_entry *next;
for (data = lp_ctx->globals->param_opt; data; data=next) {
next = data->next;
- if (data->flags & FLAG_CMDLINE) continue;
+ if (data->priority & FLAG_CMDLINE) continue;
DLIST_REMOVE(lp_ctx->globals->param_opt, data);
talloc_free(data);
}
parm_table[i].offset != -1 &&
!(lp_ctx->flags[i] & FLAG_CMDLINE)) {
char **r;
- if (parm_table[i].class == P_LOCAL) {
+ if (parm_table[i].pclass == P_LOCAL) {
r = (char **)(((char *)lp_ctx->sDefault) + parm_table[i].offset);
} else {
r = (char **)(((char *)lp_ctx->globals) + parm_table[i].offset);
lp_do_global_parameter(lp_ctx, "socket options", "TCP_NODELAY");
#endif
lp_do_global_parameter(lp_ctx, "workgroup", DEFAULT_WORKGROUP);
- myname = get_myname();
+ myname = get_myname(lp_ctx);
lp_do_global_parameter(lp_ctx, "netbios name", myname);
- SAFE_FREE(myname);
+ talloc_free(myname);
lp_do_global_parameter(lp_ctx, "name resolve order", "wins host bcast");
lp_do_global_parameter(lp_ctx, "fstype", "NTFS");
lp_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default");
lp_do_global_parameter(lp_ctx, "max connections", "-1");
- lp_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup unixinfo");
- lp_do_global_parameter(lp_ctx, "server services", "smb rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd");
+ lp_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup unixinfo browser");
+ lp_do_global_parameter(lp_ctx, "server services", "smb rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate");
lp_do_global_parameter(lp_ctx, "ntptr providor", "simple_ldb");
lp_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain");
lp_do_global_parameter(lp_ctx, "auth methods:member server", "anonymous sam winbind");
lp_do_global_parameter(lp_ctx, "TimeServer", "False");
lp_do_global_parameter(lp_ctx, "BindInterfacesOnly", "False");
lp_do_global_parameter(lp_ctx, "Unicode", "True");
- lp_do_global_parameter(lp_ctx, "ClientLanManAuth", "True");
- lp_do_global_parameter(lp_ctx, "LanmanAuth", "True");
+ lp_do_global_parameter(lp_ctx, "ClientLanManAuth", "False");
+ lp_do_global_parameter(lp_ctx, "LanmanAuth", "False");
lp_do_global_parameter(lp_ctx, "NTLMAuth", "True");
lp_do_global_parameter(lp_ctx, "client use spnego principal", "False");
return lp_ctx->szConfigFile;
}
+const char *lp_default_path(void)
+{
+ if (getenv("SMB_CONF_PATH"))
+ return getenv("SMB_CONF_PATH");
+ else
+ return dyn_CONFIGFILE;
+}
+
+/**
+ * Update the internal state of a loadparm context after settings
+ * have changed.
+ */
+static bool lp_update(struct loadparm_context *lp_ctx)
+{
+ lp_add_auto_services(lp_ctx, lp_auto_services(lp_ctx));
+
+ lp_add_hidden(lp_ctx, "IPC$", "IPC");
+ lp_add_hidden(lp_ctx, "ADMIN$", "DISK");
+
+ if (!lp_ctx->globals->szWINSservers && lp_ctx->globals->bWINSsupport) {
+ lp_do_global_parameter(lp_ctx, "wins server", "127.0.0.1");
+ }
+
+ panic_action = lp_ctx->globals->panic_action;
+
+ reload_charcnv(lp_ctx);
+
+ /* FIXME: ntstatus_check_dos_mapping = lp_nt_status_support(lp_ctx); */
+
+ /* FIXME: This is a bit of a hack, but we can't use a global, since
+ * not everything that uses lp also uses the socket library */
+ if (lp_parm_bool(lp_ctx, NULL, "socket", "testnonblock", false)) {
+ setenv("SOCKET_TESTNONBLOCK", "1", 1);
+ } else {
+ unsetenv("SOCKET_TESTNONBLOCK");
+ }
+
+ /* FIXME: Check locale in environment for this: */
+ if (strcmp(lp_display_charset(lp_ctx), lp_unix_charset(lp_ctx)) != 0)
+ d_set_iconv(smb_iconv_open(lp_display_charset(lp_ctx), lp_unix_charset(lp_ctx)));
+ else
+ d_set_iconv((smb_iconv_t)-1);
+
+ return true;
+}
+
bool lp_load_default(struct loadparm_context *lp_ctx)
{
- return lp_load(lp_ctx, dyn_CONFIGFILE);
+ const char *path;
+
+ path = lp_default_path();
+
+ if (!file_exist(path)) {
+ /* We allow the default smb.conf file to not exist,
+ * basically the equivalent of an empty file. */
+ return lp_update(lp_ctx);
+ }
+
+ return lp_load(lp_ctx, path);
}
/**
if (lp_ctx->currentService != NULL)
bRetval = service_ok(lp_ctx->currentService);
- lp_add_auto_services(lp_ctx, lp_auto_services(lp_ctx));
-
- lp_add_hidden(lp_ctx, "IPC$", "IPC");
- lp_add_hidden(lp_ctx, "ADMIN$", "DISK");
-
- if (!lp_ctx->globals->szWINSservers && lp_ctx->globals->bWINSsupport) {
- lp_do_global_parameter(lp_ctx, "wins server", "127.0.0.1");
- }
-
- panic_action = lp_ctx->globals->panic_action;
+ bRetval = bRetval && lp_update(lp_ctx);
+ /* we do this unconditionally, so that it happens even
+ for a missing smb.conf */
reload_charcnv(lp_ctx);
- /* FIXME: Check locale in environment for this: */
- if (strcmp(lp_display_charset(lp_ctx), lp_unix_charset(lp_ctx)) != 0)
- d_set_iconv(smb_iconv_open(lp_display_charset(lp_ctx), lp_unix_charset(lp_ctx)));
- else
- d_set_iconv((smb_iconv_t)-1);
-
return bRetval;
}
serviceName = standard_sub_basic(
lp_ctx->services[iService],
lp_ctx->services[iService]->szService);
- if (strequal(serviceName, service_name))
+ if (strequal(serviceName, service_name)) {
+ talloc_free(serviceName);
return lp_ctx->services[iService];
+ }
+ talloc_free(serviceName);
}
}
_PUBLIC_ void reload_charcnv(struct loadparm_context *lp_ctx)
{
- talloc_free(lp_ctx->iconv_convenience);
- lp_ctx->iconv_convenience = smb_iconv_convenience_init_lp(lp_ctx, lp_ctx);
+ talloc_unlink(lp_ctx, lp_ctx->iconv_convenience);
+ global_iconv_convenience = lp_ctx->iconv_convenience = smb_iconv_convenience_init_lp(lp_ctx, lp_ctx);
}
void lp_smbcli_options(struct loadparm_context *lp_ctx,
options->ntlmv2_auth = lp_client_ntlmv2_auth(lp_ctx);
options->plaintext_auth = lp_client_plaintext_auth(lp_ctx);
}
+
+_PUBLIC_ char *lp_tls_keyfile(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ return private_path(mem_ctx, lp_ctx, lp_ctx->globals->tls_keyfile);
+}
+
+_PUBLIC_ char *lp_tls_certfile(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ return private_path(mem_ctx, lp_ctx, lp_ctx->globals->tls_certfile);
+}
+
+_PUBLIC_ char *lp_tls_cafile(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ return private_path(mem_ctx, lp_ctx, lp_ctx->globals->tls_cafile);
+}
+
+_PUBLIC_ char *lp_tls_crlfile(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ return private_path(mem_ctx, lp_ctx, lp_ctx->globals->tls_crlfile);
+}
+
+_PUBLIC_ char *lp_tls_dhpfile(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ return private_path(mem_ctx, lp_ctx, lp_ctx->globals->tls_dhpfile);
+}
+
+_PUBLIC_ struct dcerpc_server_info *lp_dcerpc_server_info(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ struct dcerpc_server_info *ret = talloc_zero(mem_ctx, struct dcerpc_server_info);
+
+ ret->domain_name = talloc_reference(mem_ctx, lp_workgroup(lp_ctx));
+ ret->version_major = lp_parm_int(lp_ctx, NULL, "server_info", "version_major", 5);
+ ret->version_minor = lp_parm_int(lp_ctx, NULL, "server_info", "version_minor", 2);
+ ret->version_build = lp_parm_int(lp_ctx, NULL, "server_info", "version_build", 3790);
+
+ return ret;
+}
+
+struct gensec_settings *lp_gensec_settings(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+{
+ struct gensec_settings *settings = talloc(mem_ctx, struct gensec_settings);
+ if (settings == NULL)
+ return NULL;
+ SMB_ASSERT(lp_ctx != NULL);
+ settings->lp_ctx = talloc_reference(settings, lp_ctx);
+ settings->iconv_convenience = lp_iconv_convenience(lp_ctx);
+ settings->target_hostname = lp_parm_string(lp_ctx, NULL, "gensec", "target_hostname");
+ return settings;
+}
+