2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2001,2002
6 Copyright (C) Jelmer Vernooij 2002,2003
7 Copyright (C) James Peach 2006
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 /* Handle command line options:
36 extern bool AllowDebugChange;
37 extern bool override_logfile;
39 static struct user_auth_info cmdline_auth_info;
41 const char *get_cmdline_auth_info_username(void)
43 if (!cmdline_auth_info.username) {
46 return cmdline_auth_info.username;
49 void set_cmdline_auth_info_username(const char *username)
51 SAFE_FREE(cmdline_auth_info.username);
52 cmdline_auth_info.username = SMB_STRDUP(username);
53 if (!cmdline_auth_info.username) {
58 const char *get_cmdline_auth_info_password(void)
60 if (!cmdline_auth_info.password) {
63 return cmdline_auth_info.password;
66 void set_cmdline_auth_info_password(const char *password)
68 SAFE_FREE(cmdline_auth_info.password);
69 cmdline_auth_info.password = SMB_STRDUP(password);
70 if (!cmdline_auth_info.password) {
73 cmdline_auth_info.got_pass = true;
76 int get_cmdline_auth_info_signing_state(void)
78 return cmdline_auth_info.signing_state;
81 bool get_cmdline_auth_info_use_kerberos(void)
83 return cmdline_auth_info.use_kerberos;
86 bool get_cmdline_auth_info_got_pass(void)
88 return cmdline_auth_info.got_pass;
91 static void set_logfile(poptContext con, const char * arg)
97 /* Find out basename of current program */
98 pname = strrchr_m(poptGetInvocationName(con),'/');
101 pname = poptGetInvocationName(con);
105 if (asprintf(&logfile, "%s/log.%s", arg, pname) < 0) {
108 lp_set_logfile(logfile);
112 static bool PrintSambaVersionString;
114 static void popt_common_callback(poptContext con,
115 enum poptCallbackReason reason,
116 const struct poptOption *opt,
117 const char *arg, const void *data)
120 if (reason == POPT_CALLBACK_REASON_PRE) {
121 set_logfile(con, dyn_LOGFILEBASE);
125 if (reason == POPT_CALLBACK_REASON_POST) {
126 if (!PrintSambaVersionString) return;
128 printf( "Version %s\n", SAMBA_VERSION_STRING);
136 debug_parse_levels(arg);
137 AllowDebugChange = False;
142 PrintSambaVersionString = True;
147 lp_do_parameter(-1, "socket options", arg);
153 strlcpy(dyn_CONFIGFILE, arg,sizeof(dyn_CONFIGFILE));
159 set_global_myname(arg);
165 set_logfile(con, arg);
166 override_logfile = True;
167 pstr_sprintf(dyn_LOGFILEBASE, "%s", arg);
173 set_global_scope(arg);
179 set_global_myworkgroup(arg);
185 struct poptOption popt_common_connection[] = {
186 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
187 { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
189 { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
190 { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
191 { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
196 struct poptOption popt_common_samba[] = {
197 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
198 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
199 { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
200 { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Base name for log files", "LOGFILEBASE" },
201 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
205 struct poptOption popt_common_version[] = {
206 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
207 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
212 /* Handle command line options:
239 static void popt_dynconfig_callback(poptContext con,
240 enum poptCallbackReason reason,
241 const struct poptOption *opt,
242 const char *arg, const void *data)
248 dyn_SBINDIR = SMB_STRDUP(arg);
254 dyn_BINDIR = SMB_STRDUP(arg);
260 dyn_SWATDIR = SMB_STRDUP(arg);
264 case DYN_LMHOSTSFILE:
266 strlcpy(dyn_LMHOSTSFILE, arg,sizeof(dyn_LMHOSTSFILE));
272 strlcpy(dyn_LIBDIR, arg,sizeof(dyn_LIBDIR));
278 fstrcpy(dyn_SHLIBEXT, arg);
284 strlcpy(dyn_LOCKDIR, arg,sizeof(dyn_LOCKDIR));
290 strlcpy(dyn_PIDDIR, arg,sizeof(dyn_PIDDIR));
294 case DYN_SMB_PASSWD_FILE:
296 strlcpy(dyn_SMB_PASSWD_FILE, arg,sizeof(dyn_SMB_PASSWD_FILE));
300 case DYN_PRIVATE_DIR:
302 strlcpy(dyn_PRIVATE_DIR, arg, sizeof(dyn_PRIVATE_DIR));
309 const struct poptOption popt_common_dynconfig[] = {
311 { NULL, '\0', POPT_ARG_CALLBACK, (void *)popt_dynconfig_callback },
313 { "sbindir", '\0' , POPT_ARG_STRING, NULL, DYN_SBINDIR,
314 "Path to sbin directory", "SBINDIR" },
315 { "bindir", '\0' , POPT_ARG_STRING, NULL, DYN_BINDIR,
316 "Path to bin directory", "BINDIR" },
317 { "swatdir", '\0' , POPT_ARG_STRING, NULL, DYN_SWATDIR,
318 "Path to SWAT installation directory", "SWATDIR" },
319 { "lmhostsfile", '\0' , POPT_ARG_STRING, NULL, DYN_LMHOSTSFILE,
320 "Path to lmhosts file", "LMHOSTSFILE" },
321 { "libdir", '\0' , POPT_ARG_STRING, NULL, DYN_LIBDIR,
322 "Path to shared library directory", "LIBDIR" },
323 { "shlibext", '\0' , POPT_ARG_STRING, NULL, DYN_SHLIBEXT,
324 "Shared library extension", "SHLIBEXT" },
325 { "lockdir", '\0' , POPT_ARG_STRING, NULL, DYN_LOCKDIR,
326 "Path to lock file directory", "LOCKDIR" },
327 { "piddir", '\0' , POPT_ARG_STRING, NULL, DYN_PIDDIR,
328 "Path to PID file directory", "PIDDIR" },
329 { "smb-passwd-file", '\0' , POPT_ARG_STRING, NULL, DYN_SMB_PASSWD_FILE,
330 "Path to smbpasswd file", "SMB_PASSWD_FILE" },
331 { "private-dir", '\0' , POPT_ARG_STRING, NULL, DYN_PRIVATE_DIR,
332 "Path to private data directory", "PRIVATE_DIR" },
337 /****************************************************************************
338 * get a password from a a file or file descriptor
340 * ****************************************************************************/
342 static void get_password_file(void)
346 bool close_it = False;
350 if ((p = getenv("PASSWD_FD")) != NULL) {
351 if (asprintf(&spec, "descriptor %s", p) < 0) {
354 sscanf(p, "%d", &fd);
356 } else if ((p = getenv("PASSWD_FILE")) != NULL) {
357 fd = sys_open(p, O_RDONLY, 0);
358 spec = SMB_STRDUP(p);
360 fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
361 spec, strerror(errno));
367 for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
368 p && p - pass < sizeof(pass);) {
369 switch (read(fd, p, 1)) {
371 if (*p != '\n' && *p != '\0') {
372 *++p = '\0'; /* advance p, and null-terminate pass */
377 *p = '\0'; /* null-terminate it, just in case... */
378 p = NULL; /* then force the loop condition to become false */
381 fprintf(stderr, "Error reading password from file %s: %s\n",
382 spec, "empty password\n");
388 fprintf(stderr, "Error reading password from file %s: %s\n",
389 spec, strerror(errno));
396 set_cmdline_auth_info_password(pass);
402 static void get_credentials_file(const char *file, struct user_auth_info *info)
407 char *ptr, *val, *param;
409 if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
411 /* fail if we can't open the credentials file */
412 d_printf("ERROR: Unable to open credentials file!\n");
416 while (!x_feof(auth))
418 /* get a line from the file */
419 if (!x_fgets(buf, sizeof(buf), auth))
423 if ((len) && (buf[len-1]=='\n'))
431 /* break up the line into parameter & value.
432 * will need to eat a little whitespace possibly */
434 if (!(ptr = strchr_m (buf, '=')))
440 /* eat leading white space */
441 while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
444 if (strwicmp("password", param) == 0) {
445 SAFE_FREE(info->password);
446 info->password = SMB_STRDUP(val);
447 if (!info->password) {
450 info->got_pass = True;
451 } else if (strwicmp("username", param) == 0) {
452 SAFE_FREE(info->username);
453 info->username = SMB_STRDUP(val);
454 if (!info->username) {
457 } else if (strwicmp("domain", param) == 0) {
458 set_global_myworkgroup(val);
460 memset(buf, 0, sizeof(buf));
465 /* Handle command line options:
467 * -A,--authentication-file
475 static void popt_common_credentials_callback(poptContext con,
476 enum poptCallbackReason reason,
477 const struct poptOption *opt,
478 const char *arg, const void *data)
482 if (reason == POPT_CALLBACK_REASON_PRE) {
483 cmdline_auth_info.use_kerberos = False;
484 cmdline_auth_info.got_pass = False;
485 cmdline_auth_info.signing_state = Undefined;
486 set_cmdline_auth_info_username("GUEST");
488 if (getenv("LOGNAME")) {
489 set_cmdline_auth_info_username(getenv("LOGNAME"));
492 if (getenv("USER")) {
493 char *puser = SMB_STRDUP(getenv("USER"));
497 set_cmdline_auth_info_username(puser);
499 if ((p = strchr_m(puser,'%'))) {
501 set_cmdline_auth_info_password(p+1);
502 memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(cmdline_auth_info.password));
507 if (getenv("PASSWD")) {
508 set_cmdline_auth_info_password(getenv("PASSWD"));
511 if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
512 get_password_file(&cmdline_auth_info);
513 cmdline_auth_info.got_pass = True;
524 pstrcpy(cmdline_auth_info.username,arg);
525 if ((lp=strchr_m(cmdline_auth_info.username,'%'))) {
527 pstrcpy(cmdline_auth_info.password,lp+1);
528 cmdline_auth_info.got_pass = True;
529 memset(strchr_m(arg,'%')+1,'X',strlen(cmdline_auth_info.password));
535 get_credentials_file(arg);
540 d_printf("No kerberos support compiled in\n");
543 cmdline_auth_info.use_kerberos = true;
544 cmdline_auth_info.got_pass = true;
550 cmdline_auth_info.signing_state = -1;
551 if (strequal(arg, "off") || strequal(arg, "no") || strequal(arg, "false")) {
552 cmdline_auth_info.signing_state = false;
553 } else if (strequal(arg, "on") || strequal(arg, "yes") || strequal(arg, "true") ||
554 strequal(arg, "auto")) {
555 cmdline_auth_info.signing_state = true;
556 } else if (strequal(arg, "force") || strequal(arg, "required") || strequal(arg, "forced")) {
557 cmdline_auth_info.signing_state = Required;
559 fprintf(stderr, "Unknown signing option %s\n", arg );
566 char *opt_password = NULL;
569 /* it is very useful to be able to make ads queries as the
570 machine account for testing purposes and for domain leave */
572 if (!secrets_init()) {
573 d_printf("ERROR: Unable to open secrets database\n");
577 opt_password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
580 d_printf("ERROR: Unable to fetch machine password\n");
583 if (asprintf(&pwd, "%s$", global_myname()) < 0) {
586 set_cmdline_auth_info_username(pwd);
587 set_cmdline_auth_info_password(opt_password);
589 SAFE_FREE(opt_password);
591 /* machine accounts only work with kerberos */
592 cmdline_auth_info.use_kerberos = true;
598 struct poptOption popt_common_credentials[] = {
599 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, (void *)popt_common_credentials_callback },
600 { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
601 { "no-pass", 'N', POPT_ARG_NONE, &cmdline_auth_info.got_pass, 0, "Don't ask for a password" },
602 { "kerberos", 'k', POPT_ARG_NONE, &cmdline_auth_info.use_kerberos, 'k', "Use kerberos (active directory) authentication" },
603 { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
604 { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
605 {"machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },