Largely re-written by Andrew Tridgell, September 1994
Copyright (C) Simo Sorce 2001
+ Copyright (C) Alexander Bokovoy 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
char *szDeletePrinterCommand;
char *szOs2DriverMap;
char *szLockDir;
+ char *szPidDir;
char *szRootdir;
char *szDefaultService;
char *szDfree;
char *szConfigFile;
char *szSMBPasswdFile;
char *szPrivateDir;
- char *szPassdbModulePath;
char *szPassdbBackend;
char *szPasswordServer;
char *szSocketOptions;
char *szWinbindUID;
char *szWinbindGID;
char *szNonUnixAccountRange;
+ BOOL bAlgorithmicRidBase;
char *szTemplateHomedir;
char *szTemplateShell;
char *szWinbindSeparator;
char *szChangeShareCommand;
char *szDeleteShareCommand;
char *szGuestaccount;
+ char *szManglingMethod;
int max_log_size;
int mangled_stack;
int max_xmit;
int min_passwd_length;
int oplock_break_wait_time;
int winbind_cache_time;
-#ifdef WITH_LDAP_SAM
+ int iLockSpinCount;
+ int iLockSpinTime;
+ char *szLdapMachineSuffix;
+ char *szLdapUserSuffix;
int ldap_port;
int ldap_ssl;
- char *szLdapServer;
char *szLdapSuffix;
char *szLdapFilter;
char *szLdapAdminDn;
-#endif /* WITH_LDAP_SAM */
-#ifdef WITH_SSL
- int sslVersion;
- char **sslHostsRequire;
- char **sslHostsResign;
- char *sslCaCertDir;
- char *sslCaCertFile;
- char *sslServerCert;
- char *sslServerPrivKey;
- char *sslClientCert;
- char *sslClientPrivKey;
- char *sslCiphers;
- char *sslEgdSocket;
- char *sslEntropyFile;
- int sslEntropyBytes;
- BOOL sslEnabled;
- BOOL sslReqClientCert;
- BOOL sslReqServerCert;
- BOOL sslCompatibility;
-#endif /* WITH_SSL */
BOOL bMsAddPrinterWizard;
BOOL bDNSproxy;
BOOL bWINSsupport;
BOOL bReadPrediction;
BOOL bReadbmpx;
BOOL bSyslogOnly;
+ BOOL bAdminLog;
BOOL bBrowseList;
BOOL bNISHomeMap;
BOOL bTimeServer;
BOOL bTimestampLogs;
BOOL bNTSmbSupport;
BOOL bNTPipeSupport;
+ BOOL bNTStatusSupport;
BOOL bStatCache;
BOOL bKernelOplocks;
BOOL bAllowTrustedDomains;
int iDefaultCase;
int iPrinting;
int iOplockContentionLimit;
+ int iCSCPolicy;
BOOL bAlternatePerm;
BOOL bPreexecClose;
BOOL bRootpreexecClose;
BOOL bFakeDirCreateTimes;
BOOL bBlockingLocks;
BOOL bInheritPerms;
+ BOOL bInheritACLS;
BOOL bMSDfsRoot;
BOOL bUseClientDriver;
BOOL bDefaultDevmode;
CASE_LOWER, /* iDefaultCase */
DEFAULT_PRINTING, /* iPrinting */
2, /* iOplockContentionLimit */
+ 0, /* iCSCPolicy */
False, /* bAlternatePerm */
False, /* bPreexecClose */
False, /* bRootpreexecClose */
False, /* bFakeDirCreateTimes */
True, /* bBlockingLocks */
False, /* bInheritPerms */
+ False, /* bInheritACLS */
False, /* bMSDfsRoot */
False, /* bUseClientDriver */
False, /* bDefaultDevmode */
"" /* dummy */
};
-
-
/* local variables */
static service **ServicePtrs = NULL;
static int iNumServices = 0;
static BOOL handle_wins_server_list(char *pszParmValue, char **ptr);
static BOOL handle_debug_list( char *pszParmValue, char **ptr );
+static BOOL handle_ldap_machine_suffix ( char *pszParmValue, char **ptr );
+static BOOL handle_ldap_user_suffix ( char *pszParmValue, char **ptr );
+static BOOL handle_ldap_suffix ( char *pszParmValue, char **ptr );
+
static void set_server_role(void);
static void set_default_server_announce_type(void);
{-1, NULL}
};
-#ifdef WITH_LDAP_SAM
static struct enum_list enum_ldap_ssl[] = {
{LDAP_SSL_ON, "Yes"},
{LDAP_SSL_ON, "yes"},
{LDAP_SSL_START_TLS, "start_tls"},
{-1, NULL}
};
-#endif /* WITH_LDAP_SAM */
/* Types of machine we can announce as. */
#define ANNOUNCE_AS_NT_SERVER 1
{-1, NULL}
};
+/* Client-side offline caching policy types */
+#define CSC_POLICY_MANUAL 0
+#define CSC_POLICY_DOCUMENTS 1
+#define CSC_POLICY_PROGRAMS 2
+#define CSC_POLICY_DISABLE 3
+
+static struct enum_list enum_csc_policy[] = {
+ {CSC_POLICY_MANUAL, "manual"},
+ {CSC_POLICY_DOCUMENTS, "documents"},
+ {CSC_POLICY_PROGRAMS, "programs"},
+ {CSC_POLICY_DISABLE, "disable"}
+};
+
/*
Do you want session setups at user level security with a invalid
password to be rejected or allowed in as guest? WinNT rejects them
{-1, NULL}
};
-#ifdef WITH_SSL
-static struct enum_list enum_ssl_version[] = {
- {SMB_SSL_V2, "ssl2"},
- {SMB_SSL_V3, "ssl3"},
- {SMB_SSL_V23, "ssl2or3"},
- {SMB_SSL_TLS1, "tls1"},
- {-1, NULL}
-};
-#endif
-
/* note that we do not initialise the defaults union - it is not allowed in ANSI C */
static struct parm_struct parm_table[] = {
{"Base Options", P_SEP, P_SEPARATOR},
{"password server", P_STRING, P_GLOBAL, &Globals.szPasswordServer, NULL, NULL, 0},
{"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, 0},
{"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, 0},
- {"passdb module path", P_STRING, P_GLOBAL, &Globals.szPassdbModulePath, NULL, NULL, 0},
{"passdb backend", P_STRING, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, 0},
{"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, 0},
+ {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.bAlgorithmicRidBase, NULL, NULL, 0},
{"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
{"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
{"root", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
{"directory security mask", P_OCTAL, P_LOCAL, &sDefault.iDir_Security_mask, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"force directory security mode", P_OCTAL, P_LOCAL, &sDefault.iDir_Security_force_mode, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"inherit permissions", P_BOOL, P_LOCAL, &sDefault.bInheritPerms, NULL, NULL, FLAG_SHARE},
+ {"inherit acls", P_BOOL, P_LOCAL, &sDefault.bInheritACLS, NULL, NULL, FLAG_SHARE},
{"guest only", P_BOOL, P_LOCAL, &sDefault.bGuest_only, NULL, NULL, FLAG_SHARE},
{"only guest", P_BOOL, P_LOCAL, &sDefault.bGuest_only, NULL, NULL, 0},
{"hosts deny", P_LIST, P_LOCAL, &sDefault.szHostsdeny, NULL, NULL, FLAG_GLOBAL | FLAG_BASIC | FLAG_SHARE | FLAG_PRINT},
{"deny hosts", P_LIST, P_LOCAL, &sDefault.szHostsdeny, NULL, NULL, 0},
-#ifdef WITH_SSL
- {"Secure Socket Layer Options", P_SEP, P_SEPARATOR},
- {"ssl", P_BOOL, P_GLOBAL, &Globals.sslEnabled, NULL, NULL, 0},
-
- {"ssl hosts", P_LIST, P_GLOBAL, &Globals.sslHostsRequire, NULL, NULL, 0},
- {"ssl hosts resign", P_LIST, P_GLOBAL, &Globals.sslHostsResign, NULL, NULL, 0},
- {"ssl CA certDir", P_STRING, P_GLOBAL, &Globals.sslCaCertDir, NULL, NULL, 0},
- {"ssl CA certFile", P_STRING, P_GLOBAL, &Globals.sslCaCertFile, NULL, NULL, 0},
- {"ssl server cert", P_STRING, P_GLOBAL, &Globals.sslServerCert, NULL, NULL, 0},
- {"ssl server key", P_STRING, P_GLOBAL, &Globals.sslServerPrivKey, NULL, NULL, 0},
- {"ssl client cert", P_STRING, P_GLOBAL, &Globals.sslClientCert, NULL, NULL, 0},
- {"ssl client key", P_STRING, P_GLOBAL, &Globals.sslClientPrivKey, NULL, NULL, 0},
- {"ssl egd socket", P_STRING, P_GLOBAL, &Globals.sslEgdSocket, NULL, NULL, 0},
- {"ssl entropy file", P_STRING, P_GLOBAL, &Globals.sslEntropyFile, NULL, NULL, 0},
- {"ssl entropy bytes", P_INTEGER, P_GLOBAL, &Globals.sslEntropyBytes, NULL, NULL, 0},
- {"ssl require clientcert", P_BOOL, P_GLOBAL, &Globals.sslReqClientCert, NULL, NULL, 0},
- {"ssl require servercert", P_BOOL, P_GLOBAL, &Globals.sslReqServerCert, NULL, NULL, 0},
- {"ssl ciphers", P_STRING, P_GLOBAL, &Globals.sslCiphers, NULL, NULL, 0},
- {"ssl version", P_ENUM, P_GLOBAL, &Globals.sslVersion, NULL, enum_ssl_version, 0},
- {"ssl compatibility", P_BOOL, P_GLOBAL, &Globals.sslCompatibility, NULL, NULL, 0},
-#endif /* WITH_SSL */
-
{"Logging Options", P_SEP, P_SEPARATOR},
+
+ {"admin log", P_BOOL, P_GLOBAL, &Globals.bAdminLog, NULL, NULL, 0},
{"log level", P_INTEGER, P_GLOBAL, &DEBUGLEVEL_CLASS[DBGC_ALL], handle_debug_list, NULL, 0},
{"debuglevel", P_INTEGER, P_GLOBAL, &DEBUGLEVEL_CLASS[DBGC_ALL], handle_debug_list, NULL, 0},
{"syslog", P_INTEGER, P_GLOBAL, &Globals.syslog, NULL, NULL, 0},
{"write raw", P_BOOL, P_GLOBAL, &Globals.bWriteRaw, NULL, NULL, 0},
{"nt pipe support", P_BOOL, P_GLOBAL, &Globals.bNTPipeSupport, NULL, NULL, 0},
- {"nt acl support", P_BOOL, P_LOCAL, &sDefault.bNTAclSupport, NULL, NULL, 0},
+ {"nt acl support", P_BOOL, P_LOCAL, &sDefault.bNTAclSupport, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE },
+ {"nt status support", P_BOOL, P_GLOBAL, &Globals.bNTStatusSupport, NULL, NULL, 0},
{"announce version", P_STRING, P_GLOBAL, &Globals.szAnnounceVersion, NULL, NULL, 0},
{"announce as", P_ENUM, P_GLOBAL, &Globals.announce_as, NULL, enum_announce_as, 0},
{"max mux", P_INTEGER, P_GLOBAL, &Globals.max_mux, NULL, NULL, 0},
{"printcap", P_STRING, P_GLOBAL, &Globals.szPrintcapname, NULL, NULL, 0},
{"printable", P_BOOL, P_LOCAL, &sDefault.bPrint_ok, NULL, NULL, FLAG_PRINT},
{"print ok", P_BOOL, P_LOCAL, &sDefault.bPrint_ok, NULL, NULL, 0},
- {"postscript", P_BOOL, P_LOCAL, &sDefault.bPostscript, NULL, NULL, FLAG_PRINT},
+ {"postscript", P_BOOL, P_LOCAL, &sDefault.bPostscript, NULL, NULL, FLAG_PRINT | FLAG_DEPRECATED},
{"printing", P_ENUM, P_LOCAL, &sDefault.iPrinting, NULL, enum_printing, FLAG_PRINT | FLAG_GLOBAL},
{"print command", P_STRING, P_LOCAL, &sDefault.szPrintcommand, NULL, NULL, FLAG_PRINT | FLAG_GLOBAL},
{"disable spoolss", P_BOOL, P_GLOBAL, &Globals.bDisableSpoolss, NULL, NULL, FLAG_PRINT | FLAG_GLOBAL},
{"addprinter command", P_STRING, P_GLOBAL, &Globals.szAddPrinterCommand, NULL, NULL, 0},
{"deleteprinter command", P_STRING, P_GLOBAL, &Globals.szDeletePrinterCommand, NULL, NULL, 0},
{"show add printer wizard", P_BOOL, P_GLOBAL, &Globals.bMsAddPrinterWizard, NULL, NULL, 0},
- {"os2 driver map", P_STRING, P_GLOBAL, &Globals.szOs2DriverMap, NULL, NULL, 0},
+ {"os2 driver map", P_STRING, P_GLOBAL, &Globals.szOs2DriverMap, NULL, NULL, 0},
{"printer name", P_STRING, P_LOCAL, &sDefault.szPrintername, NULL, NULL, FLAG_PRINT},
{"printer", P_STRING, P_LOCAL, &sDefault.szPrintername, NULL, NULL, 0},
{"use client driver", P_BOOL, P_LOCAL, &sDefault.bUseClientDriver, NULL, NULL, FLAG_PRINT},
{"default devmode", P_BOOL, P_LOCAL, &sDefault.bDefaultDevmode, NULL, NULL, FLAG_PRINT},
- {"printer driver", P_STRING, P_LOCAL, &sDefault.szPrinterDriver, NULL, NULL, FLAG_PRINT},
- {"printer driver file", P_STRING, P_LOCAL, &sDefault.szDriverFile, NULL, NULL, FLAG_PRINT},
- {"printer driver location", P_STRING, P_LOCAL, &sDefault.szPrinterDriverLocation, NULL, NULL, FLAG_PRINT | FLAG_GLOBAL},
+ {"printer driver", P_STRING, P_LOCAL, &sDefault.szPrinterDriver, NULL, NULL, FLAG_PRINT | FLAG_DEPRECATED},
+ {"printer driver file", P_STRING, P_LOCAL, &sDefault.szDriverFile, NULL, NULL, FLAG_PRINT | FLAG_DEPRECATED},
+ {"printer driver location", P_STRING, P_LOCAL, &sDefault.szPrinterDriverLocation, NULL, NULL, FLAG_PRINT | FLAG_GLOBAL | FLAG_DEPRECATED},
{"Filename Handling", P_SEP, P_SEPARATOR},
{"strip dot", P_BOOL, P_GLOBAL, &Globals.bStripDot, NULL, NULL, 0},
+ {"mangling method", P_STRING, P_GLOBAL, &Globals.szManglingMethod, NULL, NULL, 0},
{"mangled stack", P_INTEGER, P_GLOBAL, &Globals.mangled_stack, NULL, NULL, 0},
{"default case", P_ENUM, P_LOCAL, &sDefault.iDefaultCase, NULL, enum_case, FLAG_SHARE},
{"Locking Options", P_SEP, P_SEPARATOR},
{"blocking locks", P_BOOL, P_LOCAL, &sDefault.bBlockingLocks, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
+ {"csc policy", P_ENUM, P_LOCAL, &sDefault.iCSCPolicy, NULL, enum_csc_policy, FLAG_SHARE | FLAG_GLOBAL},
{"fake oplocks", P_BOOL, P_LOCAL, &sDefault.bFakeOplocks, NULL, NULL, FLAG_SHARE},
{"kernel oplocks", P_BOOL, P_GLOBAL, &Globals.bKernelOplocks, NULL, NULL, FLAG_GLOBAL},
{"locking", P_BOOL, P_LOCAL, &sDefault.bLocking, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
+ {"lock spin count", P_INTEGER, P_GLOBAL, &Globals.iLockSpinCount, NULL, NULL, FLAG_GLOBAL},
+ {"lock spin time", P_INTEGER, P_GLOBAL, &Globals.iLockSpinTime, NULL, NULL, FLAG_GLOBAL},
{"oplocks", P_BOOL, P_LOCAL, &sDefault.bOpLocks, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"level2 oplocks", P_BOOL, P_LOCAL, &sDefault.bLevel2OpLocks, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"oplock contention limit", P_INTEGER, P_LOCAL, &sDefault.iOplockContentionLimit, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"posix locking", P_BOOL, P_LOCAL, &sDefault.bPosixLocking, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"strict locking", P_BOOL, P_LOCAL, &sDefault.bStrictLocking, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
- {"share modes", P_BOOL, P_LOCAL, &sDefault.bShareModes, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
+ {"share modes", P_BOOL, P_LOCAL, &sDefault.bShareModes, NULL, NULL, FLAG_SHARE|FLAG_GLOBAL},
-#ifdef WITH_LDAP_SAM
{"Ldap Options", P_SEP, P_SEPARATOR},
- {"ldap server", P_STRING, P_GLOBAL, &Globals.szLdapServer, NULL, NULL, 0},
- {"ldap port", P_INTEGER, P_GLOBAL, &Globals.ldap_port, NULL, NULL, 0},
- {"ldap suffix", P_STRING, P_GLOBAL, &Globals.szLdapSuffix, NULL, NULL, 0},
+ {"ldap suffix", P_STRING, P_GLOBAL, &Globals.szLdapSuffix, handle_ldap_suffix, NULL, 0},
+ {"ldap machine suffix", P_STRING, P_GLOBAL, &Globals.szLdapMachineSuffix, handle_ldap_machine_suffix, NULL, 0},
+ {"ldap user suffix", P_STRING, P_GLOBAL, &Globals.szLdapUserSuffix, handle_ldap_user_suffix, NULL, 0},
{"ldap filter", P_STRING, P_GLOBAL, &Globals.szLdapFilter, NULL, NULL, 0},
{"ldap admin dn", P_STRING, P_GLOBAL, &Globals.szLdapAdminDn, NULL, NULL, 0},
{"ldap ssl", P_ENUM, P_GLOBAL, &Globals.ldap_ssl, NULL, enum_ldap_ssl, 0},
-#endif /* WITH_LDAP_SAM */
{"Miscellaneous Options", P_SEP, P_SEPARATOR},
{"add share command", P_STRING, P_GLOBAL, &Globals.szAddShareCommand, NULL, NULL, 0},
{"auto services", P_STRING, P_GLOBAL, &Globals.szAutoServices, NULL, NULL, 0},
{"lock dir", P_STRING, P_GLOBAL, &Globals.szLockDir, NULL, NULL, 0},
{"lock directory", P_STRING, P_GLOBAL, &Globals.szLockDir, NULL, NULL, 0},
+ {"pid directory", P_STRING, P_GLOBAL, &Globals.szPidDir, NULL, NULL, 0},
#ifdef WITH_UTMP
{"utmp directory", P_STRING, P_GLOBAL, &Globals.szUtmpDir, NULL, NULL, 0},
{"wtmp directory", P_STRING, P_GLOBAL, &Globals.szWtmpDir, NULL, NULL, 0},
{"hide local users", P_BOOL, P_GLOBAL, &Globals.bHideLocalUsers, NULL,
NULL, 0},
- {"VFS options", P_SEP, P_SEPARATOR},
+ {"VFS module options", P_SEP, P_SEPARATOR},
{"vfs object", P_STRING, P_LOCAL, &sDefault.szVfsObjectFile, handle_vfs_object, NULL, FLAG_SHARE},
{"vfs options", P_STRING, P_LOCAL, &sDefault.szVfsOptions, NULL, NULL, FLAG_SHARE},
string_set(&Globals.szSMBPasswdFile, dyn_SMB_PASSWD_FILE);
string_set(&Globals.szPrivateDir, dyn_PRIVATE_DIR);
- string_set(&Globals.szPassdbModulePath, "");
string_set(&Globals.szPassdbBackend, "smbpasswd");
+ /* use the new 'hash2' method by default */
+ string_set(&Globals.szManglingMethod, "hash2");
+
string_set(&Globals.szGuestaccount, GUEST_ACCOUNT);
+ /* using UTF8 by default allows us to support all chars */
+ string_set(&Globals.unix_charset, "UTF8");
+
/*
* Allow the default PASSWD_CHAT to be overridden in local.h.
*/
string_set(&Globals.szWorkGroup, WORKGROUP);
string_set(&Globals.szPasswdProgram, "");
string_set(&Globals.szPrintcapname, PRINTCAP_NAME);
+ string_set(&Globals.szPidDir, dyn_PIDDIR);
string_set(&Globals.szLockDir, dyn_LOCKDIR);
string_set(&Globals.szSocketAddress, "0.0.0.0");
pstrcpy(s, "Samba ");
string_set(&Globals.szNameResolveOrder, "lmhosts wins host bcast");
string_set(&Globals.szPasswordServer, "*");
+ Globals.bAlgorithmicRidBase = BASE_RID;
+
Globals.bLoadPrinters = True;
Globals.max_packet = 65535;
Globals.mangled_stack = 50;
Globals.pwordlevel = 0;
Globals.unamelevel = 0;
Globals.deadtime = 0;
- Globals.bLargeReadwrite = False;
+ Globals.bLargeReadwrite = True;
Globals.max_log_size = 5000;
Globals.max_open_files = MAX_OPEN_FILES;
Globals.maxprotocol = PROTOCOL_NT1;
Globals.bStripDot = False;
Globals.syslog = 1;
Globals.bSyslogOnly = False;
+ Globals.bAdminLog = False;
Globals.bTimestampLogs = True;
Globals.bDebugHiresTimestamp = False;
Globals.bDebugPid = False;
Globals.bPasswdChatDebug = False;
Globals.bUnicode = True; /* Do unicode on the wire by default */
Globals.bNTPipeSupport = True; /* Do NT pipes by default. */
+ Globals.bNTStatusSupport = True; /* Use NT status by default. */
Globals.bStatCache = True; /* use stat cache by default */
Globals.bRestrictAnonymous = False;
Globals.bLanmanAuth = True; /* Do use the LanMan hash if it is available */
Globals.min_passwd_length = MINPASSWDLENGTH; /* By Default, 5. */
Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
Globals.enhanced_browsing = True;
+ Globals.iLockSpinCount = 3; /* Try 2 times. */
+ Globals.iLockSpinTime = 10; /* usec. */
#ifdef MMAP_BLACKLIST
Globals.bUseMmap = False;
#else
a large number of sites (tridge) */
Globals.bHostnameLookups = False;
-#ifdef WITH_LDAP_SAM
- string_set(&Globals.szLdapServer, "localhost");
string_set(&Globals.szLdapSuffix, "");
+ string_set(&Globals.szLdapMachineSuffix, "");
+ string_set(&Globals.szLdapUserSuffix, "");
+
string_set(&Globals.szLdapFilter, "(&(uid=%u)(objectclass=sambaAccount))");
string_set(&Globals.szLdapAdminDn, "");
- Globals.ldap_port = 636;
Globals.ldap_ssl = LDAP_SSL_ON;
-#endif /* WITH_LDAP_SAM */
-
-#ifdef WITH_SSL
- Globals.sslVersion = SMB_SSL_V23;
- /* Globals.sslHostsRequire = NULL;
- Globals.sslHostsResign = NULL; */
- string_set(&Globals.sslCaCertDir, "");
- string_set(&Globals.sslCaCertFile, "");
- string_set(&Globals.sslServerCert, "");
- string_set(&Globals.sslServerPrivKey, "");
- string_set(&Globals.sslClientCert, "");
- string_set(&Globals.sslClientPrivKey, "");
- string_set(&Globals.sslCiphers, "");
- string_set(&Globals.sslEgdSocket, "");
- string_set(&Globals.sslEntropyFile, "");
- Globals.sslEntropyBytes = 256;
- Globals.sslEnabled = False;
- Globals.sslReqClientCert = False;
- Globals.sslReqServerCert = False;
- Globals.sslCompatibility = False;
-#endif /* WITH_SSL */
/* these parameters are set to defaults that are more appropriate
for the increasing samba install base:
size_t len = s ? strlen(s) : 0;
char *ret;
+ /* The follow debug is useful for tracking down memory problems
+ especially if you have an inner loop that is calling a lp_*()
+ function that returns a string. Perhaps this debug should be
+ present all the time? */
+
+#if 0
+ DEBUG(10, ("lp_string(%s)\n", s));
+#endif
+
if (!lp_talloc)
lp_talloc = talloc_init_named("lp_talloc");
#define FN_LOCAL_STRING(fn_name,val) \
char *fn_name(int i) {return(lp_string((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
+#define FN_LOCAL_CONST_STRING(fn_name,val) \
+ const char *fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
#define FN_LOCAL_LIST(fn_name,val) \
char **fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
#define FN_LOCAL_BOOL(fn_name,val) \
FN_GLOBAL_STRING(lp_configfile, &Globals.szConfigFile)
FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile)
FN_GLOBAL_STRING(lp_private_dir, &Globals.szPrivateDir)
-FN_GLOBAL_STRING(lp_passdb_module_path, &Globals.szPassdbModulePath)
FN_GLOBAL_STRING(lp_passdb_backend, &Globals.szPassdbBackend)
FN_GLOBAL_STRING(lp_serverstring, &Globals.szServerString)
FN_GLOBAL_STRING(lp_printcapname, &Globals.szPrintcapname)
FN_GLOBAL_STRING(lp_deleteprinter_cmd, &Globals.szDeletePrinterCommand)
FN_GLOBAL_STRING(lp_os2_driver_map, &Globals.szOs2DriverMap)
FN_GLOBAL_STRING(lp_lockdir, &Globals.szLockDir)
+FN_GLOBAL_STRING(lp_piddir, &Globals.szPidDir)
+FN_GLOBAL_STRING(lp_mangling_method, &Globals.szManglingMethod)
#ifdef WITH_UTMP
FN_GLOBAL_STRING(lp_utmpdir, &Globals.szUtmpDir)
FN_GLOBAL_STRING(lp_wtmpdir, &Globals.szWtmpDir)
FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers)
FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups)
FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain)
-#ifdef WITH_LDAP_SAM
-FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer)
FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)
+FN_GLOBAL_STRING(lp_ldap_machine_suffix, &Globals.szLdapMachineSuffix)
+FN_GLOBAL_STRING(lp_ldap_user_suffix, &Globals.szLdapUserSuffix)
FN_GLOBAL_STRING(lp_ldap_filter, &Globals.szLdapFilter)
FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
-FN_GLOBAL_INTEGER(lp_ldap_port, &Globals.ldap_port)
FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
-#endif /* WITH_LDAP_SAM */
FN_GLOBAL_STRING(lp_add_share_cmd, &Globals.szAddShareCommand)
FN_GLOBAL_STRING(lp_change_share_cmd, &Globals.szChangeShareCommand)
FN_GLOBAL_STRING(lp_delete_share_cmd, &Globals.szDeleteShareCommand)
-#ifdef WITH_SSL
-FN_GLOBAL_INTEGER(lp_ssl_version, &Globals.sslVersion)
-FN_GLOBAL_LIST(lp_ssl_hosts, &Globals.sslHostsRequire)
-FN_GLOBAL_LIST(lp_ssl_hosts_resign, &Globals.sslHostsResign)
-FN_GLOBAL_STRING(lp_ssl_cacertdir, &Globals.sslCaCertDir)
-FN_GLOBAL_STRING(lp_ssl_cacertfile, &Globals.sslCaCertFile)
-FN_GLOBAL_STRING(lp_ssl_server_cert, &Globals.sslServerCert)
-FN_GLOBAL_STRING(lp_ssl_server_privkey, &Globals.sslServerPrivKey)
-FN_GLOBAL_STRING(lp_ssl_client_cert, &Globals.sslClientCert)
-FN_GLOBAL_STRING(lp_ssl_client_privkey, &Globals.sslClientPrivKey)
-FN_GLOBAL_STRING(lp_ssl_ciphers, &Globals.sslCiphers)
-FN_GLOBAL_STRING(lp_ssl_egdsocket, &Globals.sslEgdSocket)
-FN_GLOBAL_STRING(lp_ssl_entropyfile, &Globals.sslEntropyFile)
-FN_GLOBAL_INTEGER(lp_ssl_entropybytes, &Globals.sslEntropyBytes)
-FN_GLOBAL_BOOL(lp_ssl_enabled, &Globals.sslEnabled)
-FN_GLOBAL_BOOL(lp_ssl_reqClientCert, &Globals.sslReqClientCert)
-FN_GLOBAL_BOOL(lp_ssl_reqServerCert, &Globals.sslReqServerCert)
-FN_GLOBAL_BOOL(lp_ssl_compatibility, &Globals.sslCompatibility)
-#endif /* WITH_SSL */
-
FN_GLOBAL_BOOL(lp_ms_add_printer_wizard, &Globals.bMsAddPrinterWizard)
FN_GLOBAL_BOOL(lp_dns_proxy, &Globals.bDNSproxy)
FN_GLOBAL_BOOL(lp_wins_support, &Globals.bWINSsupport)
FN_GLOBAL_BOOL(lp_encrypted_passwords, &Globals.bEncryptPasswords)
FN_GLOBAL_BOOL(lp_update_encrypted, &Globals.bUpdateEncrypt)
FN_GLOBAL_BOOL(lp_syslog_only, &Globals.bSyslogOnly)
+FN_GLOBAL_BOOL(lp_admin_log, &Globals.bAdminLog)
FN_GLOBAL_BOOL(lp_timestamp_logs, &Globals.bTimestampLogs)
FN_GLOBAL_BOOL(lp_debug_hires_timestamp, &Globals.bDebugHiresTimestamp)
FN_GLOBAL_BOOL(lp_debug_pid, &Globals.bDebugPid)
FN_GLOBAL_BOOL(lp_passwd_chat_debug, &Globals.bPasswdChatDebug)
FN_GLOBAL_BOOL(lp_unicode, &Globals.bUnicode)
FN_GLOBAL_BOOL(lp_nt_pipe_support, &Globals.bNTPipeSupport)
+FN_GLOBAL_BOOL(lp_nt_status_support, &Globals.bNTStatusSupport)
FN_GLOBAL_BOOL(lp_stat_cache, &Globals.bStatCache)
FN_GLOBAL_BOOL(lp_allow_trusted_domains, &Globals.bAllowTrustedDomains)
FN_GLOBAL_BOOL(lp_restrict_anonymous, &Globals.bRestrictAnonymous)
FN_GLOBAL_INTEGER(lp_map_to_guest, &Globals.map_to_guest)
FN_GLOBAL_INTEGER(lp_min_passwd_length, &Globals.min_passwd_length)
FN_GLOBAL_INTEGER(lp_oplock_break_wait_time, &Globals.oplock_break_wait_time)
+FN_GLOBAL_INTEGER(lp_lock_spin_count, &Globals.iLockSpinCount)
+FN_GLOBAL_INTEGER(lp_lock_sleep_time, &Globals.iLockSpinTime)
FN_LOCAL_STRING(lp_preexec, szPreExec)
FN_LOCAL_STRING(lp_postexec, szPostExec)
FN_LOCAL_STRING(lp_rootpreexec, szRootPreExec)
FN_LOCAL_STRING(lp_rootpostexec, szRootPostExec)
FN_LOCAL_STRING(lp_servicename, szService)
+FN_LOCAL_CONST_STRING(lp_const_servicename, szService)
FN_LOCAL_STRING(lp_pathname, szPath)
FN_LOCAL_STRING(lp_dontdescend, szDontdescend)
FN_LOCAL_STRING(lp_username, szUsername)
FN_LOCAL_LIST(lp_printer_admin, printer_admin)
FN_LOCAL_STRING(lp_fstype, fstype)
FN_LOCAL_STRING(lp_vfsobj, szVfsObjectFile)
+FN_LOCAL_STRING(lp_vfs_options, szVfsOptions)
static FN_LOCAL_STRING(lp_volume, volume)
FN_LOCAL_STRING(lp_mangled_map, szMangledMap)
FN_LOCAL_STRING(lp_veto_files, szVetoFiles)
FN_LOCAL_BOOL(lp_fake_dir_create_times, bFakeDirCreateTimes)
FN_LOCAL_BOOL(lp_blocking_locks, bBlockingLocks)
FN_LOCAL_BOOL(lp_inherit_perms, bInheritPerms)
+FN_LOCAL_BOOL(lp_inherit_acls, bInheritACLS)
FN_LOCAL_BOOL(lp_use_client_driver, bUseClientDriver)
FN_LOCAL_BOOL(lp_default_devmode, bDefaultDevmode)
FN_LOCAL_BOOL(lp_nt_acl_support, bNTAclSupport)
FN_LOCAL_INTEGER(lp_maxprintjobs, iMaxPrintJobs)
FN_LOCAL_INTEGER(lp_printing, iPrinting)
FN_LOCAL_INTEGER(lp_oplock_contention_limit, iOplockContentionLimit)
+FN_LOCAL_INTEGER(lp_csc_policy, iCSCPolicy)
FN_LOCAL_INTEGER(lp_write_cache_size, iWriteCacheSize)
FN_LOCAL_CHAR(lp_magicchar, magic_char)
FN_GLOBAL_INTEGER(lp_winbind_cache_time, &Globals.winbind_cache_time)
FN_GLOBAL_BOOL(lp_hide_local_users, &Globals.bHideLocalUsers)
+FN_GLOBAL_BOOL(lp_algorithmic_rid_base, &Globals.bAlgorithmicRidBase)
+
+typedef struct _param_opt_struct param_opt_struct;
+struct _param_opt_struct {
+ char *key;
+ char *value;
+ param_opt_struct *prev, *next;
+};
+
+static param_opt_struct *param_opt = NULL;
+
+/* Return parametric option from given service. Type is a part of option before ':' */
+/* Parametric option has following syntax: 'Type: option = value' */
+/* Returned value is allocated in 'lp_talloc' context */
+char *lp_parm_string(const char *servicename, const char *type, const char *option)
+{
+ param_opt_struct *data;
+ pstring vfskey;
+
+ if (param_opt != NULL) {
+ ZERO_STRUCT(vfskey);
+ pstr_sprintf(vfskey, "%s:%s:%s", (servicename==NULL) ? "global" : servicename,
+ type, option);
+ data = param_opt;
+ while (data) {
+ if (strcmp(data->key, vfskey) == 0) {
+ return lp_string(data->value);
+ }
+ data = data->next;
+ }
+ /* Try to fetch the same option but from globals */
+ pstr_sprintf(vfskey, "global:%s:%s", type, option);
+ data = param_opt;
+ while (data) {
+ if (strcmp(data->key, vfskey) == 0) {
+ return lp_string(data->value);
+ }
+ data = data->next;
+ }
+
+ }
+ return NULL;
+}
/* local prototypes */
if (strwicmp(parm_table[iIndex].label, pszParmName) == 0)
return (iIndex);
- DEBUG(0, ("Unknown parameter encountered: \"%s\"\n", pszParmName));
+ /* Warn only if it isn't parametric option */
+ if (strchr(pszParmName, ':') == NULL)
+ DEBUG(0, ("Unknown parameter encountered: \"%s\"\n", pszParmName));
+ /* We do return 'fail' for parametric options as well because they are
+ stored in different storage
+ */
return (-1);
}
return;
}
file_lists = f;
+ f->modtime = file_modtime(subfname);
+ } else {
+ time_t t = file_modtime(subfname);
+ if (t)
+ f->modtime = t;
}
-
- f->modtime = file_modtime(subfname);
-
}
/*******************************************************************
struct file_lists *f = file_lists;
DEBUG(6, ("lp_file_list_changed()\n"));
- while (f)
- {
+ while (f) {
pstring n2;
time_t mod_time;
mod_time = file_modtime(n2);
- if ((f->modtime != mod_time) || (f->subfname == NULL) || (strcmp(n2, f->subfname) != 0))
- {
+ if (mod_time && ((f->modtime != mod_time) || (f->subfname == NULL) || (strcmp(n2, f->subfname) != 0))) {
DEBUGADD(6,
("file %s modified: %s\n", n2,
ctime(&mod_time)));
return debug_parse_levels( pszParmValue );
}
+/***************************************************************************
+ Handle the ldap machine suffix option
+***************************************************************************/
+static BOOL handle_ldap_machine_suffix( char *pszParmValue, char **ptr)
+{
+ pstring suffix;
+
+ pstrcpy(suffix, pszParmValue);
+
+ if (! *Globals.szLdapSuffix ) {
+ string_set( ptr, suffix );
+ return True;
+ }
+
+ if (! strstr(suffix, Globals.szLdapSuffix) ) {
+ if ( *pszParmValue )
+ pstrcat(suffix, ",");
+ pstrcat(suffix, Globals.szLdapSuffix);
+ }
+ string_set( ptr, suffix );
+ return True;
+}
+
+/***************************************************************************
+ Handle the ldap user suffix option
+***************************************************************************/
+static BOOL handle_ldap_user_suffix( char *pszParmValue, char **ptr)
+{
+ pstring suffix;
+
+ pstrcpy(suffix, pszParmValue);
+
+ if (! *Globals.szLdapSuffix ) {
+ string_set( ptr, suffix );
+ return True;
+ }
+
+ if (! strstr(suffix, Globals.szLdapSuffix) ) {
+ if ( *pszParmValue )
+ pstrcat(suffix, ",");
+ pstrcat(suffix, Globals.szLdapSuffix);
+ }
+ string_set( ptr, suffix );
+ return True;
+}
+
+/***************************************************************************
+ Handle setting ldap suffix and determines whether ldap machine suffix needs
+ to be set as well
+***************************************************************************/
+static BOOL handle_ldap_suffix( char *pszParmValue, char **ptr)
+{
+ pstring suffix;
+ pstring user_suffix;
+ pstring machine_suffix;
+
+ pstrcpy(suffix, pszParmValue);
+
+ if (! *Globals.szLdapMachineSuffix )
+ string_set(&Globals.szLdapMachineSuffix, suffix);
+ if (! *Globals.szLdapUserSuffix )
+ string_set(&Globals.szLdapUserSuffix, suffix);
+
+ if (! strstr(Globals.szLdapMachineSuffix, suffix)) {
+ pstrcpy(machine_suffix, Globals.szLdapMachineSuffix);
+ if ( *Globals.szLdapMachineSuffix )
+ pstrcat(machine_suffix, ",");
+ pstrcat(machine_suffix, suffix);
+ string_set(&Globals.szLdapMachineSuffix, machine_suffix);
+ }
+
+ if (! strstr(Globals.szLdapUserSuffix, suffix)) {
+ pstrcpy(user_suffix, Globals.szLdapUserSuffix);
+ if ( *Globals.szLdapUserSuffix )
+ pstrcat(user_suffix, ",");
+ pstrcat(user_suffix, suffix);
+ string_set(&Globals.szLdapUserSuffix, user_suffix);
+ }
+
+ string_set(ptr, suffix);
+ return True;
+}
/***************************************************************************
initialise a copymap
***************************************************************************/
BOOL lp_do_parameter(int snum, char *pszParmName, char *pszParmValue)
{
- int parmnum, i;
+ int parmnum, i, slen;
void *parm_ptr = NULL; /* where we are going to store the result */
void *def_ptr = NULL;
+ pstring vfskey;
+ char *sep;
+ param_opt_struct *paramo;
parmnum = map_parameter(pszParmName);
if (parmnum < 0)
{
+ if ((sep=strchr(pszParmName, ':')) != NULL) {
+ *sep = 0;
+ ZERO_STRUCT(vfskey);
+ pstr_sprintf(vfskey, "%s:%s:",
+ (snum >= 0) ? lp_servicename(snum) : "global", pszParmName);
+ slen = strlen(vfskey);
+ safe_strcat(vfskey, sep+1, sizeof(pstring));
+ trim_string(vfskey+slen, " ", " ");
+ paramo = smb_xmalloc(sizeof(param_opt_struct));
+ paramo->key = strdup(vfskey);
+ paramo->value = strdup(pszParmValue);
+ DLIST_ADD(param_opt, paramo);
+ *sep = ':';
+ return (True);
+ }
DEBUG(0,
("Ignoring unknown parameter \"%s\"\n", pszParmName));
return (True);
static void dump_globals(FILE *f)
{
int i;
+ param_opt_struct *data;
+ char *s;
+
fprintf(f, "# Global parameters\n[global]\n");
for (i = 0; parm_table[i].label; i++)
print_parameter(&parm_table[i], parm_table[i].ptr, f);
fprintf(f, "\n");
}
+ if (param_opt != NULL) {
+ data = param_opt;
+ while(data) {
+ if (((s=strstr(data->key, "global")) == data->key) &&
+ (*(s+strlen("global")) == ':')) {
+ fprintf(f, "\t%s = %s\n", s+strlen("global")+1, data->value);
+ }
+ data = data->next;
+ }
+ }
+
}
/***************************************************************************
((char *)&sDefault) + pdiff);
}
-
/***************************************************************************
Display the contents of a single services record.
***************************************************************************/
static void dump_a_service(service * pService, FILE * f)
{
int i;
+ param_opt_struct *data;
+ char *s, *sn;
+
if (pService != &sDefault)
fprintf(f, "\n[%s]\n", pService->szService);
((char *)pService) + pdiff, f);
fprintf(f, "\n");
}
+ if (param_opt != NULL) {
+ data = param_opt;
+ sn = (pService == &sDefault) ? "global" : pService->szService;
+ while(data) {
+ if (((s=strstr(data->key, sn)) == data->key) &&
+ (*(s+strlen(sn)) == ':')) {
+ fprintf(f, "\t%s = %s\n", s+strlen(sn)+1, data->value);
+ }
+ data = data->next;
+ }
+ }
}
switch (lp_security()) {
case SEC_SHARE:
- {
- if (lp_domain_logons()) {
- DEBUG(0,
- ("Server's Role (logon server) conflicts with share-level security\n"));
- }
+ if (lp_domain_logons())
+ DEBUG(0, ("Server's Role (logon server) conflicts with share-level security\n"));
+ DEBUG(10,("set_server_role: ROLE_STANDALONE\n"));
break;
- }
case SEC_SERVER:
case SEC_DOMAIN:
case SEC_ADS:
- {
if (lp_domain_logons()) {
server_role = ROLE_DOMAIN_BDC;
+ DEBUG(10,("set_server_role:ROLE_DOMAIN_BDC\n"));
break;
}
server_role = ROLE_DOMAIN_MEMBER;
+ DEBUG(10,("set_server_role: ROLE_DOMAIN_MEMBER\n"));
break;
- }
case SEC_USER:
- {
if (lp_domain_logons()) {
server_role = ROLE_DOMAIN_PDC;
+ DEBUG(10,("set_server_role: ROLE_DOMAIN_PDC\n"));
break;
}
+ DEBUG(10,("set_server_role: ROLE_STANDALONE\n"));
break;
- }
default:
- {
- DEBUG(0,
- ("Server's Role undefined due to unknown security mode\n"));
- }
+ DEBUG(0, ("Server's Role undefined due to unknown security mode\n"));
+ DEBUG(10,("set_server_role: ROLE_STANDALONE\n"));
+ break;
}
}
+
/***************************************************************************
Load the services array from the services file. Return True on success,
False on failure.
{
pstring n2;
BOOL bRetval;
+ param_opt_struct *data, *pdata;
pstrcpy(n2, pszFname);
standard_sub_basic(current_user_info.smb_name, n2);
bRetval = False;
+ DEBUG(3, ("lp_load: refreshing parmaters\n"));
+
bInGlobalSection = True;
bGlobalOnly = global_only;
lp_save_defaults();
}
+ if (param_opt != NULL) {
+ data = param_opt;
+ while (data) {
+ SAFE_FREE(data->key);
+ SAFE_FREE(data->value);
+ pdata = data->next;
+ SAFE_FREE(data);
+ data = pdata;
+ }
+ param_opt = NULL;
+ }
+
/* We get sections first, so have to start 'behind' to make up */
iServiceIndex = -1;
bRetval = pm_process(n2, do_section, do_parameter);
return (bRetval);
}
-
/***************************************************************************
reset the max number of services
***************************************************************************/
const char *get_called_name(void)
{
extern fstring local_machine;
- return (*local_machine) ? local_machine : global_myname;
+ static fstring called_name;
+
+ if (! *local_machine)
+ return global_myname;
+
+ /*
+ * Windows NT/2k uses "*SMBSERVER" and XP uses "*SMBSERV"
+ * arrggg!!! but we've already rewritten the client's
+ * netbios name at this point...
+ */
+
+ if (*local_machine) {
+ if (!StrCaseCmp(local_machine, "_SMBSERVER") || !StrCaseCmp(local_machine, "_SMBSERV")) {
+ fstrcpy(called_name, get_my_primary_ip());
+ DEBUG(8,("get_called_name: assuming that client used IP address [%s] as called name.\n",
+ called_name));
+ return called_name;
+ }
+ }
+
+ return local_machine;
}