search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
docs: fix type for password server parameter
[Samba.git] / source3 / lib / popt_common.c
blobe8eca57fae00cebd97ece63999d7c833a2b09079
1 /*
2 Unix SMB/CIFS implementation.
3 Common popt routines
4
5 Copyright (C) Tim Potter 2001,2002
6 Copyright (C) Jelmer Vernooij 2002,2003
7 Copyright (C) James Peach 2006
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "system/filesys.h"
25 #include "popt_common.h"
26
27 /* Handle command line options:
28 * -d,--debuglevel
29 * -s,--configfile
30 * -O,--socket-options
31 * -V,--version
32 * -l,--log-base
33 * -n,--netbios-name
34 * -W,--workgroup
35 * -i,--scope
36 */
37
38 enum {OPT_OPTION=1};
39
40 extern bool override_logfile;
41
42 static void set_logfile(poptContext con, const char * arg)
43 {
44
45 char *lfile = NULL;
46 const char *pname;
47
48 /* Find out basename of current program */
49 pname = strrchr_m(poptGetInvocationName(con),'/');
50
51 if (!pname)
52 pname = poptGetInvocationName(con);
53 else
54 pname++;
55
56 if (asprintf(&lfile, "%s/log.%s", arg, pname) < 0) {
57 return;
58 }
59 lp_set_logfile(lfile);
60 SAFE_FREE(lfile);
61 }
62
63 static bool PrintSambaVersionString;
64
65 static void popt_s3_talloc_log_fn(const char *message)
66 {
67 DEBUG(0,("%s", message));
68 }
69
70 static void popt_common_callback(poptContext con,
71 enum poptCallbackReason reason,
72 const struct poptOption *opt,
73 const char *arg, const void *data)
74 {
75
76 if (reason == POPT_CALLBACK_REASON_PRE) {
77 set_logfile(con, get_dyn_LOGFILEBASE());
78 talloc_set_log_fn(popt_s3_talloc_log_fn);
79 talloc_set_abort_fn(smb_panic);
80 return;
81 }
82
83 if (reason == POPT_CALLBACK_REASON_POST) {
84
85 if (PrintSambaVersionString) {
86 printf( "Version %s\n", samba_version_string());
87 exit(0);
88 }
89
90 if (is_default_dyn_CONFIGFILE()) {
91 if(getenv("SMB_CONF_PATH")) {
92 set_dyn_CONFIGFILE(getenv("SMB_CONF_PATH"));
93 }
94 }
95
96 /* Further 'every Samba program must do this' hooks here. */
97 return;
98 }
99
100 switch(opt->val) {
101 case OPT_OPTION:
102 if (!lp_set_option(arg)) {
103 fprintf(stderr, "Error setting option '%s'\n", arg);
104 exit(1);
105 }
106 break;
107
108 case 'd':
109 if (arg) {
110 lp_set_cmdline("log level", arg);
111 }
112 break;
113
114 case 'V':
115 PrintSambaVersionString = True;
116 break;
117
118 case 'O':
119 if (arg) {
120 lp_do_parameter(-1, "socket options", arg);
121 }
122 break;
123
124 case 's':
125 if (arg) {
126 set_dyn_CONFIGFILE(arg);
127 }
128 break;
129
130 case 'n':
131 if (arg) {
132 lp_set_cmdline("netbios name", arg);
133 }
134 break;
135
136 case 'l':
137 if (arg) {
138 set_logfile(con, arg);
139 override_logfile = True;
140 set_dyn_LOGFILEBASE(arg);
141 }
142 break;
143
144 case 'i':
145 if (arg) {
146 lp_set_cmdline("netbios scope", arg);
147 }
148 break;
149
150 case 'W':
151 if (arg) {
152 lp_set_cmdline("workgroup", arg);
153 }
154 break;
155 }
156 }
157
158 struct poptOption popt_common_connection[] = {
159 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
160 { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
161 "SOCKETOPTIONS" },
162 { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
163 { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
164 { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
165
166 POPT_TABLEEND
167 };
168
169 struct poptOption popt_common_samba[] = {
170 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
171 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
172 { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
173 { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Base name for log files", "LOGFILEBASE" },
174 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
175 { "option", 0, POPT_ARG_STRING, NULL, OPT_OPTION, "Set smb.conf option from command line", "name=value" },
176 POPT_TABLEEND
177 };
178
179 struct poptOption popt_common_configfile[] = {
180 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
181 { "configfile", 0, POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
182 POPT_TABLEEND
183 };
184
185 struct poptOption popt_common_version[] = {
186 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_POST, (void *)popt_common_callback },
187 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
188 POPT_TABLEEND
189 };
190
191 struct poptOption popt_common_debuglevel[] = {
192 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
193 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
194 POPT_TABLEEND
195 };
196
197 struct poptOption popt_common_option[] = {
198 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_POST, (void *)popt_common_callback },
199 { "option", 0, POPT_ARG_STRING, NULL, OPT_OPTION, "Set smb.conf option from command line", "name=value" },
200 POPT_TABLEEND
201 };
202
203 /* Handle command line options:
204 * --sbindir
205 * --bindir
206 * --lmhostsfile
207 * --libdir
208 * --modulesdir
209 * --shlibext
210 * --lockdir
211 * --statedir
212 * --cachedir
213 * --piddir
214 * --smb-passwd-file
215 * --private-dir
216 */
217
218 enum dyn_item{
219 DYN_SBINDIR = 1,
220 DYN_BINDIR,
221 DYN_LMHOSTSFILE,
222 DYN_LIBDIR,
223 DYN_MODULESDIR,
224 DYN_SHLIBEXT,
225 DYN_LOCKDIR,
226 DYN_STATEDIR,
227 DYN_CACHEDIR,
228 DYN_PIDDIR,
229 DYN_SMB_PASSWD_FILE,
230 DYN_PRIVATE_DIR,
231 };
232
233
234 static void popt_dynconfig_callback(poptContext con,
235 enum poptCallbackReason reason,
236 const struct poptOption *opt,
237 const char *arg, const void *data)
238 {
239
240 switch (opt->val) {
241 case DYN_SBINDIR:
242 if (arg) {
243 set_dyn_SBINDIR(arg);
244 }
245 break;
246
247 case DYN_BINDIR:
248 if (arg) {
249 set_dyn_BINDIR(arg);
250 }
251 break;
252
253 case DYN_LMHOSTSFILE:
254 if (arg) {
255 set_dyn_LMHOSTSFILE(arg);
256 }
257 break;
258
259 case DYN_LIBDIR:
260 if (arg) {
261 set_dyn_LIBDIR(arg);
262 }
263 break;
264
265 case DYN_MODULESDIR:
266 if (arg) {
267 set_dyn_MODULESDIR(arg);
268 }
269 break;
270
271 case DYN_SHLIBEXT:
272 if (arg) {
273 set_dyn_SHLIBEXT(arg);
274 }
275 break;
276
277 case DYN_LOCKDIR:
278 if (arg) {
279 set_dyn_LOCKDIR(arg);
280 }
281 break;
282
283 case DYN_STATEDIR:
284 if (arg) {
285 set_dyn_STATEDIR(arg);
286 }
287 break;
288
289 case DYN_CACHEDIR:
290 if (arg) {
291 set_dyn_CACHEDIR(arg);
292 }
293 break;
294
295 case DYN_PIDDIR:
296 if (arg) {
297 set_dyn_PIDDIR(arg);
298 }
299 break;
300
301 case DYN_SMB_PASSWD_FILE:
302 if (arg) {
303 set_dyn_SMB_PASSWD_FILE(arg);
304 }
305 break;
306
307 case DYN_PRIVATE_DIR:
308 if (arg) {
309 set_dyn_PRIVATE_DIR(arg);
310 }
311 break;
312
313 }
314 }
315
316 const struct poptOption popt_common_dynconfig[] = {
317
318 { NULL, '\0', POPT_ARG_CALLBACK, (void *)popt_dynconfig_callback },
319
320 { "sbindir", '\0' , POPT_ARG_STRING, NULL, DYN_SBINDIR,
321 "Path to sbin directory", "SBINDIR" },
322 { "bindir", '\0' , POPT_ARG_STRING, NULL, DYN_BINDIR,
323 "Path to bin directory", "BINDIR" },
324 { "lmhostsfile", '\0' , POPT_ARG_STRING, NULL, DYN_LMHOSTSFILE,
325 "Path to lmhosts file", "LMHOSTSFILE" },
326 { "libdir", '\0' , POPT_ARG_STRING, NULL, DYN_LIBDIR,
327 "Path to shared library directory", "LIBDIR" },
328 { "modulesdir", '\0' , POPT_ARG_STRING, NULL, DYN_MODULESDIR,
329 "Path to shared modules directory", "MODULESDIR" },
330 { "shlibext", '\0' , POPT_ARG_STRING, NULL, DYN_SHLIBEXT,
331 "Shared library extension", "SHLIBEXT" },
332 { "lockdir", '\0' , POPT_ARG_STRING, NULL, DYN_LOCKDIR,
333 "Path to lock file directory", "LOCKDIR" },
334 { "statedir", '\0' , POPT_ARG_STRING, NULL, DYN_STATEDIR,
335 "Path to persistent state file directory", "STATEDIR" },
336 { "cachedir", '\0' , POPT_ARG_STRING, NULL, DYN_CACHEDIR,
337 "Path to temporary cache file directory", "CACHEDIR" },
338 { "piddir", '\0' , POPT_ARG_STRING, NULL, DYN_PIDDIR,
339 "Path to PID file directory", "PIDDIR" },
340 { "smb-passwd-file", '\0' , POPT_ARG_STRING, NULL, DYN_SMB_PASSWD_FILE,
341 "Path to smbpasswd file", "SMB_PASSWD_FILE" },
342 { "private-dir", '\0' , POPT_ARG_STRING, NULL, DYN_PRIVATE_DIR,
343 "Path to private data directory", "PRIVATE_DIR" },
344
345 POPT_TABLEEND
346 };
347
348 /****************************************************************************
349 * get a password from a a file or file descriptor
350 * exit on failure
351 * ****************************************************************************/
352
353 static void get_password_file(struct user_auth_info *auth_info)
354 {
355 int fd = -1;
356 char *p;
357 bool close_it = False;
358 char *spec = NULL;
359 char pass[128];
360
361 if ((p = getenv("PASSWD_FD")) != NULL) {
362 if (asprintf(&spec, "descriptor %s", p) < 0) {
363 return;
364 }
365 sscanf(p, "%d", &fd);
366 close_it = false;
367 } else if ((p = getenv("PASSWD_FILE")) != NULL) {
368 fd = open(p, O_RDONLY, 0);
369 spec = SMB_STRDUP(p);
370 if (fd < 0) {
371 fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
372 spec, strerror(errno));
373 exit(1);
374 }
375 close_it = True;
376 }
377
378 if (fd < 0) {
379 fprintf(stderr, "fd = %d, < 0\n", fd);
380 exit(1);
381 }
382
383 for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
384 p && p - pass < sizeof(pass);) {
385 switch (read(fd, p, 1)) {
386 case 1:
387 if (*p != '\n' && *p != '\0') {
388 *++p = '\0'; /* advance p, and null-terminate pass */
389 break;
390 }
391 case 0:
392 if (p - pass) {
393 *p = '\0'; /* null-terminate it, just in case... */
394 p = NULL; /* then force the loop condition to become false */
395 break;
396 } else {
397 fprintf(stderr, "Error reading password from file %s: %s\n",
398 spec, "empty password\n");
399 SAFE_FREE(spec);
400 exit(1);
401 }
402
403 default:
404 fprintf(stderr, "Error reading password from file %s: %s\n",
405 spec, strerror(errno));
406 SAFE_FREE(spec);
407 exit(1);
408 }
409 }
410 SAFE_FREE(spec);
411
412 set_cmdline_auth_info_password(auth_info, pass);
413 if (close_it) {
414 close(fd);
415 }
416 }
417
418 static void get_credentials_file(struct user_auth_info *auth_info,
419 const char *file)
420 {
421 XFILE *auth;
422 fstring buf;
423 uint16 len = 0;
424 char *ptr, *val, *param;
425
426 if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
427 {
428 /* fail if we can't open the credentials file */
429 d_printf("ERROR: Unable to open credentials file!\n");
430 exit(-1);
431 }
432
433 while (!x_feof(auth))
434 {
435 /* get a line from the file */
436 if (!x_fgets(buf, sizeof(buf), auth))
437 continue;
438 len = strlen(buf);
439
440 if ((len) && (buf[len-1]=='\n'))
441 {
442 buf[len-1] = '\0';
443 len--;
444 }
445 if (len == 0)
446 continue;
447
448 /* break up the line into parameter & value.
449 * will need to eat a little whitespace possibly */
450 param = buf;
451 if (!(ptr = strchr_m (buf, '=')))
452 continue;
453
454 val = ptr+1;
455 *ptr = '\0';
456
457 /* eat leading white space */
458 while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
459 val++;
460
461 if (strwicmp("password", param) == 0) {
462 set_cmdline_auth_info_password(auth_info, val);
463 } else if (strwicmp("username", param) == 0) {
464 set_cmdline_auth_info_username(auth_info, val);
465 } else if (strwicmp("domain", param) == 0) {
466 set_cmdline_auth_info_domain(auth_info, val);
467 }
468 memset(buf, 0, sizeof(buf));
469 }
470 x_fclose(auth);
471 }
472
473 /* Handle command line options:
474 * -U,--user
475 * -A,--authentication-file
476 * -k,--use-kerberos
477 * -N,--no-pass
478 * -S,--signing
479 * -P --machine-pass
480 * -e --encrypt
481 * -C --use-ccache
482 */
483
484
485 static void popt_common_credentials_callback(poptContext con,
486 enum poptCallbackReason reason,
487 const struct poptOption *opt,
488 const char *arg, const void *data)
489 {
490 struct user_auth_info *auth_info = talloc_get_type_abort(
491 *((const char **)data), struct user_auth_info);
492
493 if (reason == POPT_CALLBACK_REASON_PRE) {
494 set_cmdline_auth_info_username(auth_info, "GUEST");
495
496 if (getenv("LOGNAME")) {
497 set_cmdline_auth_info_username(auth_info,
498 getenv("LOGNAME"));
499 }
500
501 if (getenv("USER")) {
502 char *puser = SMB_STRDUP(getenv("USER"));
503 if (!puser) {
504 exit(ENOMEM);
505 }
506 set_cmdline_auth_info_username(auth_info, puser);
507 }
508
509 if (getenv("PASSWD")) {
510 set_cmdline_auth_info_password(auth_info,
511 getenv("PASSWD"));
512 }
513
514 if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
515 get_password_file(auth_info);
516 }
517
518 return;
519 }
520
521 switch(opt->val) {
522 case 'U':
523 {
524 char *lp;
525 char *puser = SMB_STRDUP(arg);
526
527 if ((lp=strchr_m(puser,'%'))) {
528 size_t len;
529 *lp = '\0';
530 set_cmdline_auth_info_username(auth_info,
531 puser);
532 set_cmdline_auth_info_password(auth_info,
533 lp+1);
534 len = strlen(lp+1);
535 memset(lp + 1, '\0', len);
536 } else {
537 set_cmdline_auth_info_username(auth_info,
538 puser);
539 }
540 SAFE_FREE(puser);
541 }
542 break;
543
544 case 'A':
545 get_credentials_file(auth_info, arg);
546 break;
547
548 case 'k':
549 #ifndef HAVE_KRB5
550 d_printf("No kerberos support compiled in\n");
551 exit(1);
552 #else
553 set_cmdline_auth_info_use_krb5_ticket(auth_info);
554 #endif
555 break;
556
557 case 'S':
558 if (!set_cmdline_auth_info_signing_state(auth_info, arg)) {
559 fprintf(stderr, "Unknown signing option %s\n", arg );
560 exit(1);
561 }
562 break;
563 case 'P':
564 set_cmdline_auth_info_use_machine_account(auth_info);
565 break;
566 case 'N':
567 set_cmdline_auth_info_password(auth_info, "");
568 break;
569 case 'e':
570 set_cmdline_auth_info_smb_encrypt(auth_info);
571 break;
572 case 'C':
573 set_cmdline_auth_info_use_ccache(auth_info, true);
574 break;
575 case 'H':
576 set_cmdline_auth_info_use_pw_nt_hash(auth_info, true);
577 break;
578 }
579 }
580
581 static struct user_auth_info *global_auth_info;
582
583 void popt_common_set_auth_info(struct user_auth_info *auth_info)
584 {
585 global_auth_info = auth_info;
586 }
587
588 /**
589 * @brief Burn the commandline password.
590 *
591 * This function removes the password from the command line so we
592 * don't leak the password e.g. in 'ps aux'.
593 *
594 * It should be called after processing the options and you should pass down
595 * argv from main().
596 *
597 * @param[in] argc The number of arguments.
598 *
599 * @param[in] argv[] The argument array we will find the array.
600 */
601 void popt_burn_cmdline_password(int argc, char *argv[])
602 {
603 bool found = false;
604 char *p = NULL;
605 int i, ulen = 0;
606
607 for (i = 0; i < argc; i++) {
608 p = argv[i];
609 if (strncmp(p, "-U", 2) == 0) {
610 ulen = 2;
611 found = true;
612 } else if (strncmp(p, "--user", 6) == 0) {
613 ulen = 6;
614 found = true;
615 }
616
617 if (found) {
618 if (p == NULL) {
619 return;
620 }
621
622 if (strlen(p) == ulen) {
623 continue;
624 }
625
626 p = strchr_m(p, '%');
627 if (p != NULL) {
628 memset(p, '\0', strlen(p));
629 }
630 found = false;
631 }
632 }
633 }
634
635 struct poptOption popt_common_credentials[] = {
636 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE,
637 (void *)popt_common_credentials_callback, 0,
638 (const char *)&global_auth_info },
639 { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
640 { "no-pass", 'N', POPT_ARG_NONE, NULL, 'N', "Don't ask for a password" },
641 { "kerberos", 'k', POPT_ARG_NONE, NULL, 'k', "Use kerberos (active directory) authentication" },
642 { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
643 { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
644 {"machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
645 {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
646 {"use-ccache", 'C', POPT_ARG_NONE, NULL, 'C',
647 "Use the winbind ccache for authentication" },
648 {"pw-nt-hash", '\0', POPT_ARG_NONE, NULL, 'H',
649 "The supplied password is the NT hash" },
650 POPT_TABLEEND
651 };
Samba GIT mirror