search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
pidl:Python: make use of NDR_ERR_CODE_IS_SUCCESS()
[Samba.git] / source3 / param / loadparm.c
blob3e1a15e0399f453d8a3b040a471b20b9aa163a34
1 /*
2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
5
6 Largely re-written by Andrew Tridgell, September 1994
7
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
15
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
20
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
25
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
28 */
29
30 /*
31 * Load parameters.
32 *
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
36 *
37 * To add a parameter:
38 *
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
44 *
45 *
46 * Notes:
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
52 * careful!
53 *
54 */
55
56 #include "includes.h"
57 #include "system/filesys.h"
58 #include "util_tdb.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
61 #include "printing.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
64
65 #include "ads.h"
66 #include "../librpc/gen_ndr/svcctl.h"
67 #include "intl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
73 #include "source4/lib/tls/tls.h"
74
75 #ifdef HAVE_SYS_SYSCTL_H
76 #include <sys/sysctl.h>
77 #endif
78
79 bool bLoaded = false;
80
81 extern userdom_struct current_user_info;
82
83 /* the special value for the include parameter
84 * to be interpreted not as a file name but to
85 * trigger loading of the global smb.conf options
86 * from registry. */
87 #ifndef INCLUDE_REGISTRY_NAME
88 #define INCLUDE_REGISTRY_NAME "registry"
89 #endif
90
91 static bool in_client = false; /* Not in the client by default */
92 static struct smbconf_csn conf_last_csn;
93
94 static int config_backend = CONFIG_BACKEND_FILE;
95
96 /* some helpful bits */
97 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
98 (ServicePtrs != NULL) && \
99 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
101 ServicePtrs[i]->valid)
102
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
105
106 static bool defaults_saved = false;
107
108 #include "lib/param/param_global.h"
109
110 static struct loadparm_global Globals;
111
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
114 {
115 .valid = true,
116 .autoloaded = false,
117 .usershare = 0,
118 .usershare_last_mod = {0, 0},
119 .szService = NULL,
120 .path = NULL,
121 .invalid_users = NULL,
122 .valid_users = NULL,
123 .admin_users = NULL,
124 .copy = NULL,
125 .include = NULL,
126 .preexec = NULL,
127 .postexec = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
132 .lpq_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
141 .hosts_allow = NULL,
142 .hosts_deny = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
145 .veto_files = NULL,
146 .hide_files = NULL,
147 .veto_oplock_files = NULL,
148 .comment = NULL,
149 .force_user = NULL,
150 .force_group = NULL,
151 .read_list = NULL,
152 .write_list = NULL,
153 .volume = NULL,
154 .fstype = NULL,
155 .vfs_objects = NULL,
156 .msdfs_proxy = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
163 .create_mask = 0744,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
171 .csc_policy = 0,
172 .block_size = 1024,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
183 .browseable = true,
184 .access_based_share_enum = false,
185 .available = true,
186 .read_only = true,
187 .spotlight = false,
188 .guest_only = false,
189 .administrative_share = false,
190 .guest_ok = false,
191 .printable = false,
192 .print_notify_backchannel = false,
193 .map_system = false,
194 .map_hidden = false,
195 .map_archive = true,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
198 .locking = true,
199 .strict_locking = Auto,
200 .posix_locking = true,
201 .oplocks = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .mangled_names = true,
205 .wide_links = false,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
212 .copymap = NULL,
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
224 .msdfs_root = false,
225 .msdfs_shuffle_referrals = false,
226 .use_client_driver = false,
227 .default_devmode = true,
228 .force_printername = false,
229 .nt_acl_support = true,
230 .force_unknown_acl_user = false,
231 ._use_sendfile = false,
232 .profile_acls = false,
233 .map_acl_inherit = false,
234 .afs_share = false,
235 .ea_support = false,
236 .acl_check_permissions = true,
237 .acl_map_full_control = true,
238 .acl_group_control = false,
239 .acl_allow_execute_always = false,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
241 .aio_read_size = 0,
242 .aio_write_size = 0,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
248 .param_opt = NULL,
249 .dummy = ""
250 };
251
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
261
262 static void set_allowed_client_auth(void);
263
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
266
267 /**
268 * Function to return the default value for the maximum number of open
269 * file descriptors permitted. This function tries to consult the
270 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
271 * the smaller of those.
272 */
273 static int max_open_files(void)
274 {
275 int sysctl_max = MAX_OPEN_FILES;
276 int rlimit_max = MAX_OPEN_FILES;
277
278 #ifdef HAVE_SYSCTLBYNAME
279 {
280 size_t size = sizeof(sysctl_max);
281 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
282 0);
283 }
284 #endif
285
286 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
287 {
288 struct rlimit rl;
289
290 ZERO_STRUCT(rl);
291
292 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
293 rlimit_max = rl.rlim_cur;
294
295 #if defined(RLIM_INFINITY)
296 if(rl.rlim_cur == RLIM_INFINITY)
297 rlimit_max = MAX_OPEN_FILES;
298 #endif
299 }
300 #endif
301
302 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
303 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
304 "minimum Windows limit (%d)\n",
305 sysctl_max,
306 MIN_OPEN_FILES_WINDOWS));
307 sysctl_max = MIN_OPEN_FILES_WINDOWS;
308 }
309
310 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
311 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
312 "minimum Windows limit (%d)\n",
313 rlimit_max,
314 MIN_OPEN_FILES_WINDOWS));
315 rlimit_max = MIN_OPEN_FILES_WINDOWS;
316 }
317
318 return MIN(sysctl_max, rlimit_max);
319 }
320
321 /**
322 * Common part of freeing allocated data for one parameter.
323 */
324 static void free_one_parameter_common(void *parm_ptr,
325 struct parm_struct parm)
326 {
327 if ((parm.type == P_STRING) ||
328 (parm.type == P_USTRING))
329 {
330 lpcfg_string_free((char**)parm_ptr);
331 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
332 TALLOC_FREE(*((char***)parm_ptr));
333 }
334 }
335
336 /**
337 * Free the allocated data for one parameter for a share
338 * given as a service struct.
339 */
340 static void free_one_parameter(struct loadparm_service *service,
341 struct parm_struct parm)
342 {
343 void *parm_ptr;
344
345 if (parm.p_class != P_LOCAL) {
346 return;
347 }
348
349 parm_ptr = lp_parm_ptr(service, &parm);
350
351 free_one_parameter_common(parm_ptr, parm);
352 }
353
354 /**
355 * Free the allocated parameter data of a share given
356 * as a service struct.
357 */
358 static void free_parameters(struct loadparm_service *service)
359 {
360 uint32_t i;
361
362 for (i=0; parm_table[i].label; i++) {
363 free_one_parameter(service, parm_table[i]);
364 }
365 }
366
367 /**
368 * Free the allocated data for one parameter for a given share
369 * specified by an snum.
370 */
371 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
372 {
373 void *parm_ptr;
374
375 if (snum < 0) {
376 parm_ptr = lp_parm_ptr(NULL, &parm);
377 } else if (parm.p_class != P_LOCAL) {
378 return;
379 } else {
380 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
381 }
382
383 free_one_parameter_common(parm_ptr, parm);
384 }
385
386 /**
387 * Free the allocated parameter data for a share specified
388 * by an snum.
389 */
390 static void free_parameters_by_snum(int snum)
391 {
392 uint32_t i;
393
394 for (i=0; parm_table[i].label; i++) {
395 free_one_parameter_by_snum(snum, parm_table[i]);
396 }
397 }
398
399 /**
400 * Free the allocated global parameters.
401 */
402 static void free_global_parameters(void)
403 {
404 uint32_t i;
405 struct parm_struct *parm;
406
407 free_param_opts(&Globals.param_opt);
408 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
409
410 /* Reset references in the defaults because the context is going to be freed */
411 for (i=0; parm_table[i].label; i++) {
412 parm = &parm_table[i];
413 if ((parm->type == P_STRING) ||
414 (parm->type == P_USTRING)) {
415 if ((parm->def.svalue != NULL) &&
416 (*(parm->def.svalue) != '\0')) {
417 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
418 parm->def.svalue = NULL;
419 }
420 }
421 }
422 }
423 TALLOC_FREE(Globals.ctx);
424 }
425
426 struct lp_stored_option {
427 struct lp_stored_option *prev, *next;
428 const char *label;
429 const char *value;
430 };
431
432 static struct lp_stored_option *stored_options;
433
434 /*
435 save options set by lp_set_cmdline() into a list. This list is
436 re-applied when we do a globals reset, so that cmdline set options
437 are sticky across reloads of smb.conf
438 */
439 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
440 {
441 struct lp_stored_option *entry, *entry_next;
442 for (entry = stored_options; entry != NULL; entry = entry_next) {
443 entry_next = entry->next;
444 if (strcmp(pszParmName, entry->label) == 0) {
445 DLIST_REMOVE(stored_options, entry);
446 talloc_free(entry);
447 break;
448 }
449 }
450
451 entry = talloc(NULL, struct lp_stored_option);
452 if (!entry) {
453 return false;
454 }
455
456 entry->label = talloc_strdup(entry, pszParmName);
457 if (!entry->label) {
458 talloc_free(entry);
459 return false;
460 }
461
462 entry->value = talloc_strdup(entry, pszParmValue);
463 if (!entry->value) {
464 talloc_free(entry);
465 return false;
466 }
467
468 DLIST_ADD_END(stored_options, entry);
469
470 return true;
471 }
472
473 static bool apply_lp_set_cmdline(void)
474 {
475 struct lp_stored_option *entry = NULL;
476 for (entry = stored_options; entry != NULL; entry = entry->next) {
477 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
478 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
479 entry->label, entry->value));
480 return false;
481 }
482 }
483 return true;
484 }
485
486 /***************************************************************************
487 Initialise the global parameter structure.
488 ***************************************************************************/
489
490 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
491 {
492 static bool done_init = false;
493 char *s = NULL;
494 int i;
495
496 /* If requested to initialize only once and we've already done it... */
497 if (!reinit_globals && done_init) {
498 /* ... then we have nothing more to do */
499 return;
500 }
501
502 if (!done_init) {
503 /* The logfile can be set before this is invoked. Free it if so. */
504 lpcfg_string_free(&Globals.logfile);
505 done_init = true;
506 } else {
507 free_global_parameters();
508 }
509
510 /* This memset and the free_global_parameters() above will
511 * wipe out smb.conf options set with lp_set_cmdline(). The
512 * apply_lp_set_cmdline() call puts these values back in the
513 * table once the defaults are set */
514 ZERO_STRUCT(Globals);
515
516 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
517
518 /* Initialize the flags list if necessary */
519 if (flags_list == NULL) {
520 get_flags();
521 }
522
523 for (i = 0; parm_table[i].label; i++) {
524 if ((parm_table[i].type == P_STRING ||
525 parm_table[i].type == P_USTRING))
526 {
527 lpcfg_string_set(
528 Globals.ctx,
529 (char **)lp_parm_ptr(NULL, &parm_table[i]),
530 "");
531 }
532 }
533
534
535 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
536 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
537
538 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
539
540 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
541
542 DEBUG(3, ("Initialising global parameters\n"));
543
544 /* Must manually force to upper case here, as this does not go via the handler */
545 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
546 myhostname_upper());
547
548 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
549 get_dyn_SMB_PASSWD_FILE());
550 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
551 get_dyn_PRIVATE_DIR());
552
553 /* use the new 'hash2' method by default, with a prefix of 1 */
554 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
555 Globals.mangle_prefix = 1;
556
557 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
558
559 /* using UTF8 by default allows us to support all chars */
560 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
561 DEFAULT_UNIX_CHARSET);
562
563 /* Use codepage 850 as a default for the dos character set */
564 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
565 DEFAULT_DOS_CHARSET);
566
567 /*
568 * Allow the default PASSWD_CHAT to be overridden in local.h.
569 */
570 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
571 DEFAULT_PASSWD_CHAT);
572
573 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
574
575 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
576 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
577 get_dyn_LOCKDIR());
578 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
579 get_dyn_STATEDIR());
580 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
581 get_dyn_CACHEDIR());
582 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
583 get_dyn_PIDDIR());
584 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
585 "0.0.0.0");
586 /*
587 * By default support explicit binding to broadcast
588 * addresses.
589 */
590 Globals.nmbd_bind_explicit_broadcast = true;
591
592 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
593 if (s == NULL) {
594 smb_panic("init_globals: ENOMEM");
595 }
596 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
597 TALLOC_FREE(s);
598 #ifdef DEVELOPER
599 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
600 "/bin/sleep 999999999");
601 #endif
602
603 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
604 DEFAULT_SOCKET_OPTIONS);
605
606 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
607 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
608 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
609 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
610 "\\\\%N\\%U\\profile");
611
612 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
613 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
614
615 Globals.algorithmic_rid_base = BASE_RID;
616
617 Globals.load_printers = true;
618 Globals.printcap_cache_time = 750; /* 12.5 minutes */
619
620 Globals.config_backend = config_backend;
621 Globals._server_role = ROLE_AUTO;
622
623 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
624 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
625 Globals.max_xmit = 0x4104;
626 Globals.max_mux = 50; /* This is *needed* for profile support. */
627 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
628 Globals._disable_spoolss = false;
629 Globals.max_smbd_processes = 0;/* no limit specified */
630 Globals.username_level = 0;
631 Globals.deadtime = 0;
632 Globals.getwd_cache = true;
633 Globals.large_readwrite = true;
634 Globals.max_log_size = 5000;
635 Globals.max_open_files = max_open_files();
636 Globals.server_max_protocol = PROTOCOL_SMB3_11;
637 Globals.server_min_protocol = PROTOCOL_LANMAN1;
638 Globals._client_max_protocol = PROTOCOL_DEFAULT;
639 Globals.client_min_protocol = PROTOCOL_CORE;
640 Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
641 Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
642 Globals._security = SEC_AUTO;
643 Globals.encrypt_passwords = true;
644 Globals.client_schannel = Auto;
645 Globals.winbind_sealed_pipes = true;
646 Globals.require_strong_key = true;
647 Globals.server_schannel = Auto;
648 Globals.read_raw = true;
649 Globals.write_raw = true;
650 Globals.null_passwords = false;
651 Globals.old_password_allowed_period = 60;
652 Globals.obey_pam_restrictions = false;
653 Globals.syslog = 1;
654 Globals.syslog_only = false;
655 Globals.timestamp_logs = true;
656 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
657 Globals.debug_prefix_timestamp = false;
658 Globals.debug_hires_timestamp = true;
659 Globals.debug_pid = false;
660 Globals.debug_uid = false;
661 Globals.debug_class = false;
662 Globals.enable_core_files = true;
663 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
664 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
665 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
666 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
667 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
668 Globals.lm_interval = 60;
669 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
670 Globals.nis_homedir = false;
671 #ifdef WITH_NISPLUS_HOME
672 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
673 "auto_home.org_dir");
674 #else
675 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
676 #endif
677 #endif
678 Globals.time_server = false;
679 Globals.bind_interfaces_only = false;
680 Globals.unix_password_sync = false;
681 Globals.pam_password_change = false;
682 Globals.passwd_chat_debug = false;
683 Globals.passwd_chat_timeout = 2; /* 2 second default. */
684 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
685 Globals.nt_status_support = true; /* Use NT status by default. */
686 Globals.smbd_profiling_level = 0;
687 Globals.stat_cache = true; /* use stat cache by default */
688 Globals.max_stat_cache_size = 256; /* 256k by default */
689 Globals.restrict_anonymous = 0;
690 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
691 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
692 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
693 Globals.ntlm_auth = false; /* Do NOT use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
694 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
695 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
696 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
697
698 Globals.allow_dcerpc_auth_level_connect = false; /* we don't allow this by default */
699
700 Globals.map_to_guest = 0; /* By Default, "Never" */
701 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
702 Globals.enhanced_browsing = true;
703 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
704 #ifdef MMAP_BLACKLIST
705 Globals.use_mmap = false;
706 #else
707 Globals.use_mmap = true;
708 #endif
709 Globals.unicode = true;
710 Globals.unix_extensions = true;
711 Globals.reset_on_zero_vc = false;
712 Globals.log_writeable_files_on_exit = false;
713 Globals.create_krb5_conf = true;
714 Globals._winbind_max_domain_connections = 1;
715
716 /* hostname lookups can be very expensive and are broken on
717 a large number of sites (tridge) */
718 Globals.hostname_lookups = false;
719
720 Globals.change_notify = true,
721 Globals.kernel_change_notify = true,
722
723 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
724 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
725 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
726 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
727 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
728 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
729
730 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
731 Globals.ldap_ssl = LDAP_SSL_START_TLS;
732 Globals.ldap_ssl_ads = false;
733 Globals.ldap_deref = -1;
734 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
735 Globals.ldap_delete_dn = false;
736 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
737 Globals.ldap_follow_referral = Auto;
738 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
739 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
740 Globals.ldap_page_size = LDAP_PAGE_SIZE;
741
742 Globals.ldap_debug_level = 0;
743 Globals.ldap_debug_threshold = 10;
744
745 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
746
747 Globals.ldap_server_require_strong_auth =
748 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
749
750 /* This is what we tell the afs client. in reality we set the token
751 * to never expire, though, when this runs out the afs client will
752 * forget the token. Set to 0 to get NEVERDATE.*/
753 Globals.afs_token_lifetime = 604800;
754 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
755
756 /* these parameters are set to defaults that are more appropriate
757 for the increasing samba install base:
758
759 as a member of the workgroup, that will possibly become a
760 _local_ master browser (lm = true). this is opposed to a forced
761 local master browser startup (pm = true).
762
763 doesn't provide WINS server service by default (wsupp = false),
764 and doesn't provide domain master browser services by default, either.
765
766 */
767
768 Globals.show_add_printer_wizard = true;
769 Globals.os_level = 20;
770 Globals.local_master = true;
771 Globals._domain_master = Auto; /* depending on _domain_logons */
772 Globals._domain_logons = false;
773 Globals.browse_list = true;
774 Globals.we_are_a_wins_server = false;
775 Globals.wins_proxy = false;
776
777 TALLOC_FREE(Globals.init_logon_delayed_hosts);
778 Globals.init_logon_delay = 100; /* 100 ms default delay */
779
780 Globals.wins_dns_proxy = true;
781
782 Globals.allow_trusted_domains = true;
783 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
784
785 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
786 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
787 "/home/%D/%U");
788 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
789 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
790 dyn_WINBINDD_SOCKET_DIR);
791
792 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
793 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
794
795 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
796
797 Globals.cluster_addresses = NULL;
798 Globals.clustering = false;
799 Globals.ctdb_timeout = 0;
800 Globals.ctdb_locktime_warn_threshold = 0;
801
802 Globals.winbind_cache_time = 300; /* 5 minutes */
803 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
804 Globals.winbind_request_timeout = 60; /* 60 seconds */
805 Globals.winbind_max_clients = 200;
806 Globals.winbind_enum_users = false;
807 Globals.winbind_enum_groups = false;
808 Globals.winbind_use_default_domain = false;
809 Globals.winbind_trusted_domains_only = false;
810 Globals.winbind_nested_groups = true;
811 Globals.winbind_expand_groups = 0;
812 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
813 Globals.winbind_refresh_tickets = false;
814 Globals.winbind_offline_logon = false;
815
816 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
817 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
818
819 Globals.passdb_expand_explicit = false;
820
821 Globals.name_cache_timeout = 660; /* In seconds */
822
823 Globals.use_spnego = true;
824 Globals.client_use_spnego = true;
825
826 Globals.client_signing = SMB_SIGNING_DEFAULT;
827 Globals._client_ipc_signing = SMB_SIGNING_DEFAULT;
828 Globals.server_signing = SMB_SIGNING_DEFAULT;
829
830 Globals.defer_sharing_violations = true;
831 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
832
833 Globals.enable_privileges = true;
834 Globals.host_msdfs = true;
835 Globals.enable_asu_support = false;
836
837 /* User defined shares. */
838 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
839 if (s == NULL) {
840 smb_panic("init_globals: ENOMEM");
841 }
842 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
843 TALLOC_FREE(s);
844 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
845 Globals.usershare_max_shares = 0;
846 /* By default disallow sharing of directories not owned by the sharer. */
847 Globals.usershare_owner_only = true;
848 /* By default disallow guest access to usershares. */
849 Globals.usershare_allow_guests = false;
850
851 Globals.keepalive = DEFAULT_KEEPALIVE;
852
853 /* By default no shares out of the registry */
854 Globals.registry_shares = false;
855
856 Globals.min_receivefile_size = 0;
857
858 Globals.map_untrusted_to_domain = false;
859 Globals.multicast_dns_register = true;
860
861 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
862 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
863 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
864 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
865 Globals.smb2_leases = true;
866
867 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
868 get_dyn_NCALRPCDIR());
869
870 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
871
872 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
873
874 Globals.tls_enabled = true;
875 Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
876
877 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
878 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
879 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
880 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
881 "NORMAL:-VERS-SSL3.0");
882
883 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
884
885 Globals._preferred_master = Auto;
886
887 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
888
889 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
890 get_dyn_NTP_SIGND_SOCKET_DIR());
891
892 lpcfg_string_set(Globals.ctx,
893 &Globals.winbindd_privileged_socket_directory,
894 get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
895
896 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
897 if (s == NULL) {
898 smb_panic("init_globals: ENOMEM");
899 }
900 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
901 TALLOC_FREE(s);
902
903 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
904 if (s == NULL) {
905 smb_panic("init_globals: ENOMEM");
906 }
907 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
908 TALLOC_FREE(s);
909
910 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
911 if (s == NULL) {
912 smb_panic("init_globals: ENOMEM");
913 }
914 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
915 TALLOC_FREE(s);
916
917 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
918
919 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
920
921 Globals.cldap_port = 389;
922
923 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
924
925 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
926
927 Globals.krb5_port = 88;
928
929 Globals.kpasswd_port = 464;
930
931 Globals.web_port = 901;
932
933 Globals.aio_max_threads = 100;
934
935 /* Now put back the settings that were set with lp_set_cmdline() */
936 apply_lp_set_cmdline();
937 }
938
939 /* Convenience routine to setup an lp_context with additional s3 variables */
940 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
941 {
942 struct loadparm_context *lp_ctx;
943
944 lp_ctx = loadparm_init_s3(mem_ctx,
945 loadparm_s3_helpers());
946 if (lp_ctx == NULL) {
947 DEBUG(0, ("loadparm_init_s3 failed\n"));
948 return NULL;
949 }
950
951 lp_ctx->sDefault = &sDefault;
952 lp_ctx->services = NULL; /* We do not want to access this directly */
953 lp_ctx->bInGlobalSection = bInGlobalSection;
954 lp_ctx->flags = flags_list;
955
956 return lp_ctx;
957 }
958
959 /*******************************************************************
960 Convenience routine to grab string parameters into talloced memory
961 and run standard_sub_basic on them. The buffers can be written to by
962 callers without affecting the source string.
963 ********************************************************************/
964
965 char *lp_string(TALLOC_CTX *ctx, const char *s)
966 {
967 char *ret;
968
969 /* The follow debug is useful for tracking down memory problems
970 especially if you have an inner loop that is calling a lp_*()
971 function that returns a string. Perhaps this debug should be
972 present all the time? */
973
974 #if 0
975 DEBUG(10, ("lp_string(%s)\n", s));
976 #endif
977 if (!s) {
978 return NULL;
979 }
980
981 ret = talloc_sub_basic(ctx,
982 get_current_username(),
983 current_user_info.domain,
984 s);
985 if (trim_char(ret, '\"', '\"')) {
986 if (strchr(ret,'\"') != NULL) {
987 TALLOC_FREE(ret);
988 ret = talloc_sub_basic(ctx,
989 get_current_username(),
990 current_user_info.domain,
991 s);
992 }
993 }
994 return ret;
995 }
996
997 /*
998 In this section all the functions that are used to access the
999 parameters from the rest of the program are defined
1000 */
1001
1002 #define FN_GLOBAL_STRING(fn_name,ptr) \
1003 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1004 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1005 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1006 #define FN_GLOBAL_LIST(fn_name,ptr) \
1007 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1008 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1009 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1010 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1011 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1012 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1013 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1014
1015 #define FN_LOCAL_STRING(fn_name,val) \
1016 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1017 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1018 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1019 #define FN_LOCAL_LIST(fn_name,val) \
1020 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1021 #define FN_LOCAL_BOOL(fn_name,val) \
1022 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1023 #define FN_LOCAL_INTEGER(fn_name,val) \
1024 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1025
1026 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1027 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1028 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1029 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1030 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1031 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1032
1033 int lp_winbind_max_domain_connections(void)
1034 {
1035 if (lp_winbind_offline_logon() &&
1036 lp__winbind_max_domain_connections() > 1) {
1037 DEBUG(1, ("offline logons active, restricting max domain "
1038 "connections to 1\n"));
1039 return 1;
1040 }
1041 return MAX(1, lp__winbind_max_domain_connections());
1042 }
1043
1044 /* These functions remain in source3/param for now */
1045
1046 #include "lib/param/param_functions.c"
1047
1048 FN_LOCAL_STRING(servicename, szService)
1049 FN_LOCAL_CONST_STRING(const_servicename, szService)
1050
1051 /* These functions cannot be auto-generated */
1052 FN_LOCAL_BOOL(autoloaded, autoloaded)
1053 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1054
1055 /* local prototypes */
1056
1057 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1058 static const char *get_boolean(bool bool_value);
1059 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1060 void *userdata);
1061 static bool hash_a_service(const char *name, int number);
1062 static void free_service_byindex(int iService);
1063 static void show_parameter(int parmIndex);
1064 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1065
1066 /*
1067 * This is a helper function for parametrical options support. It returns a
1068 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1069 * parametrical functions are quite simple
1070 */
1071 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1072 const char *option)
1073 {
1074 if (snum >= iNumServices) return NULL;
1075
1076 if (snum < 0) {
1077 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1078 } else {
1079 return get_parametric_helper(ServicePtrs[snum],
1080 type, option, Globals.param_opt);
1081 }
1082 }
1083
1084 static void discard_whitespace(char *str)
1085 {
1086 size_t len = strlen(str);
1087 size_t i = 0;
1088
1089 while (i < len) {
1090 if (isspace(str[i])) {
1091 memmove(&str[i], &str[i+1], len-i);
1092 len -= 1;
1093 continue;
1094 }
1095 i += 1;
1096 }
1097 }
1098
1099 /**
1100 * @brief Go through all global parametric parameters
1101 *
1102 * @param regex_str A regular expression to scan param for
1103 * @param max_matches Max number of submatches the regexp expects
1104 * @param cb Function to call on match. Should return true
1105 * when it wants wi_scan_global_parametrics to stop
1106 * scanning
1107 * @param private_data Anonymous pointer passed to cb
1108 *
1109 * @return 0: success, regcomp/regexec return value on error.
1110 * See "man regexec" for possible errors
1111 */
1112
1113 int lp_wi_scan_global_parametrics(
1114 const char *regex_str, size_t max_matches,
1115 bool (*cb)(const char *string, regmatch_t matches[],
1116 void *private_data),
1117 void *private_data)
1118 {
1119 struct parmlist_entry *data;
1120 regex_t regex;
1121 int ret;
1122
1123 ret = regcomp(&regex, regex_str, REG_ICASE);
1124 if (ret != 0) {
1125 return ret;
1126 }
1127
1128 for (data = Globals.param_opt; data != NULL; data = data->next) {
1129 size_t keylen = strlen(data->key);
1130 char key[keylen+1];
1131 regmatch_t matches[max_matches];
1132 bool stop;
1133
1134 memcpy(key, data->key, sizeof(key));
1135 discard_whitespace(key);
1136
1137 ret = regexec(&regex, key, max_matches, matches, 0);
1138 if (ret == REG_NOMATCH) {
1139 continue;
1140 }
1141 if (ret != 0) {
1142 goto fail;
1143 }
1144
1145 stop = cb(key, matches, private_data);
1146 if (stop) {
1147 break;
1148 }
1149 }
1150
1151 ret = 0;
1152 fail:
1153 regfree(&regex);
1154 return ret;
1155 }
1156
1157
1158 #define MISSING_PARAMETER(name) \
1159 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1160
1161 /*******************************************************************
1162 convenience routine to return enum parameters.
1163 ********************************************************************/
1164 static int lp_enum(const char *s,const struct enum_list *_enum)
1165 {
1166 int i;
1167
1168 if (!s || !*s || !_enum) {
1169 MISSING_PARAMETER(lp_enum);
1170 return (-1);
1171 }
1172
1173 for (i=0; _enum[i].name; i++) {
1174 if (strequal(_enum[i].name,s))
1175 return _enum[i].value;
1176 }
1177
1178 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1179 return (-1);
1180 }
1181
1182 #undef MISSING_PARAMETER
1183
1184 /* Return parametric option from a given service. Type is a part of option before ':' */
1185 /* Parametric option has following syntax: 'Type: option = value' */
1186 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1187 {
1188 struct parmlist_entry *data = get_parametrics(snum, type, option);
1189
1190 if (data == NULL||data->value==NULL) {
1191 if (def) {
1192 return lp_string(ctx, def);
1193 } else {
1194 return NULL;
1195 }
1196 }
1197
1198 return lp_string(ctx, data->value);
1199 }
1200
1201 /* Return parametric option from a given service. Type is a part of option before ':' */
1202 /* Parametric option has following syntax: 'Type: option = value' */
1203 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1204 {
1205 struct parmlist_entry *data = get_parametrics(snum, type, option);
1206
1207 if (data == NULL||data->value==NULL)
1208 return def;
1209
1210 return data->value;
1211 }
1212
1213
1214 /* Return parametric option from a given service. Type is a part of option before ':' */
1215 /* Parametric option has following syntax: 'Type: option = value' */
1216
1217 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1218 {
1219 struct parmlist_entry *data = get_parametrics(snum, type, option);
1220
1221 if (data == NULL||data->value==NULL)
1222 return (const char **)def;
1223
1224 if (data->list==NULL) {
1225 data->list = str_list_make_v3(NULL, data->value, NULL);
1226 }
1227
1228 return discard_const_p(const char *, data->list);
1229 }
1230
1231 /* Return parametric option from a given service. Type is a part of option before ':' */
1232 /* Parametric option has following syntax: 'Type: option = value' */
1233
1234 int lp_parm_int(int snum, const char *type, const char *option, int def)
1235 {
1236 struct parmlist_entry *data = get_parametrics(snum, type, option);
1237
1238 if (data && data->value && *data->value)
1239 return lp_int(data->value);
1240
1241 return def;
1242 }
1243
1244 /* Return parametric option from a given service. Type is a part of option before ':' */
1245 /* Parametric option has following syntax: 'Type: option = value' */
1246
1247 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1248 {
1249 struct parmlist_entry *data = get_parametrics(snum, type, option);
1250
1251 if (data && data->value && *data->value)
1252 return lp_ulong(data->value);
1253
1254 return def;
1255 }
1256
1257 /* Return parametric option from a given service. Type is a part of option before ':' */
1258 /* Parametric option has following syntax: 'Type: option = value' */
1259
1260 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1261 const char *option, unsigned long long def)
1262 {
1263 struct parmlist_entry *data = get_parametrics(snum, type, option);
1264
1265 if (data && data->value && *data->value) {
1266 return lp_ulonglong(data->value);
1267 }
1268
1269 return def;
1270 }
1271
1272 /* Return parametric option from a given service. Type is a part of option
1273 * before ':' */
1274 /* Parametric option has following syntax: 'Type: option = value' */
1275
1276 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1277 {
1278 struct parmlist_entry *data = get_parametrics(snum, type, option);
1279
1280 if (data && data->value && *data->value)
1281 return lp_bool(data->value);
1282
1283 return def;
1284 }
1285
1286 /* Return parametric option from a given service. Type is a part of option before ':' */
1287 /* Parametric option has following syntax: 'Type: option = value' */
1288
1289 int lp_parm_enum(int snum, const char *type, const char *option,
1290 const struct enum_list *_enum, int def)
1291 {
1292 struct parmlist_entry *data = get_parametrics(snum, type, option);
1293
1294 if (data && data->value && *data->value && _enum)
1295 return lp_enum(data->value, _enum);
1296
1297 return def;
1298 }
1299
1300 /**
1301 * free a param_opts structure.
1302 * param_opts handling should be moved to talloc;
1303 * then this whole functions reduces to a TALLOC_FREE().
1304 */
1305
1306 static void free_param_opts(struct parmlist_entry **popts)
1307 {
1308 struct parmlist_entry *opt, *next_opt;
1309
1310 if (*popts != NULL) {
1311 DEBUG(5, ("Freeing parametrics:\n"));
1312 }
1313 opt = *popts;
1314 while (opt != NULL) {
1315 lpcfg_string_free(&opt->key);
1316 lpcfg_string_free(&opt->value);
1317 TALLOC_FREE(opt->list);
1318 next_opt = opt->next;
1319 TALLOC_FREE(opt);
1320 opt = next_opt;
1321 }
1322 *popts = NULL;
1323 }
1324
1325 /***************************************************************************
1326 Free the dynamically allocated parts of a service struct.
1327 ***************************************************************************/
1328
1329 static void free_service(struct loadparm_service *pservice)
1330 {
1331 if (!pservice)
1332 return;
1333
1334 if (pservice->szService)
1335 DEBUG(5, ("free_service: Freeing service %s\n",
1336 pservice->szService));
1337
1338 free_parameters(pservice);
1339
1340 lpcfg_string_free(&pservice->szService);
1341 TALLOC_FREE(pservice->copymap);
1342
1343 free_param_opts(&pservice->param_opt);
1344
1345 ZERO_STRUCTP(pservice);
1346 }
1347
1348
1349 /***************************************************************************
1350 remove a service indexed in the ServicePtrs array from the ServiceHash
1351 and free the dynamically allocated parts
1352 ***************************************************************************/
1353
1354 static void free_service_byindex(int idx)
1355 {
1356 if ( !LP_SNUM_OK(idx) )
1357 return;
1358
1359 ServicePtrs[idx]->valid = false;
1360
1361 /* we have to cleanup the hash record */
1362
1363 if (ServicePtrs[idx]->szService) {
1364 char *canon_name = canonicalize_servicename(
1365 talloc_tos(),
1366 ServicePtrs[idx]->szService );
1367
1368 dbwrap_delete_bystring(ServiceHash, canon_name );
1369 TALLOC_FREE(canon_name);
1370 }
1371
1372 free_service(ServicePtrs[idx]);
1373 TALLOC_FREE(ServicePtrs[idx]);
1374 }
1375
1376 /***************************************************************************
1377 Add a new service to the services array initialising it with the given
1378 service.
1379 ***************************************************************************/
1380
1381 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1382 {
1383 int i;
1384 struct loadparm_service **tsp = NULL;
1385
1386 /* it might already exist */
1387 if (name) {
1388 i = getservicebyname(name, NULL);
1389 if (i >= 0) {
1390 return (i);
1391 }
1392 }
1393
1394 /* Re use empty slots if any before allocating new one.*/
1395 for (i=0; i < iNumServices; i++) {
1396 if (ServicePtrs[i] == NULL) {
1397 break;
1398 }
1399 }
1400 if (i == iNumServices) {
1401 /* if not, then create one */
1402 tsp = talloc_realloc(NULL, ServicePtrs,
1403 struct loadparm_service *,
1404 iNumServices + 1);
1405 if (tsp == NULL) {
1406 DEBUG(0, ("add_a_service: failed to enlarge "
1407 "ServicePtrs!\n"));
1408 return (-1);
1409 }
1410 ServicePtrs = tsp;
1411 iNumServices++;
1412 }
1413 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1414 if (!ServicePtrs[i]) {
1415 DEBUG(0,("add_a_service: out of memory!\n"));
1416 return (-1);
1417 }
1418
1419 ServicePtrs[i]->valid = true;
1420
1421 copy_service(ServicePtrs[i], pservice, NULL);
1422 if (name)
1423 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1424 name);
1425
1426 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1427 i, ServicePtrs[i]->szService));
1428
1429 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1430 return (-1);
1431 }
1432
1433 return (i);
1434 }
1435
1436 /***************************************************************************
1437 Convert a string to uppercase and remove whitespaces.
1438 ***************************************************************************/
1439
1440 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1441 {
1442 char *result;
1443
1444 if ( !src ) {
1445 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1446 return NULL;
1447 }
1448
1449 result = talloc_strdup(ctx, src);
1450 SMB_ASSERT(result != NULL);
1451
1452 if (!strlower_m(result)) {
1453 TALLOC_FREE(result);
1454 return NULL;
1455 }
1456 return result;
1457 }
1458
1459 /***************************************************************************
1460 Add a name/index pair for the services array to the hash table.
1461 ***************************************************************************/
1462
1463 static bool hash_a_service(const char *name, int idx)
1464 {
1465 char *canon_name;
1466
1467 if ( !ServiceHash ) {
1468 DEBUG(10,("hash_a_service: creating servicehash\n"));
1469 ServiceHash = db_open_rbt(NULL);
1470 if ( !ServiceHash ) {
1471 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1472 return false;
1473 }
1474 }
1475
1476 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1477 idx, name));
1478
1479 canon_name = canonicalize_servicename(talloc_tos(), name );
1480
1481 dbwrap_store_bystring(ServiceHash, canon_name,
1482 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1483 TDB_REPLACE);
1484
1485 TALLOC_FREE(canon_name);
1486
1487 return true;
1488 }
1489
1490 /***************************************************************************
1491 Add a new home service, with the specified home directory, defaults coming
1492 from service ifrom.
1493 ***************************************************************************/
1494
1495 bool lp_add_home(const char *pszHomename, int iDefaultService,
1496 const char *user, const char *pszHomedir)
1497 {
1498 int i;
1499
1500 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1501 pszHomedir[0] == '\0') {
1502 return false;
1503 }
1504
1505 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1506
1507 if (i < 0)
1508 return false;
1509
1510 if (!(*(ServicePtrs[iDefaultService]->path))
1511 || strequal(ServicePtrs[iDefaultService]->path,
1512 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1513 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1514 pszHomedir);
1515 }
1516
1517 if (!(*(ServicePtrs[i]->comment))) {
1518 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1519 if (comment == NULL) {
1520 return false;
1521 }
1522 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1523 comment);
1524 TALLOC_FREE(comment);
1525 }
1526
1527 /* set the browseable flag from the global default */
1528
1529 ServicePtrs[i]->browseable = sDefault.browseable;
1530 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1531
1532 ServicePtrs[i]->autoloaded = true;
1533
1534 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1535 user, ServicePtrs[i]->path ));
1536
1537 return true;
1538 }
1539
1540 /***************************************************************************
1541 Add a new service, based on an old one.
1542 ***************************************************************************/
1543
1544 int lp_add_service(const char *pszService, int iDefaultService)
1545 {
1546 if (iDefaultService < 0) {
1547 return add_a_service(&sDefault, pszService);
1548 }
1549
1550 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1551 }
1552
1553 /***************************************************************************
1554 Add the IPC service.
1555 ***************************************************************************/
1556
1557 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1558 {
1559 char *comment = NULL;
1560 int i = add_a_service(&sDefault, ipc_name);
1561
1562 if (i < 0)
1563 return false;
1564
1565 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1566 Globals.server_string);
1567 if (comment == NULL) {
1568 return false;
1569 }
1570
1571 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1572 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1573 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1574 ServicePtrs[i]->max_connections = 0;
1575 ServicePtrs[i]->available = true;
1576 ServicePtrs[i]->read_only = true;
1577 ServicePtrs[i]->guest_only = false;
1578 ServicePtrs[i]->administrative_share = true;
1579 ServicePtrs[i]->guest_ok = guest_ok;
1580 ServicePtrs[i]->printable = false;
1581 ServicePtrs[i]->browseable = sDefault.browseable;
1582 ServicePtrs[i]->autoloaded = true;
1583
1584 DEBUG(3, ("adding IPC service\n"));
1585
1586 TALLOC_FREE(comment);
1587 return true;
1588 }
1589
1590 /***************************************************************************
1591 Add a new printer service, with defaults coming from service iFrom.
1592 ***************************************************************************/
1593
1594 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1595 {
1596 const char *comment = "From Printcap";
1597 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1598
1599 if (i < 0)
1600 return false;
1601
1602 /* note that we do NOT default the availability flag to true - */
1603 /* we take it from the default service passed. This allows all */
1604 /* dynamic printers to be disabled by disabling the [printers] */
1605 /* entry (if/when the 'available' keyword is implemented!). */
1606
1607 /* the printer name is set to the service name. */
1608 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1609 pszPrintername);
1610 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1611
1612 /* set the browseable flag from the gloabl default */
1613 ServicePtrs[i]->browseable = sDefault.browseable;
1614
1615 /* Printers cannot be read_only. */
1616 ServicePtrs[i]->read_only = false;
1617 /* No oplocks on printer services. */
1618 ServicePtrs[i]->oplocks = false;
1619 /* Printer services must be printable. */
1620 ServicePtrs[i]->printable = true;
1621
1622 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1623
1624 return true;
1625 }
1626
1627
1628 /***************************************************************************
1629 Check whether the given parameter name is valid.
1630 Parametric options (names containing a colon) are considered valid.
1631 ***************************************************************************/
1632
1633 bool lp_parameter_is_valid(const char *pszParmName)
1634 {
1635 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1636 (strchr(pszParmName, ':') != NULL));
1637 }
1638
1639 /***************************************************************************
1640 Check whether the given name is the name of a global parameter.
1641 Returns true for strings belonging to parameters of class
1642 P_GLOBAL, false for all other strings, also for parametric options
1643 and strings not belonging to any option.
1644 ***************************************************************************/
1645
1646 bool lp_parameter_is_global(const char *pszParmName)
1647 {
1648 int num = lpcfg_map_parameter(pszParmName);
1649
1650 if (num >= 0) {
1651 return (parm_table[num].p_class == P_GLOBAL);
1652 }
1653
1654 return false;
1655 }
1656
1657 /**************************************************************************
1658 Determine the canonical name for a parameter.
1659 Indicate when it is an inverse (boolean) synonym instead of a
1660 "usual" synonym.
1661 **************************************************************************/
1662
1663 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1664 bool *inverse)
1665 {
1666 int num;
1667
1668 if (!lp_parameter_is_valid(parm_name)) {
1669 *canon_parm = NULL;
1670 return false;
1671 }
1672
1673 num = map_parameter_canonical(parm_name, inverse);
1674 if (num < 0) {
1675 /* parametric option */
1676 *canon_parm = parm_name;
1677 } else {
1678 *canon_parm = parm_table[num].label;
1679 }
1680
1681 return true;
1682
1683 }
1684
1685 /**************************************************************************
1686 Determine the canonical name for a parameter.
1687 Turn the value given into the inverse boolean expression when
1688 the synonym is an invers boolean synonym.
1689
1690 Return true if parm_name is a valid parameter name and
1691 in case it is an invers boolean synonym, if the val string could
1692 successfully be converted to the reverse bool.
1693 Return false in all other cases.
1694 **************************************************************************/
1695
1696 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1697 const char *val,
1698 const char **canon_parm,
1699 const char **canon_val)
1700 {
1701 int num;
1702 bool inverse;
1703
1704 if (!lp_parameter_is_valid(parm_name)) {
1705 *canon_parm = NULL;
1706 *canon_val = NULL;
1707 return false;
1708 }
1709
1710 num = map_parameter_canonical(parm_name, &inverse);
1711 if (num < 0) {
1712 /* parametric option */
1713 *canon_parm = parm_name;
1714 *canon_val = val;
1715 } else {
1716 *canon_parm = parm_table[num].label;
1717 if (inverse) {
1718 if (!lp_invert_boolean(val, canon_val)) {
1719 *canon_val = NULL;
1720 return false;
1721 }
1722 } else {
1723 *canon_val = val;
1724 }
1725 }
1726
1727 return true;
1728 }
1729
1730 /***************************************************************************
1731 Map a parameter's string representation to the index of the canonical
1732 form of the parameter (it might be a synonym).
1733 Returns -1 if the parameter string is not recognised.
1734 ***************************************************************************/
1735
1736 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1737 {
1738 int parm_num, canon_num;
1739 bool loc_inverse = false;
1740
1741 parm_num = lpcfg_map_parameter(pszParmName);
1742 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1743 /* invalid, parametric or no canidate for synonyms ... */
1744 goto done;
1745 }
1746
1747 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1748 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1749 parm_num = canon_num;
1750 goto done;
1751 }
1752 }
1753
1754 done:
1755 if (inverse != NULL) {
1756 *inverse = loc_inverse;
1757 }
1758 return parm_num;
1759 }
1760
1761 /***************************************************************************
1762 return true if parameter number parm1 is a synonym of parameter
1763 number parm2 (parm2 being the principal name).
1764 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1765 false otherwise.
1766 ***************************************************************************/
1767
1768 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1769 {
1770 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1771 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1772 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1773 !(parm_table[parm2].flags & FLAG_SYNONYM))
1774 {
1775 if (inverse != NULL) {
1776 if ((parm_table[parm1].type == P_BOOLREV) &&
1777 (parm_table[parm2].type == P_BOOL))
1778 {
1779 *inverse = true;
1780 } else {
1781 *inverse = false;
1782 }
1783 }
1784 return true;
1785 }
1786 return false;
1787 }
1788
1789 /***************************************************************************
1790 Show one parameter's name, type, [values,] and flags.
1791 (helper functions for show_parameter_list)
1792 ***************************************************************************/
1793
1794 static void show_parameter(int parmIndex)
1795 {
1796 int enumIndex, flagIndex;
1797 int parmIndex2;
1798 bool hadFlag;
1799 bool hadSyn;
1800 bool inverse;
1801 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1802 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1803 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1804 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1805 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1806
1807 printf("%s=%s", parm_table[parmIndex].label,
1808 type[parm_table[parmIndex].type]);
1809 if (parm_table[parmIndex].type == P_ENUM) {
1810 printf(",");
1811 for (enumIndex=0;
1812 parm_table[parmIndex].enum_list[enumIndex].name;
1813 enumIndex++)
1814 {
1815 printf("%s%s",
1816 enumIndex ? "|" : "",
1817 parm_table[parmIndex].enum_list[enumIndex].name);
1818 }
1819 }
1820 printf(",");
1821 hadFlag = false;
1822 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1823 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1824 printf("%s%s",
1825 hadFlag ? "|" : "",
1826 flag_names[flagIndex]);
1827 hadFlag = true;
1828 }
1829 }
1830
1831 /* output synonyms */
1832 hadSyn = false;
1833 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1834 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1835 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1836 parm_table[parmIndex2].label);
1837 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1838 if (!hadSyn) {
1839 printf(" (synonyms: ");
1840 hadSyn = true;
1841 } else {
1842 printf(", ");
1843 }
1844 printf("%s%s", parm_table[parmIndex2].label,
1845 inverse ? "[i]" : "");
1846 }
1847 }
1848 if (hadSyn) {
1849 printf(")");
1850 }
1851
1852 printf("\n");
1853 }
1854
1855 /***************************************************************************
1856 Show all parameter's name, type, [values,] and flags.
1857 ***************************************************************************/
1858
1859 void show_parameter_list(void)
1860 {
1861 int classIndex, parmIndex;
1862 const char *section_names[] = { "local", "global", NULL};
1863
1864 for (classIndex=0; section_names[classIndex]; classIndex++) {
1865 printf("[%s]\n", section_names[classIndex]);
1866 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1867 if (parm_table[parmIndex].p_class == classIndex) {
1868 show_parameter(parmIndex);
1869 }
1870 }
1871 }
1872 }
1873
1874 /***************************************************************************
1875 Get the standard string representation of a boolean value ("yes" or "no")
1876 ***************************************************************************/
1877
1878 static const char *get_boolean(bool bool_value)
1879 {
1880 static const char *yes_str = "yes";
1881 static const char *no_str = "no";
1882
1883 return (bool_value ? yes_str : no_str);
1884 }
1885
1886 /***************************************************************************
1887 Provide the string of the negated boolean value associated to the boolean
1888 given as a string. Returns false if the passed string does not correctly
1889 represent a boolean.
1890 ***************************************************************************/
1891
1892 bool lp_invert_boolean(const char *str, const char **inverse_str)
1893 {
1894 bool val;
1895
1896 if (!set_boolean(str, &val)) {
1897 return false;
1898 }
1899
1900 *inverse_str = get_boolean(!val);
1901 return true;
1902 }
1903
1904 /***************************************************************************
1905 Provide the canonical string representation of a boolean value given
1906 as a string. Return true on success, false if the string given does
1907 not correctly represent a boolean.
1908 ***************************************************************************/
1909
1910 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1911 {
1912 bool val;
1913
1914 if (!set_boolean(str, &val)) {
1915 return false;
1916 }
1917
1918 *canon_str = get_boolean(val);
1919 return true;
1920 }
1921
1922 /***************************************************************************
1923 Find a service by name. Otherwise works like get_service.
1924 ***************************************************************************/
1925
1926 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1927 {
1928 int iService = -1;
1929 char *canon_name;
1930 TDB_DATA data;
1931 NTSTATUS status;
1932
1933 if (ServiceHash == NULL) {
1934 return -1;
1935 }
1936
1937 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1938
1939 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1940 &data);
1941
1942 if (NT_STATUS_IS_OK(status) &&
1943 (data.dptr != NULL) &&
1944 (data.dsize == sizeof(iService)))
1945 {
1946 memcpy(&iService, data.dptr, sizeof(iService));
1947 }
1948
1949 TALLOC_FREE(canon_name);
1950
1951 if ((iService != -1) && (LP_SNUM_OK(iService))
1952 && (pserviceDest != NULL)) {
1953 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1954 }
1955
1956 return (iService);
1957 }
1958
1959 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1960 struct loadparm_service *lp_service(const char *pszServiceName)
1961 {
1962 int iService = getservicebyname(pszServiceName, NULL);
1963 if (iService == -1 || !LP_SNUM_OK(iService)) {
1964 return NULL;
1965 }
1966 return ServicePtrs[iService];
1967 }
1968
1969 struct loadparm_service *lp_servicebynum(int snum)
1970 {
1971 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1972 return NULL;
1973 }
1974 return ServicePtrs[snum];
1975 }
1976
1977 struct loadparm_service *lp_default_loadparm_service()
1978 {
1979 return &sDefault;
1980 }
1981
1982 static struct smbconf_ctx *lp_smbconf_ctx(void)
1983 {
1984 sbcErr err;
1985 static struct smbconf_ctx *conf_ctx = NULL;
1986
1987 if (conf_ctx == NULL) {
1988 err = smbconf_init(NULL, &conf_ctx, "registry:");
1989 if (!SBC_ERROR_IS_OK(err)) {
1990 DEBUG(1, ("error initializing registry configuration: "
1991 "%s\n", sbcErrorString(err)));
1992 conf_ctx = NULL;
1993 }
1994 }
1995
1996 return conf_ctx;
1997 }
1998
1999 static bool process_smbconf_service(struct smbconf_service *service)
2000 {
2001 uint32_t count;
2002 bool ret;
2003
2004 if (service == NULL) {
2005 return false;
2006 }
2007
2008 ret = lp_do_section(service->name, NULL);
2009 if (ret != true) {
2010 return false;
2011 }
2012 for (count = 0; count < service->num_params; count++) {
2013
2014 if (!bInGlobalSection && bGlobalOnly) {
2015 ret = true;
2016 } else {
2017 const char *pszParmName = service->param_names[count];
2018 const char *pszParmValue = service->param_values[count];
2019
2020 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2021
2022 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2023 pszParmName, pszParmValue);
2024 }
2025
2026 if (ret != true) {
2027 return false;
2028 }
2029 }
2030 if (iServiceIndex >= 0) {
2031 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2032 }
2033 return true;
2034 }
2035
2036 /**
2037 * load a service from registry and activate it
2038 */
2039 bool process_registry_service(const char *service_name)
2040 {
2041 sbcErr err;
2042 struct smbconf_service *service = NULL;
2043 TALLOC_CTX *mem_ctx = talloc_stackframe();
2044 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2045 bool ret = false;
2046
2047 if (conf_ctx == NULL) {
2048 goto done;
2049 }
2050
2051 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2052
2053 if (!smbconf_share_exists(conf_ctx, service_name)) {
2054 /*
2055 * Registry does not contain data for this service (yet),
2056 * but make sure lp_load doesn't return false.
2057 */
2058 ret = true;
2059 goto done;
2060 }
2061
2062 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2063 if (!SBC_ERROR_IS_OK(err)) {
2064 goto done;
2065 }
2066
2067 ret = process_smbconf_service(service);
2068 if (!ret) {
2069 goto done;
2070 }
2071
2072 /* store the csn */
2073 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2074
2075 done:
2076 TALLOC_FREE(mem_ctx);
2077 return ret;
2078 }
2079
2080 /*
2081 * process_registry_globals
2082 */
2083 static bool process_registry_globals(void)
2084 {
2085 bool ret;
2086
2087 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2088
2089 if (!bInGlobalSection && bGlobalOnly) {
2090 ret = true;
2091 } else {
2092 const char *pszParmName = "registry shares";
2093 const char *pszParmValue = "yes";
2094
2095 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2096
2097 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2098 pszParmName, pszParmValue);
2099 }
2100
2101 if (!ret) {
2102 return ret;
2103 }
2104
2105 return process_registry_service(GLOBAL_NAME);
2106 }
2107
2108 bool process_registry_shares(void)
2109 {
2110 sbcErr err;
2111 uint32_t count;
2112 struct smbconf_service **service = NULL;
2113 uint32_t num_shares = 0;
2114 TALLOC_CTX *mem_ctx = talloc_stackframe();
2115 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2116 bool ret = false;
2117
2118 if (conf_ctx == NULL) {
2119 goto done;
2120 }
2121
2122 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2123 if (!SBC_ERROR_IS_OK(err)) {
2124 goto done;
2125 }
2126
2127 ret = true;
2128
2129 for (count = 0; count < num_shares; count++) {
2130 if (strequal(service[count]->name, GLOBAL_NAME)) {
2131 continue;
2132 }
2133 ret = process_smbconf_service(service[count]);
2134 if (!ret) {
2135 goto done;
2136 }
2137 }
2138
2139 /* store the csn */
2140 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2141
2142 done:
2143 TALLOC_FREE(mem_ctx);
2144 return ret;
2145 }
2146
2147 /**
2148 * reload those shares from registry that are already
2149 * activated in the services array.
2150 */
2151 static bool reload_registry_shares(void)
2152 {
2153 int i;
2154 bool ret = true;
2155
2156 for (i = 0; i < iNumServices; i++) {
2157 if (!VALID(i)) {
2158 continue;
2159 }
2160
2161 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2162 continue;
2163 }
2164
2165 ret = process_registry_service(ServicePtrs[i]->szService);
2166 if (!ret) {
2167 goto done;
2168 }
2169 }
2170
2171 done:
2172 return ret;
2173 }
2174
2175
2176 #define MAX_INCLUDE_DEPTH 100
2177
2178 static uint8_t include_depth;
2179
2180 /**
2181 * Free the file lists
2182 */
2183 static void free_file_list(void)
2184 {
2185 struct file_lists *f;
2186 struct file_lists *next;
2187
2188 f = file_lists;
2189 while( f ) {
2190 next = f->next;
2191 TALLOC_FREE( f );
2192 f = next;
2193 }
2194 file_lists = NULL;
2195 }
2196
2197
2198 /**
2199 * Utility function for outsiders to check if we're running on registry.
2200 */
2201 bool lp_config_backend_is_registry(void)
2202 {
2203 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2204 }
2205
2206 /**
2207 * Utility function to check if the config backend is FILE.
2208 */
2209 bool lp_config_backend_is_file(void)
2210 {
2211 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2212 }
2213
2214 /*******************************************************************
2215 Check if a config file has changed date.
2216 ********************************************************************/
2217
2218 bool lp_file_list_changed(void)
2219 {
2220 struct file_lists *f = file_lists;
2221
2222 DEBUG(6, ("lp_file_list_changed()\n"));
2223
2224 while (f) {
2225 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2226 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2227
2228 if (conf_ctx == NULL) {
2229 return false;
2230 }
2231 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2232 NULL))
2233 {
2234 DEBUGADD(6, ("registry config changed\n"));
2235 return true;
2236 }
2237 } else {
2238 time_t mod_time;
2239 char *n2 = NULL;
2240
2241 n2 = talloc_sub_basic(talloc_tos(),
2242 get_current_username(),
2243 current_user_info.domain,
2244 f->name);
2245 if (!n2) {
2246 return false;
2247 }
2248 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2249 f->name, n2, ctime(&f->modtime)));
2250
2251 mod_time = file_modtime(n2);
2252
2253 if (mod_time &&
2254 ((f->modtime != mod_time) ||
2255 (f->subfname == NULL) ||
2256 (strcmp(n2, f->subfname) != 0)))
2257 {
2258 DEBUGADD(6,
2259 ("file %s modified: %s\n", n2,
2260 ctime(&mod_time)));
2261 f->modtime = mod_time;
2262 TALLOC_FREE(f->subfname);
2263 f->subfname = talloc_strdup(f, n2);
2264 if (f->subfname == NULL) {
2265 smb_panic("talloc_strdup failed");
2266 }
2267 TALLOC_FREE(n2);
2268 return true;
2269 }
2270 TALLOC_FREE(n2);
2271 }
2272 f = f->next;
2273 }
2274 return false;
2275 }
2276
2277
2278 /**
2279 * Initialize iconv conversion descriptors.
2280 *
2281 * This is called the first time it is needed, and also called again
2282 * every time the configuration is reloaded, because the charset or
2283 * codepage might have changed.
2284 **/
2285 static void init_iconv(void)
2286 {
2287 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2288 lp_unix_charset(),
2289 true, global_iconv_handle);
2290 }
2291
2292 /***************************************************************************
2293 Handle the include operation.
2294 ***************************************************************************/
2295 static bool bAllowIncludeRegistry = true;
2296
2297 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2298 const char *pszParmValue, char **ptr)
2299 {
2300 char *fname;
2301
2302 if (include_depth >= MAX_INCLUDE_DEPTH) {
2303 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2304 include_depth));
2305 return false;
2306 }
2307
2308 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2309 if (!bAllowIncludeRegistry) {
2310 return true;
2311 }
2312 if (lp_ctx->bInGlobalSection) {
2313 bool ret;
2314 include_depth++;
2315 ret = process_registry_globals();
2316 include_depth--;
2317 return ret;
2318 } else {
2319 DEBUG(1, ("\"include = registry\" only effective "
2320 "in %s section\n", GLOBAL_NAME));
2321 return false;
2322 }
2323 }
2324
2325 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2326 current_user_info.domain,
2327 pszParmValue);
2328
2329 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2330
2331 if (service == NULL) {
2332 lpcfg_string_set(Globals.ctx, ptr, fname);
2333 } else {
2334 lpcfg_string_set(service, ptr, fname);
2335 }
2336
2337 if (file_exist(fname)) {
2338 bool ret;
2339 include_depth++;
2340 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2341 include_depth--;
2342 TALLOC_FREE(fname);
2343 return ret;
2344 }
2345
2346 DEBUG(2, ("Can't find include file %s\n", fname));
2347 TALLOC_FREE(fname);
2348 return true;
2349 }
2350
2351 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2352 {
2353 char *config_option = NULL;
2354 const char *range = NULL;
2355 bool ret = false;
2356
2357 SMB_ASSERT(low != NULL);
2358 SMB_ASSERT(high != NULL);
2359
2360 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2361 domain_name = "*";
2362 }
2363
2364 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2365 domain_name);
2366 if (config_option == NULL) {
2367 DEBUG(0, ("out of memory\n"));
2368 return false;
2369 }
2370
2371 range = lp_parm_const_string(-1, config_option, "range", NULL);
2372 if (range == NULL) {
2373 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2374 goto done;
2375 }
2376
2377 if (sscanf(range, "%u - %u", low, high) != 2) {
2378 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2379 range, domain_name));
2380 goto done;
2381 }
2382
2383 ret = true;
2384
2385 done:
2386 talloc_free(config_option);
2387 return ret;
2388
2389 }
2390
2391 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2392 {
2393 return lp_idmap_range("*", low, high);
2394 }
2395
2396 const char *lp_idmap_backend(const char *domain_name)
2397 {
2398 char *config_option = NULL;
2399 const char *backend = NULL;
2400
2401 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2402 domain_name = "*";
2403 }
2404
2405 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2406 domain_name);
2407 if (config_option == NULL) {
2408 DEBUG(0, ("out of memory\n"));
2409 return false;
2410 }
2411
2412 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2413 if (backend == NULL) {
2414 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2415 goto done;
2416 }
2417
2418 done:
2419 talloc_free(config_option);
2420 return backend;
2421 }
2422
2423 const char *lp_idmap_default_backend(void)
2424 {
2425 return lp_idmap_backend("*");
2426 }
2427
2428 /***************************************************************************
2429 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2430 ***************************************************************************/
2431
2432 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2433 {
2434 const char *suffix_string;
2435
2436 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2437 Globals.ldap_suffix );
2438 if ( !suffix_string ) {
2439 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2440 return "";
2441 }
2442
2443 return suffix_string;
2444 }
2445
2446 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2447 {
2448 if (Globals._ldap_machine_suffix[0])
2449 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2450
2451 return lp_string(ctx, Globals.ldap_suffix);
2452 }
2453
2454 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2455 {
2456 if (Globals._ldap_user_suffix[0])
2457 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2458
2459 return lp_string(ctx, Globals.ldap_suffix);
2460 }
2461
2462 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2463 {
2464 if (Globals._ldap_group_suffix[0])
2465 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2466
2467 return lp_string(ctx, Globals.ldap_suffix);
2468 }
2469
2470 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2471 {
2472 if (Globals._ldap_idmap_suffix[0])
2473 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2474
2475 return lp_string(ctx, Globals.ldap_suffix);
2476 }
2477
2478 /**
2479 return the parameter pointer for a parameter
2480 */
2481 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2482 {
2483 if (service == NULL) {
2484 if (parm->p_class == P_LOCAL)
2485 return (void *)(((char *)&sDefault)+parm->offset);
2486 else if (parm->p_class == P_GLOBAL)
2487 return (void *)(((char *)&Globals)+parm->offset);
2488 else return NULL;
2489 } else {
2490 return (void *)(((char *)service) + parm->offset);
2491 }
2492 }
2493
2494 /***************************************************************************
2495 Process a parameter for a particular service number. If snum < 0
2496 then assume we are in the globals.
2497 ***************************************************************************/
2498
2499 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2500 {
2501 TALLOC_CTX *frame = talloc_stackframe();
2502 struct loadparm_context *lp_ctx;
2503 bool ok;
2504
2505 lp_ctx = setup_lp_context(frame);
2506 if (lp_ctx == NULL) {
2507 TALLOC_FREE(frame);
2508 return false;
2509 }
2510
2511 if (snum < 0) {
2512 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2513 } else {
2514 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2515 pszParmName, pszParmValue);
2516 }
2517
2518 TALLOC_FREE(frame);
2519
2520 return ok;
2521 }
2522
2523 /***************************************************************************
2524 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2525 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2526 ***************************************************************************/
2527
2528 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2529 {
2530 int parmnum, i;
2531 parmnum = lpcfg_map_parameter(pszParmName);
2532 if (parmnum >= 0) {
2533 flags_list[parmnum] &= ~FLAG_CMDLINE;
2534 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2535 return false;
2536 }
2537 flags_list[parmnum] |= FLAG_CMDLINE;
2538
2539 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2540 * be grouped in the table, so we don't have to search the
2541 * whole table */
2542 for (i=parmnum-1;
2543 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2544 && parm_table[i].p_class == parm_table[parmnum].p_class;
2545 i--) {
2546 flags_list[i] |= FLAG_CMDLINE;
2547 }
2548 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2549 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2550 flags_list[i] |= FLAG_CMDLINE;
2551 }
2552
2553 return true;
2554 }
2555
2556 /* it might be parametric */
2557 if (strchr(pszParmName, ':') != NULL) {
2558 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2559 return true;
2560 }
2561
2562 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2563 return false;
2564 }
2565
2566 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2567 {
2568 bool ret;
2569 TALLOC_CTX *frame = talloc_stackframe();
2570 struct loadparm_context *lp_ctx;
2571
2572 lp_ctx = setup_lp_context(frame);
2573 if (lp_ctx == NULL) {
2574 TALLOC_FREE(frame);
2575 return false;
2576 }
2577
2578 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2579
2580 TALLOC_FREE(frame);
2581 return ret;
2582 }
2583
2584 /***************************************************************************
2585 Process a parameter.
2586 ***************************************************************************/
2587
2588 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2589 void *userdata)
2590 {
2591 if (!bInGlobalSection && bGlobalOnly)
2592 return true;
2593
2594 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2595
2596 if (bInGlobalSection) {
2597 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2598 } else {
2599 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2600 pszParmName, pszParmValue);
2601 }
2602 }
2603
2604 /***************************************************************************
2605 Initialize any local variables in the sDefault table, after parsing a
2606 [globals] section.
2607 ***************************************************************************/
2608
2609 static void init_locals(void)
2610 {
2611 /*
2612 * We run this check once the [globals] is parsed, to force
2613 * the VFS objects and other per-share settings we need for
2614 * the standard way a AD DC is operated. We may change these
2615 * as our code evolves, which is why we force these settings.
2616 *
2617 * We can't do this at the end of lp_load_ex(), as by that
2618 * point the services have been loaded and they will already
2619 * have "" as their vfs objects.
2620 */
2621 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2622 const char **vfs_objects = lp_vfs_objects(-1);
2623 if (!vfs_objects || !vfs_objects[0]) {
2624 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2625 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2626 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2627 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2628 } else {
2629 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2630 }
2631 }
2632
2633 lp_do_parameter(-1, "map hidden", "no");
2634 lp_do_parameter(-1, "map system", "no");
2635 lp_do_parameter(-1, "map readonly", "no");
2636 lp_do_parameter(-1, "map archive", "no");
2637 lp_do_parameter(-1, "store dos attributes", "yes");
2638 }
2639 }
2640
2641 /***************************************************************************
2642 Process a new section (service). At this stage all sections are services.
2643 Later we'll have special sections that permit server parameters to be set.
2644 Returns true on success, false on failure.
2645 ***************************************************************************/
2646
2647 bool lp_do_section(const char *pszSectionName, void *userdata)
2648 {
2649 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2650 bool bRetval;
2651 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2652 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2653 bRetval = false;
2654
2655 /* if we were in a global section then do the local inits */
2656 if (bInGlobalSection && !isglobal)
2657 init_locals();
2658
2659 /* if we've just struck a global section, note the fact. */
2660 bInGlobalSection = isglobal;
2661 if (lp_ctx != NULL) {
2662 lp_ctx->bInGlobalSection = isglobal;
2663 }
2664
2665 /* check for multiple global sections */
2666 if (bInGlobalSection) {
2667 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2668 return true;
2669 }
2670
2671 if (!bInGlobalSection && bGlobalOnly)
2672 return true;
2673
2674 /* if we have a current service, tidy it up before moving on */
2675 bRetval = true;
2676
2677 if (iServiceIndex >= 0)
2678 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2679
2680 /* if all is still well, move to the next record in the services array */
2681 if (bRetval) {
2682 /* We put this here to avoid an odd message order if messages are */
2683 /* issued by the post-processing of a previous section. */
2684 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2685
2686 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2687 if (iServiceIndex < 0) {
2688 DEBUG(0, ("Failed to add a new service\n"));
2689 return false;
2690 }
2691 /* Clean all parametric options for service */
2692 /* They will be added during parsing again */
2693 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2694 }
2695
2696 return bRetval;
2697 }
2698
2699 /***************************************************************************
2700 Display the contents of a parameter of a single services record.
2701 ***************************************************************************/
2702
2703 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2704 {
2705 bool result = false;
2706 struct loadparm_context *lp_ctx;
2707
2708 lp_ctx = setup_lp_context(talloc_tos());
2709 if (lp_ctx == NULL) {
2710 return false;
2711 }
2712
2713 if (isGlobal) {
2714 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2715 } else {
2716 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2717 }
2718 TALLOC_FREE(lp_ctx);
2719 return result;
2720 }
2721
2722 #if 0
2723 /***************************************************************************
2724 Display the contents of a single copy structure.
2725 ***************************************************************************/
2726 static void dump_copy_map(bool *pcopymap)
2727 {
2728 int i;
2729 if (!pcopymap)
2730 return;
2731
2732 printf("\n\tNon-Copied parameters:\n");
2733
2734 for (i = 0; parm_table[i].label; i++)
2735 if (parm_table[i].p_class == P_LOCAL &&
2736 parm_table[i].ptr && !pcopymap[i] &&
2737 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2738 {
2739 printf("\t\t%s\n", parm_table[i].label);
2740 }
2741 }
2742 #endif
2743
2744 /***************************************************************************
2745 Return TRUE if the passed service number is within range.
2746 ***************************************************************************/
2747
2748 bool lp_snum_ok(int iService)
2749 {
2750 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2751 }
2752
2753 /***************************************************************************
2754 Auto-load some home services.
2755 ***************************************************************************/
2756
2757 static void lp_add_auto_services(char *str)
2758 {
2759 char *s;
2760 char *p;
2761 int homes;
2762 char *saveptr;
2763
2764 if (!str)
2765 return;
2766
2767 s = talloc_strdup(talloc_tos(), str);
2768 if (!s) {
2769 smb_panic("talloc_strdup failed");
2770 return;
2771 }
2772
2773 homes = lp_servicenumber(HOMES_NAME);
2774
2775 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2776 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2777 char *home;
2778
2779 if (lp_servicenumber(p) >= 0)
2780 continue;
2781
2782 home = get_user_home_dir(talloc_tos(), p);
2783
2784 if (home && home[0] && homes >= 0)
2785 lp_add_home(p, homes, p, home);
2786
2787 TALLOC_FREE(home);
2788 }
2789 TALLOC_FREE(s);
2790 }
2791
2792 /***************************************************************************
2793 Auto-load one printer.
2794 ***************************************************************************/
2795
2796 void lp_add_one_printer(const char *name, const char *comment,
2797 const char *location, void *pdata)
2798 {
2799 int printers = lp_servicenumber(PRINTERS_NAME);
2800 int i;
2801
2802 if (lp_servicenumber(name) < 0) {
2803 lp_add_printer(name, printers);
2804 if ((i = lp_servicenumber(name)) >= 0) {
2805 lpcfg_string_set(ServicePtrs[i],
2806 &ServicePtrs[i]->comment, comment);
2807 ServicePtrs[i]->autoloaded = true;
2808 }
2809 }
2810 }
2811
2812 /***************************************************************************
2813 Have we loaded a services file yet?
2814 ***************************************************************************/
2815
2816 bool lp_loaded(void)
2817 {
2818 return (bLoaded);
2819 }
2820
2821 /***************************************************************************
2822 Unload unused services.
2823 ***************************************************************************/
2824
2825 void lp_killunused(struct smbd_server_connection *sconn,
2826 bool (*snumused) (struct smbd_server_connection *, int))
2827 {
2828 int i;
2829 for (i = 0; i < iNumServices; i++) {
2830 if (!VALID(i))
2831 continue;
2832
2833 /* don't kill autoloaded or usershare services */
2834 if ( ServicePtrs[i]->autoloaded ||
2835 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2836 continue;
2837 }
2838
2839 if (!snumused || !snumused(sconn, i)) {
2840 free_service_byindex(i);
2841 }
2842 }
2843 }
2844
2845 /**
2846 * Kill all except autoloaded and usershare services - convenience wrapper
2847 */
2848 void lp_kill_all_services(void)
2849 {
2850 lp_killunused(NULL, NULL);
2851 }
2852
2853 /***************************************************************************
2854 Unload a service.
2855 ***************************************************************************/
2856
2857 void lp_killservice(int iServiceIn)
2858 {
2859 if (VALID(iServiceIn)) {
2860 free_service_byindex(iServiceIn);
2861 }
2862 }
2863
2864 /***************************************************************************
2865 Save the curent values of all global and sDefault parameters into the
2866 defaults union. This allows testparm to show only the
2867 changed (ie. non-default) parameters.
2868 ***************************************************************************/
2869
2870 static void lp_save_defaults(void)
2871 {
2872 int i;
2873 struct parmlist_entry * parm;
2874 for (i = 0; parm_table[i].label; i++) {
2875 if (!(flags_list[i] & FLAG_CMDLINE)) {
2876 flags_list[i] |= FLAG_DEFAULT;
2877 }
2878
2879 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2880 && parm_table[i].p_class == parm_table[i - 1].p_class)
2881 continue;
2882 switch (parm_table[i].type) {
2883 case P_LIST:
2884 case P_CMDLIST:
2885 parm_table[i].def.lvalue = str_list_copy(
2886 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2887 break;
2888 case P_STRING:
2889 case P_USTRING:
2890 lpcfg_string_set(
2891 Globals.ctx,
2892 &parm_table[i].def.svalue,
2893 *(char **)lp_parm_ptr(
2894 NULL, &parm_table[i]));
2895 if (parm_table[i].def.svalue == NULL) {
2896 smb_panic("lpcfg_string_set() failed");
2897 }
2898 break;
2899 case P_BOOL:
2900 case P_BOOLREV:
2901 parm_table[i].def.bvalue =
2902 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2903 break;
2904 case P_CHAR:
2905 parm_table[i].def.cvalue =
2906 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2907 break;
2908 case P_INTEGER:
2909 case P_OCTAL:
2910 case P_ENUM:
2911 case P_BYTES:
2912 parm_table[i].def.ivalue =
2913 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2914 break;
2915 }
2916 }
2917
2918 for (parm=Globals.param_opt; parm; parm=parm->next) {
2919 if (!(parm->priority & FLAG_CMDLINE)) {
2920 parm->priority |= FLAG_DEFAULT;
2921 }
2922 }
2923
2924 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2925 if (!(parm->priority & FLAG_CMDLINE)) {
2926 parm->priority |= FLAG_DEFAULT;
2927 }
2928 }
2929
2930 defaults_saved = true;
2931 }
2932
2933 /***********************************************************
2934 If we should send plaintext/LANMAN passwords in the clinet
2935 ************************************************************/
2936
2937 static void set_allowed_client_auth(void)
2938 {
2939 if (Globals.client_ntlmv2_auth) {
2940 Globals.client_lanman_auth = false;
2941 }
2942 if (!Globals.client_lanman_auth) {
2943 Globals.client_plaintext_auth = false;
2944 }
2945 }
2946
2947 /***************************************************************************
2948 JRA.
2949 The following code allows smbd to read a user defined share file.
2950 Yes, this is my intent. Yes, I'm comfortable with that...
2951
2952 THE FOLLOWING IS SECURITY CRITICAL CODE.
2953
2954 It washes your clothes, it cleans your house, it guards you while you sleep...
2955 Do not f%^k with it....
2956 ***************************************************************************/
2957
2958 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2959
2960 /***************************************************************************
2961 Check allowed stat state of a usershare file.
2962 Ensure we print out who is dicking with us so the admin can
2963 get their sorry ass fired.
2964 ***************************************************************************/
2965
2966 static bool check_usershare_stat(const char *fname,
2967 const SMB_STRUCT_STAT *psbuf)
2968 {
2969 if (!S_ISREG(psbuf->st_ex_mode)) {
2970 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2971 "not a regular file\n",
2972 fname, (unsigned int)psbuf->st_ex_uid ));
2973 return false;
2974 }
2975
2976 /* Ensure this doesn't have the other write bit set. */
2977 if (psbuf->st_ex_mode & S_IWOTH) {
2978 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2979 "public write. Refusing to allow as a usershare file.\n",
2980 fname, (unsigned int)psbuf->st_ex_uid ));
2981 return false;
2982 }
2983
2984 /* Should be 10k or less. */
2985 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2986 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2987 "too large (%u) to be a user share file.\n",
2988 fname, (unsigned int)psbuf->st_ex_uid,
2989 (unsigned int)psbuf->st_ex_size ));
2990 return false;
2991 }
2992
2993 return true;
2994 }
2995
2996 /***************************************************************************
2997 Parse the contents of a usershare file.
2998 ***************************************************************************/
2999
3000 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3001 SMB_STRUCT_STAT *psbuf,
3002 const char *servicename,
3003 int snum,
3004 char **lines,
3005 int numlines,
3006 char **pp_sharepath,
3007 char **pp_comment,
3008 char **pp_cp_servicename,
3009 struct security_descriptor **ppsd,
3010 bool *pallow_guest)
3011 {
3012 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3013 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3014 int us_vers;
3015 DIR *dp;
3016 SMB_STRUCT_STAT sbuf;
3017 char *sharepath = NULL;
3018 char *comment = NULL;
3019
3020 *pp_sharepath = NULL;
3021 *pp_comment = NULL;
3022
3023 *pallow_guest = false;
3024
3025 if (numlines < 4) {
3026 return USERSHARE_MALFORMED_FILE;
3027 }
3028
3029 if (strcmp(lines[0], "#VERSION 1") == 0) {
3030 us_vers = 1;
3031 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3032 us_vers = 2;
3033 if (numlines < 5) {
3034 return USERSHARE_MALFORMED_FILE;
3035 }
3036 } else {
3037 return USERSHARE_BAD_VERSION;
3038 }
3039
3040 if (strncmp(lines[1], "path=", 5) != 0) {
3041 return USERSHARE_MALFORMED_PATH;
3042 }
3043
3044 sharepath = talloc_strdup(ctx, &lines[1][5]);
3045 if (!sharepath) {
3046 return USERSHARE_POSIX_ERR;
3047 }
3048 trim_string(sharepath, " ", " ");
3049
3050 if (strncmp(lines[2], "comment=", 8) != 0) {
3051 return USERSHARE_MALFORMED_COMMENT_DEF;
3052 }
3053
3054 comment = talloc_strdup(ctx, &lines[2][8]);
3055 if (!comment) {
3056 return USERSHARE_POSIX_ERR;
3057 }
3058 trim_string(comment, " ", " ");
3059 trim_char(comment, '"', '"');
3060
3061 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3062 return USERSHARE_MALFORMED_ACL_DEF;
3063 }
3064
3065 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3066 return USERSHARE_ACL_ERR;
3067 }
3068
3069 if (us_vers == 2) {
3070 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3071 return USERSHARE_MALFORMED_ACL_DEF;
3072 }
3073 if (lines[4][9] == 'y') {
3074 *pallow_guest = true;
3075 }
3076
3077 /* Backwards compatible extension to file version #2. */
3078 if (numlines > 5) {
3079 if (strncmp(lines[5], "sharename=", 10) != 0) {
3080 return USERSHARE_MALFORMED_SHARENAME_DEF;
3081 }
3082 if (!strequal(&lines[5][10], servicename)) {
3083 return USERSHARE_BAD_SHARENAME;
3084 }
3085 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3086 if (!*pp_cp_servicename) {
3087 return USERSHARE_POSIX_ERR;
3088 }
3089 }
3090 }
3091
3092 if (*pp_cp_servicename == NULL) {
3093 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3094 if (!*pp_cp_servicename) {
3095 return USERSHARE_POSIX_ERR;
3096 }
3097 }
3098
3099 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3100 /* Path didn't change, no checks needed. */
3101 *pp_sharepath = sharepath;
3102 *pp_comment = comment;
3103 return USERSHARE_OK;
3104 }
3105
3106 /* The path *must* be absolute. */
3107 if (sharepath[0] != '/') {
3108 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3109 servicename, sharepath));
3110 return USERSHARE_PATH_NOT_ABSOLUTE;
3111 }
3112
3113 /* If there is a usershare prefix deny list ensure one of these paths
3114 doesn't match the start of the user given path. */
3115 if (prefixdenylist) {
3116 int i;
3117 for ( i=0; prefixdenylist[i]; i++ ) {
3118 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3119 servicename, i, prefixdenylist[i], sharepath ));
3120 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3121 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3122 "usershare prefix deny list entries.\n",
3123 servicename, sharepath));
3124 return USERSHARE_PATH_IS_DENIED;
3125 }
3126 }
3127 }
3128
3129 /* If there is a usershare prefix allow list ensure one of these paths
3130 does match the start of the user given path. */
3131
3132 if (prefixallowlist) {
3133 int i;
3134 for ( i=0; prefixallowlist[i]; i++ ) {
3135 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3136 servicename, i, prefixallowlist[i], sharepath ));
3137 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3138 break;
3139 }
3140 }
3141 if (prefixallowlist[i] == NULL) {
3142 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3143 "usershare prefix allow list entries.\n",
3144 servicename, sharepath));
3145 return USERSHARE_PATH_NOT_ALLOWED;
3146 }
3147 }
3148
3149 /* Ensure this is pointing to a directory. */
3150 dp = opendir(sharepath);
3151
3152 if (!dp) {
3153 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3154 servicename, sharepath));
3155 return USERSHARE_PATH_NOT_DIRECTORY;
3156 }
3157
3158 /* Ensure the owner of the usershare file has permission to share
3159 this directory. */
3160
3161 if (sys_stat(sharepath, &sbuf, false) == -1) {
3162 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3163 servicename, sharepath, strerror(errno) ));
3164 closedir(dp);
3165 return USERSHARE_POSIX_ERR;
3166 }
3167
3168 closedir(dp);
3169
3170 if (!S_ISDIR(sbuf.st_ex_mode)) {
3171 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3172 servicename, sharepath ));
3173 return USERSHARE_PATH_NOT_DIRECTORY;
3174 }
3175
3176 /* Check if sharing is restricted to owner-only. */
3177 /* psbuf is the stat of the usershare definition file,
3178 sbuf is the stat of the target directory to be shared. */
3179
3180 if (lp_usershare_owner_only()) {
3181 /* root can share anything. */
3182 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3183 return USERSHARE_PATH_NOT_ALLOWED;
3184 }
3185 }
3186
3187 *pp_sharepath = sharepath;
3188 *pp_comment = comment;
3189 return USERSHARE_OK;
3190 }
3191
3192 /***************************************************************************
3193 Deal with a usershare file.
3194 Returns:
3195 >= 0 - snum
3196 -1 - Bad name, invalid contents.
3197 - service name already existed and not a usershare, problem
3198 with permissions to share directory etc.
3199 ***************************************************************************/
3200
3201 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3202 {
3203 SMB_STRUCT_STAT sbuf;
3204 SMB_STRUCT_STAT lsbuf;
3205 char *fname = NULL;
3206 char *sharepath = NULL;
3207 char *comment = NULL;
3208 char *cp_service_name = NULL;
3209 char **lines = NULL;
3210 int numlines = 0;
3211 int fd = -1;
3212 int iService = -1;
3213 TALLOC_CTX *ctx = talloc_stackframe();
3214 struct security_descriptor *psd = NULL;
3215 bool guest_ok = false;
3216 char *canon_name = NULL;
3217 bool added_service = false;
3218 int ret = -1;
3219
3220 /* Ensure share name doesn't contain invalid characters. */
3221 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3222 DEBUG(0,("process_usershare_file: share name %s contains "
3223 "invalid characters (any of %s)\n",
3224 file_name, INVALID_SHARENAME_CHARS ));
3225 goto out;
3226 }
3227
3228 canon_name = canonicalize_servicename(ctx, file_name);
3229 if (!canon_name) {
3230 goto out;
3231 }
3232
3233 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3234 if (!fname) {
3235 goto out;
3236 }
3237
3238 /* Minimize the race condition by doing an lstat before we
3239 open and fstat. Ensure this isn't a symlink link. */
3240
3241 if (sys_lstat(fname, &lsbuf, false) != 0) {
3242 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3243 fname, strerror(errno) ));
3244 goto out;
3245 }
3246
3247 /* This must be a regular file, not a symlink, directory or
3248 other strange filetype. */
3249 if (!check_usershare_stat(fname, &lsbuf)) {
3250 goto out;
3251 }
3252
3253 {
3254 TDB_DATA data;
3255 NTSTATUS status;
3256
3257 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3258 canon_name, &data);
3259
3260 iService = -1;
3261
3262 if (NT_STATUS_IS_OK(status) &&
3263 (data.dptr != NULL) &&
3264 (data.dsize == sizeof(iService))) {
3265 memcpy(&iService, data.dptr, sizeof(iService));
3266 }
3267 }
3268
3269 if (iService != -1 &&
3270 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3271 &lsbuf.st_ex_mtime) == 0) {
3272 /* Nothing changed - Mark valid and return. */
3273 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3274 canon_name ));
3275 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3276 ret = iService;
3277 goto out;
3278 }
3279
3280 /* Try and open the file read only - no symlinks allowed. */
3281 #ifdef O_NOFOLLOW
3282 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3283 #else
3284 fd = open(fname, O_RDONLY, 0);
3285 #endif
3286
3287 if (fd == -1) {
3288 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3289 fname, strerror(errno) ));
3290 goto out;
3291 }
3292
3293 /* Now fstat to be *SURE* it's a regular file. */
3294 if (sys_fstat(fd, &sbuf, false) != 0) {
3295 close(fd);
3296 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3297 fname, strerror(errno) ));
3298 goto out;
3299 }
3300
3301 /* Is it the same dev/inode as was lstated ? */
3302 if (!check_same_stat(&lsbuf, &sbuf)) {
3303 close(fd);
3304 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3305 "Symlink spoofing going on ?\n", fname ));
3306 goto out;
3307 }
3308
3309 /* This must be a regular file, not a symlink, directory or
3310 other strange filetype. */
3311 if (!check_usershare_stat(fname, &sbuf)) {
3312 close(fd);
3313 goto out;
3314 }
3315
3316 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3317
3318 close(fd);
3319 if (lines == NULL) {
3320 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3321 fname, (unsigned int)sbuf.st_ex_uid ));
3322 goto out;
3323 }
3324
3325 if (parse_usershare_file(ctx, &sbuf, file_name,
3326 iService, lines, numlines, &sharepath,
3327 &comment, &cp_service_name,
3328 &psd, &guest_ok) != USERSHARE_OK) {
3329 goto out;
3330 }
3331
3332 /* Everything ok - add the service possibly using a template. */
3333 if (iService < 0) {
3334 const struct loadparm_service *sp = &sDefault;
3335 if (snum_template != -1) {
3336 sp = ServicePtrs[snum_template];
3337 }
3338
3339 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3340 DEBUG(0, ("process_usershare_file: Failed to add "
3341 "new service %s\n", cp_service_name));
3342 goto out;
3343 }
3344
3345 added_service = true;
3346
3347 /* Read only is controlled by usershare ACL below. */
3348 ServicePtrs[iService]->read_only = false;
3349 }
3350
3351 /* Write the ACL of the new/modified share. */
3352 if (!set_share_security(canon_name, psd)) {
3353 DEBUG(0, ("process_usershare_file: Failed to set share "
3354 "security for user share %s\n",
3355 canon_name ));
3356 goto out;
3357 }
3358
3359 /* If from a template it may be marked invalid. */
3360 ServicePtrs[iService]->valid = true;
3361
3362 /* Set the service as a valid usershare. */
3363 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3364
3365 /* Set guest access. */
3366 if (lp_usershare_allow_guests()) {
3367 ServicePtrs[iService]->guest_ok = guest_ok;
3368 }
3369
3370 /* And note when it was loaded. */
3371 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3372 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3373 sharepath);
3374 lpcfg_string_set(ServicePtrs[iService],
3375 &ServicePtrs[iService]->comment, comment);
3376
3377 ret = iService;
3378
3379 out:
3380
3381 if (ret == -1 && iService != -1 && added_service) {
3382 lp_remove_service(iService);
3383 }
3384
3385 TALLOC_FREE(lines);
3386 TALLOC_FREE(ctx);
3387 return ret;
3388 }
3389
3390 /***************************************************************************
3391 Checks if a usershare entry has been modified since last load.
3392 ***************************************************************************/
3393
3394 static bool usershare_exists(int iService, struct timespec *last_mod)
3395 {
3396 SMB_STRUCT_STAT lsbuf;
3397 const char *usersharepath = Globals.usershare_path;
3398 char *fname;
3399
3400 fname = talloc_asprintf(talloc_tos(),
3401 "%s/%s",
3402 usersharepath,
3403 ServicePtrs[iService]->szService);
3404 if (fname == NULL) {
3405 return false;
3406 }
3407
3408 if (sys_lstat(fname, &lsbuf, false) != 0) {
3409 TALLOC_FREE(fname);
3410 return false;
3411 }
3412
3413 if (!S_ISREG(lsbuf.st_ex_mode)) {
3414 TALLOC_FREE(fname);
3415 return false;
3416 }
3417
3418 TALLOC_FREE(fname);
3419 *last_mod = lsbuf.st_ex_mtime;
3420 return true;
3421 }
3422
3423 /***************************************************************************
3424 Load a usershare service by name. Returns a valid servicenumber or -1.
3425 ***************************************************************************/
3426
3427 int load_usershare_service(const char *servicename)
3428 {
3429 SMB_STRUCT_STAT sbuf;
3430 const char *usersharepath = Globals.usershare_path;
3431 int max_user_shares = Globals.usershare_max_shares;
3432 int snum_template = -1;
3433
3434 if (*usersharepath == 0 || max_user_shares == 0) {
3435 return -1;
3436 }
3437
3438 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3439 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3440 usersharepath, strerror(errno) ));
3441 return -1;
3442 }
3443
3444 if (!S_ISDIR(sbuf.st_ex_mode)) {
3445 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3446 usersharepath ));
3447 return -1;
3448 }
3449
3450 /*
3451 * This directory must be owned by root, and have the 't' bit set.
3452 * It also must not be writable by "other".
3453 */
3454
3455 #ifdef S_ISVTX
3456 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3457 #else
3458 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3459 #endif
3460 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3461 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3462 usersharepath ));
3463 return -1;
3464 }
3465
3466 /* Ensure the template share exists if it's set. */
3467 if (Globals.usershare_template_share[0]) {
3468 /* We can't use lp_servicenumber here as we are recommending that
3469 template shares have -valid=false set. */
3470 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3471 if (ServicePtrs[snum_template]->szService &&
3472 strequal(ServicePtrs[snum_template]->szService,
3473 Globals.usershare_template_share)) {
3474 break;
3475 }
3476 }
3477
3478 if (snum_template == -1) {
3479 DEBUG(0,("load_usershare_service: usershare template share %s "
3480 "does not exist.\n",
3481 Globals.usershare_template_share ));
3482 return -1;
3483 }
3484 }
3485
3486 return process_usershare_file(usersharepath, servicename, snum_template);
3487 }
3488
3489 /***************************************************************************
3490 Load all user defined shares from the user share directory.
3491 We only do this if we're enumerating the share list.
3492 This is the function that can delete usershares that have
3493 been removed.
3494 ***************************************************************************/
3495
3496 int load_usershare_shares(struct smbd_server_connection *sconn,
3497 bool (*snumused) (struct smbd_server_connection *, int))
3498 {
3499 DIR *dp;
3500 SMB_STRUCT_STAT sbuf;
3501 struct dirent *de;
3502 int num_usershares = 0;
3503 int max_user_shares = Globals.usershare_max_shares;
3504 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3505 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3506 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3507 int iService;
3508 int snum_template = -1;
3509 const char *usersharepath = Globals.usershare_path;
3510 int ret = lp_numservices();
3511 TALLOC_CTX *tmp_ctx;
3512
3513 if (max_user_shares == 0 || *usersharepath == '\0') {
3514 return lp_numservices();
3515 }
3516
3517 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3518 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3519 usersharepath, strerror(errno) ));
3520 return ret;
3521 }
3522
3523 /*
3524 * This directory must be owned by root, and have the 't' bit set.
3525 * It also must not be writable by "other".
3526 */
3527
3528 #ifdef S_ISVTX
3529 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3530 #else
3531 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3532 #endif
3533 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3534 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3535 usersharepath ));
3536 return ret;
3537 }
3538
3539 /* Ensure the template share exists if it's set. */
3540 if (Globals.usershare_template_share[0]) {
3541 /* We can't use lp_servicenumber here as we are recommending that
3542 template shares have -valid=false set. */
3543 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3544 if (ServicePtrs[snum_template]->szService &&
3545 strequal(ServicePtrs[snum_template]->szService,
3546 Globals.usershare_template_share)) {
3547 break;
3548 }
3549 }
3550
3551 if (snum_template == -1) {
3552 DEBUG(0,("load_usershare_shares: usershare template share %s "
3553 "does not exist.\n",
3554 Globals.usershare_template_share ));
3555 return ret;
3556 }
3557 }
3558
3559 /* Mark all existing usershares as pending delete. */
3560 for (iService = iNumServices - 1; iService >= 0; iService--) {
3561 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3562 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3563 }
3564 }
3565
3566 dp = opendir(usersharepath);
3567 if (!dp) {
3568 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3569 usersharepath, strerror(errno) ));
3570 return ret;
3571 }
3572
3573 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3574 (de = readdir(dp));
3575 num_dir_entries++ ) {
3576 int r;
3577 const char *n = de->d_name;
3578
3579 /* Ignore . and .. */
3580 if (*n == '.') {
3581 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3582 continue;
3583 }
3584 }
3585
3586 if (n[0] == ':') {
3587 /* Temporary file used when creating a share. */
3588 num_tmp_dir_entries++;
3589 }
3590
3591 /* Allow 20% tmp entries. */
3592 if (num_tmp_dir_entries > allowed_tmp_entries) {
3593 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3594 "in directory %s\n",
3595 num_tmp_dir_entries, usersharepath));
3596 break;
3597 }
3598
3599 r = process_usershare_file(usersharepath, n, snum_template);
3600 if (r == 0) {
3601 /* Update the services count. */
3602 num_usershares++;
3603 if (num_usershares >= max_user_shares) {
3604 DEBUG(0,("load_usershare_shares: max user shares reached "
3605 "on file %s in directory %s\n",
3606 n, usersharepath ));
3607 break;
3608 }
3609 } else if (r == -1) {
3610 num_bad_dir_entries++;
3611 }
3612
3613 /* Allow 20% bad entries. */
3614 if (num_bad_dir_entries > allowed_bad_entries) {
3615 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3616 "in directory %s\n",
3617 num_bad_dir_entries, usersharepath));
3618 break;
3619 }
3620
3621 /* Allow 20% bad entries. */
3622 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3623 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3624 "in directory %s\n",
3625 num_dir_entries, usersharepath));
3626 break;
3627 }
3628 }
3629
3630 closedir(dp);
3631
3632 /* Sweep through and delete any non-refreshed usershares that are
3633 not currently in use. */
3634 tmp_ctx = talloc_stackframe();
3635 for (iService = iNumServices - 1; iService >= 0; iService--) {
3636 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3637 char *servname;
3638
3639 if (snumused && snumused(sconn, iService)) {
3640 continue;
3641 }
3642
3643 servname = lp_servicename(tmp_ctx, iService);
3644
3645 /* Remove from the share ACL db. */
3646 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3647 servname ));
3648 delete_share_security(servname);
3649 free_service_byindex(iService);
3650 }
3651 }
3652 talloc_free(tmp_ctx);
3653
3654 return lp_numservices();
3655 }
3656
3657 /********************************************************
3658 Destroy global resources allocated in this file
3659 ********************************************************/
3660
3661 void gfree_loadparm(void)
3662 {
3663 int i;
3664
3665 free_file_list();
3666
3667 /* Free resources allocated to services */
3668
3669 for ( i = 0; i < iNumServices; i++ ) {
3670 if ( VALID(i) ) {
3671 free_service_byindex(i);
3672 }
3673 }
3674
3675 TALLOC_FREE( ServicePtrs );
3676 iNumServices = 0;
3677
3678 /* Now release all resources allocated to global
3679 parameters and the default service */
3680
3681 free_global_parameters();
3682 }
3683
3684
3685 /***************************************************************************
3686 Allow client apps to specify that they are a client
3687 ***************************************************************************/
3688 static void lp_set_in_client(bool b)
3689 {
3690 in_client = b;
3691 }
3692
3693
3694 /***************************************************************************
3695 Determine if we're running in a client app
3696 ***************************************************************************/
3697 static bool lp_is_in_client(void)
3698 {
3699 return in_client;
3700 }
3701
3702 static void lp_enforce_ad_dc_settings(void)
3703 {
3704 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3705 lp_do_parameter(GLOBAL_SECTION_SNUM,
3706 "winbindd:use external pipes", "true");
3707 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3708 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3709 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3710 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3711 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3712 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3713 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3714 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3715 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3716 }
3717
3718 /***************************************************************************
3719 Load the services array from the services file. Return true on success,
3720 false on failure.
3721 ***************************************************************************/
3722
3723 static bool lp_load_ex(const char *pszFname,
3724 bool global_only,
3725 bool save_defaults,
3726 bool add_ipc,
3727 bool reinit_globals,
3728 bool allow_include_registry,
3729 bool load_all_shares)
3730 {
3731 char *n2 = NULL;
3732 bool bRetval;
3733 TALLOC_CTX *frame = talloc_stackframe();
3734 struct loadparm_context *lp_ctx;
3735
3736 bRetval = false;
3737
3738 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3739
3740 bInGlobalSection = true;
3741 bGlobalOnly = global_only;
3742 bAllowIncludeRegistry = allow_include_registry;
3743
3744 lp_ctx = setup_lp_context(talloc_tos());
3745
3746 init_globals(lp_ctx, reinit_globals);
3747
3748 free_file_list();
3749
3750 if (save_defaults) {
3751 init_locals();
3752 lp_save_defaults();
3753 }
3754
3755 if (!reinit_globals) {
3756 free_param_opts(&Globals.param_opt);
3757 apply_lp_set_cmdline();
3758 }
3759
3760 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3761
3762 /* We get sections first, so have to start 'behind' to make up */
3763 iServiceIndex = -1;
3764
3765 if (lp_config_backend_is_file()) {
3766 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3767 current_user_info.domain,
3768 pszFname);
3769 if (!n2) {
3770 smb_panic("lp_load_ex: out of memory");
3771 }
3772
3773 add_to_file_list(NULL, &file_lists, pszFname, n2);
3774
3775 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3776 TALLOC_FREE(n2);
3777
3778 /* finish up the last section */
3779 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3780 if (bRetval) {
3781 if (iServiceIndex >= 0) {
3782 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3783 }
3784 }
3785
3786 if (lp_config_backend_is_registry()) {
3787 bool ok;
3788 /* config backend changed to registry in config file */
3789 /*
3790 * We need to use this extra global variable here to
3791 * survive restart: init_globals uses this as a default
3792 * for config_backend. Otherwise, init_globals would
3793 * send us into an endless loop here.
3794 */
3795
3796 config_backend = CONFIG_BACKEND_REGISTRY;
3797 /* start over */
3798 DEBUG(1, ("lp_load_ex: changing to config backend "
3799 "registry\n"));
3800 init_globals(lp_ctx, true);
3801
3802 TALLOC_FREE(lp_ctx);
3803
3804 lp_kill_all_services();
3805 ok = lp_load_ex(pszFname, global_only, save_defaults,
3806 add_ipc, reinit_globals,
3807 allow_include_registry,
3808 load_all_shares);
3809 TALLOC_FREE(frame);
3810 return ok;
3811 }
3812 } else if (lp_config_backend_is_registry()) {
3813 bRetval = process_registry_globals();
3814 } else {
3815 DEBUG(0, ("Illegal config backend given: %d\n",
3816 lp_config_backend()));
3817 bRetval = false;
3818 }
3819
3820 if (bRetval && lp_registry_shares()) {
3821 if (load_all_shares) {
3822 bRetval = process_registry_shares();
3823 } else {
3824 bRetval = reload_registry_shares();
3825 }
3826 }
3827
3828 {
3829 char *serv = lp_auto_services(talloc_tos());
3830 lp_add_auto_services(serv);
3831 TALLOC_FREE(serv);
3832 }
3833
3834 if (add_ipc) {
3835 /* When 'restrict anonymous = 2' guest connections to ipc$
3836 are denied */
3837 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3838 if ( lp_enable_asu_support() ) {
3839 lp_add_ipc("ADMIN$", false);
3840 }
3841 }
3842
3843 set_allowed_client_auth();
3844
3845 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3846 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3847 lp_password_server()));
3848 }
3849
3850 bLoaded = true;
3851
3852 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3853 /* if we_are_a_wins_server is true and we are in the client */
3854 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3855 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3856 }
3857
3858 init_iconv();
3859
3860 fault_configure(smb_panic_s3);
3861
3862 /*
3863 * We run this check once the whole smb.conf is parsed, to
3864 * force some settings for the standard way a AD DC is
3865 * operated. We may change these as our code evolves, which
3866 * is why we force these settings.
3867 */
3868 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3869 lp_enforce_ad_dc_settings();
3870 }
3871
3872 bAllowIncludeRegistry = true;
3873
3874 TALLOC_FREE(frame);
3875 return (bRetval);
3876 }
3877
3878 static bool lp_load(const char *pszFname,
3879 bool global_only,
3880 bool save_defaults,
3881 bool add_ipc,
3882 bool reinit_globals)
3883 {
3884 return lp_load_ex(pszFname,
3885 global_only,
3886 save_defaults,
3887 add_ipc,
3888 reinit_globals,
3889 true, /* allow_include_registry */
3890 false); /* load_all_shares*/
3891 }
3892
3893 bool lp_load_initial_only(const char *pszFname)
3894 {
3895 return lp_load_ex(pszFname,
3896 true, /* global only */
3897 true, /* save_defaults */
3898 false, /* add_ipc */
3899 true, /* reinit_globals */
3900 false, /* allow_include_registry */
3901 false); /* load_all_shares*/
3902 }
3903
3904 /**
3905 * most common lp_load wrapper, loading only the globals
3906 *
3907 * If this is used in a daemon or client utility it should be called
3908 * after processing popt.
3909 */
3910 bool lp_load_global(const char *file_name)
3911 {
3912 return lp_load(file_name,
3913 true, /* global_only */
3914 false, /* save_defaults */
3915 false, /* add_ipc */
3916 true); /* reinit_globals */
3917 }
3918
3919 /**
3920 * The typical lp_load wrapper with shares, loads global and
3921 * shares, including IPC, but does not force immediate
3922 * loading of all shares from registry.
3923 */
3924 bool lp_load_with_shares(const char *file_name)
3925 {
3926 return lp_load(file_name,
3927 false, /* global_only */
3928 false, /* save_defaults */
3929 true, /* add_ipc */
3930 true); /* reinit_globals */
3931 }
3932
3933 /**
3934 * lp_load wrapper, especially for clients
3935 */
3936 bool lp_load_client(const char *file_name)
3937 {
3938 lp_set_in_client(true);
3939
3940 return lp_load_global(file_name);
3941 }
3942
3943 /**
3944 * lp_load wrapper, loading only globals, but intended
3945 * for subsequent calls, not reinitializing the globals
3946 * to default values
3947 */
3948 bool lp_load_global_no_reinit(const char *file_name)
3949 {
3950 return lp_load(file_name,
3951 true, /* global_only */
3952 false, /* save_defaults */
3953 false, /* add_ipc */
3954 false); /* reinit_globals */
3955 }
3956
3957 /**
3958 * lp_load wrapper, loading globals and shares,
3959 * intended for subsequent calls, i.e. not reinitializing
3960 * the globals to default values.
3961 */
3962 bool lp_load_no_reinit(const char *file_name)
3963 {
3964 return lp_load(file_name,
3965 false, /* global_only */
3966 false, /* save_defaults */
3967 false, /* add_ipc */
3968 false); /* reinit_globals */
3969 }
3970
3971
3972 /**
3973 * lp_load wrapper, especially for clients, no reinitialization
3974 */
3975 bool lp_load_client_no_reinit(const char *file_name)
3976 {
3977 lp_set_in_client(true);
3978
3979 return lp_load_global_no_reinit(file_name);
3980 }
3981
3982 bool lp_load_with_registry_shares(const char *pszFname)
3983 {
3984 return lp_load_ex(pszFname,
3985 false, /* global_only */
3986 true, /* save_defaults */
3987 false, /* add_ipc */
3988 false, /* reinit_globals */
3989 true, /* allow_include_registry */
3990 true); /* load_all_shares*/
3991 }
3992
3993 /***************************************************************************
3994 Return the max number of services.
3995 ***************************************************************************/
3996
3997 int lp_numservices(void)
3998 {
3999 return (iNumServices);
4000 }
4001
4002 /***************************************************************************
4003 Display the contents of the services array in human-readable form.
4004 ***************************************************************************/
4005
4006 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4007 {
4008 int iService;
4009 struct loadparm_context *lp_ctx;
4010
4011 if (show_defaults)
4012 defaults_saved = false;
4013
4014 lp_ctx = setup_lp_context(talloc_tos());
4015 if (lp_ctx == NULL) {
4016 return;
4017 }
4018
4019 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4020
4021 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4022
4023 for (iService = 0; iService < maxtoprint; iService++) {
4024 fprintf(f,"\n");
4025 lp_dump_one(f, show_defaults, iService);
4026 }
4027 }
4028
4029 /***************************************************************************
4030 Display the contents of one service in human-readable form.
4031 ***************************************************************************/
4032
4033 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4034 {
4035 if (VALID(snum)) {
4036 if (ServicePtrs[snum]->szService[0] == '\0')
4037 return;
4038 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4039 flags_list, show_defaults);
4040 }
4041 }
4042
4043 /***************************************************************************
4044 Return the number of the service with the given name, or -1 if it doesn't
4045 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4046 getservicebyname()! This works ONLY if all services have been loaded, and
4047 does not copy the found service.
4048 ***************************************************************************/
4049
4050 int lp_servicenumber(const char *pszServiceName)
4051 {
4052 int iService;
4053 fstring serviceName;
4054
4055 if (!pszServiceName) {
4056 return GLOBAL_SECTION_SNUM;
4057 }
4058
4059 for (iService = iNumServices - 1; iService >= 0; iService--) {
4060 if (VALID(iService) && ServicePtrs[iService]->szService) {
4061 /*
4062 * The substitution here is used to support %U in
4063 * service names
4064 */
4065 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4066 standard_sub_basic(get_current_username(),
4067 current_user_info.domain,
4068 serviceName,sizeof(serviceName));
4069 if (strequal(serviceName, pszServiceName)) {
4070 break;
4071 }
4072 }
4073 }
4074
4075 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4076 struct timespec last_mod;
4077
4078 if (!usershare_exists(iService, &last_mod)) {
4079 /* Remove the share security tdb entry for it. */
4080 delete_share_security(lp_servicename(talloc_tos(), iService));
4081 /* Remove it from the array. */
4082 free_service_byindex(iService);
4083 /* Doesn't exist anymore. */
4084 return GLOBAL_SECTION_SNUM;
4085 }
4086
4087 /* Has it been modified ? If so delete and reload. */
4088 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4089 &last_mod) < 0) {
4090 /* Remove it from the array. */
4091 free_service_byindex(iService);
4092 /* and now reload it. */
4093 iService = load_usershare_service(pszServiceName);
4094 }
4095 }
4096
4097 if (iService < 0) {
4098 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4099 return GLOBAL_SECTION_SNUM;
4100 }
4101
4102 return (iService);
4103 }
4104
4105 /*******************************************************************
4106 A useful volume label function.
4107 ********************************************************************/
4108
4109 const char *volume_label(TALLOC_CTX *ctx, int snum)
4110 {
4111 char *ret;
4112 const char *label = lp_volume(ctx, snum);
4113 if (!*label) {
4114 label = lp_servicename(ctx, snum);
4115 }
4116
4117 /* This returns a 33 byte guarenteed null terminated string. */
4118 ret = talloc_strndup(ctx, label, 32);
4119 if (!ret) {
4120 return "";
4121 }
4122 return ret;
4123 }
4124
4125 /*******************************************************************
4126 Get the default server type we will announce as via nmbd.
4127 ********************************************************************/
4128
4129 int lp_default_server_announce(void)
4130 {
4131 int default_server_announce = 0;
4132 default_server_announce |= SV_TYPE_WORKSTATION;
4133 default_server_announce |= SV_TYPE_SERVER;
4134 default_server_announce |= SV_TYPE_SERVER_UNIX;
4135
4136 /* note that the flag should be set only if we have a
4137 printer service but nmbd doesn't actually load the
4138 services so we can't tell --jerry */
4139
4140 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4141
4142 default_server_announce |= SV_TYPE_SERVER_NT;
4143 default_server_announce |= SV_TYPE_NT;
4144
4145 switch (lp_server_role()) {
4146 case ROLE_DOMAIN_MEMBER:
4147 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4148 break;
4149 case ROLE_DOMAIN_PDC:
4150 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4151 break;
4152 case ROLE_DOMAIN_BDC:
4153 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4154 break;
4155 case ROLE_STANDALONE:
4156 default:
4157 break;
4158 }
4159 if (lp_time_server())
4160 default_server_announce |= SV_TYPE_TIME_SOURCE;
4161
4162 if (lp_host_msdfs())
4163 default_server_announce |= SV_TYPE_DFS_SERVER;
4164
4165 return default_server_announce;
4166 }
4167
4168 /***********************************************************
4169 If we are PDC then prefer us as DMB
4170 ************************************************************/
4171
4172 bool lp_domain_master(void)
4173 {
4174 if (Globals._domain_master == Auto)
4175 return (lp_server_role() == ROLE_DOMAIN_PDC);
4176
4177 return (bool)Globals._domain_master;
4178 }
4179
4180 /***********************************************************
4181 If we are PDC then prefer us as DMB
4182 ************************************************************/
4183
4184 static bool lp_domain_master_true_or_auto(void)
4185 {
4186 if (Globals._domain_master) /* auto or yes */
4187 return true;
4188
4189 return false;
4190 }
4191
4192 /***********************************************************
4193 If we are DMB then prefer us as LMB
4194 ************************************************************/
4195
4196 bool lp_preferred_master(void)
4197 {
4198 int preferred_master = lp__preferred_master();
4199
4200 if (preferred_master == Auto)
4201 return (lp_local_master() && lp_domain_master());
4202
4203 return (bool)preferred_master;
4204 }
4205
4206 /*******************************************************************
4207 Remove a service.
4208 ********************************************************************/
4209
4210 void lp_remove_service(int snum)
4211 {
4212 ServicePtrs[snum]->valid = false;
4213 }
4214
4215 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4216 {
4217 const char *ret = lp__printername(ctx, snum);
4218 if (ret == NULL || *ret == '\0') {
4219 ret = lp_const_servicename(snum);
4220 }
4221
4222 return ret;
4223 }
4224
4225
4226 /***********************************************************
4227 Allow daemons such as winbindd to fix their logfile name.
4228 ************************************************************/
4229
4230 void lp_set_logfile(const char *name)
4231 {
4232 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4233 debug_set_logfile(name);
4234 }
4235
4236 /*******************************************************************
4237 Return the max print jobs per queue.
4238 ********************************************************************/
4239
4240 int lp_maxprintjobs(int snum)
4241 {
4242 int maxjobs = lp_max_print_jobs(snum);
4243
4244 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4245 maxjobs = PRINT_MAX_JOBID - 1;
4246
4247 return maxjobs;
4248 }
4249
4250 const char *lp_printcapname(void)
4251 {
4252 const char *printcap_name = lp_printcap_name();
4253
4254 if ((printcap_name != NULL) &&
4255 (printcap_name[0] != '\0'))
4256 return printcap_name;
4257
4258 if (sDefault.printing == PRINT_CUPS) {
4259 return "cups";
4260 }
4261
4262 if (sDefault.printing == PRINT_BSD)
4263 return "/etc/printcap";
4264
4265 return PRINTCAP_NAME;
4266 }
4267
4268 static uint32_t spoolss_state;
4269
4270 bool lp_disable_spoolss( void )
4271 {
4272 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4273 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4274
4275 return spoolss_state == SVCCTL_STOPPED ? true : false;
4276 }
4277
4278 void lp_set_spoolss_state( uint32_t state )
4279 {
4280 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4281
4282 spoolss_state = state;
4283 }
4284
4285 uint32_t lp_get_spoolss_state( void )
4286 {
4287 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4288 }
4289
4290 /*******************************************************************
4291 Ensure we don't use sendfile if server smb signing is active.
4292 ********************************************************************/
4293
4294 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4295 {
4296 bool sign_active = false;
4297
4298 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4299 if (get_Protocol() < PROTOCOL_NT1) {
4300 return false;
4301 }
4302 if (signing_state) {
4303 sign_active = smb_signing_is_active(signing_state);
4304 }
4305 return (lp__use_sendfile(snum) &&
4306 (get_remote_arch() != RA_WIN95) &&
4307 !sign_active);
4308 }
4309
4310 /*******************************************************************
4311 Turn off sendfile if we find the underlying OS doesn't support it.
4312 ********************************************************************/
4313
4314 void set_use_sendfile(int snum, bool val)
4315 {
4316 if (LP_SNUM_OK(snum))
4317 ServicePtrs[snum]->_use_sendfile = val;
4318 else
4319 sDefault._use_sendfile = val;
4320 }
4321
4322 void lp_set_mangling_method(const char *new_method)
4323 {
4324 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4325 }
4326
4327 /*******************************************************************
4328 Global state for POSIX pathname processing.
4329 ********************************************************************/
4330
4331 static bool posix_pathnames;
4332
4333 bool lp_posix_pathnames(void)
4334 {
4335 return posix_pathnames;
4336 }
4337
4338 /*******************************************************************
4339 Change everything needed to ensure POSIX pathname processing (currently
4340 not much).
4341 ********************************************************************/
4342
4343 void lp_set_posix_pathnames(void)
4344 {
4345 posix_pathnames = true;
4346 }
4347
4348 /*******************************************************************
4349 Global state for POSIX lock processing - CIFS unix extensions.
4350 ********************************************************************/
4351
4352 bool posix_default_lock_was_set;
4353 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4354
4355 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4356 {
4357 if (posix_default_lock_was_set) {
4358 return posix_cifsx_locktype;
4359 } else {
4360 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4361 POSIX_LOCK : WINDOWS_LOCK;
4362 }
4363 }
4364
4365 /*******************************************************************
4366 ********************************************************************/
4367
4368 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4369 {
4370 posix_default_lock_was_set = true;
4371 posix_cifsx_locktype = val;
4372 }
4373
4374 int lp_min_receive_file_size(void)
4375 {
4376 int min_receivefile_size = lp_min_receivefile_size();
4377
4378 if (min_receivefile_size < 0) {
4379 return 0;
4380 }
4381 return min_receivefile_size;
4382 }
4383
4384 /*******************************************************************
4385 Safe wide links checks.
4386 This helper function always verify the validity of wide links,
4387 even after a configuration file reload.
4388 ********************************************************************/
4389
4390 void widelinks_warning(int snum)
4391 {
4392 if (lp_allow_insecure_wide_links()) {
4393 return;
4394 }
4395
4396 if (lp_unix_extensions() && lp_wide_links(snum)) {
4397 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4398 "These parameters are incompatible. "
4399 "Wide links will be disabled for this share.\n",
4400 lp_servicename(talloc_tos(), snum) ));
4401 }
4402 }
4403
4404 bool lp_widelinks(int snum)
4405 {
4406 /* wide links is always incompatible with unix extensions */
4407 if (lp_unix_extensions()) {
4408 /*
4409 * Unless we have "allow insecure widelinks"
4410 * turned on.
4411 */
4412 if (!lp_allow_insecure_wide_links()) {
4413 return false;
4414 }
4415 }
4416
4417 return lp_wide_links(snum);
4418 }
4419
4420 int lp_server_role(void)
4421 {
4422 return lp_find_server_role(lp__server_role(),
4423 lp__security(),
4424 lp__domain_logons(),
4425 lp_domain_master_true_or_auto());
4426 }
4427
4428 int lp_security(void)
4429 {
4430 return lp_find_security(lp__server_role(),
4431 lp__security());
4432 }
4433
4434 int lp_client_max_protocol(void)
4435 {
4436 int client_max_protocol = lp__client_max_protocol();
4437 if (client_max_protocol == PROTOCOL_DEFAULT) {
4438 return PROTOCOL_NT1;
4439 }
4440 return client_max_protocol;
4441 }
4442
4443 int lp_client_ipc_min_protocol(void)
4444 {
4445 int client_ipc_min_protocol = lp__client_ipc_min_protocol();
4446 if (client_ipc_min_protocol == PROTOCOL_DEFAULT) {
4447 client_ipc_min_protocol = lp_client_min_protocol();
4448 }
4449 if (client_ipc_min_protocol < PROTOCOL_NT1) {
4450 return PROTOCOL_NT1;
4451 }
4452 return client_ipc_min_protocol;
4453 }
4454
4455 int lp_client_ipc_max_protocol(void)
4456 {
4457 int client_ipc_max_protocol = lp__client_ipc_max_protocol();
4458 if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
4459 return PROTOCOL_LATEST;
4460 }
4461 if (client_ipc_max_protocol < PROTOCOL_NT1) {
4462 return PROTOCOL_NT1;
4463 }
4464 return client_ipc_max_protocol;
4465 }
4466
4467 int lp_client_ipc_signing(void)
4468 {
4469 int client_ipc_signing = lp__client_ipc_signing();
4470 if (client_ipc_signing == SMB_SIGNING_DEFAULT) {
4471 return SMB_SIGNING_REQUIRED;
4472 }
4473 return client_ipc_signing;
4474 }
4475
4476 struct loadparm_global * get_globals(void)
4477 {
4478 return &Globals;
4479 }
4480
4481 unsigned int * get_flags(void)
4482 {
4483 if (flags_list == NULL) {
4484 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
4485 }
4486
4487 return flags_list;
4488 }
Samba GIT mirror