search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Change get_nt_acl_no_snum() to return an NTSTATUS, not a struct security_descriptor *.
[Samba/gebeck_regimport.git] / source3 / lib / popt_common.c
blobc07283925b82559dbf15a9e5e37416fa47fa115b
1 /*
2 Unix SMB/CIFS implementation.
3 Common popt routines
4
5 Copyright (C) Tim Potter 2001,2002
6 Copyright (C) Jelmer Vernooij 2002,2003
7 Copyright (C) James Peach 2006
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "system/filesys.h"
25 #include "popt_common.h"
26
27 /* Handle command line options:
28 * -d,--debuglevel
29 * -s,--configfile
30 * -O,--socket-options
31 * -V,--version
32 * -l,--log-base
33 * -n,--netbios-name
34 * -W,--workgroup
35 * -i,--scope
36 */
37
38 enum {OPT_OPTION=1};
39
40 extern bool override_logfile;
41
42 static void set_logfile(poptContext con, const char * arg)
43 {
44
45 char *lfile = NULL;
46 const char *pname;
47
48 /* Find out basename of current program */
49 pname = strrchr_m(poptGetInvocationName(con),'/');
50
51 if (!pname)
52 pname = poptGetInvocationName(con);
53 else
54 pname++;
55
56 if (asprintf(&lfile, "%s/log.%s", arg, pname) < 0) {
57 return;
58 }
59 lp_set_logfile(lfile);
60 SAFE_FREE(lfile);
61 }
62
63 static bool PrintSambaVersionString;
64
65 static void popt_s3_talloc_log_fn(const char *message)
66 {
67 DEBUG(0,("%s", message));
68 }
69
70 static void popt_common_callback(poptContext con,
71 enum poptCallbackReason reason,
72 const struct poptOption *opt,
73 const char *arg, const void *data)
74 {
75
76 if (reason == POPT_CALLBACK_REASON_PRE) {
77 set_logfile(con, get_dyn_LOGFILEBASE());
78 talloc_set_log_fn(popt_s3_talloc_log_fn);
79 talloc_set_abort_fn(smb_panic);
80 return;
81 }
82
83 if (reason == POPT_CALLBACK_REASON_POST) {
84
85 if (PrintSambaVersionString) {
86 printf( "Version %s\n", samba_version_string());
87 exit(0);
88 }
89
90 if (is_default_dyn_CONFIGFILE()) {
91 if(getenv("SMB_CONF_PATH")) {
92 set_dyn_CONFIGFILE(getenv("SMB_CONF_PATH"));
93 }
94 }
95
96 /* Further 'every Samba program must do this' hooks here. */
97 return;
98 }
99
100 switch(opt->val) {
101 case OPT_OPTION:
102 if (!lp_set_option(arg)) {
103 fprintf(stderr, "Error setting option '%s'\n", arg);
104 exit(1);
105 }
106 break;
107
108 case 'd':
109 if (arg) {
110 lp_set_cmdline("log level", arg);
111 }
112 break;
113
114 case 'V':
115 PrintSambaVersionString = True;
116 break;
117
118 case 'O':
119 if (arg) {
120 lp_do_parameter(-1, "socket options", arg);
121 }
122 break;
123
124 case 's':
125 if (arg) {
126 set_dyn_CONFIGFILE(arg);
127 }
128 break;
129
130 case 'n':
131 if (arg) {
132 lp_set_cmdline("netbios name", arg);
133 }
134 break;
135
136 case 'l':
137 if (arg) {
138 set_logfile(con, arg);
139 override_logfile = True;
140 set_dyn_LOGFILEBASE(arg);
141 }
142 break;
143
144 case 'i':
145 if (arg) {
146 lp_set_cmdline("netbios scope", arg);
147 }
148 break;
149
150 case 'W':
151 if (arg) {
152 lp_set_cmdline("workgroup", arg);
153 }
154 break;
155 }
156 }
157
158 struct poptOption popt_common_connection[] = {
159 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
160 { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
161 "SOCKETOPTIONS" },
162 { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
163 { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
164 { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
165
166 POPT_TABLEEND
167 };
168
169 struct poptOption popt_common_samba[] = {
170 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
171 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
172 { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
173 { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Base name for log files", "LOGFILEBASE" },
174 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
175 { "option", 0, POPT_ARG_STRING, NULL, OPT_OPTION, "Set smb.conf option from command line", "name=value" },
176 POPT_TABLEEND
177 };
178
179 struct poptOption popt_common_configfile[] = {
180 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
181 { "configfile", 0, POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
182 POPT_TABLEEND
183 };
184
185 struct poptOption popt_common_version[] = {
186 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_POST, (void *)popt_common_callback },
187 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
188 POPT_TABLEEND
189 };
190
191 struct poptOption popt_common_debuglevel[] = {
192 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
193 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
194 POPT_TABLEEND
195 };
196
197 struct poptOption popt_common_option[] = {
198 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_POST, (void *)popt_common_callback },
199 { "option", 0, POPT_ARG_STRING, NULL, OPT_OPTION, "Set smb.conf option from command line", "name=value" },
200 POPT_TABLEEND
201 };
202
203 /* Handle command line options:
204 * --sbindir
205 * --bindir
206 * --swatdir
207 * --lmhostsfile
208 * --libdir
209 * --modulesdir
210 * --shlibext
211 * --lockdir
212 * --statedir
213 * --cachedir
214 * --piddir
215 * --smb-passwd-file
216 * --private-dir
217 */
218
219 enum dyn_item{
220 DYN_SBINDIR = 1,
221 DYN_BINDIR,
222 DYN_SWATDIR,
223 DYN_LMHOSTSFILE,
224 DYN_LIBDIR,
225 DYN_MODULESDIR,
226 DYN_SHLIBEXT,
227 DYN_LOCKDIR,
228 DYN_STATEDIR,
229 DYN_CACHEDIR,
230 DYN_PIDDIR,
231 DYN_SMB_PASSWD_FILE,
232 DYN_PRIVATE_DIR,
233 };
234
235
236 static void popt_dynconfig_callback(poptContext con,
237 enum poptCallbackReason reason,
238 const struct poptOption *opt,
239 const char *arg, const void *data)
240 {
241
242 switch (opt->val) {
243 case DYN_SBINDIR:
244 if (arg) {
245 set_dyn_SBINDIR(arg);
246 }
247 break;
248
249 case DYN_BINDIR:
250 if (arg) {
251 set_dyn_BINDIR(arg);
252 }
253 break;
254
255 case DYN_SWATDIR:
256 if (arg) {
257 set_dyn_SWATDIR(arg);
258 }
259 break;
260
261 case DYN_LMHOSTSFILE:
262 if (arg) {
263 set_dyn_LMHOSTSFILE(arg);
264 }
265 break;
266
267 case DYN_LIBDIR:
268 if (arg) {
269 set_dyn_LIBDIR(arg);
270 }
271 break;
272
273 case DYN_MODULESDIR:
274 if (arg) {
275 set_dyn_MODULESDIR(arg);
276 }
277 break;
278
279 case DYN_SHLIBEXT:
280 if (arg) {
281 set_dyn_SHLIBEXT(arg);
282 }
283 break;
284
285 case DYN_LOCKDIR:
286 if (arg) {
287 set_dyn_LOCKDIR(arg);
288 }
289 break;
290
291 case DYN_STATEDIR:
292 if (arg) {
293 set_dyn_STATEDIR(arg);
294 }
295 break;
296
297 case DYN_CACHEDIR:
298 if (arg) {
299 set_dyn_CACHEDIR(arg);
300 }
301 break;
302
303 case DYN_PIDDIR:
304 if (arg) {
305 set_dyn_PIDDIR(arg);
306 }
307 break;
308
309 case DYN_SMB_PASSWD_FILE:
310 if (arg) {
311 set_dyn_SMB_PASSWD_FILE(arg);
312 }
313 break;
314
315 case DYN_PRIVATE_DIR:
316 if (arg) {
317 set_dyn_PRIVATE_DIR(arg);
318 }
319 break;
320
321 }
322 }
323
324 const struct poptOption popt_common_dynconfig[] = {
325
326 { NULL, '\0', POPT_ARG_CALLBACK, (void *)popt_dynconfig_callback },
327
328 { "sbindir", '\0' , POPT_ARG_STRING, NULL, DYN_SBINDIR,
329 "Path to sbin directory", "SBINDIR" },
330 { "bindir", '\0' , POPT_ARG_STRING, NULL, DYN_BINDIR,
331 "Path to bin directory", "BINDIR" },
332 { "swatdir", '\0' , POPT_ARG_STRING, NULL, DYN_SWATDIR,
333 "Path to SWAT installation directory", "SWATDIR" },
334 { "lmhostsfile", '\0' , POPT_ARG_STRING, NULL, DYN_LMHOSTSFILE,
335 "Path to lmhosts file", "LMHOSTSFILE" },
336 { "libdir", '\0' , POPT_ARG_STRING, NULL, DYN_LIBDIR,
337 "Path to shared library directory", "LIBDIR" },
338 { "modulesdir", '\0' , POPT_ARG_STRING, NULL, DYN_MODULESDIR,
339 "Path to shared modules directory", "MODULESDIR" },
340 { "shlibext", '\0' , POPT_ARG_STRING, NULL, DYN_SHLIBEXT,
341 "Shared library extension", "SHLIBEXT" },
342 { "lockdir", '\0' , POPT_ARG_STRING, NULL, DYN_LOCKDIR,
343 "Path to lock file directory", "LOCKDIR" },
344 { "statedir", '\0' , POPT_ARG_STRING, NULL, DYN_STATEDIR,
345 "Path to persistent state file directory", "STATEDIR" },
346 { "cachedir", '\0' , POPT_ARG_STRING, NULL, DYN_CACHEDIR,
347 "Path to temporary cache file directory", "CACHEDIR" },
348 { "piddir", '\0' , POPT_ARG_STRING, NULL, DYN_PIDDIR,
349 "Path to PID file directory", "PIDDIR" },
350 { "smb-passwd-file", '\0' , POPT_ARG_STRING, NULL, DYN_SMB_PASSWD_FILE,
351 "Path to smbpasswd file", "SMB_PASSWD_FILE" },
352 { "private-dir", '\0' , POPT_ARG_STRING, NULL, DYN_PRIVATE_DIR,
353 "Path to private data directory", "PRIVATE_DIR" },
354
355 POPT_TABLEEND
356 };
357
358 /****************************************************************************
359 * get a password from a a file or file descriptor
360 * exit on failure
361 * ****************************************************************************/
362
363 static void get_password_file(struct user_auth_info *auth_info)
364 {
365 int fd = -1;
366 char *p;
367 bool close_it = False;
368 char *spec = NULL;
369 char pass[128];
370
371 if ((p = getenv("PASSWD_FD")) != NULL) {
372 if (asprintf(&spec, "descriptor %s", p) < 0) {
373 return;
374 }
375 sscanf(p, "%d", &fd);
376 close_it = false;
377 } else if ((p = getenv("PASSWD_FILE")) != NULL) {
378 fd = open(p, O_RDONLY, 0);
379 spec = SMB_STRDUP(p);
380 if (fd < 0) {
381 fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
382 spec, strerror(errno));
383 exit(1);
384 }
385 close_it = True;
386 }
387
388 if (fd < 0) {
389 fprintf(stderr, "fd = %d, < 0\n", fd);
390 exit(1);
391 }
392
393 for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
394 p && p - pass < sizeof(pass);) {
395 switch (read(fd, p, 1)) {
396 case 1:
397 if (*p != '\n' && *p != '\0') {
398 *++p = '\0'; /* advance p, and null-terminate pass */
399 break;
400 }
401 case 0:
402 if (p - pass) {
403 *p = '\0'; /* null-terminate it, just in case... */
404 p = NULL; /* then force the loop condition to become false */
405 break;
406 } else {
407 fprintf(stderr, "Error reading password from file %s: %s\n",
408 spec, "empty password\n");
409 SAFE_FREE(spec);
410 exit(1);
411 }
412
413 default:
414 fprintf(stderr, "Error reading password from file %s: %s\n",
415 spec, strerror(errno));
416 SAFE_FREE(spec);
417 exit(1);
418 }
419 }
420 SAFE_FREE(spec);
421
422 set_cmdline_auth_info_password(auth_info, pass);
423 if (close_it) {
424 close(fd);
425 }
426 }
427
428 static void get_credentials_file(struct user_auth_info *auth_info,
429 const char *file)
430 {
431 XFILE *auth;
432 fstring buf;
433 uint16 len = 0;
434 char *ptr, *val, *param;
435
436 if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
437 {
438 /* fail if we can't open the credentials file */
439 d_printf("ERROR: Unable to open credentials file!\n");
440 exit(-1);
441 }
442
443 while (!x_feof(auth))
444 {
445 /* get a line from the file */
446 if (!x_fgets(buf, sizeof(buf), auth))
447 continue;
448 len = strlen(buf);
449
450 if ((len) && (buf[len-1]=='\n'))
451 {
452 buf[len-1] = '\0';
453 len--;
454 }
455 if (len == 0)
456 continue;
457
458 /* break up the line into parameter & value.
459 * will need to eat a little whitespace possibly */
460 param = buf;
461 if (!(ptr = strchr_m (buf, '=')))
462 continue;
463
464 val = ptr+1;
465 *ptr = '\0';
466
467 /* eat leading white space */
468 while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
469 val++;
470
471 if (strwicmp("password", param) == 0) {
472 set_cmdline_auth_info_password(auth_info, val);
473 } else if (strwicmp("username", param) == 0) {
474 set_cmdline_auth_info_username(auth_info, val);
475 } else if (strwicmp("domain", param) == 0) {
476 set_cmdline_auth_info_domain(auth_info, val);
477 }
478 memset(buf, 0, sizeof(buf));
479 }
480 x_fclose(auth);
481 }
482
483 /* Handle command line options:
484 * -U,--user
485 * -A,--authentication-file
486 * -k,--use-kerberos
487 * -N,--no-pass
488 * -S,--signing
489 * -P --machine-pass
490 * -e --encrypt
491 * -C --use-ccache
492 */
493
494
495 static void popt_common_credentials_callback(poptContext con,
496 enum poptCallbackReason reason,
497 const struct poptOption *opt,
498 const char *arg, const void *data)
499 {
500 struct user_auth_info *auth_info = talloc_get_type_abort(
501 *((const char **)data), struct user_auth_info);
502 char *p;
503
504 if (reason == POPT_CALLBACK_REASON_PRE) {
505 set_cmdline_auth_info_username(auth_info, "GUEST");
506
507 if (getenv("LOGNAME")) {
508 set_cmdline_auth_info_username(auth_info,
509 getenv("LOGNAME"));
510 }
511
512 if (getenv("USER")) {
513 char *puser = SMB_STRDUP(getenv("USER"));
514 if (!puser) {
515 exit(ENOMEM);
516 }
517 set_cmdline_auth_info_username(auth_info, puser);
518
519 if ((p = strchr_m(puser,'%'))) {
520 size_t len;
521 *p = 0;
522 len = strlen(p+1);
523 set_cmdline_auth_info_password(auth_info, p+1);
524 memset(strchr_m(getenv("USER"),'%')+1,'X',len);
525 }
526 SAFE_FREE(puser);
527 }
528
529 if (getenv("PASSWD")) {
530 set_cmdline_auth_info_password(auth_info,
531 getenv("PASSWD"));
532 }
533
534 if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
535 get_password_file(auth_info);
536 }
537
538 return;
539 }
540
541 switch(opt->val) {
542 case 'U':
543 {
544 char *lp;
545 char *puser = SMB_STRDUP(arg);
546
547 if ((lp=strchr_m(puser,'%'))) {
548 size_t len;
549 *lp = 0;
550 set_cmdline_auth_info_username(auth_info,
551 puser);
552 set_cmdline_auth_info_password(auth_info,
553 lp+1);
554 len = strlen(lp+1);
555 memset(strchr_m(arg,'%')+1,'X',len);
556 } else {
557 set_cmdline_auth_info_username(auth_info,
558 puser);
559 }
560 SAFE_FREE(puser);
561 }
562 break;
563
564 case 'A':
565 get_credentials_file(auth_info, arg);
566 break;
567
568 case 'k':
569 #ifndef HAVE_KRB5
570 d_printf("No kerberos support compiled in\n");
571 exit(1);
572 #else
573 set_cmdline_auth_info_use_krb5_ticket(auth_info);
574 #endif
575 break;
576
577 case 'S':
578 if (!set_cmdline_auth_info_signing_state(auth_info, arg)) {
579 fprintf(stderr, "Unknown signing option %s\n", arg );
580 exit(1);
581 }
582 break;
583 case 'P':
584 set_cmdline_auth_info_use_machine_account(auth_info);
585 break;
586 case 'N':
587 set_cmdline_auth_info_password(auth_info, "");
588 break;
589 case 'e':
590 set_cmdline_auth_info_smb_encrypt(auth_info);
591 break;
592 case 'C':
593 set_cmdline_auth_info_use_ccache(auth_info, true);
594 break;
595 case 'H':
596 set_cmdline_auth_info_use_pw_nt_hash(auth_info, true);
597 break;
598 }
599 }
600
601 static struct user_auth_info *global_auth_info;
602
603 void popt_common_set_auth_info(struct user_auth_info *auth_info)
604 {
605 global_auth_info = auth_info;
606 }
607
608 /**
609 * @brief Burn the commandline password.
610 *
611 * This function removes the password from the command line so we
612 * don't leak the password e.g. in 'ps aux'.
613 *
614 * It should be called after processing the options and you should pass down
615 * argv from main().
616 *
617 * @param[in] argc The number of arguments.
618 *
619 * @param[in] argv[] The argument array we will find the array.
620 */
621 void popt_burn_cmdline_password(int argc, char *argv[])
622 {
623 bool found = false;
624 char *p = NULL;
625 int i, ulen = 0;
626
627 for (i = 0; i < argc; i++) {
628 p = argv[i];
629 if (strncmp(p, "-U", 2) == 0) {
630 ulen = 2;
631 found = true;
632 } else if (strncmp(p, "--user", 6) == 0) {
633 ulen = 6;
634 found = true;
635 }
636
637 if (found) {
638 if (p == NULL) {
639 return;
640 }
641
642 if (strlen(p) == ulen) {
643 continue;
644 }
645
646 p = strchr_m(p, '%');
647 if (p != NULL) {
648 memset(p, '\0', strlen(p));
649 }
650 found = false;
651 }
652 }
653 }
654
655 struct poptOption popt_common_credentials[] = {
656 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE,
657 (void *)popt_common_credentials_callback, 0,
658 (const char *)&global_auth_info },
659 { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
660 { "no-pass", 'N', POPT_ARG_NONE, NULL, 'N', "Don't ask for a password" },
661 { "kerberos", 'k', POPT_ARG_NONE, NULL, 'k', "Use kerberos (active directory) authentication" },
662 { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
663 { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
664 {"machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
665 {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
666 {"use-ccache", 'C', POPT_ARG_NONE, NULL, 'C',
667 "Use the winbind ccache for authentication" },
668 {"pw-nt-hash", '\0', POPT_ARG_NONE, NULL, 'H',
669 "The supplied password is the NT hash" },
670 POPT_TABLEEND
671 };
reg import