search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Zero out the out policy handler in lsa_Close
[Samba/gebeck_regimport.git] / source3 / lib / popt_common.c
blob7f7d23fa00b9daff311984ecd93c46f7714e1ee1
1 /*
2 Unix SMB/CIFS implementation.
3 Common popt routines
4
5 Copyright (C) Tim Potter 2001,2002
6 Copyright (C) Jelmer Vernooij 2002,2003
7 Copyright (C) James Peach 2006
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24
25 /* Handle command line options:
26 * -d,--debuglevel
27 * -s,--configfile
28 * -O,--socket-options
29 * -V,--version
30 * -l,--log-base
31 * -n,--netbios-name
32 * -W,--workgroup
33 * -i,--scope
34 */
35
36 extern bool AllowDebugChange;
37 extern bool override_logfile;
38
39 static void set_logfile(poptContext con, const char * arg)
40 {
41
42 char *logfile = NULL;
43 const char *pname;
44
45 /* Find out basename of current program */
46 pname = strrchr_m(poptGetInvocationName(con),'/');
47
48 if (!pname)
49 pname = poptGetInvocationName(con);
50 else
51 pname++;
52
53 if (asprintf(&logfile, "%s/log.%s", arg, pname) < 0) {
54 return;
55 }
56 lp_set_logfile(logfile);
57 SAFE_FREE(logfile);
58 }
59
60 static bool PrintSambaVersionString;
61
62 static void popt_common_callback(poptContext con,
63 enum poptCallbackReason reason,
64 const struct poptOption *opt,
65 const char *arg, const void *data)
66 {
67
68 if (reason == POPT_CALLBACK_REASON_PRE) {
69 set_logfile(con, get_dyn_LOGFILEBASE());
70 return;
71 }
72
73 if (reason == POPT_CALLBACK_REASON_POST) {
74
75 if (PrintSambaVersionString) {
76 printf( "Version %s\n", SAMBA_VERSION_STRING);
77 exit(0);
78 }
79
80 if (is_default_dyn_CONFIGFILE()) {
81 if(getenv("SMB_CONF_PATH")) {
82 set_dyn_CONFIGFILE(getenv("SMB_CONF_PATH"));
83 }
84 }
85
86 /* Further 'every Samba program must do this' hooks here. */
87 return;
88 }
89
90 switch(opt->val) {
91 case 'd':
92 if (arg) {
93 debug_parse_levels(arg);
94 AllowDebugChange = False;
95 }
96 break;
97
98 case 'V':
99 PrintSambaVersionString = True;
100 break;
101
102 case 'O':
103 if (arg) {
104 lp_do_parameter(-1, "socket options", arg);
105 }
106 break;
107
108 case 's':
109 if (arg) {
110 set_dyn_CONFIGFILE(arg);
111 }
112 break;
113
114 case 'n':
115 if (arg) {
116 set_global_myname(arg);
117 }
118 break;
119
120 case 'l':
121 if (arg) {
122 set_logfile(con, arg);
123 override_logfile = True;
124 set_dyn_LOGFILEBASE(arg);
125 }
126 break;
127
128 case 'i':
129 if (arg) {
130 set_global_scope(arg);
131 }
132 break;
133
134 case 'W':
135 if (arg) {
136 set_global_myworkgroup(arg);
137 }
138 break;
139 }
140 }
141
142 struct poptOption popt_common_connection[] = {
143 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
144 { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
145 "SOCKETOPTIONS" },
146 { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
147 { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
148 { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
149
150 POPT_TABLEEND
151 };
152
153 struct poptOption popt_common_samba[] = {
154 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
155 { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
156 { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
157 { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Base name for log files", "LOGFILEBASE" },
158 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
159 POPT_TABLEEND
160 };
161
162 struct poptOption popt_common_configfile[] = {
163 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE|POPT_CBFLAG_POST, (void *)popt_common_callback },
164 { "configfile", 0, POPT_ARG_STRING, NULL, 's', "Use alternate configuration file", "CONFIGFILE" },
165 POPT_TABLEEND
166 };
167
168 struct poptOption popt_common_version[] = {
169 { NULL, 0, POPT_ARG_CALLBACK, (void *)popt_common_callback },
170 { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
171 POPT_TABLEEND
172 };
173
174
175 /* Handle command line options:
176 * --sbindir
177 * --bindir
178 * --swatdir
179 * --lmhostsfile
180 * --libdir
181 * --shlibext
182 * --lockdir
183 * --piddir
184 * --smb-passwd-file
185 * --private-dir
186 */
187
188 enum dyn_item{
189 DYN_SBINDIR = 1,
190 DYN_BINDIR,
191 DYN_SWATDIR,
192 DYN_LMHOSTSFILE,
193 DYN_LIBDIR,
194 DYN_SHLIBEXT,
195 DYN_LOCKDIR,
196 DYN_PIDDIR,
197 DYN_SMB_PASSWD_FILE,
198 DYN_PRIVATE_DIR,
199 };
200
201
202 static void popt_dynconfig_callback(poptContext con,
203 enum poptCallbackReason reason,
204 const struct poptOption *opt,
205 const char *arg, const void *data)
206 {
207
208 switch (opt->val) {
209 case DYN_SBINDIR:
210 if (arg) {
211 set_dyn_SBINDIR(arg);
212 }
213 break;
214
215 case DYN_BINDIR:
216 if (arg) {
217 set_dyn_BINDIR(arg);
218 }
219 break;
220
221 case DYN_SWATDIR:
222 if (arg) {
223 set_dyn_SWATDIR(arg);
224 }
225 break;
226
227 case DYN_LMHOSTSFILE:
228 if (arg) {
229 set_dyn_LMHOSTSFILE(arg);
230 }
231 break;
232
233 case DYN_LIBDIR:
234 if (arg) {
235 set_dyn_LIBDIR(arg);
236 }
237 break;
238
239 case DYN_SHLIBEXT:
240 if (arg) {
241 set_dyn_SHLIBEXT(arg);
242 }
243 break;
244
245 case DYN_LOCKDIR:
246 if (arg) {
247 set_dyn_LOCKDIR(arg);
248 }
249 break;
250
251 case DYN_PIDDIR:
252 if (arg) {
253 set_dyn_PIDDIR(arg);
254 }
255 break;
256
257 case DYN_SMB_PASSWD_FILE:
258 if (arg) {
259 set_dyn_SMB_PASSWD_FILE(arg);
260 }
261 break;
262
263 case DYN_PRIVATE_DIR:
264 if (arg) {
265 set_dyn_PRIVATE_DIR(arg);
266 }
267 break;
268
269 }
270 }
271
272 const struct poptOption popt_common_dynconfig[] = {
273
274 { NULL, '\0', POPT_ARG_CALLBACK, (void *)popt_dynconfig_callback },
275
276 { "sbindir", '\0' , POPT_ARG_STRING, NULL, DYN_SBINDIR,
277 "Path to sbin directory", "SBINDIR" },
278 { "bindir", '\0' , POPT_ARG_STRING, NULL, DYN_BINDIR,
279 "Path to bin directory", "BINDIR" },
280 { "swatdir", '\0' , POPT_ARG_STRING, NULL, DYN_SWATDIR,
281 "Path to SWAT installation directory", "SWATDIR" },
282 { "lmhostsfile", '\0' , POPT_ARG_STRING, NULL, DYN_LMHOSTSFILE,
283 "Path to lmhosts file", "LMHOSTSFILE" },
284 { "libdir", '\0' , POPT_ARG_STRING, NULL, DYN_LIBDIR,
285 "Path to shared library directory", "LIBDIR" },
286 { "shlibext", '\0' , POPT_ARG_STRING, NULL, DYN_SHLIBEXT,
287 "Shared library extension", "SHLIBEXT" },
288 { "lockdir", '\0' , POPT_ARG_STRING, NULL, DYN_LOCKDIR,
289 "Path to lock file directory", "LOCKDIR" },
290 { "piddir", '\0' , POPT_ARG_STRING, NULL, DYN_PIDDIR,
291 "Path to PID file directory", "PIDDIR" },
292 { "smb-passwd-file", '\0' , POPT_ARG_STRING, NULL, DYN_SMB_PASSWD_FILE,
293 "Path to smbpasswd file", "SMB_PASSWD_FILE" },
294 { "private-dir", '\0' , POPT_ARG_STRING, NULL, DYN_PRIVATE_DIR,
295 "Path to private data directory", "PRIVATE_DIR" },
296
297 POPT_TABLEEND
298 };
299
300 /****************************************************************************
301 * get a password from a a file or file descriptor
302 * exit on failure
303 * ****************************************************************************/
304
305 static void get_password_file(void)
306 {
307 int fd = -1;
308 char *p;
309 bool close_it = False;
310 char *spec = NULL;
311 char pass[128];
312
313 if ((p = getenv("PASSWD_FD")) != NULL) {
314 if (asprintf(&spec, "descriptor %s", p) < 0) {
315 return;
316 }
317 sscanf(p, "%d", &fd);
318 close_it = false;
319 } else if ((p = getenv("PASSWD_FILE")) != NULL) {
320 fd = sys_open(p, O_RDONLY, 0);
321 spec = SMB_STRDUP(p);
322 if (fd < 0) {
323 fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
324 spec, strerror(errno));
325 exit(1);
326 }
327 close_it = True;
328 }
329
330 for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
331 p && p - pass < sizeof(pass);) {
332 switch (read(fd, p, 1)) {
333 case 1:
334 if (*p != '\n' && *p != '\0') {
335 *++p = '\0'; /* advance p, and null-terminate pass */
336 break;
337 }
338 case 0:
339 if (p - pass) {
340 *p = '\0'; /* null-terminate it, just in case... */
341 p = NULL; /* then force the loop condition to become false */
342 break;
343 } else {
344 fprintf(stderr, "Error reading password from file %s: %s\n",
345 spec, "empty password\n");
346 SAFE_FREE(spec);
347 exit(1);
348 }
349
350 default:
351 fprintf(stderr, "Error reading password from file %s: %s\n",
352 spec, strerror(errno));
353 SAFE_FREE(spec);
354 exit(1);
355 }
356 }
357 SAFE_FREE(spec);
358
359 set_cmdline_auth_info_password(pass);
360 if (close_it) {
361 close(fd);
362 }
363 }
364
365 static void get_credentials_file(const char *file)
366 {
367 XFILE *auth;
368 fstring buf;
369 uint16 len = 0;
370 char *ptr, *val, *param;
371
372 if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
373 {
374 /* fail if we can't open the credentials file */
375 d_printf("ERROR: Unable to open credentials file!\n");
376 exit(-1);
377 }
378
379 while (!x_feof(auth))
380 {
381 /* get a line from the file */
382 if (!x_fgets(buf, sizeof(buf), auth))
383 continue;
384 len = strlen(buf);
385
386 if ((len) && (buf[len-1]=='\n'))
387 {
388 buf[len-1] = '\0';
389 len--;
390 }
391 if (len == 0)
392 continue;
393
394 /* break up the line into parameter & value.
395 * will need to eat a little whitespace possibly */
396 param = buf;
397 if (!(ptr = strchr_m (buf, '=')))
398 continue;
399
400 val = ptr+1;
401 *ptr = '\0';
402
403 /* eat leading white space */
404 while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
405 val++;
406
407 if (strwicmp("password", param) == 0) {
408 set_cmdline_auth_info_password(val);
409 } else if (strwicmp("username", param) == 0) {
410 set_cmdline_auth_info_username(val);
411 } else if (strwicmp("domain", param) == 0) {
412 set_global_myworkgroup(val);
413 }
414 memset(buf, 0, sizeof(buf));
415 }
416 x_fclose(auth);
417 }
418
419 /* Handle command line options:
420 * -U,--user
421 * -A,--authentication-file
422 * -k,--use-kerberos
423 * -N,--no-pass
424 * -S,--signing
425 * -P --machine-pass
426 * -e --encrypt
427 */
428
429
430 static void popt_common_credentials_callback(poptContext con,
431 enum poptCallbackReason reason,
432 const struct poptOption *opt,
433 const char *arg, const void *data)
434 {
435 char *p;
436
437 if (reason == POPT_CALLBACK_REASON_PRE) {
438 set_cmdline_auth_info_username("GUEST");
439
440 if (getenv("LOGNAME")) {
441 set_cmdline_auth_info_username(getenv("LOGNAME"));
442 }
443
444 if (getenv("USER")) {
445 char *puser = SMB_STRDUP(getenv("USER"));
446 if (!puser) {
447 exit(ENOMEM);
448 }
449 set_cmdline_auth_info_username(puser);
450
451 if ((p = strchr_m(puser,'%'))) {
452 size_t len;
453 *p = 0;
454 len = strlen(p+1);
455 set_cmdline_auth_info_password(p+1);
456 memset(strchr_m(getenv("USER"),'%')+1,'X',len);
457 }
458 SAFE_FREE(puser);
459 }
460
461 if (getenv("PASSWD")) {
462 set_cmdline_auth_info_password(getenv("PASSWD"));
463 }
464
465 if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
466 get_password_file();
467 }
468
469 return;
470 }
471
472 switch(opt->val) {
473 case 'U':
474 {
475 char *lp;
476 char *puser = SMB_STRDUP(arg);
477
478 if ((lp=strchr_m(puser,'%'))) {
479 size_t len;
480 *lp = 0;
481 set_cmdline_auth_info_username(puser);
482 set_cmdline_auth_info_password(lp+1);
483 len = strlen(lp+1);
484 memset(strchr_m(arg,'%')+1,'X',len);
485 } else {
486 set_cmdline_auth_info_username(puser);
487 }
488 SAFE_FREE(puser);
489 }
490 break;
491
492 case 'A':
493 get_credentials_file(arg);
494 break;
495
496 case 'k':
497 #ifndef HAVE_KRB5
498 d_printf("No kerberos support compiled in\n");
499 exit(1);
500 #else
501 set_cmdline_auth_info_use_krb5_ticket();
502 #endif
503 break;
504
505 case 'S':
506 if (!set_cmdline_auth_info_signing_state(arg)) {
507 fprintf(stderr, "Unknown signing option %s\n", arg );
508 exit(1);
509 }
510 break;
511 case 'P':
512 {
513 char *opt_password = NULL;
514 char *pwd = NULL;
515
516 /* it is very useful to be able to make ads queries as the
517 machine account for testing purposes and for domain leave */
518
519 if (!secrets_init()) {
520 d_printf("ERROR: Unable to open secrets database\n");
521 exit(1);
522 }
523
524 opt_password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
525
526 if (!opt_password) {
527 d_printf("ERROR: Unable to fetch machine password\n");
528 exit(1);
529 }
530 if (asprintf(&pwd, "%s$", global_myname()) < 0) {
531 exit(ENOMEM);
532 }
533 set_cmdline_auth_info_username(pwd);
534 set_cmdline_auth_info_password(opt_password);
535 SAFE_FREE(pwd);
536 SAFE_FREE(opt_password);
537
538 /* machine accounts only work with kerberos */
539 set_cmdline_auth_info_use_krb5_ticket();
540 }
541 break;
542 case 'N':
543 set_cmdline_auth_info_password("");
544 break;
545 case 'e':
546 set_cmdline_auth_info_smb_encrypt();
547 break;
548
549 }
550 }
551
552 struct poptOption popt_common_credentials[] = {
553 { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, (void *)popt_common_credentials_callback },
554 { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
555 { "no-pass", 'N', POPT_ARG_NONE, NULL, 'N', "Don't ask for a password" },
556 { "kerberos", 'k', POPT_ARG_NONE, NULL, 'k', "Use kerberos (active directory) authentication" },
557 { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
558 { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
559 {"machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
560 {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
561 POPT_TABLEEND
562 };
reg import