lib/param/param_table.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    Parameter loading functions
   4    Copyright (C) Karl Auer 1993-1998
   5
   6    Largely re-written by Andrew Tridgell, September 1994
   7
   8    Copyright (C) Simo Sorce 2001
   9    Copyright (C) Alexander Bokovoy 2002
  10    Copyright (C) Stefan (metze) Metzmacher 2002
  11    Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
  12    Copyright (C) Michael Adam 2008
  13    Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
  14    Copyright (C) Andrew Bartlett 2011
  15
  16    This program is free software; you can redistribute it and/or modify
  17    it under the terms of the GNU General Public License as published by
  18    the Free Software Foundation; either version 3 of the License, or
  19    (at your option) any later version.
  20
  21    This program is distributed in the hope that it will be useful,
  22    but WITHOUT ANY WARRANTY; without even the implied warranty of
  23    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  24    GNU General Public License for more details.
  25
  26    You should have received a copy of the GNU General Public License
  27    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  28 */
  29
  30 static const struct enum_list enum_protocol[] = {
  31         {PROTOCOL_SMB2_10, "SMB2"}, /* for now keep PROTOCOL_SMB2_10 */
  32         {PROTOCOL_SMB3_00, "SMB3"}, /* for now keep PROTOCOL_SMB3_00 */
  33         {PROTOCOL_SMB3_00, "SMB3_00"},
  34         {PROTOCOL_SMB2_24, "SMB2_24"},
  35         {PROTOCOL_SMB2_22, "SMB2_22"},
  36         {PROTOCOL_SMB2_10, "SMB2_10"},
  37         {PROTOCOL_SMB2_02, "SMB2_02"},
  38         {PROTOCOL_NT1, "NT1"},
  39         {PROTOCOL_LANMAN2, "LANMAN2"},
  40         {PROTOCOL_LANMAN1, "LANMAN1"},
  41         {PROTOCOL_CORE, "CORE"},
  42         {PROTOCOL_COREPLUS, "COREPLUS"},
  43         {PROTOCOL_COREPLUS, "CORE+"},
  44         {-1, NULL}
  45 };
  46
  47 static const struct enum_list enum_security[] = {
  48         {SEC_AUTO, "AUTO"},
  49         {SEC_USER, "USER"},
  50         {SEC_DOMAIN, "DOMAIN"},
  51 #if (defined(HAVE_ADS) || _SAMBA_BUILD_ >= 4)
  52         {SEC_ADS, "ADS"},
  53 #endif
  54         {-1, NULL}
  55 };
  56
  57 static const struct enum_list enum_bool_auto[] = {
  58         {false, "No"},
  59         {false, "False"},
  60         {false, "0"},
  61         {true, "Yes"},
  62         {true, "True"},
  63         {true, "1"},
  64         {Auto, "Auto"},
  65         {-1, NULL}
  66 };
  67
  68 static const struct enum_list enum_csc_policy[] = {
  69         {CSC_POLICY_MANUAL, "manual"},
  70         {CSC_POLICY_DOCUMENTS, "documents"},
  71         {CSC_POLICY_PROGRAMS, "programs"},
  72         {CSC_POLICY_DISABLE, "disable"},
  73         {-1, NULL}
  74 };
  75
  76 /* Server role options */
  77 static const struct enum_list enum_server_role[] = {
  78         {ROLE_AUTO, "auto"},
  79         {ROLE_STANDALONE, "standalone server"},
  80         {ROLE_STANDALONE, "standalone"},
  81         {ROLE_DOMAIN_MEMBER, "member server"},
  82         {ROLE_DOMAIN_MEMBER, "member"},
  83         {ROLE_DOMAIN_PDC, "classic primary domain controller"},
  84         {ROLE_DOMAIN_BDC, "classic backup domain controller"},
  85         {ROLE_ACTIVE_DIRECTORY_DC, "active directory domain controller"},
  86         {ROLE_ACTIVE_DIRECTORY_DC, "domain controller"},
  87         {ROLE_ACTIVE_DIRECTORY_DC, "dc"},
  88         {-1, NULL}
  89 };
  90
  91 /* SMB signing types. */
  92 static const struct enum_list enum_smb_signing_vals[] = {
  93         {SMB_SIGNING_DEFAULT, "default"},
  94         {SMB_SIGNING_OFF, "No"},
  95         {SMB_SIGNING_OFF, "False"},
  96         {SMB_SIGNING_OFF, "0"},
  97         {SMB_SIGNING_OFF, "Off"},
  98         {SMB_SIGNING_OFF, "disabled"},
  99         {SMB_SIGNING_IF_REQUIRED, "if_required"},
 100         {SMB_SIGNING_IF_REQUIRED, "Yes"},
 101         {SMB_SIGNING_IF_REQUIRED, "True"},
 102         {SMB_SIGNING_IF_REQUIRED, "1"},
 103         {SMB_SIGNING_IF_REQUIRED, "On"},
 104         {SMB_SIGNING_IF_REQUIRED, "enabled"},
 105         {SMB_SIGNING_IF_REQUIRED, "auto"},
 106         {SMB_SIGNING_REQUIRED, "required"},
 107         {SMB_SIGNING_REQUIRED, "mandatory"},
 108         {SMB_SIGNING_REQUIRED, "force"},
 109         {SMB_SIGNING_REQUIRED, "forced"},
 110         {SMB_SIGNING_REQUIRED, "enforced"},
 111         {-1, NULL}
 112 };
 113
 114 /* DNS update options. */
 115 static const struct enum_list enum_dns_update_settings[] = {
 116         {DNS_UPDATE_OFF, "False"},
 117         {DNS_UPDATE_ON, "True"},
 118         {DNS_UPDATE_SIGNED, "signed"},
 119         {-1, NULL}
 120 };
 121
 122 /*
 123    Do you want session setups at user level security with a invalid
 124    password to be rejected or allowed in as guest? WinNT rejects them
 125    but it can be a pain as it means "net view" needs to use a password
 126
 127    You have 3 choices in the setting of map_to_guest:
 128
 129    "Never" means session setups with an invalid password
 130    are rejected. This is the default.
 131
 132    "Bad User" means session setups with an invalid password
 133    are rejected, unless the username does not exist, in which case it
 134    is treated as a guest login
 135
 136    "Bad Password" means session setups with an invalid password
 137    are treated as a guest login
 138
 139    Note that map_to_guest only has an effect in user or server
 140    level security.
 141 */
 142
 143 static const struct enum_list enum_map_to_guest[] = {
 144         {NEVER_MAP_TO_GUEST, "Never"},
 145         {MAP_TO_GUEST_ON_BAD_USER, "Bad User"},
 146         {MAP_TO_GUEST_ON_BAD_PASSWORD, "Bad Password"},
 147         {MAP_TO_GUEST_ON_BAD_UID, "Bad Uid"},
 148         {-1, NULL}
 149 };
 150
 151 /* Config backend options */
 152
 153 static const struct enum_list enum_config_backend[] = {
 154         {CONFIG_BACKEND_FILE, "file"},
 155         {CONFIG_BACKEND_REGISTRY, "registry"},
 156         {-1, NULL}
 157 };
 158
 159
 160 /* ADS kerberos ticket verification options */
 161
 162 static const struct enum_list enum_kerberos_method[] = {
 163         {KERBEROS_VERIFY_SECRETS, "default"},
 164         {KERBEROS_VERIFY_SECRETS, "secrets only"},
 165         {KERBEROS_VERIFY_SYSTEM_KEYTAB, "system keytab"},
 166         {KERBEROS_VERIFY_DEDICATED_KEYTAB, "dedicated keytab"},
 167         {KERBEROS_VERIFY_SECRETS_AND_KEYTAB, "secrets and keytab"},
 168         {-1, NULL}
 169 };
 170
 171
 172 /* ACL compatibility options. */
 173 static const struct enum_list enum_acl_compat_vals[] = {
 174     { ACL_COMPAT_AUTO, "auto" },
 175     { ACL_COMPAT_WINNT, "winnt" },
 176     { ACL_COMPAT_WIN2K, "win2k" },
 177     { -1, NULL}
 178 };
 179
 180
 181 static const struct enum_list enum_printing[] = {
 182         {PRINT_SYSV, "sysv"},
 183         {PRINT_AIX, "aix"},
 184         {PRINT_HPUX, "hpux"},
 185         {PRINT_BSD, "bsd"},
 186         {PRINT_QNX, "qnx"},
 187         {PRINT_PLP, "plp"},
 188         {PRINT_LPRNG, "lprng"},
 189         {PRINT_CUPS, "cups"},
 190         {PRINT_IPRINT, "iprint"},
 191         {PRINT_LPRNT, "nt"},
 192         {PRINT_LPROS2, "os2"},
 193 #if defined(DEVELOPER) || defined(ENABLE_BUILD_FARM_HACKS)
 194         {PRINT_TEST, "test"},
 195         {PRINT_VLP, "vlp"},
 196 #endif /* DEVELOPER */
 197         {-1, NULL}
 198 };
 199
 200 static const struct enum_list enum_ldap_sasl_wrapping[] = {
 201         {0, "plain"},
 202         {ADS_AUTH_SASL_SIGN, "sign"},
 203         {ADS_AUTH_SASL_SEAL, "seal"},
 204         {-1, NULL}
 205 };
 206
 207 static const struct enum_list enum_ldap_ssl[] = {
 208         {LDAP_SSL_OFF, "no"},
 209         {LDAP_SSL_OFF, "off"},
 210         {LDAP_SSL_START_TLS, "start tls"},
 211         {LDAP_SSL_START_TLS, "start_tls"},
 212         {-1, NULL}
 213 };
 214
 215 /* LDAP Dereferencing Alias types */
 216 #define SAMBA_LDAP_DEREF_NEVER          0
 217 #define SAMBA_LDAP_DEREF_SEARCHING      1
 218 #define SAMBA_LDAP_DEREF_FINDING        2
 219 #define SAMBA_LDAP_DEREF_ALWAYS         3
 220
 221 static const struct enum_list enum_ldap_deref[] = {
 222         {SAMBA_LDAP_DEREF_NEVER, "never"},
 223         {SAMBA_LDAP_DEREF_SEARCHING, "searching"},
 224         {SAMBA_LDAP_DEREF_FINDING, "finding"},
 225         {SAMBA_LDAP_DEREF_ALWAYS, "always"},
 226         {-1, "auto"}
 227 };
 228
 229 static const struct enum_list enum_ldap_passwd_sync[] = {
 230         {LDAP_PASSWD_SYNC_OFF, "no"},
 231         {LDAP_PASSWD_SYNC_OFF, "off"},
 232         {LDAP_PASSWD_SYNC_ON, "yes"},
 233         {LDAP_PASSWD_SYNC_ON, "on"},
 234         {LDAP_PASSWD_SYNC_ONLY, "only"},
 235         {-1, NULL}
 236 };
 237
 238 static const struct enum_list enum_map_readonly[] = {
 239         {MAP_READONLY_NO, "no"},
 240         {MAP_READONLY_NO, "false"},
 241         {MAP_READONLY_NO, "0"},
 242         {MAP_READONLY_YES, "yes"},
 243         {MAP_READONLY_YES, "true"},
 244         {MAP_READONLY_YES, "1"},
 245         {MAP_READONLY_PERMISSIONS, "permissions"},
 246         {MAP_READONLY_PERMISSIONS, "perms"},
 247         {-1, NULL}
 248 };
 249
 250 static const struct enum_list enum_case[] = {
 251         {CASE_LOWER, "lower"},
 252         {CASE_UPPER, "upper"},
 253         {-1, NULL}
 254 };