2020-07-16 16:15:07 +03:00
/*
* Copyright ( c ) 2020 Andreas Schneider < asn @ samba . org >
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
# include "includes.h"
# include "lib/param/param.h"
2020-08-11 17:37:16 +03:00
# include "dynconfig/dynconfig.h"
# include "auth/gensec/gensec.h"
# include "libcli/smb/smb_util.h"
2020-07-16 16:15:07 +03:00
# include "cmdline_private.h"
2023-07-20 05:10:43 +03:00
# include "lib/util/util_process.h"
2020-07-16 16:15:07 +03:00
2020-08-11 17:37:16 +03:00
# include <samba/version.h>
2020-07-16 16:15:07 +03:00
static TALLOC_CTX * cmdline_mem_ctx ;
static struct loadparm_context * cmdline_lp_ctx ;
2020-07-27 17:13:53 +03:00
static struct cli_credentials * cmdline_creds ;
2020-08-10 16:09:54 +03:00
static samba_cmdline_load_config cmdline_load_config_fn ;
2021-09-03 08:22:18 +03:00
static struct samba_cmdline_daemon_cfg cmdline_daemon_cfg ;
2020-07-16 16:15:07 +03:00
2021-11-17 14:25:58 +03:00
static NTSTATUS ( * cli_credentials_set_machine_account_fn ) (
struct cli_credentials * cred ,
struct loadparm_context * lp_ctx ) =
cli_credentials_set_machine_account ;
2020-07-16 16:15:07 +03:00
/* PRIVATE */
bool samba_cmdline_set_talloc_ctx ( TALLOC_CTX * mem_ctx )
{
if ( cmdline_mem_ctx ! = NULL ) {
return false ;
}
cmdline_mem_ctx = mem_ctx ;
return true ;
}
TALLOC_CTX * samba_cmdline_get_talloc_ctx ( void )
{
return cmdline_mem_ctx ;
}
static void _samba_cmdline_talloc_log ( const char * message )
{
2021-06-04 09:58:09 +03:00
D_ERR ( " %s " , message ) ;
2020-07-16 16:15:07 +03:00
}
bool samba_cmdline_init_common ( TALLOC_CTX * mem_ctx )
{
bool ok ;
ok = samba_cmdline_set_talloc_ctx ( mem_ctx ) ;
if ( ! ok ) {
return false ;
}
2021-09-03 08:22:18 +03:00
cmdline_daemon_cfg = ( struct samba_cmdline_daemon_cfg ) {
. fork = true ,
} ;
2020-07-16 16:15:07 +03:00
fault_setup ( ) ;
/*
2021-09-20 14:27:59 +03:00
* Log to stderr by default .
* This can be changed to stdout using the option : - - debug - stdout
2020-07-16 16:15:07 +03:00
*/
2020-08-11 17:37:16 +03:00
setup_logging ( getprogname ( ) , DEBUG_DEFAULT_STDERR ) ;
2020-07-16 16:15:07 +03:00
talloc_set_log_fn ( _samba_cmdline_talloc_log ) ;
talloc_set_abort_fn ( smb_panic ) ;
return true ;
}
2020-08-10 16:09:54 +03:00
bool samba_cmdline_set_load_config_fn ( samba_cmdline_load_config fn )
{
cmdline_load_config_fn = fn ;
return true ;
}
2020-07-16 16:15:07 +03:00
/* PUBLIC */
bool samba_cmdline_set_lp_ctx ( struct loadparm_context * lp_ctx )
{
if ( lp_ctx = = NULL ) {
return false ;
}
cmdline_lp_ctx = lp_ctx ;
return true ;
}
struct loadparm_context * samba_cmdline_get_lp_ctx ( void )
{
return cmdline_lp_ctx ;
}
2020-07-27 17:13:53 +03:00
bool samba_cmdline_set_creds ( struct cli_credentials * creds )
{
if ( creds = = NULL ) {
return false ;
}
TALLOC_FREE ( cmdline_creds ) ;
cmdline_creds = creds ;
return true ;
}
struct cli_credentials * samba_cmdline_get_creds ( void )
{
return cmdline_creds ;
}
2020-08-11 17:37:16 +03:00
2021-09-03 08:22:18 +03:00
struct samba_cmdline_daemon_cfg * samba_cmdline_get_daemon_cfg ( void )
{
return & cmdline_daemon_cfg ;
}
2021-11-17 14:25:58 +03:00
void samba_cmdline_set_machine_account_fn (
NTSTATUS ( * fn ) ( struct cli_credentials * cred ,
struct loadparm_context * lp_ctx ) )
{
cli_credentials_set_machine_account_fn = fn ;
}
2024-06-29 02:30:19 +03:00
/*
* Are the strings p and option equal from the point of view of option
* parsing , meaning is the next character ' \0 ' or ' = ' .
*/
static bool strneq_cmdline_exact ( const char * p , const char * option , size_t len )
{
if ( strncmp ( p , option , len ) = = 0 ) {
if ( p [ len ] = = 0 | | p [ len ] = = ' = ' ) {
return true ;
}
}
return false ;
}
2024-06-29 04:44:46 +03:00
/*
* If an option looks like a password , and it isn ' t in the allow list , we
* will burn it .
*
* * ulen is set to zero if found is false ( we don ' t need it in that case ) .
*/
static bool burn_possible_password ( const char * p , size_t * ulen )
{
size_t i , len ;
static const char * allowed [ ] = {
" --bad-password-count-reset " ,
" --badpassword-frequency " ,
" --change-user-password " ,
" --force-initialized-passwords " ,
" --machine-pass " , /* distinct from --machinepass */
" --managed-password-interval " ,
" --no-pass " ,
" --no-pass2 " ,
" --no-passthrough " ,
" --no-password " ,
" --passcmd " ,
" --passwd " ,
" --passwd_path " ,
" --password-file " ,
" --password-from-stdin " ,
" --random-password " ,
" --smbpasswd-style " ,
" --strip-passed-output " ,
" --with-smbpasswd-file " ,
} ;
char * equals = NULL ;
* ulen = 0 ;
for ( i = 0 ; i < ARRAY_SIZE ( allowed ) ; i + + ) {
bool safe ;
len = strlen ( allowed [ i ] ) ;
safe = strneq_cmdline_exact ( p , allowed [ i ] , len ) ;
if ( safe ) {
return false ;
}
}
/*
* We have found a suspicious option , and we need to work out where to
* burn it from . It could be
*
* - - secret - password = cow - > password after ' = '
* - - secret - password - > password is in next argument .
*
* but we also have the possibility of
*
* - - cow = secret - password
*
* that is , the ' pass ' in this option string is not in the option but
* the argument to it , which should not be burnt .
*/
equals = strchr ( p , ' = ' ) ;
if ( equals = = NULL ) {
* ulen = strlen ( p ) ;
} else {
char * pass = ( strstr ( p , " pass " ) ) ;
if ( pass > equals ) {
/* this is --foo=pass, not --pass=foo */
return false ;
}
* ulen = equals - p ;
}
DBG_NOTICE ( " burning command line argument %*s \n " , ( int ) ( * ulen ) , p ) ;
return true ;
}
2024-06-29 02:30:19 +03:00
2023-07-21 06:27:00 +03:00
bool samba_cmdline_burn ( int argc , char * argv [ ] )
2020-08-19 10:07:47 +03:00
{
2023-07-21 06:27:00 +03:00
bool burnt = false ;
2021-05-06 13:01:05 +03:00
int i ;
2020-08-19 10:07:47 +03:00
for ( i = 0 ; i < argc ; i + + ) {
2024-06-27 07:33:16 +03:00
bool found = false ;
bool is_user = false ;
size_t ulen = 0 ;
char * p = NULL ;
2020-08-19 10:07:47 +03:00
p = argv [ i ] ;
if ( p = = NULL ) {
cmdline:burn: always return true if burnt
Before we have been trying to cram three cases into a boolean return
value:
* cmdline had secrets, we burnt them -> true
* cmdline had no secrets, all good -> false
* cmdline has NULL string, WTF! emergency! -> false
This return value is only used by Python which wants to know whether to
go to the trouble of replacing the command line. If samba_cmdline_burn()
returns false, no action is taken.
If samba_cmdline_burn() burns a password and then hits a NULL, it would
be better not to do nothing. It would be better to crash. And that is
what Python will end up doing, by some talloc returning NULL triggering
a MemoryError.
What about the case like {"--foo", NULL, "-Ua%b"} where the secret comes
after the NULL? That will still be ignored by Python, as it is by all C
tools, but we are hoping that can't happen anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit d3d8dffc0212662456a6251baee5afd432160fa2)
2024-06-27 07:03:30 +03:00
return burnt ;
2020-08-19 10:07:47 +03:00
}
if ( strncmp ( p , " -U " , 2 ) = = 0 ) {
2024-07-03 02:50:43 +03:00
/*
* Note : this won ' t catch combinations of
* short options like
* ` samba - tool - NUAdministrator % . . . ` , which is
* not possible in general outside of the
* actual parser ( consider for example
* ` - NHUroot % password ` , which parses as
* ` - N - H ' Uroot % password ' ` ) . We don ' t know
* here which short options might take
* arguments .
*
* This is an argument for embedding redaction
* inside the parser ( e . g . by adding a flag to
* the option definitions ) , but we decided not
* to do that in order to share cmdline_burn ( ) .
*/
2020-08-19 10:07:47 +03:00
ulen = 2 ;
found = true ;
is_user = true ;
2024-06-29 02:30:19 +03:00
} else if ( strneq_cmdline_exact ( p , " --user " , 6 ) ) {
2020-08-19 10:07:47 +03:00
ulen = 6 ;
found = true ;
is_user = true ;
2024-07-03 02:23:36 +03:00
} else if ( strneq_cmdline_exact ( p , " --username " , 10 ) ) {
ulen = 10 ;
found = true ;
is_user = true ;
2024-06-29 04:44:46 +03:00
} else if ( strncmp ( p , " -- " , 2 ) = = 0 & & strstr ( p , " pass " ) ) {
/*
* We have many secret options like - - password ,
* - - adminpass , - - client - password , and we could easily
* add more , so we will use an allowlist to let the
* safe ones through ( of which there are also many ) .
*/
found = burn_possible_password ( p , & ulen ) ;
2020-08-19 10:07:47 +03:00
}
if ( found ) {
if ( strlen ( p ) = = ulen ) {
2024-06-27 06:40:16 +03:00
/*
* The option string has no ' = ' , so
* its argument will come in the NEXT
* argv member . If there is one , we
* can just step forward and take it ,
* setting ulen to 0.
*
* { " --password=secret " } - - > { " --password " }
* { " --password " , " secret " } - - > { " --password " , " " }
* { " -Uadmin%secret " } - - > { " -Uadmin " }
* { " -U " , " admin%secret " } - - > { " -U " , " admin " }
*/
i + + ;
if ( i = = argc ) {
/*
* this looks like an invalid
* command line , but that ' s
* for the caller to decide .
*/
return burnt ;
}
p = argv [ i ] ;
if ( p = = NULL ) {
cmdline:burn: always return true if burnt
Before we have been trying to cram three cases into a boolean return
value:
* cmdline had secrets, we burnt them -> true
* cmdline had no secrets, all good -> false
* cmdline has NULL string, WTF! emergency! -> false
This return value is only used by Python which wants to know whether to
go to the trouble of replacing the command line. If samba_cmdline_burn()
returns false, no action is taken.
If samba_cmdline_burn() burns a password and then hits a NULL, it would
be better not to do nothing. It would be better to crash. And that is
what Python will end up doing, by some talloc returning NULL triggering
a MemoryError.
What about the case like {"--foo", NULL, "-Ua%b"} where the secret comes
after the NULL? That will still be ignored by Python, as it is by all C
tools, but we are hoping that can't happen anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15674
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jo Sutton <josutton@catalyst.net.nz>
(cherry picked from commit d3d8dffc0212662456a6251baee5afd432160fa2)
2024-06-27 07:03:30 +03:00
return burnt ;
2024-06-27 06:40:16 +03:00
}
ulen = 0 ;
2020-08-19 10:07:47 +03:00
}
if ( is_user ) {
2024-06-27 07:33:16 +03:00
char * q = strchr_m ( p , ' % ' ) ;
2024-06-21 00:21:43 +03:00
if ( q = = NULL ) {
/* -U without '%' has no secret */
continue ;
2020-08-19 10:07:47 +03:00
}
2024-06-21 00:21:43 +03:00
p = q ;
2020-08-19 10:07:47 +03:00
} else {
p + = ulen ;
}
memset_s ( p , strlen ( p ) , ' \0 ' , strlen ( p ) ) ;
2023-07-21 06:27:00 +03:00
burnt = true ;
2020-08-19 10:07:47 +03:00
}
}
2023-07-21 06:27:00 +03:00
return burnt ;
2020-08-19 10:07:47 +03:00
}
2020-09-02 18:19:00 +03:00
static bool is_popt_table_end ( const struct poptOption * o )
{
if ( o - > longName = = NULL & &
o - > shortName = = 0 & &
o - > argInfo = = 0 & &
o - > arg = = NULL & &
o - > val = = 0 & &
o - > descrip = = NULL & &
o - > argDescrip = = NULL ) {
return true ;
}
return false ;
}
static void find_duplicates ( const struct poptOption * needle ,
const struct poptOption * haystack ,
size_t * count )
{
for ( ;
! is_popt_table_end ( haystack ) ;
haystack + + ) {
switch ( haystack - > argInfo ) {
case POPT_ARG_INCLUDE_TABLE :
if ( haystack - > arg ! = NULL ) {
find_duplicates ( needle , haystack - > arg , count ) ;
}
break ;
default :
if ( needle - > shortName ! = 0 & &
needle - > shortName = = haystack - > shortName ) {
( * count ) + + ;
break ;
}
if ( needle - > longName ! = NULL & &
haystack - > longName ! = NULL & &
strequal ( needle - > longName , haystack - > longName ) ) {
( * count ) + + ;
break ;
}
break ;
}
if ( * count > 1 ) {
return ;
}
}
}
2021-05-03 14:35:37 +03:00
static bool cmdline_sanity_checker ( const struct poptOption * current_opts ,
2020-09-02 18:19:00 +03:00
const struct poptOption * full_opts )
{
const struct poptOption * o = current_opts ;
for ( ;
! is_popt_table_end ( o ) ;
o + + ) {
bool ok ;
switch ( o - > argInfo ) {
case POPT_ARG_INCLUDE_TABLE :
if ( o - > arg ! = NULL ) {
2021-05-03 14:35:37 +03:00
ok = cmdline_sanity_checker ( o - > arg , full_opts ) ;
2020-09-02 18:19:00 +03:00
if ( ! ok ) {
return false ;
}
}
break ;
default :
if ( o - > longName ! = NULL | | o - > shortName ! = 0 ) {
size_t count = 0 ;
find_duplicates ( o , full_opts , & count ) ;
if ( count > 1 ) {
2021-04-29 18:04:43 +03:00
DBG_ERR ( " Duplicate option '--%s|-%c' "
" detected! \n " ,
2020-09-02 18:19:00 +03:00
o - > longName ,
o - > shortName ! = 0 ?
o - > shortName :
' - ' ) ;
return false ;
}
}
break ;
}
}
return true ;
}
bool samba_cmdline_sanity_check ( const struct poptOption * opts )
{
2021-05-03 14:35:37 +03:00
return cmdline_sanity_checker ( opts , opts ) ;
2020-09-02 18:19:00 +03:00
}
poptContext samba_popt_get_context ( const char * name ,
int argc , const char * * argv ,
const struct poptOption * options ,
unsigned int flags )
{
# ifdef DEVELOPER
bool ok ;
ok = samba_cmdline_sanity_check ( options ) ;
if ( ! ok ) {
return NULL ;
}
# endif
2023-07-20 05:10:43 +03:00
process_save_binary_name ( name ) ;
2020-09-02 18:19:00 +03:00
return poptGetContext ( name , argc , argv , options , flags ) ;
}
2020-08-11 17:37:16 +03:00
/**********************************************************
* COMMON SAMBA POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static bool log_to_file ;
2021-05-06 12:21:53 +03:00
static bool set_logfile ( TALLOC_CTX * mem_ctx ,
struct loadparm_context * lp_ctx ,
const char * log_basename ,
2021-05-17 12:00:29 +03:00
const char * process_name ,
bool from_cmdline )
2021-05-06 12:21:53 +03:00
{
2021-05-17 12:00:29 +03:00
bool ok = false ;
2021-05-06 12:21:53 +03:00
char * new_logfile = talloc_asprintf ( mem_ctx ,
" %s/log.%s " ,
log_basename ,
process_name ) ;
if ( new_logfile = = NULL ) {
return false ;
}
2021-05-17 12:00:29 +03:00
if ( from_cmdline ) {
ok = lpcfg_set_cmdline ( lp_ctx ,
" log file " ,
new_logfile ) ;
} else {
ok = lpcfg_do_global_parameter ( lp_ctx ,
" log file " ,
new_logfile ) ;
}
2021-05-06 12:21:53 +03:00
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set log to %s \n " ,
new_logfile ) ;
TALLOC_FREE ( new_logfile ) ;
return false ;
}
2021-06-08 14:25:58 +03:00
debug_set_logfile ( new_logfile ) ;
2021-05-06 12:21:53 +03:00
TALLOC_FREE ( new_logfile ) ;
return true ;
}
2020-08-11 17:37:16 +03:00
static void popt_samba_callback ( poptContext popt_ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg , const void * data )
{
TALLOC_CTX * mem_ctx = samba_cmdline_get_talloc_ctx ( ) ;
struct loadparm_context * lp_ctx = samba_cmdline_get_lp_ctx ( ) ;
const char * pname = NULL ;
bool ok ;
2021-05-06 12:21:53 +03:00
/* Find out basename of current program */
2021-06-04 18:55:46 +03:00
pname = getprogname ( ) ;
2021-05-06 12:21:53 +03:00
2020-08-11 17:37:16 +03:00
if ( reason = = POPT_CALLBACK_REASON_PRE ) {
if ( lp_ctx = = NULL ) {
fprintf ( stderr ,
" Command line parsing not initialized! \n " ) ;
exit ( 1 ) ;
}
2021-05-17 12:00:29 +03:00
ok = set_logfile ( mem_ctx ,
lp_ctx ,
get_dyn_LOGFILEBASE ( ) ,
pname ,
false ) ;
2021-05-06 12:21:53 +03:00
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set log file for %s \n " ,
pname ) ;
exit ( 1 ) ;
}
2020-08-11 17:37:16 +03:00
return ;
}
if ( reason = = POPT_CALLBACK_REASON_POST ) {
ok = cmdline_load_config_fn ( ) ;
if ( ! ok ) {
fprintf ( stderr ,
" %s - Failed to load config file! \n " ,
getprogname ( ) ) ;
exit ( 1 ) ;
}
if ( log_to_file ) {
const struct loadparm_substitution * lp_sub =
lpcfg_noop_substitution ( ) ;
char * logfile = NULL ;
logfile = lpcfg_logfile ( lp_ctx , lp_sub , mem_ctx ) ;
if ( logfile = = NULL ) {
fprintf ( stderr ,
" Failed to setup logging to file! " ) ;
exit ( 1 ) ;
}
debug_set_logfile ( logfile ) ;
setup_logging ( logfile , DEBUG_FILE ) ;
TALLOC_FREE ( logfile ) ;
}
return ;
}
switch ( opt - > val ) {
case OPT_LEAK_REPORT :
talloc_enable_leak_report ( ) ;
break ;
case OPT_LEAK_REPORT_FULL :
talloc_enable_leak_report_full ( ) ;
break ;
case OPT_OPTION :
if ( arg ! = NULL ) {
ok = lpcfg_set_option ( lp_ctx , arg ) ;
if ( ! ok ) {
fprintf ( stderr , " Error setting option '%s' \n " , arg ) ;
exit ( 1 ) ;
}
}
break ;
case ' d ' :
if ( arg ! = NULL ) {
ok = lpcfg_set_cmdline ( lp_ctx , " log level " , arg ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set debug level to: %s \n " ,
arg ) ;
exit ( 1 ) ;
}
}
break ;
case OPT_DEBUG_STDOUT :
setup_logging ( pname , DEBUG_STDOUT ) ;
break ;
case OPT_CONFIGFILE :
if ( arg ! = NULL ) {
set_dyn_CONFIGFILE ( arg ) ;
}
break ;
case ' l ' :
if ( arg ! = NULL ) {
2021-05-17 12:00:29 +03:00
ok = set_logfile ( mem_ctx , lp_ctx , arg , pname , true ) ;
2020-08-11 17:37:16 +03:00
if ( ! ok ) {
fprintf ( stderr ,
2021-05-06 12:21:53 +03:00
" Failed to set log file for %s \n " ,
arg ) ;
2020-08-11 17:37:16 +03:00
exit ( 1 ) ;
}
log_to_file = true ;
2021-04-30 17:12:29 +03:00
set_dyn_LOGFILEBASE ( arg ) ;
2020-08-11 17:37:16 +03:00
}
break ;
}
}
2021-01-05 16:23:27 +03:00
static struct poptOption popt_common_debug [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE | POPT_CBFLAG_POST ,
. arg = ( void * ) popt_samba_callback ,
} ,
{
. longName = " debuglevel " ,
. shortName = ' d ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' d ' ,
. descrip = " Set debug level " ,
. argDescrip = " DEBUGLEVEL " ,
} ,
{
. longName = " debug-stdout " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_DEBUG_STDOUT ,
. descrip = " Send debug output to standard output " ,
} ,
POPT_TABLEEND
} ;
2021-01-13 11:57:19 +03:00
static struct poptOption popt_common_option [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE | POPT_CBFLAG_POST ,
. arg = ( void * ) popt_samba_callback ,
} ,
{
. longName = " option " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_OPTION ,
. descrip = " Set smb.conf option from command line " ,
. argDescrip = " name=value " ,
} ,
POPT_TABLEEND
} ;
2021-01-13 12:56:41 +03:00
static struct poptOption popt_common_config [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE | POPT_CBFLAG_POST ,
. arg = ( void * ) popt_samba_callback ,
} ,
{
. longName = " configfile " ,
. argInfo = POPT_ARG_STRING ,
2021-09-09 12:11:03 +03:00
. val = OPT_CONFIGFILE ,
2021-01-13 12:56:41 +03:00
. descrip = " Use alternative configuration file " ,
. argDescrip = " CONFIGFILE " ,
} ,
POPT_TABLEEND
} ;
2020-08-11 17:37:16 +03:00
static struct poptOption popt_common_samba [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE | POPT_CBFLAG_POST ,
. arg = ( void * ) popt_samba_callback ,
} ,
{
. longName = " debuglevel " ,
. shortName = ' d ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' d ' ,
. descrip = " Set debug level " ,
. argDescrip = " DEBUGLEVEL " ,
} ,
{
. longName = " debug-stdout " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_DEBUG_STDOUT ,
. descrip = " Send debug output to standard output " ,
} ,
{
. longName = " configfile " ,
. shortName = ' s ' ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_CONFIGFILE ,
. descrip = " Use alternative configuration file " ,
. argDescrip = " CONFIGFILE " ,
} ,
{
. longName = " option " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_OPTION ,
. descrip = " Set smb.conf option from command line " ,
. argDescrip = " name=value " ,
} ,
{
. longName = " log-basename " ,
. shortName = ' l ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' l ' ,
. descrip = " Basename for log/debug files " ,
. argDescrip = " LOGFILEBASE " ,
} ,
{
. longName = " leak-report " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_LEAK_REPORT ,
. descrip = " enable talloc leak reporting on exit " ,
} ,
{
. longName = " leak-report-full " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_LEAK_REPORT_FULL ,
. descrip = " enable full talloc leak reporting on exit " ,
} ,
POPT_TABLEEND
} ;
static struct poptOption popt_common_samba_ldb [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE | POPT_CBFLAG_POST ,
. arg = ( void * ) popt_samba_callback ,
} ,
{
. longName = " debuglevel " ,
. shortName = ' d ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' d ' ,
. descrip = " Set debug level " ,
. argDescrip = " DEBUGLEVEL " ,
} ,
{
. longName = " debug-stdout " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_DEBUG_STDOUT ,
. descrip = " Send debug output to standard output " ,
} ,
{
. longName = " configfile " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_CONFIGFILE ,
. descrip = " Use alternative configuration file " ,
. argDescrip = " CONFIGFILE " ,
} ,
{
. longName = " option " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_OPTION ,
. descrip = " Set smb.conf option from command line " ,
. argDescrip = " name=value " ,
} ,
{
. longName = " log-basename " ,
. shortName = ' l ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' l ' ,
. descrip = " Basename for log/debug files " ,
. argDescrip = " LOGFILEBASE " ,
} ,
{
. longName = " leak-report " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_LEAK_REPORT ,
. descrip = " enable talloc leak reporting on exit " ,
} ,
{
. longName = " leak-report-full " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_LEAK_REPORT_FULL ,
. descrip = " enable full talloc leak reporting on exit " ,
} ,
POPT_TABLEEND
} ;
/**********************************************************
* CONNECTION POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static void popt_connection_callback ( poptContext popt_ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg ,
const void * data )
{
struct loadparm_context * lp_ctx = cmdline_lp_ctx ;
if ( reason = = POPT_CALLBACK_REASON_PRE ) {
if ( lp_ctx = = NULL ) {
fprintf ( stderr ,
" Command line parsing not initialized! \n " ) ;
exit ( 1 ) ;
}
return ;
}
switch ( opt - > val ) {
case ' O ' :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " socket options " , arg ) ;
}
break ;
case ' R ' :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " name resolve order " , arg ) ;
}
break ;
case ' m ' :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " client max protocol " , arg ) ;
}
break ;
case OPT_NETBIOS_SCOPE :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " netbios scope " , arg ) ;
}
break ;
case ' n ' :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " netbios name " , arg ) ;
}
break ;
case ' W ' :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " workgroup " , arg ) ;
}
break ;
case ' r ' :
if ( arg ! = NULL ) {
lpcfg_set_cmdline ( lp_ctx , " realm " , arg ) ;
}
break ;
}
}
static struct poptOption popt_common_connection [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE ,
. arg = ( void * ) popt_connection_callback ,
} ,
{
. longName = " name-resolve " ,
. shortName = ' R ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' R ' ,
. descrip = " Use these name resolution services only " ,
. argDescrip = " NAME-RESOLVE-ORDER " ,
} ,
{
. longName = " socket-options " ,
. shortName = ' O ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' O ' ,
. descrip = " socket options to use " ,
. argDescrip = " SOCKETOPTIONS " ,
} ,
{
2021-09-10 12:22:07 +03:00
. longName = " max-protocol " ,
2020-08-11 17:37:16 +03:00
. shortName = ' m ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' m ' ,
. descrip = " Set max protocol level " ,
. argDescrip = " MAXPROTOCOL " ,
} ,
{
. longName = " netbiosname " ,
. shortName = ' n ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' n ' ,
. descrip = " Primary netbios name " ,
. argDescrip = " NETBIOSNAME " ,
} ,
{
. longName = " netbios-scope " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_NETBIOS_SCOPE ,
. descrip = " Use this Netbios scope " ,
. argDescrip = " SCOPE " ,
} ,
{
. longName = " workgroup " ,
. shortName = ' W ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' W ' ,
. descrip = " Set the workgroup name " ,
. argDescrip = " WORKGROUP " ,
} ,
{
. longName = " realm " ,
. argInfo = POPT_ARG_STRING ,
. val = ' r ' ,
. descrip = " Set the realm name " ,
. argDescrip = " REALM " ,
} ,
POPT_TABLEEND
} ;
/**********************************************************
* CREDENTIALS POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static bool skip_password_callback ;
static bool machine_account_pending ;
static void popt_common_credentials_callback ( poptContext popt_ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg ,
const void * data )
{
struct loadparm_context * lp_ctx = samba_cmdline_get_lp_ctx ( ) ;
struct cli_credentials * creds = samba_cmdline_get_creds ( ) ;
bool ok ;
if ( reason = = POPT_CALLBACK_REASON_PRE ) {
if ( creds = = NULL ) {
fprintf ( stderr ,
" Command line parsing not initialized! \n " ) ;
exit ( 1 ) ;
}
return ;
}
if ( reason = = POPT_CALLBACK_REASON_POST ) {
const char * username = NULL ;
enum credentials_obtained username_obtained =
CRED_UNINITIALISED ;
enum credentials_obtained password_obtained =
CRED_UNINITIALISED ;
/*
* This calls cli_credentials_set_conf ( ) to get the defaults
* form smb . conf and set the winbind separator .
2021-04-27 17:19:31 +03:00
*
2023-02-28 07:01:28 +03:00
* Just warn that we can ' t read the smb . conf . There might not be
2021-04-27 17:19:31 +03:00
* one available or we want to ignore it .
2020-08-11 17:37:16 +03:00
*/
2021-04-27 17:19:31 +03:00
ok = cli_credentials_guess ( creds , lp_ctx ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Unable to read defaults from smb.conf \n " ) ;
}
2020-08-11 17:37:16 +03:00
( void ) cli_credentials_get_password_and_obtained ( creds ,
& password_obtained ) ;
if ( ! skip_password_callback & &
password_obtained < CRED_CALLBACK ) {
ok = cli_credentials_set_cmdline_callbacks ( creds ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set cmdline password "
" callback \n " ) ;
exit ( 1 ) ;
}
}
if ( machine_account_pending ) {
NTSTATUS status ;
2021-11-17 14:25:58 +03:00
status = cli_credentials_set_machine_account_fn (
creds , lp_ctx ) ;
2020-08-11 17:37:16 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
fprintf ( stderr ,
" Failed to set machine account: %s \n " ,
nt_errstr ( status ) ) ;
exit ( 1 ) ;
}
}
/*
* When we set the username during the handling of the options
* passed to the binary we haven ' t loaded the config yet . This
* means that we didn ' t take the ' winbind separator ' into
* account .
*
* The username might contain the domain name and thus it
* hasn ' t been correctly parsed yet . If we have a username we
* need to set it again to run the string parser for the
* username correctly .
*/
username =
cli_credentials_get_username_and_obtained (
creds , & username_obtained ) ;
if ( username_obtained = = CRED_SPECIFIED & &
username ! = NULL & & username [ 0 ] ! = ' \0 ' ) {
cli_credentials_parse_string ( creds ,
username ,
CRED_SPECIFIED ) ;
}
return ;
}
switch ( opt - > val ) {
case ' U ' :
if ( arg ! = NULL ) {
cli_credentials_parse_string ( creds ,
arg ,
CRED_SPECIFIED ) ;
}
break ;
case OPT_PASSWORD :
if ( arg ! = NULL ) {
ok = cli_credentials_set_password ( creds ,
arg ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set password! \n " ) ;
exit ( 1 ) ;
}
skip_password_callback = true ;
}
break ;
case OPT_NT_HASH :
cli_credentials_set_password_will_be_nt_hash ( creds , true ) ;
break ;
case ' A ' :
if ( arg ! = NULL ) {
ok = cli_credentials_parse_file ( creds ,
arg ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set parse authentication file! \n " ) ;
exit ( 1 ) ;
}
skip_password_callback = true ;
}
break ;
case ' N ' :
ok = cli_credentials_set_password ( creds ,
NULL ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set password! \n " ) ;
exit ( 1 ) ;
}
skip_password_callback = true ;
break ;
case ' P ' :
/*
* Later , after this is all over , get the machine account
* details from the secrets . ( l | t ) db .
*/
machine_account_pending = true ;
break ;
case OPT_SIMPLE_BIND_DN :
if ( arg ! = NULL ) {
ok = cli_credentials_set_bind_dn ( creds , arg ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set bind DN! \n " ) ;
exit ( 1 ) ;
}
}
break ;
2022-06-22 09:28:40 +03:00
case OPT_USE_KERBEROS : {
int32_t use_kerberos = INT_MIN ;
if ( arg = = NULL ) {
fprintf ( stderr ,
" Failed to parse "
" --use-kerberos=desired|required|off: "
" Missing argument \n " ) ;
exit ( 1 ) ;
}
2020-08-11 17:37:16 +03:00
2022-06-22 09:28:40 +03:00
use_kerberos = lpcfg_parse_enum_vals ( " client use kerberos " ,
arg ) ;
if ( use_kerberos = = INT_MIN ) {
fprintf ( stderr ,
" Failed to parse "
" --use-kerberos=desired|required|off: "
" Invalid argument \n " ) ;
exit ( 1 ) ;
}
2020-08-11 17:37:16 +03:00
2022-06-22 09:28:40 +03:00
ok = cli_credentials_set_kerberos_state ( creds ,
use_kerberos ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set Kerberos state to %s! \n " , arg ) ;
exit ( 1 ) ;
2020-08-11 17:37:16 +03:00
}
break ;
2022-06-22 09:28:40 +03:00
}
2022-06-22 09:34:20 +03:00
case OPT_USE_KERBEROS_CCACHE : {
const char * error_string = NULL ;
int rc ;
2020-08-11 17:37:16 +03:00
2022-06-22 09:34:20 +03:00
if ( arg = = NULL ) {
fprintf ( stderr ,
" Failed to parse --use-krb5-ccache=CCACHE: "
" Missing argument \n " ) ;
exit ( 1 ) ;
}
2020-11-12 13:45:05 +03:00
2022-06-22 09:34:20 +03:00
ok = cli_credentials_set_kerberos_state ( creds ,
CRED_USE_KERBEROS_REQUIRED ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set Kerberos state to %s! \n " , arg ) ;
exit ( 1 ) ;
}
2020-08-11 17:37:16 +03:00
2022-06-22 09:34:20 +03:00
rc = cli_credentials_set_ccache ( creds ,
lp_ctx ,
arg ,
CRED_SPECIFIED ,
& error_string ) ;
if ( rc ! = 0 ) {
fprintf ( stderr ,
" Error reading krb5 credentials cache: '%s' "
" - %s \n " ,
arg ,
error_string ) ;
exit ( 1 ) ;
2020-08-11 17:37:16 +03:00
}
2022-06-22 09:34:20 +03:00
skip_password_callback = true ;
2020-08-11 17:37:16 +03:00
break ;
2022-06-22 09:34:20 +03:00
}
2020-08-11 17:37:16 +03:00
case OPT_USE_WINBIND_CCACHE :
{
uint32_t gensec_features ;
gensec_features = cli_credentials_get_gensec_features ( creds ) ;
gensec_features | = GENSEC_FEATURE_NTLM_CCACHE ;
ok = cli_credentials_set_gensec_features ( creds ,
gensec_features ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set gensec feature! \n " ) ;
exit ( 1 ) ;
}
skip_password_callback = true ;
break ;
}
2022-06-22 09:37:06 +03:00
case OPT_CLIENT_PROTECTION : {
uint32_t gensec_features ;
enum smb_signing_setting signing_state =
SMB_SIGNING_OFF ;
enum smb_encryption_setting encryption_state =
SMB_ENCRYPTION_OFF ;
2020-08-11 17:37:16 +03:00
2022-06-22 09:37:06 +03:00
if ( arg = = NULL ) {
fprintf ( stderr ,
" Failed to parse "
" --client-protection=sign|encrypt|off: "
" Missing argument \n " ) ;
exit ( 1 ) ;
}
2020-08-11 17:37:16 +03:00
2022-06-22 09:37:06 +03:00
gensec_features =
cli_credentials_get_gensec_features (
creds ) ;
if ( strequal ( arg , " off " ) ) {
gensec_features & =
~ ( GENSEC_FEATURE_SIGN | GENSEC_FEATURE_SEAL ) ;
signing_state = SMB_SIGNING_OFF ;
encryption_state = SMB_ENCRYPTION_OFF ;
} else if ( strequal ( arg , " sign " ) ) {
gensec_features | = GENSEC_FEATURE_SIGN ;
2020-08-11 17:37:16 +03:00
2022-06-22 09:37:06 +03:00
signing_state = SMB_SIGNING_REQUIRED ;
encryption_state = SMB_ENCRYPTION_OFF ;
} else if ( strequal ( arg , " encrypt " ) ) {
gensec_features | = GENSEC_FEATURE_SEAL ;
signing_state = SMB_SIGNING_REQUIRED ;
encryption_state = SMB_ENCRYPTION_REQUIRED ;
} else {
fprintf ( stderr ,
" Failed to parse --client-protection \n " ) ;
exit ( 1 ) ;
}
ok = cli_credentials_set_gensec_features ( creds ,
gensec_features ,
2020-08-11 17:37:16 +03:00
CRED_SPECIFIED ) ;
2022-06-22 09:37:06 +03:00
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set gensec feature! \n " ) ;
exit ( 1 ) ;
}
ok = cli_credentials_set_smb_signing ( creds ,
signing_state ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set smb signing! \n " ) ;
exit ( 1 ) ;
}
ok = cli_credentials_set_smb_encryption ( creds ,
encryption_state ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set smb encryption! \n " ) ;
exit ( 1 ) ;
2020-08-11 17:37:16 +03:00
}
break ;
2022-06-22 09:37:06 +03:00
}
2020-08-11 17:37:16 +03:00
} /* switch */
}
static struct poptOption popt_common_credentials [ ] = {
{
. argInfo = POPT_ARG_CALLBACK | POPT_CBFLAG_PRE | POPT_CBFLAG_POST ,
. arg = ( void * ) popt_common_credentials_callback ,
} ,
{
. longName = " user " ,
. shortName = ' U ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' U ' ,
. descrip = " Set the network username " ,
. argDescrip = " [DOMAIN/]USERNAME[%PASSWORD] " ,
} ,
{
. longName = " no-pass " ,
. shortName = ' N ' ,
. argInfo = POPT_ARG_NONE ,
. val = ' N ' ,
. descrip = " Don't ask for a password " ,
} ,
{
. longName = " password " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_PASSWORD ,
. descrip = " Password " ,
} ,
{
. longName = " pw-nt-hash " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_NT_HASH ,
. descrip = " The supplied password is the NT hash " ,
} ,
{
. longName = " authentication-file " ,
. shortName = ' A ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' A ' ,
. descrip = " Get the credentials from a file " ,
. argDescrip = " FILE " ,
} ,
{
. longName = " machine-pass " ,
. shortName = ' P ' ,
. argInfo = POPT_ARG_NONE ,
. val = ' P ' ,
. descrip = " Use stored machine account password " ,
} ,
{
. longName = " simple-bind-dn " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_SIMPLE_BIND_DN ,
. descrip = " DN to use for a simple bind " ,
. argDescrip = " DN " ,
} ,
{
. longName = " use-kerberos " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_USE_KERBEROS ,
. descrip = " Use Kerberos authentication " ,
. argDescrip = " desired|required|off " ,
} ,
{
. longName = " use-krb5-ccache " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_USE_KERBEROS_CCACHE ,
. descrip = " Credentials cache location for Kerberos " ,
. argDescrip = " CCACHE " ,
} ,
{
. longName = " use-winbind-ccache " ,
. argInfo = POPT_ARG_NONE ,
. val = OPT_USE_WINBIND_CCACHE ,
. descrip = " Use the winbind ccache for authentication " ,
} ,
{
. longName = " client-protection " ,
. argInfo = POPT_ARG_STRING ,
. val = OPT_CLIENT_PROTECTION ,
. descrip = " Configure used protection for client connections " ,
. argDescrip = " sign|encrypt|off " ,
} ,
POPT_TABLEEND
} ;
/**********************************************************
* VERSION POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static void popt_version_callback ( poptContext ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg ,
const void * data )
{
switch ( opt - > val ) {
case ' V ' :
printf ( " Version %s \n " , SAMBA_VERSION_STRING ) ;
exit ( 0 ) ;
}
}
static struct poptOption popt_common_version [ ] = {
{
. argInfo = POPT_ARG_CALLBACK ,
. arg = ( void * ) popt_version_callback ,
} ,
{
. longName = " version " ,
. shortName = ' V ' ,
. argInfo = POPT_ARG_NONE ,
. val = ' V ' ,
. descrip = " Print version " ,
} ,
POPT_TABLEEND
} ;
2021-09-03 08:22:18 +03:00
/**********************************************************
* DAEMON POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static void popt_daemon_callback ( poptContext ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg ,
const void * data )
{
switch ( opt - > val ) {
case OPT_DAEMON :
cmdline_daemon_cfg . daemon = true ;
break ;
case OPT_INTERACTIVE :
cmdline_daemon_cfg . interactive = true ;
cmdline_daemon_cfg . fork = false ;
break ;
case OPT_FORK :
cmdline_daemon_cfg . fork = false ;
break ;
case OPT_NO_PROCESS_GROUP :
cmdline_daemon_cfg . no_process_group = true ;
break ;
}
}
static struct poptOption popt_common_daemon [ ] = {
{
. argInfo = POPT_ARG_CALLBACK ,
. arg = ( void * ) popt_daemon_callback
} ,
{
. longName = " daemon " ,
. shortName = ' D ' ,
. argInfo = POPT_ARG_NONE ,
. arg = NULL ,
. val = OPT_DAEMON ,
. descrip = " Become a daemon (default) " ,
} ,
{
. longName = " interactive " ,
. shortName = ' i ' ,
. argInfo = POPT_ARG_NONE ,
. arg = NULL ,
. val = OPT_INTERACTIVE ,
. descrip = " Run interactive (not a daemon) and log to stdout " ,
} ,
{
. longName = " foreground " ,
. shortName = ' F ' ,
. argInfo = POPT_ARG_NONE ,
. arg = NULL ,
. val = OPT_FORK ,
. descrip = " Run daemon in foreground (for daemontools, etc.) " ,
} ,
{
. longName = " no-process-group " ,
. shortName = ' \0 ' ,
. argInfo = POPT_ARG_NONE ,
. arg = NULL ,
. val = OPT_NO_PROCESS_GROUP ,
. descrip = " Don't create a new process group " ,
} ,
POPT_TABLEEND
} ;
2020-08-31 18:42:57 +03:00
/**********************************************************
* LEGACY S3 POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static void popt_legacy_s3_callback ( poptContext ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg ,
const void * data )
{
struct cli_credentials * creds = samba_cmdline_get_creds ( ) ;
bool ok ;
switch ( opt - > val ) {
case ' k ' :
fprintf ( stderr ,
" WARNING: The option -k|--kerberos is deprecated! \n " ) ;
ok = cli_credentials_set_kerberos_state ( creds ,
CRED_USE_KERBEROS_REQUIRED ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set Kerberos state to %s! \n " , arg ) ;
exit ( 1 ) ;
}
skip_password_callback = true ;
break ;
}
}
/* We allow '-k yes' too. */
static struct poptOption popt_legacy_s3 [ ] = {
{
. argInfo = POPT_ARG_CALLBACK ,
. arg = ( void * ) popt_legacy_s3_callback ,
} ,
{
. longName = " kerberos " ,
. shortName = ' k ' ,
2021-10-27 14:45:15 +03:00
. argInfo = POPT_ARG_NONE ,
2020-08-31 18:42:57 +03:00
. val = ' k ' ,
. descrip = " DEPRECATED: Migrate to --use-kerberos " ,
} ,
POPT_TABLEEND
} ;
/**********************************************************
* LEGACY S4 POPT
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static void popt_legacy_s4_callback ( poptContext ctx ,
enum poptCallbackReason reason ,
const struct poptOption * opt ,
const char * arg ,
const void * data )
{
struct cli_credentials * creds = samba_cmdline_get_creds ( ) ;
bool ok ;
switch ( opt - > val ) {
case ' k ' : {
enum credentials_use_kerberos use_kerberos =
CRED_USE_KERBEROS_REQUIRED ;
fprintf ( stderr ,
" WARNING: The option -k|--kerberos is deprecated! \n " ) ;
if ( arg ! = NULL ) {
if ( strcasecmp_m ( arg , " yes " ) = = 0 ) {
use_kerberos = CRED_USE_KERBEROS_REQUIRED ;
} else if ( strcasecmp_m ( arg , " no " ) = = 0 ) {
use_kerberos = CRED_USE_KERBEROS_DISABLED ;
} else {
fprintf ( stderr ,
" Error parsing -k %s. Should be "
" -k [yes|no] \n " ,
arg ) ;
exit ( 1 ) ;
}
}
ok = cli_credentials_set_kerberos_state ( creds ,
use_kerberos ,
CRED_SPECIFIED ) ;
if ( ! ok ) {
fprintf ( stderr ,
" Failed to set Kerberos state to %s! \n " , arg ) ;
exit ( 1 ) ;
}
break ;
}
}
}
static struct poptOption popt_legacy_s4 [ ] = {
{
. argInfo = POPT_ARG_CALLBACK ,
. arg = ( void * ) popt_legacy_s4_callback ,
} ,
{
. longName = " kerberos " ,
. shortName = ' k ' ,
. argInfo = POPT_ARG_STRING ,
. val = ' k ' ,
. descrip = " DEPRECATED: Migrate to --use-kerberos " ,
} ,
POPT_TABLEEND
} ;
2020-08-11 17:37:16 +03:00
struct poptOption * samba_cmdline_get_popt ( enum smb_cmdline_popt_options opt )
{
switch ( opt ) {
2021-01-05 16:23:27 +03:00
case SAMBA_CMDLINE_POPT_OPT_DEBUG_ONLY :
return popt_common_debug ;
break ;
2021-01-13 11:57:19 +03:00
case SAMBA_CMDLINE_POPT_OPT_OPTION_ONLY :
return popt_common_option ;
break ;
2021-01-13 12:56:41 +03:00
case SAMBA_CMDLINE_POPT_OPT_CONFIG_ONLY :
return popt_common_config ;
break ;
2020-08-11 17:37:16 +03:00
case SAMBA_CMDLINE_POPT_OPT_SAMBA :
return popt_common_samba ;
break ;
case SAMBA_CMDLINE_POPT_OPT_CONNECTION :
return popt_common_connection ;
break ;
case SAMBA_CMDLINE_POPT_OPT_CREDENTIALS :
return popt_common_credentials ;
break ;
case SAMBA_CMDLINE_POPT_OPT_VERSION :
return popt_common_version ;
break ;
2021-09-03 08:22:18 +03:00
case SAMBA_CMDLINE_POPT_OPT_DAEMON :
return popt_common_daemon ;
break ;
2020-08-11 17:37:16 +03:00
case SAMBA_CMDLINE_POPT_OPT_SAMBA_LDB :
return popt_common_samba_ldb ;
break ;
2020-08-31 18:42:57 +03:00
case SAMBA_CMDLINE_POPT_OPT_LEGACY_S3 :
return popt_legacy_s3 ;
break ;
case SAMBA_CMDLINE_POPT_OPT_LEGACY_S4 :
return popt_legacy_s4 ;
break ;
2020-08-11 17:37:16 +03:00
}
/* Never reached */
return NULL ;
}