*/
#include "includes.h"
+#include "system/filesys.h"
+#include "util_tdb.h"
#include "printing.h"
#include "lib/smbconf/smbconf.h"
#include "lib/smbconf/smbconf_init.h"
-#include "lib/smbconf/smbconf_reg.h"
#include "ads.h"
#include "../librpc/gen_ndr/svcctl.h"
bool bMapUntrustedToDomain;
bool bAsyncSMBEchoHandler;
bool bMulticastDnsRegister;
+ bool bAllowInsecureWidelinks;
int ismb2_max_read;
int ismb2_max_write;
int ismb2_max_trans;
bool bAdministrative_share;
bool bGuest_ok;
bool bPrint_ok;
+ bool bPrintNotifyBackchannel;
bool bMap_system;
bool bMap_hidden;
bool bMap_archive;
False, /* bAdministrative_share */
False, /* bGuest_ok */
False, /* bPrint_ok */
+ True, /* bPrintNotifyBackchannel */
False, /* bMap_system */
False, /* bMap_hidden */
True, /* bMap_archive */
false, /* bWidelinks */
True, /* bSymlinks */
False, /* bSyncAlways */
- True, /* bStrictAllocate */
+ False, /* bStrictAllocate */
False, /* bStrictSync */
'~', /* magic char */
NULL, /* copymap */
static bool handle_include( int snum, const char *pszParmValue, char **ptr);
static bool handle_copy( int snum, const char *pszParmValue, char **ptr);
static bool handle_netbios_name( int snum, const char *pszParmValue, char **ptr);
+static bool handle_idmap_backend(int snum, const char *pszParmValue, char **ptr);
static bool handle_idmap_uid( int snum, const char *pszParmValue, char **ptr);
static bool handle_idmap_gid( int snum, const char *pszParmValue, char **ptr);
static bool handle_debug_list( int snum, const char *pszParmValue, char **ptr );
static bool handle_netbios_aliases( int snum, const char *pszParmValue, char **ptr );
static bool handle_netbios_scope( int snum, const char *pszParmValue, char **ptr );
static bool handle_charset( int snum, const char *pszParmValue, char **ptr );
+static bool handle_dos_charset( int snum, const char *pszParmValue, char **ptr );
static bool handle_printing( int snum, const char *pszParmValue, char **ptr);
static bool handle_ldap_debug_level( int snum, const char *pszParmValue, char **ptr);
.type = P_STRING,
.p_class = P_GLOBAL,
.ptr = &Globals.dos_charset,
- .special = handle_charset,
+ .special = handle_dos_charset,
.enum_list = NULL,
.flags = FLAG_ADVANCED
},
.ptr = &Globals.bNullPasswords,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "obey pam restrictions",
.ptr = &Globals.bEnablePrivileges,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.ptr = &Globals.pwordlevel,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "username level",
.ptr = &sDefault.szUsername,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
+ .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE | FLAG_DEPRECATED,
},
{
.label = "user",
.ptr = &Globals.bUseSpnego,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "client signing",
.enum_list = NULL,
.flags = FLAG_ADVANCED | FLAG_PRINT,
},
+ {
+ .label = "print notify backchannel",
+ .type = P_BOOL,
+ .p_class = P_LOCAL,
+ .ptr = &sDefault.bPrintNotifyBackchannel,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "print ok",
.type = P_BOOL,
.ptr = &extra_time_offset,
.special = NULL,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "NIS homedir",
.enum_list = NULL,
.flags = FLAG_ADVANCED | FLAG_SHARE,
},
+ {
+ .label = "allow insecure wide links",
+ .type = P_BOOL,
+ .p_class = P_GLOBAL,
+ .ptr = &Globals.bAllowInsecureWidelinks,
+ .special = NULL,
+ .enum_list = NULL,
+ .flags = FLAG_ADVANCED,
+ },
{
.label = "wide links",
.type = P_BOOL,
.type = P_STRING,
.p_class = P_GLOBAL,
.ptr = &Globals.szIdmapBackend,
- .special = NULL,
+ .special = handle_idmap_backend,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
- },
- {
- .label = "idmap read only",
- .type = P_BOOL,
- .p_class = P_GLOBAL,
- .ptr = &Globals.bIdmapReadOnly,
- .special = NULL,
- .enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "idmap cache time",
.ptr = &Globals.szIdmapUID,
.special = handle_idmap_uid,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "winbind uid",
.ptr = &Globals.szIdmapGID,
.special = handle_idmap_gid,
.enum_list = NULL,
- .flags = FLAG_ADVANCED,
+ .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
},
{
.label = "winbind gid",
#if defined(DEVELOPER) || defined(ENABLE_BUILD_FARM_HACKS)
case PRINT_TEST:
- case PRINT_VLP:
- string_set(&pService->szPrintcommand, "vlp print %p %s");
- string_set(&pService->szLpqcommand, "vlp lpq %p");
- string_set(&pService->szLprmcommand, "vlp lprm %p %j");
- string_set(&pService->szLppausecommand, "vlp lppause %p %j");
- string_set(&pService->szLpresumecommand, "vlp lpresume %p %j");
- string_set(&pService->szQueuepausecommand, "vlp queuepause %p");
- string_set(&pService->szQueueresumecommand, "vlp queueresume %p");
+ case PRINT_VLP: {
+ const char *tdbfile;
+ char *tmp;
+
+ tdbfile = talloc_asprintf(
+ talloc_tos(), "tdbfile=%s",
+ lp_parm_const_string(-1, "vlp", "tdbfile",
+ "/tmp/vlp.tdb"));
+ if (tdbfile == NULL) {
+ tdbfile="tdbfile=/tmp/vlp.tdb";
+ }
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s print %%p %%s",
+ tdbfile);
+ string_set(&pService->szPrintcommand,
+ tmp ? tmp : "vlp print %p %s");
+ TALLOC_FREE(tmp);
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s lpq %%p",
+ tdbfile);
+ string_set(&pService->szLpqcommand,
+ tmp ? tmp : "vlp lpq %p");
+ TALLOC_FREE(tmp);
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s lprm %%p %%j",
+ tdbfile);
+ string_set(&pService->szLprmcommand,
+ tmp ? tmp : "vlp lprm %p %j");
+ TALLOC_FREE(tmp);
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s lppause %%p %%j",
+ tdbfile);
+ string_set(&pService->szLppausecommand,
+ tmp ? tmp : "vlp lppause %p %j");
+ TALLOC_FREE(tmp);
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s lpresume %%p %%j",
+ tdbfile);
+ string_set(&pService->szLpresumecommand,
+ tmp ? tmp : "vlp lpresume %p %j");
+ TALLOC_FREE(tmp);
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s queuepause %%p",
+ tdbfile);
+ string_set(&pService->szQueuepausecommand,
+ tmp ? tmp : "vlp queuepause %p");
+ TALLOC_FREE(tmp);
+
+ tmp = talloc_asprintf(talloc_tos(), "vlp %s queueresume %%p",
+ tdbfile);
+ string_set(&pService->szQueueresumecommand,
+ tmp ? tmp : "vlp queueresume %p");
+ TALLOC_FREE(tmp);
+
break;
+ }
#endif /* DEVELOPER */
}
char fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
FN_GLOBAL_STRING(lp_smb_ports, &Globals.smb_ports)
-FN_GLOBAL_STRING(lp_dos_charset, &Globals.dos_charset)
-FN_GLOBAL_STRING(lp_unix_charset, &Globals.unix_charset)
-FN_GLOBAL_STRING(lp_display_charset, &Globals.display_charset)
+FN_GLOBAL_CONST_STRING(lp_dos_charset, &Globals.dos_charset)
+FN_GLOBAL_CONST_STRING(lp_unix_charset, &Globals.unix_charset)
+FN_GLOBAL_CONST_STRING(lp_display_charset, &Globals.display_charset)
FN_GLOBAL_STRING(lp_logfile, &Globals.szLogFile)
FN_GLOBAL_STRING(lp_configfile, &Globals.szConfigFile)
FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile)
}
FN_GLOBAL_CONST_STRING(lp_idmap_backend, &Globals.szIdmapBackend)
-FN_GLOBAL_BOOL(lp_idmap_read_only, &Globals.bIdmapReadOnly)
FN_GLOBAL_INTEGER(lp_idmap_cache_time, &Globals.iIdmapCacheTime)
FN_GLOBAL_INTEGER(lp_idmap_negative_cache_time, &Globals.iIdmapNegativeCacheTime)
FN_GLOBAL_INTEGER(lp_keepalive, &Globals.iKeepalive)
FN_LOCAL_BOOL(lp_guest_only, bGuest_only)
FN_LOCAL_BOOL(lp_administrative_share, bAdministrative_share)
FN_LOCAL_BOOL(lp_print_ok, bPrint_ok)
+FN_LOCAL_BOOL(lp_print_notify_backchannel, bPrintNotifyBackchannel)
FN_LOCAL_BOOL(lp_map_hidden, bMap_hidden)
FN_LOCAL_BOOL(lp_map_archive, bMap_archive)
FN_LOCAL_BOOL(lp_store_dos_attributes, bStoreDosAttributes)
FN_LOCAL_BOOL(lp_fake_dir_create_times, bFakeDirCreateTimes)
FN_GLOBAL_BOOL(lp_async_smb_echo_handler, &Globals.bAsyncSMBEchoHandler)
FN_GLOBAL_BOOL(lp_multicast_dns_register, &Globals.bMulticastDnsRegister)
+FN_GLOBAL_BOOL(lp_allow_insecure_widelinks, &Globals.bAllowInsecureWidelinks)
FN_LOCAL_BOOL(lp_blocking_locks, bBlockingLocks)
FN_LOCAL_BOOL(lp_inherit_perms, bInheritPerms)
FN_LOCAL_BOOL(lp_inherit_acls, bInheritACLS)
static struct smbconf_ctx *lp_smbconf_ctx(void)
{
- WERROR werr;
+ sbcErr err;
static struct smbconf_ctx *conf_ctx = NULL;
if (conf_ctx == NULL) {
- werr = smbconf_init(NULL, &conf_ctx, "registry:");
- if (!W_ERROR_IS_OK(werr)) {
+ err = smbconf_init(NULL, &conf_ctx, "registry:");
+ if (!SBC_ERROR_IS_OK(err)) {
DEBUG(1, ("error initializing registry configuration: "
- "%s\n", win_errstr(werr)));
+ "%s\n", sbcErrorString(err)));
conf_ctx = NULL;
}
}
*/
bool process_registry_service(const char *service_name)
{
- WERROR werr;
+ sbcErr err;
struct smbconf_service *service = NULL;
TALLOC_CTX *mem_ctx = talloc_stackframe();
struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
goto done;
}
- werr = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
- if (!W_ERROR_IS_OK(werr)) {
+ err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
+ if (!SBC_ERROR_IS_OK(err)) {
goto done;
}
bool process_registry_shares(void)
{
- WERROR werr;
+ sbcErr err;
uint32_t count;
struct smbconf_service **service = NULL;
uint32_t num_shares = 0;
goto done;
}
- werr = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
- if (!W_ERROR_IS_OK(werr)) {
+ err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
+ if (!SBC_ERROR_IS_OK(err)) {
goto done;
}
return ret;
}
+/**
+ * reload those shares from registry that are already
+ * activated in the services array.
+ */
+static bool reload_registry_shares(void)
+{
+ int i;
+ bool ret = true;
+
+ for (i = 0; i < iNumServices; i++) {
+ if (!VALID(i)) {
+ continue;
+ }
+
+ if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
+ continue;
+ }
+
+ ret = process_registry_service(ServicePtrs[i]->szService);
+ if (!ret) {
+ goto done;
+ }
+ }
+
+done:
+ return ret;
+}
+
+
#define MAX_INCLUDE_DEPTH 100
static uint8_t include_depth;
return True;
}
+static bool handle_dos_charset(int snum, const char *pszParmValue, char **ptr)
+{
+ bool is_utf8 = false;
+ size_t len = strlen(pszParmValue);
+
+ if (len == 4 || len == 5) {
+ /* Don't use StrCaseCmp here as we don't want to
+ initialize iconv. */
+ if ((toupper_m(pszParmValue[0]) == 'U') &&
+ (toupper_m(pszParmValue[1]) == 'T') &&
+ (toupper_m(pszParmValue[2]) == 'F')) {
+ if (len == 4) {
+ if (pszParmValue[3] == '8') {
+ is_utf8 = true;
+ }
+ } else {
+ if (pszParmValue[3] == '-' &&
+ pszParmValue[4] == '8') {
+ is_utf8 = true;
+ }
+ }
+ }
+ }
+
+ if (strcmp(*ptr, pszParmValue) != 0) {
+ if (is_utf8) {
+ DEBUG(0,("ERROR: invalid DOS charset: 'dos charset' must not "
+ "be UTF8, using (default value) %s instead.\n",
+ DEFAULT_DOS_CHARSET));
+ pszParmValue = DEFAULT_DOS_CHARSET;
+ }
+ string_set(ptr, pszParmValue);
+ init_iconv();
+ }
+ return True;
+}
+
static bool handle_workgroup(int snum, const char *pszParmValue, char **ptr)
return True;
}
-/* Do some simple checks on "idmap [ug]id" parameter values */
-
-static bool handle_idmap_uid(int snum, const char *pszParmValue, char **ptr)
+static bool handle_idmap_backend(int snum, const char *pszParmValue, char **ptr)
{
- uint32 low, high;
-
- if (sscanf(pszParmValue, "%u - %u", &low, &high) != 2 || high < low)
- return False;
+ lp_do_parameter(snum, "idmap config * : backend", pszParmValue);
- /* Parse OK */
+ return true;
+}
- string_set(ptr, pszParmValue);
+/* Do some simple checks on "idmap [ug]id" parameter values */
- idmap_uid_low = low;
- idmap_uid_high = high;
+static bool handle_idmap_uid(int snum, const char *pszParmValue, char **ptr)
+{
+ lp_do_parameter(snum, "idmap config * : range", pszParmValue);
return True;
}
static bool handle_idmap_gid(int snum, const char *pszParmValue, char **ptr)
{
- uint32 low, high;
-
- if (sscanf(pszParmValue, "%u - %u", &low, &high) != 2 || high < low)
- return False;
-
- /* Parse OK */
-
- string_set(ptr, pszParmValue);
-
- idmap_gid_low = low;
- idmap_gid_high = high;
+ lp_do_parameter(snum, "idmap config * : range", pszParmValue);
return True;
}
Auto-load one printer.
***************************************************************************/
-void lp_add_one_printer(const char *name, const char *comment, void *pdata)
+void lp_add_one_printer(const char *name, const char *comment,
+ const char *location, void *pdata)
{
int printers = lp_servicenumber(PRINTERS_NAME);
int i;
free_param_opts(&Globals.param_opt);
+ lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
+
/* We get sections first, so have to start 'behind' to make up */
iServiceIndex = -1;
bRetval = false;
}
- if (bRetval && lp_registry_shares() && allow_registry_shares) {
- bRetval = process_registry_shares();
+ if (bRetval && lp_registry_shares()) {
+ if (allow_registry_shares) {
+ bRetval = process_registry_shares();
+ } else {
+ bRetval = reload_registry_shares();
+ }
}
- lp_add_auto_services(lp_auto_services());
+ {
+ char *serv = lp_auto_services();
+ lp_add_auto_services(serv);
+ TALLOC_FREE(serv);
+ }
if (add_ipc) {
/* When 'restrict anonymous = 2' guest connections to ipc$
set_default_server_announce_type();
set_allowed_client_auth();
+ if (lp_security() == SEC_SHARE) {
+ DEBUG(1, ("WARNING: The security=share option is deprecated\n"));
+ } else if (lp_security() == SEC_SERVER) {
+ DEBUG(1, ("WARNING: The security=server option is deprecated\n"));
+ }
+
+ if (lp_security() == SEC_ADS && strchr(lp_passwordserver(), ':')) {
+ DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
+ lp_passwordserver()));
+ }
+
bLoaded = True;
/* Now we check bWINSsupport and set szWINSserver to 127.0.0.1 */
void widelinks_warning(int snum)
{
+ if (lp_allow_insecure_widelinks()) {
+ return;
+ }
+
if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
"These parameters are incompatible. "
{
/* wide links is always incompatible with unix extensions */
if (lp_unix_extensions()) {
- return false;
+ /*
+ * Unless we have "allow insecure widelinks"
+ * turned on.
+ */
+ if (!lp_allow_insecure_widelinks()) {
+ return false;
+ }
}
return lp_widelinks_internal(snum);
git.samba.org / ddiss / samba.git / blobdiff