-/*
+/*
Unix SMB/CIFS implementation.
status reporting
Copyright (C) Andrew Tridgell 1994-1998
#include "cmdline_contexts.h"
#include "locking/leases_db.h"
#include "lib/util/string_wrappers.h"
+#include "lib/param/param.h"
#ifdef HAVE_JANSSON
#include <jansson.h>
static unsigned int Ucrit_checkUid(uid_t uid)
{
- if ( !Ucrit_IsActive )
+ if ( !Ucrit_IsActive )
return 1;
- if ( uid == Ucrit_uid )
+ if ( uid == Ucrit_uid )
return 1;
return 0;
{
int i;
- if ( !Ucrit_IsActive )
+ if ( !Ucrit_IsActive )
return 1;
for (i=0;i<Ucrit_MaxPid;i++) {
return 0;
}
+static uint32_t map_share_mode_to_deny_mode(
+ uint32_t share_access, uint32_t private_options)
+{
+ switch (share_access & ~FILE_SHARE_DELETE) {
+ case FILE_SHARE_NONE:
+ return DENY_ALL;
+ case FILE_SHARE_READ:
+ return DENY_WRITE;
+ case FILE_SHARE_WRITE:
+ return DENY_READ;
+ case FILE_SHARE_READ|FILE_SHARE_WRITE:
+ return DENY_NONE;
+ }
+ if (private_options & NTCREATEX_FLAG_DENY_DOS) {
+ return DENY_DOS;
+ } else if (private_options & NTCREATEX_FLAG_DENY_FCB) {
+ return DENY_FCB;
+ }
+
+ return (uint32_t)-1;
+}
+
static int print_share_mode(struct file_id fid,
const struct share_mode_data *d,
const struct share_mode_entry *e,
}
static void print_brl(struct file_id id,
- struct server_id pid,
+ struct server_id pid,
enum brl_type lock_type,
enum brl_flavour lock_flav,
br_off start,
fname);
} else {
print_brl_json(state,
+ pid,
+ id,
+ desc,
+ lock_flav,
+ (intmax_t)start,
+ (intmax_t)size,
sharepath,
fname);
char *server_id,
const char *machine,
const char *timestr,
- const char *encryption,
- const char *signing)
+ const char *encryption_cipher,
+ enum crypto_degree encryption_degree,
+ const char *signing_cipher,
+ enum crypto_degree signing_degree)
{
+ fstring encryption;
+ fstring signing;
+
+ if (encryption_degree == CRYPTO_DEGREE_FULL) {
+ fstr_sprintf(encryption, "%s", encryption_cipher);
+ } else if (encryption_degree == CRYPTO_DEGREE_ANONYMOUS) {
+ fstr_sprintf(encryption, "anonymous(%s)", encryption_cipher);
+ } else if (encryption_degree == CRYPTO_DEGREE_PARTIAL) {
+ fstr_sprintf(encryption, "partial(%s)", encryption_cipher);
+ } else {
+ fstr_sprintf(encryption, "-");
+ }
+ if (signing_degree == CRYPTO_DEGREE_FULL) {
+ fstr_sprintf(signing, "%s", signing_cipher);
+ } else if (signing_degree == CRYPTO_DEGREE_ANONYMOUS) {
+ fstr_sprintf(signing, "anonymous(%s)", signing_cipher);
+ } else if (signing_degree == CRYPTO_DEGREE_PARTIAL) {
+ fstr_sprintf(signing, "partial(%s)", signing_cipher);
+ } else {
+ fstr_sprintf(signing, "-");
+ }
+
d_printf("%-12s %-7s %-13s %-32s %-12s %-12s\n",
servicename, server_id, machine, timestr, encryption, signing);
return -1;
}
- if (smbXsrv_is_encrypted(crec->encryption_flags)) {
+ if (smbXsrv_is_encrypted(crec->encryption_flags) ||
+ smbXsrv_is_partially_encrypted(crec->encryption_flags))
+ {
switch (crec->cipher) {
case SMB_ENCRYPTION_GSSAPI:
encryption = "GSSAPI";
case SMB2_ENCRYPTION_AES128_GCM:
encryption = "AES-128-GCM";
break;
+ case SMB2_ENCRYPTION_AES256_CCM:
+ encryption = "AES-256-CCM";
+ break;
+ case SMB2_ENCRYPTION_AES256_GCM:
+ encryption = "AES-256-GCM";
+ break;
default:
encryption = "???";
- result = -1;
break;
}
- encryption_degree = CRYPTO_DEGREE_FULL;
+ if (smbXsrv_is_encrypted(crec->encryption_flags)) {
+ encryption_degree = CRYPTO_DEGREE_FULL;
+ } else if (smbXsrv_is_partially_encrypted(crec->encryption_flags)) {
+ encryption_degree = CRYPTO_DEGREE_PARTIAL;
+ }
+ if (encryption_degree != CRYPTO_DEGREE_NONE &&
+ !crec->authenticated)
+ {
+ encryption_degree = CRYPTO_DEGREE_ANONYMOUS;
+ }
}
- if (smbXsrv_is_signed(crec->signing_flags)) {
+ if (smbXsrv_is_signed(crec->signing_flags) ||
+ smbXsrv_is_partially_signed(crec->signing_flags))
+ {
switch (crec->signing) {
case SMB2_SIGNING_MD5_SMB1:
signing = "HMAC-MD5";
break;
default:
signing = "???";
- result = -1;
break;
}
- signing_degree = CRYPTO_DEGREE_FULL;
+ if (smbXsrv_is_signed(crec->signing_flags)) {
+ signing_degree = CRYPTO_DEGREE_FULL;
+ } else if (smbXsrv_is_partially_signed(crec->signing_flags)) {
+ signing_degree = CRYPTO_DEGREE_PARTIAL;
+ }
+ if (signing_degree != CRYPTO_DEGREE_NONE &&
+ !crec->authenticated)
+ {
+ signing_degree = CRYPTO_DEGREE_ANONYMOUS;
+ }
}
if (!state->json_output) {
crec->machine,
timestr,
encryption,
- signing);
+ encryption_degree,
+ signing,
+ signing_degree);
} else {
result = traverse_connections_json(state,
crec,
if (encryption_degree == CRYPTO_DEGREE_FULL) {
fstr_sprintf(encryption, "%s", encryption_cipher);
+ } else if (encryption_degree == CRYPTO_DEGREE_ANONYMOUS) {
+ fstr_sprintf(encryption, "anonymous(%s)", encryption_cipher);
} else if (encryption_degree == CRYPTO_DEGREE_PARTIAL) {
fstr_sprintf(encryption, "partial(%s)", encryption_cipher);
} else {
}
if (signing_degree == CRYPTO_DEGREE_FULL) {
fstr_sprintf(signing, "%s", signing_cipher);
+ } else if (signing_degree == CRYPTO_DEGREE_ANONYMOUS) {
+ fstr_sprintf(signing, "anonymous(%s)", signing_cipher);
} else if (signing_degree == CRYPTO_DEGREE_PARTIAL) {
fstr_sprintf(signing, "partial(%s)", signing_cipher);
} else {
} else if (smbXsrv_is_partially_encrypted(session->encryption_flags)) {
encryption_degree = CRYPTO_DEGREE_PARTIAL;
}
+ if (encryption_degree != CRYPTO_DEGREE_NONE &&
+ !session->authenticated)
+ {
+ encryption_degree = CRYPTO_DEGREE_ANONYMOUS;
+ }
}
if (smbXsrv_is_signed(session->signing_flags) ||
} else if (smbXsrv_is_partially_signed(session->signing_flags)) {
signing_degree = CRYPTO_DEGREE_PARTIAL;
}
+ if (signing_degree != CRYPTO_DEGREE_NONE &&
+ !session->authenticated)
+ {
+ signing_degree = CRYPTO_DEGREE_ANONYMOUS;
+ }
}
static int prepare_notify(struct traverse_state *state)
{
- /* don't print header line */
-
+ if (!state->json_output) {
+ /* don't print header line */
+ } else {
+ add_section_to_json(state, "notifies");
+ }
return 0;
}
struct traverse_state *state = (struct traverse_state *)private_data;
bool result;
- result = print_notify_rec_stdout(state,
- path,
- server_id_str_buf(server, &idbuf),
- (unsigned)instance->filter,
- (unsigned)instance->subdir_filter);
+ if (!state->json_output) {
+ result = print_notify_rec_stdout(state,
+ path,
+ server_id_str_buf(server, &idbuf),
+ (unsigned)instance->filter,
+ (unsigned)instance->subdir_filter);
+
+ } else {
+ result = print_notify_rec_json(state,
+ instance,
+ server,
+ path);
+ }
return result;
}
.val = 'n',
.descrip = "Numeric uid/gid"
},
+ {
+ .longName = "json",
+ .shortName = 'j',
+ .argInfo = POPT_ARG_NONE,
+ .arg = NULL,
+ .val = 'j',
+ .descrip = "JSON output"
+ },
{
.longName = "fast",
.shortName = 'f',
struct messaging_context *msg_ctx = NULL;
char *db_path;
bool ok;
+ struct loadparm_context *lp_ctx = NULL;
state.first = true;
state.json_output = false;
TALLOC_FREE(frame);
exit(1);
}
- lp_set_cmdline("log level", "0");
+ lp_ctx = samba_cmdline_get_lp_ctx();
+ lpcfg_set_cmdline(lp_ctx, "log level", "0");
pc = samba_popt_get_context(getprogname(),
argc,
case 'n':
numeric_only = true;
break;
+ case 'j':
+ state.json_output = true;
+ break;
case 'f':
do_checks = false;
break;
#ifdef HAVE_JANSSON
state.root_json = json_new_object();
- add_general_information_to_json(&state);
+ if (!json_is_invalid(&state.root_json)) {
+ add_general_information_to_json(&state);
+ }
+#else /* HAVE_JANSSON */
+ if (state.json_output) {
+ fprintf(stderr, "JSON support not available, please install lib Jansson\n");
+ goto done;
+ }
#endif /* HAVE_JANSSON */
if (getuid() != geteuid()) {
if ( username )
Ucrit_addUid( nametouid(username) );
- if (verbose) {
+ if (verbose && !state.json_output) {
d_printf("using configfile = %s\n", get_dyn_CONFIGFILE());
}
switch (profile_only) {
case 'P':
/* Dump profile data */
- ok = status_profile_dump(verbose);
+ ok = status_profile_dump(verbose, &state);
ret = ok ? 0 : 1;
goto done;
case 'R':
/* Continuously display rate-converted data */
- ok = status_profile_rates(verbose);
- ret = ok ? 0 : 1;
+ if (!state.json_output) {
+ ok = status_profile_rates(verbose);
+ ret = ok ? 0 : 1;
+ } else {
+ fprintf(stderr, "Call rates not available in a json output.\n");
+ ret = 1;
+ }
goto done;
default:
break;
prepare_connections(&state);
connections_forall_read(traverse_connections, &state);
- d_printf("\n");
+ if (!state.json_output) {
+ d_printf("\n");
+ }
if ( shares_only ) {
goto done;
fprintf(stderr, "This is normal if an SMB client has never "
"connected to your server.\n");
TALLOC_FREE(db_path);
- exit(0);
+ ret = 0;
+ goto done;
} else {
TALLOC_FREE(db);
TALLOC_FREE(db_path);
prepare_share_mode(&state);
result = share_entry_forall(print_share_mode, &state);
- if (result == 0) {
+ if (result == 0 && !state.json_output) {
fprintf(stderr, "No locked files\n");
- } else if (result < 0) {
+ } else if (result < 0 && !state.json_output) {
fprintf(stderr, "locked file list truncated\n");
}
- d_printf("\n");
+ if (!state.json_output) {
+ d_printf("\n");
+ }
if (show_brl) {
prepare_brl(&state);
done:
cmdline_messaging_context_free();
poptFreeContext(pc);
+#ifdef HAVE_JANSSON
+ if (state.json_output) {
+ d_printf("%s\n", json_to_string(frame, &state.root_json));
+ }
+ json_free(&state.root_json);
+#endif /* HAVE_JANSSON */
TALLOC_FREE(frame);
return ret;
}