credentials: Prioritise command-line specified options above defaults from smb.conf

If a user specified -W or --realm on the command line, then this is
of level SPECIFIED, not UNINITIALISED, despite it going via the
loadparm system.

This helps us to ensure that -W server -Ulocaluser is parsed the
same as -Userver\localuser.  This matters as otherwise we might
instead attempt to use kerberos to the realm from the smb.conf.

Andrew Bartlett

diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index ee60220ec7b534fd48d1224a539498d3d473cc95..3eaccde25ee8a1672b81a9e0886094507a6f9d04 100644 (file)
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -681,9 +681,21 @@ _PUBLIC_ void cli_credentials_set_conf(struct cli_credentials *cred,
                              struct loadparm_context *lp_ctx)
 {
        cli_credentials_set_username(cred, "", CRED_UNINITIALISED);
-       cli_credentials_set_domain(cred, lpcfg_workgroup(lp_ctx), CRED_UNINITIALISED);
-       cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_UNINITIALISED);
-       cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_UNINITIALISED);
+       if (lpcfg_parm_is_cmdline(lp_ctx, "workgroup")) {
+               cli_credentials_set_domain(cred, lpcfg_workgroup(lp_ctx), CRED_SPECIFIED);
+       } else {
+               cli_credentials_set_domain(cred, lpcfg_workgroup(lp_ctx), CRED_UNINITIALISED);
+       }
+       if (lpcfg_parm_is_cmdline(lp_ctx, "netbios name")) {
+               cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_SPECIFIED);
+       } else {
+               cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_UNINITIALISED);
+       }
+       if (lpcfg_parm_is_cmdline(lp_ctx, "realm")) {
+               cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_SPECIFIED);
+       } else {
+               cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_UNINITIALISED);
+       }
 }
 
 /**

diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index c130a198dfaa325dc048b6c543c6ca9641a651c5..e2dde453f8db39d69aa4d647c557c20ab894bf09 100644 (file)
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2086,6 +2086,27 @@ void *lpcfg_parm_ptr(struct loadparm_context *lp_ctx,
        }
 }
 
+/**
+  return the parameter pointer for a parameter
+*/
+bool lpcfg_parm_is_cmdline(struct loadparm_context *lp_ctx, const char *name)
+{
+       int parmnum;
+
+       if (lp_ctx->s3_fns) {
+               struct parm_struct *parm = lp_ctx->s3_fns->get_parm_struct(name);
+               if (parm) {
+                       return parm->flags & FLAG_CMDLINE;
+               }
+               return false;
+       }
+
+       parmnum = map_parameter(name);
+       if (parmnum == -1) return false;
+
+       return lp_ctx->flags[parmnum] & FLAG_CMDLINE;
+}
+
 /**
  * Find a service by name. Otherwise works like get_service.
  */

diff --git a/lib/param/param.h b/lib/param/param.h
index c54f9cbab6ef9fa97ef3be3ec38f41ae2a476682..f6823859d87852fa6221ec045fc8f976b48274cb 100644 (file)
--- a/lib/param/param.h
+++ b/lib/param/param.h
@@ -111,6 +111,7 @@ bool lpcfg_add_printer(struct loadparm_context *lp_ctx,
 struct parm_struct *lpcfg_parm_struct(struct loadparm_context *lp_ctx, const char *name);
 void *lpcfg_parm_ptr(struct loadparm_context *lp_ctx,
                  struct loadparm_service *service, struct parm_struct *parm);
+bool lpcfg_parm_is_cmdline(struct loadparm_context *lp_ctx, const char *name);
 bool lpcfg_file_list_changed(struct loadparm_context *lp_ctx);
 
 bool lpcfg_do_global_parameter(struct loadparm_context *lp_ctx,