--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+ Common popt routines
+
+ Copyright (C) Tim Potter 2001,2002
+ Copyright (C) Jelmer Vernooij 2002,2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/* Handle command line options:
+ * -d,--debuglevel
+ * -s,--configfile
+ * -O,--socket-options
+ * -V,--version
+ * -l,--log-base
+ * -n,--netbios-name
+ * -W,--workgroup
+ * -i,--scope
+ */
+
+extern pstring user_socket_options;
+extern BOOL AllowDebugChange;
+extern BOOL override_logfile;
+
+struct user_auth_info cmdline_auth_info;
+
+static void popt_common_callback(poptContext con,
+ enum poptCallbackReason reason,
+ const struct poptOption *opt,
+ const char *arg, const void *data)
+{
+ pstring logfile;
+ const char *pname;
+
+ /* Find out basename of current program */
+ pname = strrchr_m(poptGetInvocationName(con),'/');
+
+ if (!pname)
+ pname = poptGetInvocationName(con);
+ else
+ pname++;
+
+ if (reason == POPT_CALLBACK_REASON_PRE) {
+ pstr_sprintf(logfile, "%s/log.%s", dyn_LOGFILEBASE, pname);
+ lp_set_logfile(logfile);
+ return;
+ }
+
+ switch(opt->val) {
+ case 'd':
+ if (arg) {
+ debug_parse_levels(arg);
+ AllowDebugChange = False;
+ }
+ break;
+
+ case 'V':
+ printf( "Version %s\n", SAMBA_VERSION_STRING);
+ exit(0);
+ break;
+
+ case 'O':
+ if (arg) {
+ pstrcpy(user_socket_options,arg);
+ }
+ break;
+
+ case 's':
+ if (arg) {
+ pstrcpy(dyn_CONFIGFILE, arg);
+ }
+ break;
+
+ case 'n':
+ if (arg) {
+ set_global_myname(arg);
+ }
+ break;
+
+ case 'l':
+ if (arg) {
+ pstr_sprintf(logfile, "%s/log.%s", arg, pname);
+ lp_set_logfile(logfile);
+ override_logfile = True;
+ }
+ break;
+
+ case 'i':
+ if (arg) {
+ set_global_scope(arg);
+ }
+ break;
+
+ case 'W':
+ if (arg) {
+ set_global_myworkgroup(arg);
+ }
+ break;
+ }
+}
+
+struct poptOption popt_common_connection[] = {
+ { NULL, 0, POPT_ARG_CALLBACK, popt_common_callback },
+ { "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
+ "SOCKETOPTIONS" },
+ { "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
+ { "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
+ { "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
+
+ POPT_TABLEEND
+};
+
+struct poptOption popt_common_samba[] = {
+ { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, popt_common_callback },
+ { "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
+ { "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternative configuration file", "CONFIGFILE" },
+ { "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Basename for log/debug files", "LOGFILEBASE" },
+ { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
+ POPT_TABLEEND
+};
+
+struct poptOption popt_common_version[] = {
+ { NULL, 0, POPT_ARG_CALLBACK, popt_common_callback },
+ { "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
+ POPT_TABLEEND
+};
+
+
+
+/****************************************************************************
+ * get a password from a a file or file descriptor
+ * exit on failure
+ * ****************************************************************************/
+static void get_password_file(struct user_auth_info *a)
+{
+ int fd = -1;
+ char *p;
+ BOOL close_it = False;
+ pstring spec;
+ char pass[128];
+
+ if ((p = getenv("PASSWD_FD")) != NULL) {
+ pstrcpy(spec, "descriptor ");
+ pstrcat(spec, p);
+ sscanf(p, "%d", &fd);
+ close_it = False;
+ } else if ((p = getenv("PASSWD_FILE")) != NULL) {
+ fd = sys_open(p, O_RDONLY, 0);
+ pstrcpy(spec, p);
+ if (fd < 0) {
+ fprintf(stderr, "Error opening PASSWD_FILE %s: %s\n",
+ spec, strerror(errno));
+ exit(1);
+ }
+ close_it = True;
+ }
+
+ for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
+ p && p - pass < sizeof(pass);) {
+ switch (read(fd, p, 1)) {
+ case 1:
+ if (*p != '\n' && *p != '\0') {
+ *++p = '\0'; /* advance p, and null-terminate pass */
+ break;
+ }
+ case 0:
+ if (p - pass) {
+ *p = '\0'; /* null-terminate it, just in case... */
+ p = NULL; /* then force the loop condition to become false */
+ break;
+ } else {
+ fprintf(stderr, "Error reading password from file %s: %s\n",
+ spec, "empty password\n");
+ exit(1);
+ }
+
+ default:
+ fprintf(stderr, "Error reading password from file %s: %s\n",
+ spec, strerror(errno));
+ exit(1);
+ }
+ }
+ pstrcpy(a->password, pass);
+ if (close_it)
+ close(fd);
+}
+
+static void get_credentials_file(const char *file, struct user_auth_info *info)
+{
+ XFILE *auth;
+ fstring buf;
+ uint16 len = 0;
+ char *ptr, *val, *param;
+
+ if ((auth=x_fopen(file, O_RDONLY, 0)) == NULL)
+ {
+ /* fail if we can't open the credentials file */
+ d_printf("ERROR: Unable to open credentials file!\n");
+ exit(-1);
+ }
+
+ while (!x_feof(auth))
+ {
+ /* get a line from the file */
+ if (!x_fgets(buf, sizeof(buf), auth))
+ continue;
+ len = strlen(buf);
+
+ if ((len) && (buf[len-1]=='\n'))
+ {
+ buf[len-1] = '\0';
+ len--;
+ }
+ if (len == 0)
+ continue;
+
+ /* break up the line into parameter & value.
+ * will need to eat a little whitespace possibly */
+ param = buf;
+ if (!(ptr = strchr_m (buf, '=')))
+ continue;
+
+ val = ptr+1;
+ *ptr = '\0';
+
+ /* eat leading white space */
+ while ((*val!='\0') && ((*val==' ') || (*val=='\t')))
+ val++;
+
+ if (strwicmp("password", param) == 0)
+ {
+ pstrcpy(info->password, val);
+ info->got_pass = True;
+ }
+ else if (strwicmp("username", param) == 0)
+ pstrcpy(info->username, val);
+ else if (strwicmp("domain", param) == 0)
+ set_global_myworkgroup(val);
+ memset(buf, 0, sizeof(buf));
+ }
+ x_fclose(auth);
+}
+
+/* Handle command line options:
+ * -U,--user
+ * -A,--authentication-file
+ * -k,--use-kerberos
+ * -N,--no-pass
+ * -S,--signing
+ * -P --machine-pass
+ */
+
+
+static void popt_common_credentials_callback(poptContext con,
+ enum poptCallbackReason reason,
+ const struct poptOption *opt,
+ const char *arg, const void *data)
+{
+ char *p;
+
+ if (reason == POPT_CALLBACK_REASON_PRE) {
+ cmdline_auth_info.use_kerberos = False;
+ cmdline_auth_info.got_pass = False;
+ cmdline_auth_info.signing_state = Undefined;
+ pstrcpy(cmdline_auth_info.username, "GUEST");
+
+ if (getenv("LOGNAME"))pstrcpy(cmdline_auth_info.username,getenv("LOGNAME"));
+
+ if (getenv("USER")) {
+ pstrcpy(cmdline_auth_info.username,getenv("USER"));
+
+ if ((p = strchr_m(cmdline_auth_info.username,'%'))) {
+ *p = 0;
+ pstrcpy(cmdline_auth_info.password,p+1);
+ cmdline_auth_info.got_pass = True;
+ memset(strchr_m(getenv("USER"),'%')+1,'X',strlen(cmdline_auth_info.password));
+ }
+ }
+
+ if (getenv("PASSWD")) {
+ pstrcpy(cmdline_auth_info.password,getenv("PASSWD"));
+ cmdline_auth_info.got_pass = True;
+ }
+
+ if (getenv("PASSWD_FD") || getenv("PASSWD_FILE")) {
+ get_password_file(&cmdline_auth_info);
+ cmdline_auth_info.got_pass = True;
+ }
+
+ return;
+ }
+
+ switch(opt->val) {
+ case 'U':
+ {
+ char *lp;
+
+ pstrcpy(cmdline_auth_info.username,arg);
+ if ((lp=strchr_m(cmdline_auth_info.username,'%'))) {
+ *lp = 0;
+ pstrcpy(cmdline_auth_info.password,lp+1);
+ cmdline_auth_info.got_pass = True;
+ memset(strchr_m(arg,'%')+1,'X',strlen(cmdline_auth_info.password));
+ }
+ }
+ break;
+
+ case 'A':
+ get_credentials_file(arg, &cmdline_auth_info);
+ break;
+
+ case 'k':
+#ifndef HAVE_KRB5
+ d_printf("No kerberos support compiled in\n");
+ exit(1);
+#else
+ cmdline_auth_info.use_kerberos = True;
+ cmdline_auth_info.got_pass = True;
+#endif
+ break;
+
+ case 'S':
+ {
+ cmdline_auth_info.signing_state = -1;
+ if (strequal(arg, "off") || strequal(arg, "no") || strequal(arg, "false"))
+ cmdline_auth_info.signing_state = False;
+ else if (strequal(arg, "on") || strequal(arg, "yes") || strequal(arg, "true") ||
+ strequal(arg, "auto") )
+ cmdline_auth_info.signing_state = True;
+ else if (strequal(arg, "force") || strequal(arg, "required") || strequal(arg, "forced"))
+ cmdline_auth_info.signing_state = Required;
+ else {
+ fprintf(stderr, "Unknown signing option %s\n", arg );
+ exit(1);
+ }
+ }
+ break;
+ case 'P':
+ {
+ char *opt_password = NULL;
+ /* it is very useful to be able to make ads queries as the
+ machine account for testing purposes and for domain leave */
+
+ if (!secrets_init()) {
+ d_printf("ERROR: Unable to open secrets database\n");
+ exit(1);
+ }
+
+ opt_password = secrets_fetch_machine_password(lp_workgroup(), NULL, NULL);
+
+ if (!opt_password) {
+ d_printf("ERROR: Unable to fetch machine password\n");
+ exit(1);
+ }
+ pstr_sprintf(cmdline_auth_info.username, "%s$",
+ global_myname());
+ pstrcpy(cmdline_auth_info.password,opt_password);
+ SAFE_FREE(opt_password);
+
+ /* machine accounts only work with kerberos */
+ cmdline_auth_info.use_kerberos = True;
+ cmdline_auth_info.got_pass = True;
+ }
+ break;
+ }
+}
+
+
+
+struct poptOption popt_common_credentials[] = {
+ { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE, popt_common_credentials_callback },
+ { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set the network username", "USERNAME" },
+ { "no-pass", 'N', POPT_ARG_NONE, &cmdline_auth_info.got_pass, 0, "Don't ask for a password" },
+ { "kerberos", 'k', POPT_ARG_NONE, &cmdline_auth_info.use_kerberos, 'k', "Use kerberos (active directory) authentication" },
+ { "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
+ { "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
+ {"machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
+ POPT_TABLEEND
+};
projects / samba / blobdiff