diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
commit | 4f5791ebd03eaec1c7da0865a383175b05102712 (patch) | |
tree | 8ce7b00f7a76baa386372422adebbe64510812d4 /lib/param/loadparm.h | |
parent | Initial commit. (diff) | |
download | samba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip |
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | lib/param/loadparm.h | 349 |
1 files changed, 349 insertions, 0 deletions
diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h new file mode 100644 index 0000000..b1641ba --- /dev/null +++ b/lib/param/loadparm.h @@ -0,0 +1,349 @@ +/* + Unix SMB/CIFS implementation. + + type definitions for loadparm + + Copyright (C) Karl Auer 1993-1998 + + Largely re-written by Andrew Tridgell, September 1994 + + Copyright (C) Simo Sorce 2001 + Copyright (C) Alexander Bokovoy 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003. + Copyright (C) James Myers 2003 <myersjj@samba.org> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef _LOADPARM_H +#define _LOADPARM_H + +#include <talloc.h> + +struct parmlist_entry { + struct parmlist_entry *prev, *next; + char *key; + char *value; + char **list; /* For the source3 parametric options, to save the parsed list */ + int priority; +}; + +struct parmlist { + struct parmlist_entry *entries; +}; + +/* the following are used by loadparm for option lists */ +typedef enum { + P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,P_LIST, + P_STRING,P_USTRING,P_ENUM,P_BYTES,P_CMDLIST +} parm_type; + +typedef enum { + P_LOCAL,P_GLOBAL,P_NONE +} parm_class; + +struct enum_list { + int value; + const char *name; +}; + +struct loadparm_service; +struct loadparm_context { + const char *szConfigFile; + struct loadparm_global *globals; + struct loadparm_service **services; + struct loadparm_service *sDefault; + struct smb_iconv_handle *iconv_handle; + int iNumServices; + struct loadparm_service *currentService; + bool bInGlobalSection; + struct file_lists *file_lists; + unsigned int *flags; + bool loaded; + bool refuse_free; + bool global; /* Is this the global context, which may set + * global variables such as debug level etc? */ + const struct loadparm_s3_helpers *s3_fns; +}; + +struct parm_struct { + const char *label; + parm_type type; + parm_class p_class; + offset_t offset; + bool (*special)(struct loadparm_context *lpcfg_ctx, + struct loadparm_service *, const char *, char **); + const struct enum_list *enum_list; + unsigned flags; + union { + bool bvalue; + int ivalue; + char *svalue; + char cvalue; + char **lvalue; + } def; +}; + +extern struct parm_struct parm_table[]; + +struct file_lists { + struct file_lists *next; + char *name; + char *subfname; + time_t modtime; +}; + +#define DEFAULT_NAME_RESOLVE_ORDER "lmhosts wins host bcast" +#define FLAG_DEPRECATED 0x1000 /* options that should no longer be used */ +#define FLAG_SYNONYM 0x2000 /* options that is a synonym of another option */ +#define FLAG_CMDLINE 0x10000 /* option has been overridden */ +#define FLAG_DEFAULT 0x20000 /* this option was a default */ + +/* This defines the section name in the configuration file that will + refer to the special "printers" service */ +#ifndef PRINTERS_NAME +#define PRINTERS_NAME "printers" +#endif + +/* This defines the section name in the configuration file that will + refer to the special "homes" service */ +#ifndef HOMES_NAME +#define HOMES_NAME "homes" +#endif + +/* This defines the section name in the configuration file that will contain */ +/* global parameters - that is, parameters relating to the whole server, not */ +/* just services. This name is then reserved, and may not be used as a */ +/* a service name. It will default to "global" if not defined here. */ +#ifndef GLOBAL_NAME +#define GLOBAL_NAME "global" +#define GLOBAL_NAME2 "globals" +#endif + +/* The default workgroup - usually overridden in smb.conf */ +#ifndef DEFAULT_WORKGROUP +#define DEFAULT_WORKGROUP "WORKGROUP" +#endif + +/* types of configuration backends for loadparm */ +#define CONFIG_BACKEND_FILE 0 +#define CONFIG_BACKEND_REGISTRY 1 + +/* + Do you want session setups at user level security with a invalid + password to be rejected or allowed in as guest? WinNT rejects them + but it can be a pain as it means "net view" needs to use a password + + You have 3 choices in the setting of map_to_guest: + + "NEVER_MAP_TO_GUEST" means session setups with an invalid password + are rejected. This is the default. + + "MAP_TO_GUEST_ON_BAD_USER" means session setups with an invalid password + are rejected, unless the username does not exist, in which case it + is treated as a guest login + + "MAP_TO_GUEST_ON_BAD_PASSWORD" means session setups with an invalid password + are treated as a guest login + + Note that map_to_guest only has an effect in user or server + level security. +*/ + +#define NEVER_MAP_TO_GUEST 0 +#define MAP_TO_GUEST_ON_BAD_USER 1 +#define MAP_TO_GUEST_ON_BAD_PASSWORD 2 +#define MAP_TO_GUEST_ON_BAD_UID 3 + +/* + * This should be under the HAVE_KRB5 flag but since they're used + * in lp_kerberos_method(), they ned to be always available + * If you add any entries to KERBEROS_VERIFY defines, please modify USE.*KEYTAB macros + * so they remain accurate. + */ + +#define KERBEROS_VERIFY_SECRETS 0 +#define KERBEROS_VERIFY_SYSTEM_KEYTAB 1 +#define KERBEROS_VERIFY_DEDICATED_KEYTAB 2 +#define KERBEROS_VERIFY_SECRETS_AND_KEYTAB 3 + +#define KERBEROS_ETYPES_ALL 0 +#define KERBEROS_ETYPES_STRONG 1 +#define KERBEROS_ETYPES_LEGACY 2 + +/* ACL compatibility */ +enum acl_compatibility {ACL_COMPAT_AUTO, ACL_COMPAT_WINNT, ACL_COMPAT_WIN2K}; + +/* printing types */ +enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX, + PRINT_QNX,PRINT_PLP,PRINT_LPRNG,PRINT_SOFTQ, + PRINT_CUPS,PRINT_LPRNT,PRINT_LPROS2,PRINT_IPRINT +#if defined(DEVELOPER) || defined(ENABLE_SELFTEST) +,PRINT_TEST,PRINT_VLP +#endif /* DEVELOPER */ +}; + +#define SERVER_TCP_LOW_PORT 49152 +#define SERVER_TCP_HIGH_PORT 65535 + +#define SERVER_TCP_PORT_MIN 1024 +#define SERVER_TCP_PORT_MAX 65535 + + + +/* ads auth control flags */ +#define ADS_AUTH_DISABLE_KERBEROS 0x0001 +#define ADS_AUTH_NO_BIND 0x0002 +#define ADS_AUTH_ANON_BIND 0x0004 +#define ADS_AUTH_SIMPLE_BIND 0x0008 +#define ADS_AUTH_ALLOW_NTLMSSP 0x0010 +#define ADS_AUTH_SASL_SIGN 0x0020 +#define ADS_AUTH_SASL_SEAL 0x0040 +#define ADS_AUTH_SASL_FORCE 0x0080 +#define ADS_AUTH_USER_CREDS 0x0100 + +enum ldap_server_require_strong_auth { + LDAP_SERVER_REQUIRE_STRONG_AUTH_NO, + LDAP_SERVER_REQUIRE_STRONG_AUTH_ALLOW_SASL_OVER_TLS, + LDAP_SERVER_REQUIRE_STRONG_AUTH_YES, +}; + +/* DNS update settings */ +enum dns_update_settings {DNS_UPDATE_OFF, DNS_UPDATE_ON, DNS_UPDATE_SIGNED}; + +/* MDNS name sources */ +enum mdns_name_values {MDNS_NAME_NETBIOS, MDNS_NAME_MDNS}; + +/* LDAP SSL options */ +enum ldap_ssl_types {LDAP_SSL_OFF, LDAP_SSL_START_TLS}; + +/* LDAP PASSWD SYNC methods */ +enum ldap_passwd_sync_types {LDAP_PASSWD_SYNC_ON, LDAP_PASSWD_SYNC_OFF, LDAP_PASSWD_SYNC_ONLY}; + +/* map readonly options */ +enum mapreadonly_options {MAP_READONLY_NO, MAP_READONLY_YES, MAP_READONLY_PERMISSIONS}; + +/* case handling */ +enum case_handling {CASE_LOWER,CASE_UPPER}; + +/* inherit owner options */ +enum inheritowner_options { + INHERIT_OWNER_NO, + INHERIT_OWNER_WINDOWS_AND_UNIX, + INHERIT_OWNER_UNIX_ONLY +}; + +/* mangled names options */ +enum mangled_names_options {MANGLED_NAMES_NO, MANGLED_NAMES_YES, MANGLED_NAMES_ILLEGAL}; + +/* Spotlight backend options */ +enum spotlight_backend_options { + SPOTLIGHT_BACKEND_NOINDEX, + SPOTLIGHT_BACKEND_TRACKER, + SPOTLIGHT_BACKEND_ES, +}; + +/* FIPS values */ +enum samba_weak_crypto { + SAMBA_WEAK_CRYPTO_UNKNOWN, + SAMBA_WEAK_CRYPTO_ALLOWED, + SAMBA_WEAK_CRYPTO_DISALLOWED, +}; + +/* Controlling the storage of the NT password has on the AD DC */ +enum store_nt_hash { + NT_HASH_STORE_AUTO, + NT_HASH_STORE_NEVER, + NT_HASH_STORE_ALWAYS +}; + +/* + * Default passwd chat script. + */ +#ifndef DEFAULT_PASSWD_CHAT +#define DEFAULT_PASSWD_CHAT "*new*password* %n\\n *new*password* %n\\n *changed*" +#endif + +/* Max number of jobs per print queue. */ +#ifndef PRINT_MAX_JOBID +#define PRINT_MAX_JOBID 10000 +#endif + +/* the default guest account - allow override via CFLAGS */ +#ifndef GUEST_ACCOUNT +#define GUEST_ACCOUNT "nobody" +#endif + +/* SMB2 defaults */ +#define DEFAULT_SMB2_MAX_READ (8*1024*1024) +#define DEFAULT_SMB2_MAX_WRITE (8*1024*1024) +#define DEFAULT_SMB2_MAX_TRANSACT (8*1024*1024) +#define DEFAULT_SMB2_MAX_CREDITS 8192 + +#define DEFAULT_SMB3_SIGNING_ALGORITHMS "AES-128-GMAC AES-128-CMAC HMAC-SHA256" +#define DEFAULT_SMB3_ENCRYPTION_ALGORITHMS "AES-128-GCM AES-128-CCM AES-256-GCM AES-256-CCM" + +#define LOADPARM_EXTRA_LOCALS \ + int usershare; \ + struct timespec usershare_last_mod; \ + char *szService; \ + struct parmlist_entry *param_opt; \ + struct bitmap *copymap; \ + char dummy[3]; /* for alignment */ + +#include "lib/param/param_local.h" + +#define LOADPARM_EXTRA_GLOBALS \ + struct parmlist_entry *param_opt; \ + char *dnsdomain; \ + int rpc_low_port; \ + int rpc_high_port; \ + enum samba_weak_crypto weak_crypto; + +const char* server_role_str(uint32_t role); +int lp_find_server_role(int server_role, int security, int domain_logons, int domain_master); +int lp_find_security(int server_role, int security); +bool lp_is_security_and_server_role_valid(int server_role, int security); + +struct loadparm_global * get_globals(void); +unsigned int * get_flags(void); +int getservicebyname(const char *, struct loadparm_service *); +bool lp_include(struct loadparm_context *, struct loadparm_service *, + const char *, char **); +bool lp_do_section(const char *pszSectionName, void *userdata); +bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue); + +int num_parameters(void); +int32_t lpcfg_parse_enum_vals(const char *param_name, + const char *param_value); + +struct loadparm_substitution; +#ifdef LOADPARM_SUBSTITUTION_INTERNALS +struct loadparm_substitution { + char *(*substituted_string_fn)( + TALLOC_CTX *mem_ctx, + const struct loadparm_substitution *lp_sub, + const char *raw_value, + void *private_data); + void *private_data; +}; +#endif /* LOADPARM_SUBSTITUTION_INTERNALS */ + +const struct loadparm_substitution *lpcfg_noop_substitution(void); +char *lpcfg_substituted_string(TALLOC_CTX *mem_ctx, + const struct loadparm_substitution *lp_sub, + const char *raw_value); + +#endif /* _LOADPARM_H */ |