summaryrefslogtreecommitdiffstats
path: root/lib/param/loadparm_server_role.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 17:47:29 +0000
commit4f5791ebd03eaec1c7da0865a383175b05102712 (patch)
tree8ce7b00f7a76baa386372422adebbe64510812d4 /lib/param/loadparm_server_role.c
parentInitial commit. (diff)
downloadsamba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz
samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'lib/param/loadparm_server_role.c')
-rw-r--r--lib/param/loadparm_server_role.c155
1 files changed, 155 insertions, 0 deletions
diff --git a/lib/param/loadparm_server_role.c b/lib/param/loadparm_server_role.c
new file mode 100644
index 0000000..a78d1ab
--- /dev/null
+++ b/lib/param/loadparm_server_role.c
@@ -0,0 +1,155 @@
+/*
+ Unix SMB/CIFS implementation.
+ Parameter loading functions
+ Copyright (C) Karl Auer 1993-1998
+
+ Largely re-written by Andrew Tridgell, September 1994
+
+ Copyright (C) Simo Sorce 2001
+ Copyright (C) Alexander Bokovoy 2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
+ Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
+ Copyright (C) Michael Adam 2008
+ Copyright (C) Andrew Bartlett 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+#include "includes.h"
+#include "lib/param/loadparm.h"
+#include "libds/common/roles.h"
+
+/*******************************************************************
+ Set the server type we will announce as via nmbd.
+********************************************************************/
+
+static const struct srv_role_tab {
+ uint32_t role;
+ const char *role_str;
+} srv_role_tab [] = {
+ { ROLE_STANDALONE, "ROLE_STANDALONE" },
+ { ROLE_DOMAIN_MEMBER, "ROLE_DOMAIN_MEMBER" },
+ { ROLE_DOMAIN_BDC, "ROLE_DOMAIN_BDC" },
+ { ROLE_DOMAIN_PDC, "ROLE_DOMAIN_PDC" },
+ { ROLE_ACTIVE_DIRECTORY_DC, "ROLE_ACTIVE_DIRECTORY_DC" },
+ { ROLE_IPA_DC, "ROLE_IPA_DC"},
+ { 0, NULL }
+};
+
+const char* server_role_str(uint32_t role)
+{
+ int i = 0;
+ for (i=0; srv_role_tab[i].role_str; i++) {
+ if (role == srv_role_tab[i].role) {
+ return srv_role_tab[i].role_str;
+ }
+ }
+ return NULL;
+}
+
+/**
+ * Set the server role based on security, domain logons and domain master
+ */
+int lp_find_server_role(int server_role, int security, int domain_logons, int domain_master)
+{
+ int role;
+
+ if (server_role != ROLE_AUTO) {
+ if (lp_is_security_and_server_role_valid(server_role, security)) {
+ return server_role;
+ }
+ }
+
+ /* If server_role is set to ROLE_AUTO, or conflicted with the
+ * chosen security setting, figure out the correct role */
+ role = ROLE_STANDALONE;
+
+ switch (security) {
+ case SEC_DOMAIN:
+ case SEC_ADS:
+ role = ROLE_DOMAIN_MEMBER;
+ break;
+ case SEC_AUTO:
+ case SEC_USER:
+ if (domain_logons) {
+
+ if (domain_master) {
+ role = ROLE_DOMAIN_PDC;
+ } else {
+ role = ROLE_DOMAIN_BDC;
+ }
+ }
+ break;
+ default:
+ DEBUG(0, ("Server's Role undefined due to unknown security mode\n"));
+ break;
+ }
+
+ return role;
+}
+
+/**
+ * Set the server role based on security, domain logons and domain master
+ */
+int lp_find_security(int server_role, int security)
+{
+ if (security != SEC_AUTO) {
+ return security;
+ }
+
+ switch (server_role) {
+ case ROLE_DOMAIN_MEMBER:
+ return SEC_ADS;
+ default:
+ return SEC_USER;
+ }
+}
+
+
+/**
+ * Check if server role and security parameters are contradictory
+ */
+bool lp_is_security_and_server_role_valid(int server_role, int security)
+{
+ bool valid = false;
+
+ if (security == SEC_AUTO) {
+ return true;
+ }
+
+ switch (server_role) {
+ case ROLE_AUTO:
+ valid = true;
+ break;
+ case ROLE_DOMAIN_MEMBER:
+ if (security == SEC_ADS || security == SEC_DOMAIN) {
+ valid = true;
+ }
+ break;
+
+ case ROLE_STANDALONE:
+ case ROLE_DOMAIN_PDC:
+ case ROLE_DOMAIN_BDC:
+ case ROLE_ACTIVE_DIRECTORY_DC:
+ case ROLE_IPA_DC:
+ if (security == SEC_USER) {
+ valid = true;
+ }
+ break;
+
+ default:
+ break;
+ }
+
+ return valid;
+}