summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-10-18 08:41:46 +1100
committerAndrew Bartlett <abartlet@samba.org>2011-10-18 13:13:30 +1100
commit734e5c521cb06a91e708226e0eb6d003175958c2 (patch)
treeed4441c4f533511d3af524d3ff80e39e64075b17
parentf8c6219188fa4ce39a35a8f192c649a6aa9c7ec1 (diff)
downloadsamba-734e5c521cb06a91e708226e0eb6d003175958c2.tar.gz
samba-734e5c521cb06a91e708226e0eb6d003175958c2.tar.bz2
samba-734e5c521cb06a91e708226e0eb6d003175958c2.zip
credentials: Prioritise command-line specified options above defaults from smb.conf
If a user specified -W or --realm on the command line, then this is of level SPECIFIED, not UNINITIALISED, despite it going via the loadparm system. This helps us to ensure that -W server -Ulocaluser is parsed the same as -Userver\localuser. This matters as otherwise we might instead attempt to use kerberos to the realm from the smb.conf. Andrew Bartlett
-rw-r--r--auth/credentials/credentials.c18
-rw-r--r--lib/param/loadparm.c21
-rw-r--r--lib/param/param.h1
3 files changed, 37 insertions, 3 deletions
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index ee60220ec7..3eaccde25e 100644
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -681,9 +681,21 @@ _PUBLIC_ void cli_credentials_set_conf(struct cli_credentials *cred,
struct loadparm_context *lp_ctx)
{
cli_credentials_set_username(cred, "", CRED_UNINITIALISED);
- cli_credentials_set_domain(cred, lpcfg_workgroup(lp_ctx), CRED_UNINITIALISED);
- cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_UNINITIALISED);
- cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_UNINITIALISED);
+ if (lpcfg_parm_is_cmdline(lp_ctx, "workgroup")) {
+ cli_credentials_set_domain(cred, lpcfg_workgroup(lp_ctx), CRED_SPECIFIED);
+ } else {
+ cli_credentials_set_domain(cred, lpcfg_workgroup(lp_ctx), CRED_UNINITIALISED);
+ }
+ if (lpcfg_parm_is_cmdline(lp_ctx, "netbios name")) {
+ cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_SPECIFIED);
+ } else {
+ cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_UNINITIALISED);
+ }
+ if (lpcfg_parm_is_cmdline(lp_ctx, "realm")) {
+ cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_SPECIFIED);
+ } else {
+ cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_UNINITIALISED);
+ }
}
/**
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index c130a198df..e2dde453f8 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2087,6 +2087,27 @@ void *lpcfg_parm_ptr(struct loadparm_context *lp_ctx,
}
/**
+ return the parameter pointer for a parameter
+*/
+bool lpcfg_parm_is_cmdline(struct loadparm_context *lp_ctx, const char *name)
+{
+ int parmnum;
+
+ if (lp_ctx->s3_fns) {
+ struct parm_struct *parm = lp_ctx->s3_fns->get_parm_struct(name);
+ if (parm) {
+ return parm->flags & FLAG_CMDLINE;
+ }
+ return false;
+ }
+
+ parmnum = map_parameter(name);
+ if (parmnum == -1) return false;
+
+ return lp_ctx->flags[parmnum] & FLAG_CMDLINE;
+}
+
+/**
* Find a service by name. Otherwise works like get_service.
*/
diff --git a/lib/param/param.h b/lib/param/param.h
index c54f9cbab6..f6823859d8 100644
--- a/lib/param/param.h
+++ b/lib/param/param.h
@@ -111,6 +111,7 @@ bool lpcfg_add_printer(struct loadparm_context *lp_ctx,
struct parm_struct *lpcfg_parm_struct(struct loadparm_context *lp_ctx, const char *name);
void *lpcfg_parm_ptr(struct loadparm_context *lp_ctx,
struct loadparm_service *service, struct parm_struct *parm);
+bool lpcfg_parm_is_cmdline(struct loadparm_context *lp_ctx, const char *name);
bool lpcfg_file_list_changed(struct loadparm_context *lp_ctx);
bool lpcfg_do_global_parameter(struct loadparm_context *lp_ctx,