summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2010-06-20 15:04:42 +0200
committerJelmer Vernooij <jelmer@samba.org>2010-06-20 15:04:42 +0200
commit7b32f65600988421dc8c825109e225612a3b6166 (patch)
tree0f1f2a272171a4fd3709885b60cb1dc40f88f3b7
parent5f3d5a3ad873feca66e118e020ed77189a7f2f9c (diff)
downloadsamba-7b32f65600988421dc8c825109e225612a3b6166.tar.gz
samba-7b32f65600988421dc8c825109e225612a3b6166.tar.bz2
samba-7b32f65600988421dc8c825109e225612a3b6166.zip
testparm: Check netbios name and workgroup characters and length.
-rw-r--r--source4/param/pyparam.c4
-rwxr-xr-xsource4/scripting/bin/testparm50
2 files changed, 38 insertions, 16 deletions
diff --git a/source4/param/pyparam.c b/source4/param/pyparam.c
index 53f19f6098..a648f65d4e 100644
--- a/source4/param/pyparam.c
+++ b/source4/param/pyparam.c
@@ -46,8 +46,8 @@ static PyObject *py_lp_ctx_get_helper(struct loadparm_context *lp_ctx, const cha
void *parm_ptr = NULL;
int i;
- if (service_name != NULL && !strwicmp(service_name, GLOBAL_NAME) &&
- !strwicmp(service_name, GLOBAL_NAME2)) {
+ if (service_name != NULL && strwicmp(service_name, GLOBAL_NAME) &&
+ strwicmp(service_name, GLOBAL_NAME2)) {
struct loadparm_service *service;
/* its a share parameter */
service = lp_service(lp_ctx, service_name);
diff --git a/source4/scripting/bin/testparm b/source4/scripting/bin/testparm
index c2f8bc853f..471d9e0295 100755
--- a/source4/scripting/bin/testparm
+++ b/source4/scripting/bin/testparm
@@ -49,6 +49,18 @@ from samba import getopt as options
def do_global_checks(lp, logger):
valid = True
+ netbios_name = lp.get("netbios name")
+ if not samba.valid_netbios_name(netbios_name):
+ logger.error("netbios name %s is not a valid netbios name",
+ netbios_name)
+ valid = False
+
+ workgroup = lp.get("workgroup")
+ if not samba.valid_netbios_name(workgroup):
+ logger.error("workgroup name %s is not a valid netbios name",
+ workgroup)
+ valid = False
+
lockdir = lp.get("lockdir")
if not os.path.isdir(lockdir):
@@ -64,11 +76,13 @@ def do_global_checks(lp, logger):
winbind_separator = lp.get("winbind separator")
if len(winbind_separator) != 1:
- logger.error("the 'winbind separator' parameter must be a single character.")
+ logger.error("the 'winbind separator' parameter must be a single "
+ "character.")
valid = False
if winbind_separator == '+':
- logger.error("'winbind separator = +' might cause problems with group membership.")
+ logger.error("'winbind separator = +' might cause problems with group "
+ "membership.")
valid = False
return valid
@@ -82,7 +96,10 @@ def do_share_checks(lp, logger):
valid = True
for s in lp.services():
if len(s) > 12:
- logger.warning("You have some share names that are longer than 12 characters. These may not be accessible to some older clients. (Eg. Windows9x, WindowsMe, and not listed in smbclient in Samba 3.0.)")
+ logger.warning("You have some share names that are longer than 12 "
+ "characters. These may not be accessible to some older "
+ "clients. (Eg. Windows9x, WindowsMe, and not listed in "
+ "smbclient in Samba 3.0.)")
break
for s in lp.services():
@@ -91,26 +108,28 @@ def do_share_checks(lp, logger):
if deny_list:
for entry in deny_list:
if "*" in entry or "?" in entry:
- logger.error("Invalid character (* or ?) in hosts deny list (%s) for service %s.", entry, s)
+ logger.error("Invalid character (* or ?) in hosts deny "
+ "list (%s) for service %s.", entry, s)
valid = False
if allow_list:
for entry in allow_list:
if "*" in entry or "?" in entry:
- logger.error("Invalid character (* or ?) in hosts allow list (%s) for service %s.", entry, s)
+ logger.error("Invalid character (* or ?) in hosts allow "
+ "list (%s) for service %s.", entry, s)
valid = False
return valid
def check_client_access(lp, cname, caddr):
# this is totally ugly, a real `quick' hack
for s in lp.services():
- if (allow_access(lp.get("hosts deny"), lp.get("hosts allow"), cname, caddr) and
- allow_access(lp.get("hosts deny", s), lp.get("hosts allow", s), cname, caddr)):
- logger.info("Allow connection from %s (%s) to %s",
- cname, caddr, s)
+ if (allow_access(lp.get("hosts deny"), lp.get("hosts allow"), cname,
+ caddr) and
+ allow_access(lp.get("hosts deny", s), lp.get("hosts allow", s),
+ cname, caddr)):
+ logger.info("Allow connection from %s (%s) to %s", cname, caddr, s)
else:
- logger.info("Deny connection from %s (%s) to %s",
- cname, caddr, s)
+ logger.info("Deny connection from %s (%s) to %s", cname, caddr, s)
if __name__ == '__main__':
@@ -120,7 +139,8 @@ if __name__ == '__main__':
parser.add_option("--parameter-name", type="string", metavar="PARAMETER",
help="Limit testparm to a named parameter")
parser.add_option("--client-name", type="string", metavar="HOSTNAME",
- help="Client DNS name for 'hosts allow' checking (should match reverse lookup)")
+ help="Client DNS name for 'hosts allow' checking "
+ "(should match reverse lookup)")
parser.add_option("--client-ip", type="string", metavar="IP",
help="Client IP address for 'hosts allow' checking")
parser.add_option("--suppress-prompt", action="store_true", default=False,
@@ -156,7 +176,8 @@ if __name__ == '__main__':
caddr = None
if cname is not None and caddr is None:
- print "ERROR: For 'hosts allow' check you must specify both a DNS name and an IP address.\n"
+ print "Both a DNS name and an IP address are required for the host " \
+ "access check."
sys.exit(1)
# FIXME: We need support for smb.conf macros before this will work again
@@ -183,7 +204,8 @@ if __name__ == '__main__':
else:
if opts.section_name is not None or opts.parameter_name is not None:
if opts.parameter_name is None:
- lp[opts.section_name].dump(sys.stdout, lp.default_service, opts.verbose)
+ lp[opts.section_name].dump(sys.stdout, lp.default_service,
+ opts.verbose)
else:
print lp.get(opts.parameter_name, opts.section_name)
else: