diff options
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/include/proto.h | 6 | ||||
-rw-r--r-- | source3/param/loadparm.c | 84 | ||||
-rw-r--r-- | source3/param/loadparm_server_role.c | 111 |
4 files changed, 117 insertions, 86 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index b8c13cadbe..5ce77dd851 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -426,7 +426,7 @@ READLINE_OBJ = lib/readline.o # Be sure to include them into your application POPT_LIB_OBJ = lib/popt_common.o -PARAM_WITHOUT_REG_OBJ = dynconfig.o param/loadparm.o param/util.o lib/sharesec.o lib/ldap_debug_handler.o +PARAM_WITHOUT_REG_OBJ = dynconfig.o param/loadparm.o param/loadparm_server_role.o param/util.o lib/sharesec.o lib/ldap_debug_handler.o PARAM_REG_ADD_OBJ = $(REG_SMBCONF_OBJ) $(LIBSMBCONF_OBJ) $(PRIVILEGES_BASIC_OBJ) PARAM_OBJ = $(PARAM_WITHOUT_REG_OBJ) $(PARAM_REG_ADD_OBJ) diff --git a/source3/include/proto.h b/source3/include/proto.h index 7af8035126..240c95f3a0 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4281,7 +4281,6 @@ struct share_params *next_share(struct share_iterator *list); struct share_params *next_printer(struct share_iterator *list); struct share_params *snum2params_static(int snum); const char *volume_label(int snum); -int lp_server_role(void); bool lp_domain_master(void); bool lp_domain_master_true_or_auto(void); bool lp_preferred_master(void); @@ -4311,6 +4310,11 @@ char* lp_perfcount_module(void); void lp_set_passdb_backend(const char *backend); void widelinks_warning(int snum); +/* The following definitions come from param/loadparm_server_role.c */ + +int lp_server_role(void); +void set_server_role(void); + /* The following definitions come from param/util.c */ uint32 get_int_param( const char* param ); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 09d89f5d7f..f65a9d50e9 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -675,7 +675,6 @@ static int *invalid_services = NULL; static int num_invalid_services = 0; static bool bInGlobalSection = True; static bool bGlobalOnly = False; -static int server_role; static int default_server_announce; #define NUMPARAMETERS (sizeof(parm_table) / sizeof(struct parm_struct)) @@ -694,7 +693,6 @@ static bool handle_charset( int snum, const char *pszParmValue, char **ptr ); static bool handle_printing( int snum, const char *pszParmValue, char **ptr); static bool handle_ldap_debug_level( int snum, const char *pszParmValue, char **ptr); -static void set_server_role(void); static void set_default_server_announce_type(void); static void set_allowed_client_auth(void); @@ -8413,79 +8411,6 @@ static void lp_save_defaults(void) defaults_saved = True; } -/******************************************************************* - Set the server type we will announce as via nmbd. -********************************************************************/ - -static const struct srv_role_tab { - uint32 role; - const char *role_str; -} srv_role_tab [] = { - { ROLE_STANDALONE, "ROLE_STANDALONE" }, - { ROLE_DOMAIN_MEMBER, "ROLE_DOMAIN_MEMBER" }, - { ROLE_DOMAIN_BDC, "ROLE_DOMAIN_BDC" }, - { ROLE_DOMAIN_PDC, "ROLE_DOMAIN_PDC" }, - { 0, NULL } -}; - -const char* server_role_str(uint32 role) -{ - int i = 0; - for (i=0; srv_role_tab[i].role_str; i++) { - if (role == srv_role_tab[i].role) { - return srv_role_tab[i].role_str; - } - } - return NULL; -} - -static void set_server_role(void) -{ - server_role = ROLE_STANDALONE; - - switch (lp_security()) { - case SEC_SHARE: - if (lp_domain_logons()) - DEBUG(0, ("Server's Role (logon server) conflicts with share-level security\n")); - break; - case SEC_SERVER: - if (lp_domain_logons()) - DEBUG(0, ("Server's Role (logon server) conflicts with server-level security\n")); - /* this used to be considered ROLE_DOMAIN_MEMBER but that's just wrong */ - server_role = ROLE_STANDALONE; - break; - case SEC_DOMAIN: - if (lp_domain_logons()) { - DEBUG(1, ("Server's Role (logon server) NOT ADVISED with domain-level security\n")); - server_role = ROLE_DOMAIN_BDC; - break; - } - server_role = ROLE_DOMAIN_MEMBER; - break; - case SEC_ADS: - if (lp_domain_logons()) { - server_role = ROLE_DOMAIN_PDC; - break; - } - server_role = ROLE_DOMAIN_MEMBER; - break; - case SEC_USER: - if (lp_domain_logons()) { - - if (Globals.iDomainMaster) /* auto or yes */ - server_role = ROLE_DOMAIN_PDC; - else - server_role = ROLE_DOMAIN_BDC; - } - break; - default: - DEBUG(0, ("Server's Role undefined due to unknown security mode\n")); - break; - } - - DEBUG(10, ("set_server_role: role = %s\n", server_role_str(server_role))); -} - /*********************************************************** If we should send plaintext/LANMAN passwords in the clinet ************************************************************/ @@ -9670,15 +9595,6 @@ static void set_default_server_announce_type(void) } /*********************************************************** - returns role of Samba server -************************************************************/ - -int lp_server_role(void) -{ - return server_role; -} - -/*********************************************************** If we are PDC then prefer us as DMB ************************************************************/ diff --git a/source3/param/loadparm_server_role.c b/source3/param/loadparm_server_role.c new file mode 100644 index 0000000000..3cc8f35a19 --- /dev/null +++ b/source3/param/loadparm_server_role.c @@ -0,0 +1,111 @@ +/* + Unix SMB/CIFS implementation. + Parameter loading functions + Copyright (C) Karl Auer 1993-1998 + + Largely re-written by Andrew Tridgell, September 1994 + + Copyright (C) Simo Sorce 2001 + Copyright (C) Alexander Bokovoy 2002 + Copyright (C) Stefan (metze) Metzmacher 2002 + Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003 + Copyright (C) Michael Adam 2008 + Copyright (C) Andrew Bartlett 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ +#include "includes.h" + +/******************************************************************* + Set the server type we will announce as via nmbd. +********************************************************************/ +static int server_role; + +static const struct srv_role_tab { + uint32 role; + const char *role_str; +} srv_role_tab [] = { + { ROLE_STANDALONE, "ROLE_STANDALONE" }, + { ROLE_DOMAIN_MEMBER, "ROLE_DOMAIN_MEMBER" }, + { ROLE_DOMAIN_BDC, "ROLE_DOMAIN_BDC" }, + { ROLE_DOMAIN_PDC, "ROLE_DOMAIN_PDC" }, + { 0, NULL } +}; + +const char* server_role_str(uint32 role) +{ + int i = 0; + for (i=0; srv_role_tab[i].role_str; i++) { + if (role == srv_role_tab[i].role) { + return srv_role_tab[i].role_str; + } + } + return NULL; +} + +void set_server_role(void) +{ + server_role = ROLE_STANDALONE; + + switch (lp_security()) { + case SEC_SHARE: + if (lp_domain_logons()) + DEBUG(0, ("Server's Role (logon server) conflicts with share-level security\n")); + break; + case SEC_SERVER: + if (lp_domain_logons()) + DEBUG(0, ("Server's Role (logon server) conflicts with server-level security\n")); + /* this used to be considered ROLE_DOMAIN_MEMBER but that's just wrong */ + server_role = ROLE_STANDALONE; + break; + case SEC_DOMAIN: + if (lp_domain_logons()) { + DEBUG(1, ("Server's Role (logon server) NOT ADVISED with domain-level security\n")); + server_role = ROLE_DOMAIN_BDC; + break; + } + server_role = ROLE_DOMAIN_MEMBER; + break; + case SEC_ADS: + if (lp_domain_logons()) { + server_role = ROLE_DOMAIN_PDC; + break; + } + server_role = ROLE_DOMAIN_MEMBER; + break; + case SEC_USER: + if (lp_domain_logons()) { + + if (lp_domain_master_true_or_auto()) /* auto or yes */ + server_role = ROLE_DOMAIN_PDC; + else + server_role = ROLE_DOMAIN_BDC; + } + break; + default: + DEBUG(0, ("Server's Role undefined due to unknown security mode\n")); + break; + } + + DEBUG(10, ("set_server_role: role = %s\n", server_role_str(server_role))); +} + +/*********************************************************** + returns role of Samba server +************************************************************/ + +int lp_server_role(void) +{ + return server_role; +} |