From bca24a19ebfc8943b46fdb900418e396aef96aa4 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 19 Aug 2004 12:16:48 +0000
Subject: r1911: merge a few popt parameters from 3.0 move some to better
 places and deal with users DOMAIN and lp_workgroup() of the local workstation

metze
(This used to be commit 1fc0100e44a8640cfc15effb99f5824cb7817da8)
---
 source4/client/client.c           | 18 ++++----
 source4/include/popt_common.h     |  5 ++-
 source4/lib/cmdline/popt_common.c | 94 ++++++++++++++++++++++++++++++++-------
 3 files changed, 90 insertions(+), 27 deletions(-)

(limited to 'source4')

diff --git a/source4/client/client.c b/source4/client/client.c
index 928a331b0c..9f54f08ce5 100644
--- a/source4/client/client.c
+++ b/source4/client/client.c
@@ -34,6 +34,7 @@ static pstring cd_path = "";
 static pstring service;
 static pstring desthost;
 static pstring username;
+static pstring domain;
 static pstring password;
 static BOOL use_kerberos;
 static BOOL got_pass;
@@ -2260,7 +2261,7 @@ static BOOL browse_host(const char *query_host)
 	status = dcerpc_pipe_connect(&p, binding, 
 				     DCERPC_SRVSVC_UUID, 
 				     DCERPC_SRVSVC_VERSION,
-				     lp_workgroup(), 
+				     domain, 
 				     username, password);
 	if (!NT_STATUS_IS_OK(status)) {
 		d_printf("Failed to connect to %s - %s\n", 
@@ -2803,7 +2804,7 @@ static struct smbcli_state *do_connect(const char *server, const char *share)
 		}
 	}
 
-	status = smbcli_session_setup(c, username, password, lp_workgroup());
+	status = smbcli_session_setup(c, username, password, domain);
 	if (NT_STATUS_IS_ERR(status)) {
 		d_printf("authenticated session setup failed: %s\n", nt_errstr(status));
 		/* if a password was not supplied then try again with a null username */
@@ -2962,13 +2963,11 @@ static void remember_query_host(const char *arg,
 	struct poptOption long_options[] = {
 		POPT_AUTOHELP
 
-		{ "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" },
 		{ "message", 'M', POPT_ARG_STRING, NULL, 'M', "Send message", "HOST" },
 		{ "ip-address", 'I', POPT_ARG_STRING, NULL, 'I', "Use this IP to connect to", "IP" },
 		{ "stderr", 'E', POPT_ARG_NONE, NULL, 'E', "Write messages to stderr instead of stdout" },
 		{ "list", 'L', POPT_ARG_STRING, NULL, 'L', "Get a list of shares available on a host", "HOST" },
 		{ "terminal", 't', POPT_ARG_STRING, NULL, 't', "Terminal I/O code {sjis|euc|jis7|jis8|junet|hex}", "CODE" },
-		{ "max-protocol", 'm', POPT_ARG_STRING, NULL, 'm', "Set the max protocol level", "LEVEL" },
 		{ "tar", 'T', POPT_ARG_STRING, NULL, 'T', "Command line tar", "<c|x>IXFqgbNan" },
 		{ "directory", 'D', POPT_ARG_STRING, NULL, 'D', "Start from directory", "DIR" },
 		{ "command", 'c', POPT_ARG_STRING, &cmdstr, 'c', "Execute semicolon separated commands" }, 
@@ -3032,12 +3031,6 @@ static void remember_query_host(const char *arg,
 		case 't':
 			pstrcpy(term_code, poptGetOptArg(pc));
 			break;
-		case 'm':
-			lp_set_cmdline("max protocol", poptGetOptArg(pc));
-			break;
-		case 'R':
-			lp_set_cmdline("name resolve order", poptGetOptArg(pc));
-			break;
 		case 'T':
 			if (!tar_parseargs(argc, argv, poptGetOptArg(pc), optind)) {
 				poptPrintUsage(pc, stderr, 0);
@@ -3082,6 +3075,11 @@ static void remember_query_host(const char *arg,
 	poptFreeContext(pc);
 
 	pstrcpy(username, cmdline_auth_info.username);
+	if (cmdline_auth_info.domain[0]) {
+		pstrcpy(domain, cmdline_auth_info.domain);
+	} else {
+		pstrcpy(domain, lp_workgroup());
+	}
 	pstrcpy(password, cmdline_auth_info.password);
 	use_kerberos = cmdline_auth_info.use_kerberos;
 	got_pass = cmdline_auth_info.got_pass;
diff --git a/source4/include/popt_common.h b/source4/include/popt_common.h
index 201245cc3a..e41b1a2cf4 100644
--- a/source4/include/popt_common.h
+++ b/source4/include/popt_common.h
@@ -38,13 +38,14 @@ extern struct poptOption popt_common_credentials[];
 #define POPT_COMMON_VERSION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_version, 0, "Common samba options:", NULL },
 #define POPT_COMMON_CREDENTIALS { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_credentials, 0, "Authentication options:", NULL },
 
-struct user_auth_info {
+struct cmdline_auth_info {
 	pstring username;
 	pstring password;
+	pstring domain;
 	BOOL got_pass;
 	BOOL use_kerberos;
 };
 
-extern struct user_auth_info cmdline_auth_info;
+extern struct cmdline_auth_info cmdline_auth_info;
 
 #endif /* _POPT_COMMON_H */
diff --git a/source4/lib/cmdline/popt_common.c b/source4/lib/cmdline/popt_common.c
index f659468561..ef75d7be1f 100644
--- a/source4/lib/cmdline/popt_common.c
+++ b/source4/lib/cmdline/popt_common.c
@@ -33,10 +33,7 @@
  *		-i,--scope
  */
 
-extern pstring user_socket_options;
-extern BOOL AllowDebugChange;
-
-struct user_auth_info cmdline_auth_info;
+struct cmdline_auth_info cmdline_auth_info;
 
 static void popt_common_callback(poptContext con, 
 			   enum poptCallbackReason reason,
@@ -70,6 +67,12 @@ static void popt_common_callback(poptContext con,
 		exit(0);
 		break;
 
+	case 'O':
+		if (arg) {
+			lp_set_cmdline("socket options", arg);
+		}
+		break;
+
 	case 's':
 		if (arg) {
 			pstrcpy(dyn_CONFIGFILE, arg);
@@ -98,13 +101,17 @@ static void popt_common_callback(poptContext con,
 	case 'm':
 		lp_set_cmdline("max protocol", arg);
 		break;
+
+	case 'R':
+		lp_set_cmdline("name resolve order", arg);
+		break;
 	}
 }
 
 struct poptOption popt_common_connection[] = {
 	{ NULL, 0, POPT_ARG_CALLBACK, popt_common_callback },
-	{ "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use",
-	  "SOCKETOPTIONS" },
+	{ "name-resolve", 'R', POPT_ARG_STRING, NULL, 'R', "Use these name resolution services only", "NAME-RESOLVE-ORDER" },
+	{ "socket-options", 'O', POPT_ARG_STRING, NULL, 'O', "socket options to use", "SOCKETOPTIONS" },
 	{ "netbiosname", 'n', POPT_ARG_STRING, NULL, 'n', "Primary netbios name", "NETBIOSNAME" },
 	{ "workgroup", 'W', POPT_ARG_STRING, NULL, 'W', "Set the workgroup name", "WORKGROUP" },
 	{ "scope", 'i', POPT_ARG_STRING, NULL, 'i', "Use this Netbios scope", "SCOPE" },
@@ -117,7 +124,6 @@ struct poptOption popt_common_samba[] = {
 	{ "debuglevel", 'd', POPT_ARG_STRING, NULL, 'd', "Set debug level", "DEBUGLEVEL" },
 	{ "configfile", 's', POPT_ARG_STRING, NULL, 's', "Use alternative configuration file", "CONFIGFILE" },
 	{ "log-basename", 'l', POPT_ARG_STRING, NULL, 'l', "Basename for log/debug files", "LOGFILEBASE" },
-	{ "version", 'V', POPT_ARG_NONE, NULL, 'V', "Print version" },
 	POPT_TABLEEND
 };
 
@@ -133,7 +139,7 @@ struct poptOption popt_common_version[] = {
  * get a password from a a file or file descriptor
  * exit on failure
  * ****************************************************************************/
-static void get_password_file(struct user_auth_info *a)
+static void get_password_file(struct cmdline_auth_info *a)
 {
 	int fd = -1;
 	char *p;
@@ -187,7 +193,7 @@ static void get_password_file(struct user_auth_info *a)
 		close(fd);
 }
 
-static void get_credentials_file(const char *file, struct user_auth_info *info) 
+static void get_credentials_file(const char *file, struct cmdline_auth_info *info) 
 {
 	XFILE *auth;
 	fstring buf;
@@ -236,10 +242,8 @@ static void get_credentials_file(const char *file, struct user_auth_info *info)
 		}
 		else if (strwicmp("username", param) == 0)
 			pstrcpy(info->username, val);
-#if 0
 		else if (strwicmp("domain", param) == 0)
-			set_global_myworkgroup(val);
-#endif
+			pstrcpy(info->domain,val);
 		memset(buf, 0, sizeof(buf));
 	}
 	x_fclose(auth);
@@ -250,13 +254,15 @@ static void get_credentials_file(const char *file, struct user_auth_info *info)
  *		-A,--authentication-file
  *		-k,--use-kerberos
  *		-N,--no-pass
+ *		-S,--signing
+ *              -P --machine-pass
  */
 
 
 static void popt_common_credentials_callback(poptContext con, 
-											 enum poptCallbackReason reason,
-											 const struct poptOption *opt,
-											 const char *arg, const void *data)
+						enum poptCallbackReason reason,
+						const struct poptOption *opt,
+						const char *arg, const void *data)
 {
 	char *p;
 
@@ -268,8 +274,17 @@ static void popt_common_credentials_callback(poptContext con,
 		if (getenv("LOGNAME"))pstrcpy(cmdline_auth_info.username,getenv("LOGNAME"));
 
 		if (getenv("USER")) {
+			pstring tmp;
+
 			pstrcpy(cmdline_auth_info.username,getenv("USER"));
 
+			pstrcpy(tmp,cmdline_auth_info.username);
+			if ((p = strchr_m(tmp,'\\'))) {
+				*p = 0;
+				pstrcpy(cmdline_auth_info.domain,tmp);
+				pstrcpy(cmdline_auth_info.username,p+1);
+			}
+
 			if ((p = strchr_m(cmdline_auth_info.username,'%'))) {
 				*p = 0;
 				pstrcpy(cmdline_auth_info.password,p+1);
@@ -278,6 +293,10 @@ static void popt_common_credentials_callback(poptContext con,
 			}
 		}
 
+		if (getenv("DOMAIN")) {
+			pstrcpy(cmdline_auth_info.domain,getenv("DOMAIN"));
+		}
+
 		if (getenv("PASSWD")) {
 			pstrcpy(cmdline_auth_info.password,getenv("PASSWD"));
 			cmdline_auth_info.got_pass = True;
@@ -295,8 +314,17 @@ static void popt_common_credentials_callback(poptContext con,
 	case 'U':
 		{
 			char *lp;
+			pstring tmp;
 
 			pstrcpy(cmdline_auth_info.username,arg);
+
+			pstrcpy(tmp,cmdline_auth_info.username);
+			if ((p = strchr_m(tmp,'\\'))) {
+				*p = 0;
+				pstrcpy(cmdline_auth_info.domain,tmp);
+				pstrcpy(cmdline_auth_info.username,p+1);
+			}
+
 			if ((lp=strchr_m(cmdline_auth_info.username,'%'))) {
 				*lp = 0;
 				pstrcpy(cmdline_auth_info.password,lp+1);
@@ -319,6 +347,40 @@ static void popt_common_credentials_callback(poptContext con,
 		cmdline_auth_info.got_pass = True;
 #endif
 		break;
+
+	case 'S':
+		lp_set_cmdline("client signing", arg);
+		break;
+
+	case 'P':
+	        {
+			char *opt_password = NULL;
+			/* it is very useful to be able to make ads queries as the
+			   machine account for testing purposes and for domain leave */
+			
+			if (!secrets_init()) {
+				d_printf("ERROR: Unable to open secrets database\n");
+				exit(1);
+			}
+			
+			opt_password = secrets_fetch_machine_password(lp_workgroup());
+			
+			if (!opt_password) {
+				d_printf("ERROR: Unable to fetch machine password\n");
+				exit(1);
+			}
+			pstr_sprintf(cmdline_auth_info.username, "%s$", 
+				     lp_netbios_name());
+			pstrcpy(cmdline_auth_info.password,opt_password);
+			SAFE_FREE(opt_password);
+
+			pstrcpy(cmdline_auth_info.password, lp_workgroup());
+
+			/* machine accounts only work with kerberos */
+			cmdline_auth_info.use_kerberos = True;
+			cmdline_auth_info.got_pass = True;
+		}
+		break;
 	}
 }
 
@@ -330,5 +392,7 @@ struct poptOption popt_common_credentials[] = {
 	{ "no-pass", 'N', POPT_ARG_NONE, &cmdline_auth_info.got_pass, True, "Don't ask for a password" },
 	{ "kerberos", 'k', POPT_ARG_NONE, &cmdline_auth_info.use_kerberos, True, "Use kerberos (active directory) authentication" },
 	{ "authentication-file", 'A', POPT_ARG_STRING, NULL, 'A', "Get the credentials from a file", "FILE" },
+	{ "signing", 'S', POPT_ARG_STRING, NULL, 'S', "Set the client signing state", "on|off|required" },
+	{ "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password" },
 	POPT_TABLEEND
 };
-- 
cgit