source: vendor/current/lib/param/param_table.c

Last change on this file was 988, checked in by Silvan Scherrer, 9 years ago

Samba Server: update vendor to version 4.4.3
File size: 9.0 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
5
6 Largely re-written by Andrew Tridgell, September 1994
7
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
15
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
20
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
25
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
28*/
29
30#include "includes.h"
31#include "lib/param/param.h"
32#include "lib/param/loadparm.h"
33#include "lib/param/param_global.h"
34#include "libcli/smb/smb_constants.h"
35#include "libds/common/roles.h"
36#include "source4/lib/tls/tls.h"
37
38#ifndef N_
39#define N_(x) x
40#endif
41
42static const struct enum_list enum_protocol[] = {
43 {PROTOCOL_DEFAULT, "default"}, /* the caller decides what this means */
44 {PROTOCOL_SMB2_10, "SMB2"}, /* for now keep PROTOCOL_SMB2_10 */
45 {PROTOCOL_SMB3_11, "SMB3"}, /* for now keep PROTOCOL_SMB3_11 */
46 {PROTOCOL_SMB3_11, "SMB3_11"},
47 {PROTOCOL_SMB3_10, "SMB3_10"},
48 {PROTOCOL_SMB3_02, "SMB3_02"},
49 {PROTOCOL_SMB3_00, "SMB3_00"},
50 {PROTOCOL_SMB2_24, "SMB2_24"},
51 {PROTOCOL_SMB2_22, "SMB2_22"},
52 {PROTOCOL_SMB2_10, "SMB2_10"},
53 {PROTOCOL_SMB2_02, "SMB2_02"},
54 {PROTOCOL_NT1, "NT1"},
55 {PROTOCOL_LANMAN2, "LANMAN2"},
56 {PROTOCOL_LANMAN1, "LANMAN1"},
57 {PROTOCOL_CORE, "CORE"},
58 {PROTOCOL_COREPLUS, "COREPLUS"},
59 {PROTOCOL_COREPLUS, "CORE+"},
60 {-1, NULL}
61};
62
63static const struct enum_list enum_security[] = {
64 {SEC_AUTO, "AUTO"},
65 {SEC_USER, "USER"},
66 {SEC_DOMAIN, "DOMAIN"},
67 {SEC_ADS, "ADS"},
68 {-1, NULL}
69};
70
71static const struct enum_list enum_bool_auto[] = {
72 {false, "No"},
73 {false, "False"},
74 {false, "0"},
75 {true, "Yes"},
76 {true, "True"},
77 {true, "1"},
78 {Auto, "Auto"},
79 {-1, NULL}
80};
81
82static const struct enum_list enum_csc_policy[] = {
83 {CSC_POLICY_MANUAL, "manual"},
84 {CSC_POLICY_DOCUMENTS, "documents"},
85 {CSC_POLICY_PROGRAMS, "programs"},
86 {CSC_POLICY_DISABLE, "disable"},
87 {-1, NULL}
88};
89
90/* Server role options */
91static const struct enum_list enum_server_role[] = {
92 {ROLE_AUTO, "auto"},
93 {ROLE_STANDALONE, "standalone server"},
94 {ROLE_STANDALONE, "standalone"},
95 {ROLE_DOMAIN_MEMBER, "member server"},
96 {ROLE_DOMAIN_MEMBER, "member"},
97 {ROLE_DOMAIN_PDC, "classic primary domain controller"},
98 {ROLE_DOMAIN_BDC, "classic backup domain controller"},
99 {ROLE_ACTIVE_DIRECTORY_DC, "active directory domain controller"},
100 {ROLE_ACTIVE_DIRECTORY_DC, "domain controller"},
101 {ROLE_ACTIVE_DIRECTORY_DC, "dc"},
102 {-1, NULL}
103};
104
105/* SMB signing types. */
106static const struct enum_list enum_smb_signing_vals[] = {
107 {SMB_SIGNING_DEFAULT, "default"},
108 {SMB_SIGNING_OFF, "No"},
109 {SMB_SIGNING_OFF, "False"},
110 {SMB_SIGNING_OFF, "0"},
111 {SMB_SIGNING_OFF, "Off"},
112 {SMB_SIGNING_OFF, "disabled"},
113 {SMB_SIGNING_IF_REQUIRED, "if_required"},
114 {SMB_SIGNING_IF_REQUIRED, "Yes"},
115 {SMB_SIGNING_IF_REQUIRED, "True"},
116 {SMB_SIGNING_IF_REQUIRED, "1"},
117 {SMB_SIGNING_IF_REQUIRED, "On"},
118 {SMB_SIGNING_IF_REQUIRED, "enabled"},
119 {SMB_SIGNING_IF_REQUIRED, "auto"},
120 {SMB_SIGNING_DESIRED, "desired"},
121 {SMB_SIGNING_REQUIRED, "required"},
122 {SMB_SIGNING_REQUIRED, "mandatory"},
123 {SMB_SIGNING_REQUIRED, "force"},
124 {SMB_SIGNING_REQUIRED, "forced"},
125 {SMB_SIGNING_REQUIRED, "enforced"},
126 {-1, NULL}
127};
128
129static const struct enum_list enum_tls_verify_peer_vals[] = {
130 {TLS_VERIFY_PEER_NO_CHECK,
131 TLS_VERIFY_PEER_NO_CHECK_STRING},
132 {TLS_VERIFY_PEER_CA_ONLY,
133 TLS_VERIFY_PEER_CA_ONLY_STRING},
134 {TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE,
135 TLS_VERIFY_PEER_CA_AND_NAME_IF_AVAILABLE_STRING},
136 {TLS_VERIFY_PEER_CA_AND_NAME,
137 TLS_VERIFY_PEER_CA_AND_NAME_STRING},
138 {TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE,
139 TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE_STRING},
140 {-1, NULL}
141};
142
143/* DNS update options. */
144static const struct enum_list enum_dns_update_settings[] = {
145 {DNS_UPDATE_OFF, "disabled"},
146 {DNS_UPDATE_OFF, "No"},
147 {DNS_UPDATE_OFF, "False"},
148 {DNS_UPDATE_OFF, "0"},
149 {DNS_UPDATE_OFF, "Off"},
150 {DNS_UPDATE_ON, "nonsecure and secure"},
151 {DNS_UPDATE_ON, "nonsecure"},
152 {DNS_UPDATE_SIGNED, "secure only"},
153 {DNS_UPDATE_SIGNED, "secure"},
154 {DNS_UPDATE_SIGNED, "signed"},
155 {-1, NULL}
156};
157
158/*
159 Do you want session setups at user level security with a invalid
160 password to be rejected or allowed in as guest? WinNT rejects them
161 but it can be a pain as it means "net view" needs to use a password
162
163 You have 3 choices in the setting of map_to_guest:
164
165 "Never" means session setups with an invalid password
166 are rejected. This is the default.
167
168 "Bad User" means session setups with an invalid password
169 are rejected, unless the username does not exist, in which case it
170 is treated as a guest login
171
172 "Bad Password" means session setups with an invalid password
173 are treated as a guest login
174
175 Note that map_to_guest only has an effect in user or server
176 level security.
177*/
178
179static const struct enum_list enum_map_to_guest[] = {
180 {NEVER_MAP_TO_GUEST, "Never"},
181 {MAP_TO_GUEST_ON_BAD_USER, "Bad User"},
182 {MAP_TO_GUEST_ON_BAD_PASSWORD, "Bad Password"},
183 {MAP_TO_GUEST_ON_BAD_UID, "Bad Uid"},
184 {-1, NULL}
185};
186
187/* Config backend options */
188
189static const struct enum_list enum_config_backend[] = {
190 {CONFIG_BACKEND_FILE, "file"},
191 {CONFIG_BACKEND_REGISTRY, "registry"},
192 {-1, NULL}
193};
194
195static const struct enum_list enum_smbd_profiling_level[] = {
196 {0, "off"}, {1, "count"}, {2, "on"}, {-1, NULL}
197};
198
199
200/* ADS kerberos ticket verification options */
201
202static const struct enum_list enum_kerberos_method[] = {
203 {KERBEROS_VERIFY_SECRETS, "default"},
204 {KERBEROS_VERIFY_SECRETS, "secrets only"},
205 {KERBEROS_VERIFY_SYSTEM_KEYTAB, "system keytab"},
206 {KERBEROS_VERIFY_DEDICATED_KEYTAB, "dedicated keytab"},
207 {KERBEROS_VERIFY_SECRETS_AND_KEYTAB, "secrets and keytab"},
208 {-1, NULL}
209};
210
211static const struct enum_list enum_printing[] = {
212 {PRINT_SYSV, "sysv"},
213 {PRINT_AIX, "aix"},
214 {PRINT_HPUX, "hpux"},
215 {PRINT_BSD, "bsd"},
216 {PRINT_QNX, "qnx"},
217 {PRINT_PLP, "plp"},
218 {PRINT_LPRNG, "lprng"},
219#ifdef HAVE_CUPS
220 {PRINT_CUPS, "cups"},
221#endif
222#ifdef HAVE_IPRINT
223 {PRINT_IPRINT, "iprint"},
224#endif
225 {PRINT_LPRNT, "nt"},
226 {PRINT_LPROS2, "os2"},
227#if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
228 {PRINT_TEST, "test"},
229 {PRINT_VLP, "vlp"},
230#endif /* DEVELOPER */
231 {-1, NULL}
232};
233
234static const struct enum_list enum_ldap_sasl_wrapping[] = {
235 {0, "plain"},
236 {ADS_AUTH_SASL_SIGN, "sign"},
237 {ADS_AUTH_SASL_SEAL, "seal"},
238 {-1, NULL}
239};
240
241static const struct enum_list enum_ldap_server_require_strong_auth_vals[] = {
242 { LDAP_SERVER_REQUIRE_STRONG_AUTH_NO, "No" },
243 { LDAP_SERVER_REQUIRE_STRONG_AUTH_NO, "False" },
244 { LDAP_SERVER_REQUIRE_STRONG_AUTH_NO, "0" },
245 { LDAP_SERVER_REQUIRE_STRONG_AUTH_ALLOW_SASL_OVER_TLS,
246 "allow_sasl_over_tls" },
247 { LDAP_SERVER_REQUIRE_STRONG_AUTH_YES, "Yes" },
248 { LDAP_SERVER_REQUIRE_STRONG_AUTH_YES, "True" },
249 { LDAP_SERVER_REQUIRE_STRONG_AUTH_YES, "1" },
250 {-1, NULL}
251};
252
253static const struct enum_list enum_ldap_ssl[] = {
254 {LDAP_SSL_OFF, "no"},
255 {LDAP_SSL_OFF, "off"},
256 {LDAP_SSL_START_TLS, "start tls"},
257 {LDAP_SSL_START_TLS, "start_tls"},
258 {-1, NULL}
259};
260
261/* LDAP Dereferencing Alias types */
262#define SAMBA_LDAP_DEREF_NEVER 0
263#define SAMBA_LDAP_DEREF_SEARCHING 1
264#define SAMBA_LDAP_DEREF_FINDING 2
265#define SAMBA_LDAP_DEREF_ALWAYS 3
266
267static const struct enum_list enum_ldap_deref[] = {
268 {SAMBA_LDAP_DEREF_NEVER, "never"},
269 {SAMBA_LDAP_DEREF_SEARCHING, "searching"},
270 {SAMBA_LDAP_DEREF_FINDING, "finding"},
271 {SAMBA_LDAP_DEREF_ALWAYS, "always"},
272 {-1, "auto"}
273};
274
275static const struct enum_list enum_ldap_passwd_sync[] = {
276 {LDAP_PASSWD_SYNC_OFF, "no"},
277 {LDAP_PASSWD_SYNC_OFF, "off"},
278 {LDAP_PASSWD_SYNC_ON, "yes"},
279 {LDAP_PASSWD_SYNC_ON, "on"},
280 {LDAP_PASSWD_SYNC_ONLY, "only"},
281 {-1, NULL}
282};
283
284static const struct enum_list enum_map_readonly[] = {
285 {MAP_READONLY_NO, "no"},
286 {MAP_READONLY_NO, "false"},
287 {MAP_READONLY_NO, "0"},
288 {MAP_READONLY_YES, "yes"},
289 {MAP_READONLY_YES, "true"},
290 {MAP_READONLY_YES, "1"},
291 {MAP_READONLY_PERMISSIONS, "permissions"},
292 {MAP_READONLY_PERMISSIONS, "perms"},
293 {-1, NULL}
294};
295
296static const struct enum_list enum_case[] = {
297 {CASE_LOWER, "lower"},
298 {CASE_UPPER, "upper"},
299 {-1, NULL}
300};
301
302
303/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
304 *
305 * NOTE: Handling of duplicated (synonym) parameters:
306 * Parameters that are synonymous are stored in the same variable.
307 * All but the default spelling carry the flag FLAG_SYNONYM.
308 */
309
310#define GLOBAL_VAR(name) offsetof(struct loadparm_global, name)
311#define LOCAL_VAR(name) offsetof(struct loadparm_service, name)
312
313#include "lib/param/param_table_gen.c"
314
315int num_parameters(void)
316{
317 return (sizeof(parm_table) / sizeof(struct parm_struct));
318}
Note: See TracBrowser for help on using the repository browser.