Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : Parameter loading functions
4 : Copyright (C) Karl Auer 1993-1998
5 :
6 : Largely re-written by Andrew Tridgell, September 1994
7 :
8 : Copyright (C) Simo Sorce 2001
9 : Copyright (C) Alexander Bokovoy 2002
10 : Copyright (C) Stefan (metze) Metzmacher 2002
11 : Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 : Copyright (C) Michael Adam 2008
13 : Copyright (C) Andrew Bartlett 2010
14 :
15 : This program is free software; you can redistribute it and/or modify
16 : it under the terms of the GNU General Public License as published by
17 : the Free Software Foundation; either version 3 of the License, or
18 : (at your option) any later version.
19 :
20 : This program is distributed in the hope that it will be useful,
21 : but WITHOUT ANY WARRANTY; without even the implied warranty of
22 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 : GNU General Public License for more details.
24 :
25 : You should have received a copy of the GNU General Public License
26 : along with this program. If not, see <http://www.gnu.org/licenses/>.
27 : */
28 : #include "includes.h"
29 : #include "lib/param/loadparm.h"
30 : #include "libds/common/roles.h"
31 :
32 : /*******************************************************************
33 : Set the server type we will announce as via nmbd.
34 : ********************************************************************/
35 :
36 : static const struct srv_role_tab {
37 : uint32_t role;
38 : const char *role_str;
39 : } srv_role_tab [] = {
40 : { ROLE_STANDALONE, "ROLE_STANDALONE" },
41 : { ROLE_DOMAIN_MEMBER, "ROLE_DOMAIN_MEMBER" },
42 : { ROLE_DOMAIN_BDC, "ROLE_DOMAIN_BDC" },
43 : { ROLE_DOMAIN_PDC, "ROLE_DOMAIN_PDC" },
44 : { ROLE_ACTIVE_DIRECTORY_DC, "ROLE_ACTIVE_DIRECTORY_DC" },
45 : { ROLE_IPA_DC, "ROLE_IPA_DC"},
46 : { 0, NULL }
47 : };
48 :
49 604 : const char* server_role_str(uint32_t role)
50 : {
51 604 : int i = 0;
52 1121 : for (i=0; srv_role_tab[i].role_str; i++) {
53 1121 : if (role == srv_role_tab[i].role) {
54 604 : return srv_role_tab[i].role_str;
55 : }
56 : }
57 0 : return NULL;
58 : }
59 :
60 : /**
61 : * Set the server role based on security, domain logons and domain master
62 : */
63 634515 : int lp_find_server_role(int server_role, int security, int domain_logons, int domain_master)
64 : {
65 : int role;
66 :
67 634515 : if (server_role != ROLE_AUTO) {
68 416871 : if (lp_is_security_and_server_role_valid(server_role, security)) {
69 416871 : return server_role;
70 : }
71 : }
72 :
73 : /* If server_role is set to ROLE_AUTO, or conflicted with the
74 : * chosen security setting, figure out the correct role */
75 217644 : role = ROLE_STANDALONE;
76 :
77 217644 : switch (security) {
78 201942 : case SEC_DOMAIN:
79 : case SEC_ADS:
80 201942 : role = ROLE_DOMAIN_MEMBER;
81 201942 : break;
82 15702 : case SEC_AUTO:
83 : case SEC_USER:
84 15702 : if (domain_logons) {
85 :
86 1344 : if (domain_master) {
87 1344 : role = ROLE_DOMAIN_PDC;
88 : } else {
89 0 : role = ROLE_DOMAIN_BDC;
90 : }
91 : }
92 15702 : break;
93 0 : default:
94 0 : DEBUG(0, ("Server's Role undefined due to unknown security mode\n"));
95 0 : break;
96 : }
97 :
98 217644 : return role;
99 : }
100 :
101 : /**
102 : * Set the server role based on security, domain logons and domain master
103 : */
104 64433 : int lp_find_security(int server_role, int security)
105 : {
106 64433 : if (security != SEC_AUTO) {
107 8201 : return security;
108 : }
109 :
110 56232 : switch (server_role) {
111 221 : case ROLE_DOMAIN_MEMBER:
112 221 : return SEC_ADS;
113 56011 : default:
114 56011 : return SEC_USER;
115 : }
116 : }
117 :
118 :
119 : /**
120 : * Check if server role and security parameters are contradictory
121 : */
122 416871 : bool lp_is_security_and_server_role_valid(int server_role, int security)
123 : {
124 416871 : bool valid = false;
125 :
126 416871 : if (security == SEC_AUTO) {
127 416783 : return true;
128 : }
129 :
130 88 : switch (server_role) {
131 0 : case ROLE_AUTO:
132 0 : valid = true;
133 0 : break;
134 88 : case ROLE_DOMAIN_MEMBER:
135 88 : if (security == SEC_ADS || security == SEC_DOMAIN) {
136 88 : valid = true;
137 : }
138 88 : break;
139 :
140 0 : case ROLE_STANDALONE:
141 : case ROLE_DOMAIN_PDC:
142 : case ROLE_DOMAIN_BDC:
143 : case ROLE_ACTIVE_DIRECTORY_DC:
144 : case ROLE_IPA_DC:
145 0 : if (security == SEC_USER) {
146 0 : valid = true;
147 : }
148 0 : break;
149 :
150 0 : default:
151 0 : break;
152 : }
153 :
154 88 : return valid;
155 : }
|
