diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-07-03 14:11:47 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-07-04 06:57:20 +0200 |
commit | d0d266bbf79fac956ca5de0b48dfac08b6f18628 (patch) | |
tree | fa89526c2830abc2e2fc3aede769466bfc1dafde /lib | |
parent | 8b398a4d72a53b57e622afb4aeefa026b96c3d2a (diff) | |
download | samba-d0d266bbf79fac956ca5de0b48dfac08b6f18628.tar.gz |
param: Disable LanMan authentication unless NTLMv1 is also enabled
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11923
Diffstat (limited to 'lib')
-rw-r--r-- | lib/param/loadparm.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index 9c93277c35e..a221e879d07 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -3511,3 +3511,19 @@ int lpcfg_tdb_flags(struct loadparm_context *lp_ctx, int tdb_flags) } return tdb_flags; } + +/* + * Do not allow LanMan auth if unless NTLMv1 is also allowed + * + * This also ensures it is disabled if NTLM is totally disabled + */ +bool lpcfg_lanman_auth(struct loadparm_context *lp_ctx) +{ + enum ntlm_auth_level ntlm_auth_level = lpcfg_ntlm_auth(lp_ctx); + + if (ntlm_auth_level == NTLM_AUTH_ON) { + return lpcfg__lanman_auth(lp_ctx); + } else { + return false; + } +} |