CVE-2016-2118: docs-xml: add "allow dcerpc auth level connect" defaulting to "yes"

We sadly need to allow this for now by default.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

1 files changed, 2 insertions, 0 deletions

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 47d2a929834..2af0f310ee9 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -697,6 +697,8 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
 	Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
 	/* Note, that we will also use NTLM2 session security (which is different), if it is available */
 
+	Globals.allow_dcerpc_auth_level_connect = true; /* we need to allow this for now by default */
+
 	Globals.map_to_guest = 0;	/* By Default, "Never" */
 	Globals.oplock_break_wait_time = 0;	/* By Default, 0 msecs. */
 	Globals.enhanced_browsing = true;