diff options
author | Stefan Metzmacher <metze@samba.org> | 2016-03-15 21:02:34 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-04-12 19:25:24 +0200 |
commit | a1900b5bd6722900b42d4580fd47038e8cf5b3ca (patch) | |
tree | ab042a054b780ee6037122edd5b3e2215e6c37b5 /source3/param | |
parent | 6cd48add111a6655791226593cc28ac9d2596602 (diff) | |
download | samba-a1900b5bd6722900b42d4580fd47038e8cf5b3ca.tar.gz |
CVE-2016-2111: docs-xml: add "raw NTLMv2 auth" defaulting to "yes"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11749
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3/param')
-rw-r--r-- | source3/param/loadparm.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 1f8e5783d3a..3bdec236005 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -690,6 +690,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */ Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */ Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */ + Globals.raw_ntlmv2_auth = true; /* Allow NTLMv2 without NTLMSSP */ Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */ /* Note, that we will also use NTLM2 session security (which is different), if it is available */ |