diff options
author | Andreas Schneider <asn@samba.org> | 2020-08-19 11:34:02 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2021-04-28 03:43:34 +0000 |
commit | 1cd233712e1a62d716a1d8b34ff3dca6a8f0f501 (patch) | |
tree | 09c0136d56eb2083b9f13bad5ee2b7143fe0564b /source3/param | |
parent | b2bad13ca3545ea451c7858dace56195d18c4827 (diff) | |
download | samba-1cd233712e1a62d716a1d8b34ff3dca6a8f0f501.tar.gz |
lib:param: Add 'client use kerberos' config parameter
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source3/param')
-rw-r--r-- | source3/param/loadparm.c | 13 | ||||
-rw-r--r-- | source3/param/loadparm.h | 1 |
2 files changed, 14 insertions, 0 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 078e67db48f..4f4912c70e4 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -75,6 +75,7 @@ #include "libcli/auth/ntlm_check.h" #include "lib/crypto/gnutls_helpers.h" #include "lib/util/string_wrappers.h" +#include "auth/credentials/credentials.h" #ifdef HAVE_SYS_SYSCTL_H #include <sys/sysctl.h> @@ -956,6 +957,8 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) Globals.client_smb_encrypt = SMB_ENCRYPTION_DEFAULT; + Globals._client_use_kerberos = CRED_USE_KERBEROS_DESIRED; + /* Now put back the settings that were set with lp_set_cmdline() */ apply_lp_set_cmdline(); } @@ -4708,6 +4711,16 @@ int lp_client_ipc_signing(void) return client_ipc_signing; } +enum credentials_use_kerberos lp_client_use_kerberos(void) +{ + if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED) { + return CRED_USE_KERBEROS_REQUIRED; + } + + return lp__client_use_kerberos(); +} + + int lp_rpc_low_port(void) { return Globals.rpc_low_port; diff --git a/source3/param/loadparm.h b/source3/param/loadparm.h index 7686877ccf1..9f7b4bd1cdb 100644 --- a/source3/param/loadparm.h +++ b/source3/param/loadparm.h @@ -56,6 +56,7 @@ int lp_client_max_protocol(void); int lp_client_ipc_min_protocol(void); int lp_client_ipc_max_protocol(void); int lp_client_ipc_signing(void); +enum credentials_use_kerberos lp_client_use_kerberos(void); int lp_smb2_max_credits(void); int lp_cups_encrypt(void); bool lp_widelinks(int ); |