git.samba.org / ira / wip.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
s4-ntlmssp Do not allow LM key without a LM password
[ira/wip.git] / source4 / auth / ntlmssp / ntlmssp_client.c
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index 6ec56941e6575f48b5bae1a583279067f0474ff4..d5ece11e6afbae3750e1cb6ad8768bb3791fde08 100644 (file)
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -229,9 +229,11 @@ NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
        }
        
        if (!(flags & CLI_CRED_LANMAN_AUTH)) {
-               /* LM Key is still possible, just silly.  Fortunetly
-                * we require command line options to end up here */
-               /* ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY; */
+               /* LM Key is still possible, just silly, so we do not
+                * allow it. Fortunetly all LM crypto is off by
+                * default and we require command line options to end
+                * up here */
+               ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
        }
 
        if (!(flags & CLI_CRED_NTLM2)) {
Unnamed repository; edit this file 'description' to name the repository.