git.samba.org
/
ira
/
wip.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
e387721
)
s4-ntlmssp Do not allow LM key without a LM password
author
Andrew Bartlett
<abartlet@samba.org>
Tue, 27 Dec 2011 08:50:36 +0000
(19:50 +1100)
committer
Andrew Bartlett
<abartlet@samba.org>
Wed, 28 Dec 2011 11:39:19 +0000
(22:39 +1100)
source4/auth/ntlmssp/ntlmssp_client.c
patch
|
blob
|
history
diff --git
a/source4/auth/ntlmssp/ntlmssp_client.c
b/source4/auth/ntlmssp/ntlmssp_client.c
index 6ec56941e6575f48b5bae1a583279067f0474ff4..d5ece11e6afbae3750e1cb6ad8768bb3791fde08 100644
(file)
--- a/
source4/auth/ntlmssp/ntlmssp_client.c
+++ b/
source4/auth/ntlmssp/ntlmssp_client.c
@@
-229,9
+229,11
@@
NTSTATUS ntlmssp_client_challenge(struct gensec_security *gensec_security,
}
if (!(flags & CLI_CRED_LANMAN_AUTH)) {
- /* LM Key is still possible, just silly. Fortunetly
- * we require command line options to end up here */
- /* ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY; */
+ /* LM Key is still possible, just silly, so we do not
+ * allow it. Fortunetly all LM crypto is off by
+ * default and we require command line options to end
+ * up here */
+ ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
}
if (!(flags & CLI_CRED_NTLM2)) {