added server ntlmv2 false/auto/true parameter, defaults to off.

author Luke Leighton <lkcl@samba.org>

Sat, 1 May 1999 01:41:28 +0000 (01:41 +0000)

committer Luke Leighton <lkcl@samba.org>

Sat, 1 May 1999 01:41:28 +0000 (01:41 +0000)
author Luke Leighton <lkcl@samba.org>
Sat, 1 May 1999 01:41:28 +0000 (01:41 +0000)
committer Luke Leighton <lkcl@samba.org>
Sat, 1 May 1999 01:41:28 +0000 (01:41 +0000)
diff --git a/source3/include/proto.h b/source3/include/proto.h

index f61d8e3ca80dc2cf353c39fb1c3254f898982fba..577215913f4e712d6a87f8fd79c8a7e84a983e45 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1251,6 +1251,7 @@ BOOL lp_null_passwords(void);
  BOOL lp_strip_dot(void);
  BOOL lp_encrypted_passwords(void);
  BOOL lp_update_encrypted(void);
+BOOL lp_server_ntlmv2(void);
  BOOL lp_syslog_only(void);
  BOOL lp_timestamp_logs(void);
  BOOL lp_browse_list(void);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c

index 142ab4af32ce4975ed9f5fff4552b051ea4b701a..34c405dd5024a6bea96e1c1b32b96aaa4d640841 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -211,6 +211,7 @@ typedef struct
    BOOL bDomainLogons;
    BOOL bEncryptPasswords;
    BOOL bUpdateEncrypt;
+  BOOL bServerNTLMv2;
    BOOL bStripDot;
    BOOL bNullPasswords;
    BOOL bLoadPrinters;
@@ -529,6 +530,7 @@ static struct parm_struct parm_table[] =
    {"security",         P_ENUM,    P_GLOBAL, &Globals.security,          NULL,   enum_security, FLAG_BASIC},
    {"encrypt passwords",P_BOOL,    P_GLOBAL, &Globals.bEncryptPasswords, NULL,   NULL,  FLAG_BASIC},
    {"update encrypted", P_BOOL,    P_GLOBAL, &Globals.bUpdateEncrypt,    NULL,   NULL,  FLAG_BASIC},
+  {"server ntlmv2",    P_BOOL,    P_GLOBAL, &Globals.bServerNTLMv2,     NULL,   enum_bool_auto,  FLAG_BASIC},
    {"use rhosts",       P_BOOL,    P_GLOBAL, &Globals.bUseRhosts,        NULL,   NULL,  0},
    {"map to guest",     P_ENUM,    P_GLOBAL, &Globals.map_to_guest,      NULL,   enum_map_to_guest, 0},
    {"null passwords",   P_BOOL,    P_GLOBAL, &Globals.bNullPasswords,    NULL,   NULL,  0},
@@ -970,6 +972,10 @@ static void init_globals(void)
    Globals.sslCompatibility = False;
  #endif        /* WITH_SSL */
  
+/* NTLMv2 */
+
+  Globals.bServerNTLMv2 = False; 
+
  /* these parameters are set to defaults that are more appropriate
     for the increasing samba install base:
  
@@ -1244,6 +1250,7 @@ FN_GLOBAL_BOOL(lp_null_passwords,&Globals.bNullPasswords)
  FN_GLOBAL_BOOL(lp_strip_dot,&Globals.bStripDot)
  FN_GLOBAL_BOOL(lp_encrypted_passwords,&Globals.bEncryptPasswords)
  FN_GLOBAL_BOOL(lp_update_encrypted,&Globals.bUpdateEncrypt)
+FN_GLOBAL_BOOL(lp_server_ntlmv2,&Globals.bUpdateEncrypt)
  FN_GLOBAL_BOOL(lp_syslog_only,&Globals.bSyslogOnly)
  FN_GLOBAL_BOOL(lp_timestamp_logs,&Globals.bTimestampLogs)
  FN_GLOBAL_BOOL(lp_browse_list,&Globals.bBrowseList)
@@ -2927,7 +2934,9 @@ int lp_server_role(void)
  BOOL lp_domain_master(void)
  {
         if (Globals.bDomainMaster == Auto)
-               return (server_role == ROLE_DOMAIN_PDC);
+       {
+               return (lp_server_role() == ROLE_DOMAIN_PDC);
+       }
  
         return Globals.bDomainMaster;
  }
@@ -2939,7 +2948,9 @@ BOOL lp_domain_master(void)
  BOOL lp_preferred_master(void)
  {
         if (Globals.bPreferredMaster == Auto)
+       {
                 return (lp_local_master() && lp_domain_master());
+       }
  
         return Globals.bPreferredMaster;
  }
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c

index d4e6180261bcb2598b8f8224b8c1a9aef3c1921d..e66bf9f163b653d3261db2cabb3158dd96568e49 100644 (file)
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -159,16 +159,6 @@ reply for the nt protocol
  static int reply_nt1(char *outbuf)
  {
    /* dual names + lock_and_read + nt SMBs + remote API calls */
-  int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|
-                     (lp_nt_smb_support() ? CAP_NT_SMBS | CAP_RPC_REMOTE_APIS : 0) |
-                     (SMB_OFF_T_BITS == 64 ? CAP_LARGE_FILES : 0);
-
-
-/*
-  other valid capabilities which we may support at some time...
-                     CAP_LARGE_READX|CAP_STATUS32|CAP_LEVEL_II_OPLOCKS;
- */
-
    int secword=0;
    BOOL doencrypt = SMBENCRYPT();
    time_t t = time(NULL);
@@ -177,9 +167,26 @@ static int reply_nt1(char *outbuf)
    char cryptkey[8];
    char crypt_len = 0;
  
-  if (lp_security() == SEC_SERVER) {
-         cli = server_cryptkey();
-  }
+  int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ;
+
+       if (lp_nt_smb_support())
+       {
+               capabilities |= CAP_NT_SMBS | CAP_RPC_REMOTE_APIS;
+       }
+
+       if (SMB_OFF_T_BITS == 64)
+       {
+               capabilities |= CAP_LARGE_FILES;
+       }
+/*
+  other valid capabilities which we may support at some time...
+                     CAP_LARGE_READX|CAP_STATUS32|CAP_LEVEL_II_OPLOCKS;
+ */
+
+       if (lp_security() == SEC_SERVER)
+       {
+               cli = server_cryptkey();
+       }
  
    if (cli) {
           DEBUG(3,("using password server validation\n"));
author	Luke Leighton <lkcl@samba.org>
	Sat, 1 May 1999 01:41:28 +0000 (01:41 +0000)
committer	Luke Leighton <lkcl@samba.org>
	Sat, 1 May 1999 01:41:28 +0000 (01:41 +0000)
source3/include/proto.h		patch \| blob \| history
source3/param/loadparm.c		patch \| blob \| history
source3/smbd/negprot.c		patch \| blob \| history