s3:testparm: Warn about 'server schannel = no'

author Andreas Schneider <asn@samba.org>

Mon, 8 Feb 2021 08:48:16 +0000 (09:48 +0100)

committer Andrew Bartlett <abartlet@samba.org>

Tue, 9 Feb 2021 03:08:42 +0000 (03:08 +0000)
author Andreas Schneider <asn@samba.org>
Mon, 8 Feb 2021 08:48:16 +0000 (09:48 +0100)
committer Andrew Bartlett <abartlet@samba.org>
Tue, 9 Feb 2021 03:08:42 +0000 (03:08 +0000)
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c

index 2d717f197569625cfccc7215373c9a2640154cf3..e870104a2c5531a734057df3afc07d762a6cd506 100644 (file)
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -525,6 +525,13 @@ static int do_global_checks(void)
                 ret = 1;
         }
  
+       if (!lp_server_schannel()) {
+               fprintf(stderr,
+                       "WARNING: You have configured 'server schannel = no'. "
+                       "Your server is vulernable to \"ZeroLogon\" "
+                       "(CVE-2020-1472)\n\n");
+       }
+
         return ret;
  }
author	Andreas Schneider <asn@samba.org>
	Mon, 8 Feb 2021 08:48:16 +0000 (09:48 +0100)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 9 Feb 2021 03:08:42 +0000 (03:08 +0000)