From: Volker Lendecke <vl@samba.org>
Date: Mon, 14 Nov 2016 15:38:29 +0000 (+0100)
Subject: wbinfo: Use ntlmv2 by default for wbinfo -a
X-Git-Tag: ldb-1.1.28~117
X-Git-Url: http://git.samba.org/samba.git/?p=sfrench%2Fsamba-autobuild%2F.git;a=commitdiff_plain;h=8f4e426f33fbbca0c363592c315fcb4ffd79fd67

wbinfo: Use ntlmv2 by default for wbinfo -a

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
---

diff --git a/docs-xml/manpages/wbinfo.1.xml b/docs-xml/manpages/wbinfo.1.xml
index 48d2f74986c..f31de7e6b2b 100644
--- a/docs-xml/manpages/wbinfo.1.xml
+++ b/docs-xml/manpages/wbinfo.1.xml
@@ -49,6 +49,7 @@
 		<arg choice="opt">-m</arg>
 		<arg choice="opt">-n name</arg>
 		<arg choice="opt">-N netbios-name</arg>
+		<arg choice="opt">--ntlmv1</arg>
 		<arg choice="opt">--ntlmv2</arg>
 		<arg choice="opt">--online-status</arg>
 		<arg choice="opt">--own-domain</arg>
@@ -329,9 +330,17 @@
 		</para></listitem>
 		</varlistentry>
 
+		<varlistentry>
+		<term>--ntlmv1</term>
+		<listitem><para>Use NTLMv1 cryptography for user authentication.
+		</para></listitem>
+		</varlistentry>
+
 		<varlistentry>
 		<term>--ntlmv2</term>
-		<listitem><para>Use NTLMv2 cryptography for user authentication.
+		<listitem><para>Use NTLMv2 cryptography for user
+		authentication. NTLMv2 is the default method, this
+		option is only maintained for compatibility.
 		</para></listitem>
 		</varlistentry>
 
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index f7b5ace3f94..80b245a7f5c 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -2228,6 +2228,7 @@ enum {
 	OPT_CHANGE_USER_PASSWORD,
 	OPT_CCACHE_SAVE,
 	OPT_SID_TO_FULLNAME,
+	OPT_NTLMV1,
 	OPT_NTLMV2,
 	OPT_PAM_LOGON,
 	OPT_LOGOFF,
@@ -2249,7 +2250,7 @@ int main(int argc, const char **argv, char **envp)
 	int int_subarg = -1;
 	int result = 1;
 	bool verbose = false;
-	bool use_ntlmv2 = false;
+	bool use_ntlmv2 = true;
 	bool use_lanman = false;
 	char *logoff_user = getenv("USER");
 	int logoff_uid = geteuid();
@@ -2343,6 +2344,8 @@ int main(int argc, const char **argv, char **envp)
 		{ "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL },
 		{ "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL },
 		{ "change-user-password", 0, POPT_ARG_STRING, &string_arg, OPT_CHANGE_USER_PASSWORD, "Change the password for a user", NULL },
+		{ "ntlmv1", 0, POPT_ARG_NONE, 0, OPT_NTLMV1,
+		  "Use NTLMv1 cryptography for user authentication", NULL},
 		{ "ntlmv2", 0, POPT_ARG_NONE, 0, OPT_NTLMV2, "Use NTLMv2 cryptography for user authentication", NULL},
 		{ "lanman", 0, POPT_ARG_NONE, 0, OPT_LANMAN, "Use lanman cryptography for user authentication", NULL},
 		POPT_COMMON_VERSION
@@ -2371,8 +2374,8 @@ int main(int argc, const char **argv, char **envp)
 		case OPT_VERBOSE:
 			verbose = true;
 			break;
-		case OPT_NTLMV2:
-			use_ntlmv2 = true;
+		case OPT_NTLMV1:
+			use_ntlmv2 = false;
 			break;
 		case OPT_LANMAN:
 			use_lanman = true;