s3-auth: Only allow LM_KEY cryptography when extra options are set

This crypto is incredibly poor, and can technically be enabled on an otherwise more
secure connection that uses NTLM for the actual authentication leg.  Therefore
disable it by default.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 36e74924abf2a0a712144e9282105874ef461d9b..66d31d5f23975ae6b71982e84434939b2bdfe599 100644 (file)
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -262,7 +262,12 @@ static NTSTATUS gensec_ntlmssp3_server_start(struct gensec_security *gensec_secu
 
        ntlmssp_state->expected_state = NTLMSSP_NEGOTIATE;
 
-       ntlmssp_state->allow_lm_key = lp_lanman_auth();
+       if (lpcfg_lanman_auth(gensec_security->settings->lp_ctx) &&
+           gensec_setting_bool(gensec_security->settings,
+                               "ntlmssp_server", "allow_lm_key", false))
+       {
+               ntlmssp_state->allow_lm_key = true;
+       }
 
        ntlmssp_state->neg_flags =
                NTLMSSP_NEGOTIATE_128 |