auth4: implement the deprecated 'auth methods' in auth_methods_from_lp()

This might be used to explicitly configure the old auth methods list
from Samba 4.6 and older, if required:
 "auth methods = anonymous sam_ignoredomain"

But this option will be removed again in future releases.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=2976
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12709

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c
index 26025dcc240ea84bb1aec112b158bd5d8d4175f9..ee98cac6ea390770ad12f2d27945e7f3cdc3fb93 100644 (file)
--- a/source4/auth/ntlm/auth.c
+++ b/source4/auth/ntlm/auth.c
@@ -608,6 +608,20 @@ _PUBLIC_ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char *
 const char **auth_methods_from_lp(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
 {
        char **auth_methods = NULL;
+       const char **const_auth_methods = NULL;
+
+       /*
+        * As 'auth methods' is deprecated it will be removed
+        * in future releases again, but for now give
+        * admins the flexibility to configure, the behavior
+        * from Samba 4.6: "auth methods = anonymous sam_ignoredomain",
+        * for a while.
+        */
+       const_auth_methods = lpcfg_auth_methods(lp_ctx);
+       if (const_auth_methods != NULL) {
+               DBG_NOTICE("using deprecated 'auth methods' values.\n");
+               return const_auth_methods;
+       }
 
        switch (lpcfg_server_role(lp_ctx)) {
        case ROLE_STANDALONE: