sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-02 09:47:23 +03:00
Code

r2096: Enable use of NTLM2 for connections that do not got on to be NTLMSSP

Browse Source 
signed or sealed.

This allows NTLM2 for SMB connections, and NTLMSSP over HTTP for example.

Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2004-08-29 11:28:31 +00:00 committed by Gerald (Jerry) Carter
parent ecdb0b4426
commit e509451538
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
source/libcli/auth/gensec_ntlmssp.c
View File

@ -186,6 +186,14 @@ static NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_secur
gensec_ntlmssp_state->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
}
/* IF we are not doing Signing or Sealing, we can actually do
* NTLM2. When we crack the crypto puzzle, then we can enable
* this always, in the constant flags */
if (!(gensec_security->want_features & GENSEC_WANT_SIGN) && !(gensec_security->want_features & GENSEC_WANT_SEAL)) {
gensec_ntlmssp_state->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
}
ntlmssp_state = gensec_ntlmssp_state->ntlmssp_state;
if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&gensec_ntlmssp_state->auth_context))) {
return nt_status;
@ -237,6 +245,14 @@ static NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_secur
gensec_ntlmssp_state->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL;
}
/* IF we are not doing Signing or Sealing, we can actually do
* NTLM2. When we crack the crypto puzzle, then we can enable
* this always, in the constant flags */
if (!(gensec_security->want_features & GENSEC_WANT_SIGN) && !(gensec_security->want_features & GENSEC_WANT_SEAL)) {
gensec_ntlmssp_state->ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;
}
status = ntlmssp_set_domain(gensec_ntlmssp_state->ntlmssp_state,
gensec_security->user.domain);
if (!NT_STATUS_IS_OK(status)) {