[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Fri Jul 1 14:36:01 UTC 2022
The branch, master has been updated
via b609734c52d testparm: clarify "Weak crypto is allowed" message
from 013b74e3246 s4:torture: check return of ndr_pull_init_blob() via torture_assert()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b609734c52dc12cf80faa693e981a4ef0ce4be4a
Author: Michael Tokarev <mjt at tls.msk.ru>
Date: Fri May 20 09:48:32 2022 +0300
testparm: clarify "Weak crypto is allowed" message
The message testparm prints about weak crypto is really
misleading: "Weak crypto is allowed" is often interpreted
in a way that smb.conf settings are bad by allowing weak
crypto. While the actual meaning is about the ability to
fall back to weaker crypto for (backwards) compatibility,
and this has nothing to do with samba settings, it is the
gnutls settings. Clarify both of these, and eliminate an
if() and a local variable.
Signed-off-by: Michael Tokarev <mjt at tls.msk.ru>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Fri Jul 1 14:35:09 UTC 2022 on sn-devel-184
-----------------------------------------------------------------------
Summary of changes:
source3/utils/testparm.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index 71bc4c2694e..9555b436260 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -735,7 +735,6 @@ static void do_per_share_checks(int s)
const char *caddr;
static int show_defaults;
static int skip_logic_checks = 0;
- const char *weak_crypo_str = "";
bool ok;
struct poptOption long_options[] = {
@@ -870,12 +869,10 @@ static void do_per_share_checks(int s)
fprintf(stderr,"Loaded services file OK.\n");
- if (samba_gnutls_weak_crypto_allowed()) {
- weak_crypo_str = "allowed";
- } else {
- weak_crypo_str = "disallowed";
- }
- fprintf(stderr, "Weak crypto is %s\n", weak_crypo_str);
+ fprintf(stderr,
+ "Weak crypto is %sallowed by GnuTLS "
+ "(e.g. NTLM as a compatibility fallback)\n",
+ samba_gnutls_weak_crypto_allowed() ? "" : "dis");
if (skip_logic_checks == 0) {
ret = do_global_checks();
--
Samba Shared Repository
More information about the samba-cvs
mailing list