svn commit: samba r11401 - in
branches/SAMBA_4_0/source/auth/credentials: .
Stefan Metzmacher
metze at samba.org
Mon Oct 31 10:05:09 GMT 2005
On Mon, Oct 31, 2005 at 12:23:39AM +0000, abartlet at samba.org wrote:
> cli_credentials_get_ntlm_username_domain(cred, mem_ctx, &user, &domain);
>
> + /* If we are sending a username at realm login (see function
> + * above), then we will not send LM, it will not be
> + * accepted */
> + if (cred->principal_obtained > cred->username_obtained) {
> + *flags = *flags & ~CLI_CRED_LANMAN_AUTH;
> + }
> +
> + /* Likewise if we are a machine account (avoid protocol downgrade attacks) */
> + if (cred->principal_obtained > cred->username_obtained) {
should this be if (cred->machine_account) ?
> + *flags = *flags & ~CLI_CRED_LANMAN_AUTH;
> + }
> +
More information about the samba-technical
mailing list