[PROPOSAL] Remove password level (or all plaintext passwords?) for 4.1

[Andrew Bartlett]

I know I missed the boat on marking this deprecated in 4.0, but I would
really, really like to remove the password cracking code in our
plaintext password code. 

This is in source3/auth/pass_check.c:pass_check() and is controlled by
the bluntly-named run_cracker parameter. 

Removing this would make my stomach churn just a little less if I have
the misfortune to need to look over this crazy code ever again. 

We only use this if the client both does not support encrypted
passwords, and we are set not to use them. 

The only clients likely to send us such a password any more don't have
the bug forcing the case anyway (the main use case I've heard of is
linux cifs clients in linux-only networks).

Or, we could, now we are without SWAT, take the dive and remove some of
the most untested and platform-dependent code in Samba, and just remove
the plaintext password checking code entirely, and ask that folks store
an encrypted password or use kerberos.  

Any thoughts?

Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org