[PATCH] Use ntlmv2 for wbinfo -a

Jeremy Allison jra at samba.org
Mon Nov 14 23:30:53 UTC 2016 

On Mon, Nov 14, 2016 at 04:40:42PM +0100, Volker Lendecke wrote:
> Hi!
> 
> Review appreciated!

LGTM - pushed !

> From c0278f157a61226e444a923ee0404dfef5fbb6e8 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Mon, 14 Nov 2016 16:38:29 +0100
> Subject: [PATCH] wbinfo: Use ntlmv2 by default for wbinfo -a
> 
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
>  docs-xml/manpages/wbinfo.1.xml | 11 ++++++++++-
>  nsswitch/wbinfo.c              |  9 ++++++---
>  2 files changed, 16 insertions(+), 4 deletions(-)
> 
> diff --git a/docs-xml/manpages/wbinfo.1.xml b/docs-xml/manpages/wbinfo.1.xml
> index 48d2f74..f31de7e 100644
> --- a/docs-xml/manpages/wbinfo.1.xml
> +++ b/docs-xml/manpages/wbinfo.1.xml
> @@ -49,6 +49,7 @@
>  		<arg choice="opt">-m</arg>
>  		<arg choice="opt">-n name</arg>
>  		<arg choice="opt">-N netbios-name</arg>
> +		<arg choice="opt">--ntlmv1</arg>
>  		<arg choice="opt">--ntlmv2</arg>
>  		<arg choice="opt">--online-status</arg>
>  		<arg choice="opt">--own-domain</arg>
> @@ -330,8 +331,16 @@
>  		</varlistentry>
>  
>  		<varlistentry>
> +		<term>--ntlmv1</term>
> +		<listitem><para>Use NTLMv1 cryptography for user authentication.
> +		</para></listitem>
> +		</varlistentry>
> +
> +		<varlistentry>
>  		<term>--ntlmv2</term>
> -		<listitem><para>Use NTLMv2 cryptography for user authentication.
> +		<listitem><para>Use NTLMv2 cryptography for user
> +		authentication. NTLMv2 is the default method, this
> +		option is only maintained for compatibility.
>  		</para></listitem>
>  		</varlistentry>
>  
> diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
> index f7b5ace..80b245a 100644
> --- a/nsswitch/wbinfo.c
> +++ b/nsswitch/wbinfo.c
> @@ -2228,6 +2228,7 @@ enum {
>  	OPT_CHANGE_USER_PASSWORD,
>  	OPT_CCACHE_SAVE,
>  	OPT_SID_TO_FULLNAME,
> +	OPT_NTLMV1,
>  	OPT_NTLMV2,
>  	OPT_PAM_LOGON,
>  	OPT_LOGOFF,
> @@ -2249,7 +2250,7 @@ int main(int argc, const char **argv, char **envp)
>  	int int_subarg = -1;
>  	int result = 1;
>  	bool verbose = false;
> -	bool use_ntlmv2 = false;
> +	bool use_ntlmv2 = true;
>  	bool use_lanman = false;
>  	char *logoff_user = getenv("USER");
>  	int logoff_uid = geteuid();
> @@ -2343,6 +2344,8 @@ int main(int argc, const char **argv, char **envp)
>  		{ "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL },
>  		{ "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL },
>  		{ "change-user-password", 0, POPT_ARG_STRING, &string_arg, OPT_CHANGE_USER_PASSWORD, "Change the password for a user", NULL },
> +		{ "ntlmv1", 0, POPT_ARG_NONE, 0, OPT_NTLMV1,
> +		  "Use NTLMv1 cryptography for user authentication", NULL},
>  		{ "ntlmv2", 0, POPT_ARG_NONE, 0, OPT_NTLMV2, "Use NTLMv2 cryptography for user authentication", NULL},
>  		{ "lanman", 0, POPT_ARG_NONE, 0, OPT_LANMAN, "Use lanman cryptography for user authentication", NULL},
>  		POPT_COMMON_VERSION
> @@ -2371,8 +2374,8 @@ int main(int argc, const char **argv, char **envp)
>  		case OPT_VERBOSE:
>  			verbose = true;
>  			break;
> -		case OPT_NTLMV2:
> -			use_ntlmv2 = true;
> +		case OPT_NTLMV1:
> +			use_ntlmv2 = false;
>  			break;
>  		case OPT_LANMAN:
>  			use_lanman = true;
> -- 
> 2.1.4
>

More information about the samba-technical mailing list