[PATCH] Use ntlmv2 for wbinfo -a
Jeremy Allison
jra at samba.org
Mon Nov 14 23:30:53 UTC 2016
On Mon, Nov 14, 2016 at 04:40:42PM +0100, Volker Lendecke wrote:
> Hi!
>
> Review appreciated!
LGTM - pushed !
> From c0278f157a61226e444a923ee0404dfef5fbb6e8 Mon Sep 17 00:00:00 2001
> From: Volker Lendecke <vl at samba.org>
> Date: Mon, 14 Nov 2016 16:38:29 +0100
> Subject: [PATCH] wbinfo: Use ntlmv2 by default for wbinfo -a
>
> Signed-off-by: Volker Lendecke <vl at samba.org>
> ---
> docs-xml/manpages/wbinfo.1.xml | 11 ++++++++++-
> nsswitch/wbinfo.c | 9 ++++++---
> 2 files changed, 16 insertions(+), 4 deletions(-)
>
> diff --git a/docs-xml/manpages/wbinfo.1.xml b/docs-xml/manpages/wbinfo.1.xml
> index 48d2f74..f31de7e 100644
> --- a/docs-xml/manpages/wbinfo.1.xml
> +++ b/docs-xml/manpages/wbinfo.1.xml
> @@ -49,6 +49,7 @@
> <arg choice="opt">-m</arg>
> <arg choice="opt">-n name</arg>
> <arg choice="opt">-N netbios-name</arg>
> + <arg choice="opt">--ntlmv1</arg>
> <arg choice="opt">--ntlmv2</arg>
> <arg choice="opt">--online-status</arg>
> <arg choice="opt">--own-domain</arg>
> @@ -330,8 +331,16 @@
> </varlistentry>
>
> <varlistentry>
> + <term>--ntlmv1</term>
> + <listitem><para>Use NTLMv1 cryptography for user authentication.
> + </para></listitem>
> + </varlistentry>
> +
> + <varlistentry>
> <term>--ntlmv2</term>
> - <listitem><para>Use NTLMv2 cryptography for user authentication.
> + <listitem><para>Use NTLMv2 cryptography for user
> + authentication. NTLMv2 is the default method, this
> + option is only maintained for compatibility.
> </para></listitem>
> </varlistentry>
>
> diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
> index f7b5ace..80b245a 100644
> --- a/nsswitch/wbinfo.c
> +++ b/nsswitch/wbinfo.c
> @@ -2228,6 +2228,7 @@ enum {
> OPT_CHANGE_USER_PASSWORD,
> OPT_CCACHE_SAVE,
> OPT_SID_TO_FULLNAME,
> + OPT_NTLMV1,
> OPT_NTLMV2,
> OPT_PAM_LOGON,
> OPT_LOGOFF,
> @@ -2249,7 +2250,7 @@ int main(int argc, const char **argv, char **envp)
> int int_subarg = -1;
> int result = 1;
> bool verbose = false;
> - bool use_ntlmv2 = false;
> + bool use_ntlmv2 = true;
> bool use_lanman = false;
> char *logoff_user = getenv("USER");
> int logoff_uid = geteuid();
> @@ -2343,6 +2344,8 @@ int main(int argc, const char **argv, char **envp)
> { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL },
> { "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL },
> { "change-user-password", 0, POPT_ARG_STRING, &string_arg, OPT_CHANGE_USER_PASSWORD, "Change the password for a user", NULL },
> + { "ntlmv1", 0, POPT_ARG_NONE, 0, OPT_NTLMV1,
> + "Use NTLMv1 cryptography for user authentication", NULL},
> { "ntlmv2", 0, POPT_ARG_NONE, 0, OPT_NTLMV2, "Use NTLMv2 cryptography for user authentication", NULL},
> { "lanman", 0, POPT_ARG_NONE, 0, OPT_LANMAN, "Use lanman cryptography for user authentication", NULL},
> POPT_COMMON_VERSION
> @@ -2371,8 +2374,8 @@ int main(int argc, const char **argv, char **envp)
> case OPT_VERBOSE:
> verbose = true;
> break;
> - case OPT_NTLMV2:
> - use_ntlmv2 = true;
> + case OPT_NTLMV1:
> + use_ntlmv2 = false;
> break;
> case OPT_LANMAN:
> use_lanman = true;
> --
> 2.1.4
>
More information about the samba-technical
mailing list