[PATCH] WHATSNEW patch for ntlm changes
Andrew Bartlett
abartlet at samba.org
Tue Jul 4 08:47:48 UTC 2017
This patch missed my current autobuild.
Please push before/for 4.7 rc1
Sorry,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
From a4e419eb2034c2a1ee0f141fd5558198d5fcb228 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Tue, 4 Jul 2017 15:16:05 +1200
Subject: [PATCH 1/2] WHATSNEW: Add docs for ntlm auth changes
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
WHATSNEW.txt | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 09b3cbb..f98e4a3 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -250,6 +250,12 @@ obey client requests to synchronize unwritten data in operating
system buffers safely onto disk. This is a safer default setting
for modern SMB1/2/3 clients.
+The 'ntlm auth' option default is renamed to 'ntlmv2-only', reflecting
+the previous behaviour. Two new values have been provided,
+'mschapv2-and-ntlmv2-only' (allowing MSCHAPv2 while denying NTLMv1)
+and 'disabled', totally disabling NTLM authentication and password
+changes.
+
smb.conf changes
================
@@ -268,6 +274,7 @@ smb.conf changes
rpc server dynamic port range New parameter 49152-65535
strict sync Default changed yes
password hash userPassword schemes New parameter
+ ntlm auth New value ntlmv2-only
KNOWN ISSUES
--
2.9.4
From 6b30904b0a16c6f9a755e58632b3862ded14d62d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Tue, 4 Jul 2017 15:16:57 +1200
Subject: [PATCH 2/2] WHATSNEW: Fix typo
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
WHATSNEW.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index f98e4a3..a5b1c88 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -239,7 +239,7 @@ talloc context (which must be guaranteed to be alive for the
lifetime of the module). This allows modules to avoid use of
the talloc_autofree_context() (which is inherently thread-unsafe)
and still be valgrind-clean on exit. Modules that don't need to
-free long-lived data on exist should use the NULL talloc context.
+free long-lived data on exit should use the NULL talloc context.
Parameter changes
-----------------
--
2.9.4
More information about the samba-technical
mailing list