summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2001-08-21 02:58:07 +0000
committerAndrew Bartlett <abartlet@samba.org>2001-08-21 02:58:07 +0000
commit252742f2b021e8d7a06c8c86e099e616511f9996 (patch)
tree9508d39f5ae43c6f3114c42660bed20bb566b0f8
parent1c946805b92f05c0df34218ef559ce0ae6a035e3 (diff)
downloadsamba-252742f2b021e8d7a06c8c86e099e616511f9996.tar.gz
samba-252742f2b021e8d7a06c8c86e099e616511f9996.tar.bz2
samba-252742f2b021e8d7a06c8c86e099e616511f9996.zip
Add a new option to disable our paranoid server check.
Defaults to ON, ie checking (This used to be commit bd3010263be24425206587abfdb41164089e2157)
-rw-r--r--source3/auth/auth_server.c2
-rw-r--r--source3/param/loadparm.c4
-rw-r--r--source3/smbd/auth_server.c2
3 files changed, 6 insertions, 2 deletions
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index 1960fc1cfb..0711b056bd 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -158,7 +158,7 @@ static uint32 server_validate(const auth_usersupplied_info *user_info, auth_serv
* - abartlet@samba.org
*/
- if(!tested_password_server) {
+ if ((!tested_password_server) && (lp_paranoid_server_security())) {
if (cli_session_setup(cli, baduser, (char *)badpass, sizeof(badpass),
(char *)badpass, sizeof(badpass), user_info->domain.str)) {
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 992083df72..543e9bab9f 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -175,6 +175,7 @@ typedef struct
int maxprotocol;
int minprotocol;
int security;
+ BOOL paranoid_server_security;
int maxdisksize;
int lpqcachetime;
int iMaxSmbdProcesses;
@@ -800,6 +801,7 @@ static struct parm_struct parm_table[] = {
{"lpq cache time", P_INTEGER, P_GLOBAL, &Globals.lpqcachetime, NULL, NULL, 0},
{"max smbd processes", P_INTEGER, P_GLOBAL, &Globals.iMaxSmbdProcesses, NULL, NULL, 0},
{"max connections", P_INTEGER, P_LOCAL, &sDefault.iMaxConnections, NULL, NULL, FLAG_SHARE},
+ {"paranoid server security", P_BOOL, P_GLOBAL, &Globals.paranoid_server_security, NULL, NULL, 0},
{"max disk size", P_INTEGER, P_GLOBAL, &Globals.maxdisksize, NULL, NULL, 0},
{"max open files", P_INTEGER, P_GLOBAL, &Globals.max_open_files, NULL, NULL, 0},
{"min print space", P_INTEGER, P_LOCAL, &sDefault.iMinPrintSpace, NULL, NULL, FLAG_PRINT},
@@ -1230,6 +1232,7 @@ static void init_globals(void)
Globals.maxprotocol = PROTOCOL_NT1;
Globals.minprotocol = PROTOCOL_CORE;
Globals.security = SEC_USER;
+ Globals.paranoid_server_security = True;
Globals.bEncryptPasswords = False;
Globals.bUpdateEncrypt = False;
Globals.bReadRaw = True;
@@ -1573,6 +1576,7 @@ FN_GLOBAL_INTEGER(lp_deadtime, &Globals.deadtime)
FN_GLOBAL_INTEGER(lp_maxprotocol, &Globals.maxprotocol)
FN_GLOBAL_INTEGER(lp_minprotocol, &Globals.minprotocol)
FN_GLOBAL_INTEGER(lp_security, &Globals.security)
+FN_GLOBAL_BOOL(lp_paranoid_server_security, &Globals.paranoid_server_security)
FN_GLOBAL_INTEGER(lp_maxdisksize, &Globals.maxdisksize)
FN_GLOBAL_INTEGER(lp_lpqcachetime, &Globals.lpqcachetime)
FN_GLOBAL_INTEGER(lp_max_smbd_processes, &Globals.iMaxSmbdProcesses)
diff --git a/source3/smbd/auth_server.c b/source3/smbd/auth_server.c
index 1960fc1cfb..0711b056bd 100644
--- a/source3/smbd/auth_server.c
+++ b/source3/smbd/auth_server.c
@@ -158,7 +158,7 @@ static uint32 server_validate(const auth_usersupplied_info *user_info, auth_serv
* - abartlet@samba.org
*/
- if(!tested_password_server) {
+ if ((!tested_password_server) && (lp_paranoid_server_security())) {
if (cli_session_setup(cli, baduser, (char *)badpass, sizeof(badpass),
(char *)badpass, sizeof(badpass), user_info->domain.str)) {