diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-11-02 07:43:43 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-11-08 02:58:06 +0100 |
commit | 56e760f8f16f41c7879e792b20f53bce11f6e721 (patch) | |
tree | 3648aba1e28e662d4bf877e685c0f63b8022dd3f /source4/smb_server/smb/negprot.c | |
parent | 862b81791e24e179cfb3419e331d8d2605475bee (diff) | |
download | samba-56e760f8f16f41c7879e792b20f53bce11f6e721.tar.gz samba-56e760f8f16f41c7879e792b20f53bce11f6e721.tar.bz2 samba-56e760f8f16f41c7879e792b20f53bce11f6e721.zip |
s4-smb_server No longer follow the security=share smb.conf directive
By ignoring the value of security= from the smb.conf, we can allow this
to instead set the value of 'server role' in a manner compatible
with the Samba 3.x release stream.
Andrew Bartlett
Diffstat (limited to 'source4/smb_server/smb/negprot.c')
-rw-r--r-- | source4/smb_server/smb/negprot.c | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/source4/smb_server/smb/negprot.c b/source4/smb_server/smb/negprot.c index 2a31f9fc47..8621666f6a 100644 --- a/source4/smb_server/smb/negprot.c +++ b/source4/smb_server/smb/negprot.c @@ -125,9 +125,6 @@ static void reply_lanman1(struct smbsrv_request *req, uint16_t choice) req->smb_conn->negotiate.encrypted_passwords = lpcfg_encrypted_passwords(req->smb_conn->lp_ctx); - if (lpcfg_security(req->smb_conn->lp_ctx) != SEC_SHARE) - secword |= NEGOTIATE_SECURITY_USER_LEVEL; - if (req->smb_conn->negotiate.encrypted_passwords) secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE; @@ -183,9 +180,6 @@ static void reply_lanman2(struct smbsrv_request *req, uint16_t choice) req->smb_conn->negotiate.encrypted_passwords = lpcfg_encrypted_passwords(req->smb_conn->lp_ctx); - if (lpcfg_security(req->smb_conn->lp_ctx) != SEC_SHARE) - secword |= NEGOTIATE_SECURITY_USER_LEVEL; - if (req->smb_conn->negotiate.encrypted_passwords) secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE; @@ -263,7 +257,6 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice) supports it and we can do encrypted passwords */ if (req->smb_conn->negotiate.encrypted_passwords && - (lpcfg_security(req->smb_conn->lp_ctx) != SEC_SHARE) && lpcfg_use_spnego(req->smb_conn->lp_ctx) && (req->flags2 & FLAGS2_EXTENDED_SECURITY)) { negotiate_spnego = true; @@ -301,9 +294,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice) capabilities |= CAP_DFS; } - if (lpcfg_security(req->smb_conn->lp_ctx) != SEC_SHARE) { - secword |= NEGOTIATE_SECURITY_USER_LEVEL; - } + secword |= NEGOTIATE_SECURITY_USER_LEVEL; if (req->smb_conn->negotiate.encrypted_passwords) { secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE; |