From c913fc058113b3a3a193f7b98459679945afcf03 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Sat, 6 Sep 2003 19:23:24 +0000 Subject: address bug #359. Andrew B's patch for implementing client portion of NTLMv2 key exchange. Also revert the default for 'client ntlmv2 auth' to no. This caused no ends of grief in different cases. And based on abartlet's mail.... > All I care about at this point is that we use NTLMv2 > in our client code when connecting to a server that > supports it. There is *no* way to tell this. The server can't tell us, because it doesn't know what it's DC supports. The DC can't tell us, because it doesn't know what the trusted DC supports. One DC might be Win2k, and the PDC could be an older NT4. (This used to be commit fe585d49cc3df0d71314ff43d3271d276d7d4503) --- source3/libsmb/cliconnect.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'source3/libsmb/cliconnect.c') diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 63db6b1aea..48bcb61f92 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -271,10 +271,7 @@ static BOOL cli_session_setup_nt1(struct cli_state *cli, const char *user, if (passlen == 0) { /* do nothing - guest login */ } else if (passlen != 24) { - /* if client ntlmv2 auth is set, then don't use it on a - connection without extended security. This isn't a very - good check, but it is a start */ - if ((cli->capabilities & CAP_EXTENDED_SECURITY) && lp_client_ntlmv2_auth()) { + if (lp_client_ntlmv2_auth()) { DATA_BLOB server_chal; DATA_BLOB names_blob; server_chal = data_blob(cli->secblob.data, MIN(cli->secblob.length, 8)); -- cgit