From 84c5acc6153548a9c8c99e4f3d5134cdb1397492 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 20 Nov 2006 20:58:00 +0000
Subject: r19805: Add the (harmless, but apparently default)
 NTLMSSP_NEGOTIATE_ALWAYS_SIGN flags into the default set.

Andrew Bartlett
(This used to be commit 04709c75afda0234c7236fba674bf53a265f8dbb)
---
 source4/auth/ntlmssp/ntlmssp.c        | 4 ++--
 source4/auth/ntlmssp/ntlmssp_client.c | 4 ++++
 source4/auth/ntlmssp/ntlmssp_server.c | 4 ++++
 3 files changed, 10 insertions(+), 2 deletions(-)

(limited to 'source4/auth/ntlmssp')

diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c
index 6fbbd7d638..995c2893dc 100644
--- a/source4/auth/ntlmssp/ntlmssp.c
+++ b/source4/auth/ntlmssp/ntlmssp.c
@@ -261,8 +261,8 @@ void ntlmssp_handle_neg_flags(struct gensec_ntlmssp_state *gensec_ntlmssp_state,
 		gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_LM_KEY;
 	}
 
-	if (neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) {
-		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
+	if (!(neg_flags & NTLMSSP_NEGOTIATE_ALWAYS_SIGN)) {
+		gensec_ntlmssp_state->neg_flags &= ~NTLMSSP_NEGOTIATE_ALWAYS_SIGN;
 	}
 
 	if (!(neg_flags & NTLMSSP_NEGOTIATE_SIGN)) {
diff --git a/source4/auth/ntlmssp/ntlmssp_client.c b/source4/auth/ntlmssp/ntlmssp_client.c
index 23d96fb90b..5fc7707e68 100644
--- a/source4/auth/ntlmssp/ntlmssp_client.c
+++ b/source4/auth/ntlmssp/ntlmssp_client.c
@@ -331,6 +331,10 @@ NTSTATUS gensec_ntlmssp_client_start(struct gensec_security *gensec_security)
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;		
 	}
 
+	if (lp_parm_bool(-1, "ntlmssp_client", "alwayssign", True)) {
+		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;		
+	}
+
 	if (lp_parm_bool(-1, "ntlmssp_client", "ntlm2", True)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;		
 	} else {
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 31c2ac63f4..93103b9cbd 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -820,6 +820,10 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security)
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_KEY_EXCH;		
 	}
 
+	if (lp_parm_bool(-1, "ntlmssp_server", "alwayssign", True)) {
+		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_ALWAYS_SIGN;		
+	}
+
 	if (lp_parm_bool(-1, "ntlmssp_server", "ntlm2", True)) {
 		gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_NTLM2;		
 	}
-- 
cgit