|
 |
1524bc |
From f719db12774d7b22b818adb56c2abd64ab036caf Mon Sep 17 00:00:00 2001
|
|
|
1524bc |
From: Andreas Schneider <asn@samba.org>
|
|
|
1524bc |
Date: Thu, 11 Apr 2019 16:06:14 +0200
|
|
|
1524bc |
Subject: [PATCH 201/208] s3:rpc_server: Only announce RC4 in netlogon server
|
|
|
1524bc |
if available
|
|
|
1524bc |
|
|
|
1524bc |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
1524bc |
---
|
|
|
1524bc |
source3/rpc_server/netlogon/srv_netlog_nt.c | 5 ++++-
|
|
|
1524bc |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
1524bc |
|
|
|
1524bc |
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
|
|
|
1524bc |
index cbbf9feedc7..3dd8ecf5ca8 100644
|
|
|
1524bc |
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
|
|
|
1524bc |
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
|
|
|
1524bc |
@@ -909,7 +909,6 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
|
|
|
1524bc |
/* 0x000001ff */
|
|
|
1524bc |
srv_flgs = NETLOGON_NEG_ACCOUNT_LOCKOUT |
|
|
|
1524bc |
NETLOGON_NEG_PERSISTENT_SAMREPL |
|
|
|
1524bc |
- NETLOGON_NEG_ARCFOUR |
|
|
|
1524bc |
NETLOGON_NEG_PROMOTION_COUNT |
|
|
|
1524bc |
NETLOGON_NEG_CHANGELOG_BDC |
|
|
|
1524bc |
NETLOGON_NEG_FULL_SYNC_REPL |
|
|
|
1524bc |
@@ -918,6 +917,10 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p,
|
|
|
1524bc |
NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL |
|
|
|
1524bc |
NETLOGON_NEG_PASSWORD_SET2;
|
|
|
1524bc |
|
|
|
1524bc |
+ if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_ALLOWED) {
|
|
|
1524bc |
+ srv_flgs |= NETLOGON_NEG_ARCFOUR;
|
|
|
1524bc |
+ }
|
|
|
1524bc |
+
|
|
|
1524bc |
/* Ensure we support strong (128-bit) keys. */
|
|
|
1524bc |
if (in_neg_flags & NETLOGON_NEG_STRONG_KEYS) {
|
|
|
1524bc |
srv_flgs |= NETLOGON_NEG_STRONG_KEYS;
|
|
|
1524bc |
--
|
|
|
1524bc |
2.23.0
|
|
|
1524bc |
|