summaryrefslogtreecommitdiffstats
path: root/src/gss_ntlmssp.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gss_ntlmssp.c')
-rw-r--r--src/gss_ntlmssp.c37
1 files changed, 35 insertions, 2 deletions
diff --git a/src/gss_ntlmssp.c b/src/gss_ntlmssp.c
index ba0f027..e4a6336 100644
--- a/src/gss_ntlmssp.c
+++ b/src/gss_ntlmssp.c
@@ -65,6 +65,39 @@ uint8_t gssntlm_required_security(int security_level,
return resp;
}
+bool gssntlm_sec_lm_ok(struct gssntlm_ctx *ctx)
+{
+ switch (ctx->role) {
+ case GSSNTLM_CLIENT:
+ case GSSNTLM_SERVER:
+ return (ctx->sec_req & SEC_LM_OK);
+ case GSSNTLM_DOMAIN_SERVER:
+ return true; /* defer decision to DC */
+ case GSSNTLM_DOMAIN_CONTROLLER:
+ return (ctx->sec_req & SEC_DC_LM_OK);
+ }
+ return false;
+}
+
+bool gssntlm_sec_ntlm_ok(struct gssntlm_ctx *ctx)
+{
+ switch (ctx->role) {
+ case GSSNTLM_CLIENT:
+ case GSSNTLM_SERVER:
+ return (ctx->sec_req & SEC_NTLM_OK);
+ case GSSNTLM_DOMAIN_SERVER:
+ return true; /* defer decision to DC */
+ case GSSNTLM_DOMAIN_CONTROLLER:
+ return (ctx->sec_req & SEC_DC_NTLM_OK);
+ }
+ return false;
+}
+
+bool gssntlm_ext_sec_ok(struct gssntlm_ctx *ctx)
+{
+ return (ctx->sec_req & SEC_EXT_SEC_OK);
+}
+
uint32_t gssntlm_context_is_valid(struct gssntlm_ctx *ctx, time_t *time_now)
{
time_t now;
@@ -90,6 +123,6 @@ int gssntlm_get_lm_compatibility_level(void)
return atoi(envvar);
}
- /* use the most secure setting by default */
- return SEC_LEVEL_MAX;
+ /* use 3 by default for better compatibility */
+ return 3;
}
generated by cgit (git 2.34.1) at 2024-05-17 13:47:48 +0000