From: Andreas Schneider Date: Fri, 23 Apr 2021 14:32:27 +0000 (+0200) Subject: auth:gensec: Use lpcfg_weak_crypto() X-Git-Tag: ldb-2.5.0~1040 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2daf3e79751d11a31a1e44d21b70517356301ee7;p=thirdparty%2Fsamba.git auth:gensec: Use lpcfg_weak_crypto() Pair-Programmed-With: Stefan Metzmacher Signed-off-by: Andreas Schneider Signed-off-by: Stefan Metzmacher Reviewed-by: Andrew Bartlett --- diff --git a/auth/gensec/gensec_start.c b/auth/gensec/gensec_start.c index 906e3ee302c..bd5b7259d3f 100644 --- a/auth/gensec/gensec_start.c +++ b/auth/gensec/gensec_start.c @@ -29,10 +29,10 @@ #include "auth/gensec/gensec.h" #include "auth/gensec/gensec_internal.h" #include "lib/param/param.h" +#include "lib/param/loadparm.h" #include "lib/util/tsort.h" #include "lib/util/samba_modules.h" #include "lib/util/base64.h" -#include "lib/crypto/gnutls_helpers.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH @@ -51,7 +51,8 @@ bool gensec_security_ops_enabled(const struct gensec_security_ops *ops, struct g ops->name, ops->enabled); - if (!samba_gnutls_weak_crypto_allowed() && ops->weak_crypto) { + if (ops->weak_crypto && + lpcfg_weak_crypto(security->settings->lp_ctx) != SAMBA_WEAK_CRYPTO_ALLOWED) { ok = false; }