git.samba.org - samba.git/commit

author	Stefan Metzmacher <metze@samba.org>
	Fri, 20 Nov 2015 10:42:55 +0000 (11:42 +0100)
committer	Stefan Metzmacher <metze@samba.org>
	Mon, 28 Mar 2016 22:42:07 +0000 (00:42 +0200)
commit	639bd4da76f1493592c6d4feee3cc3d7b6dec872
tree	9e92f63ca731aa8185eb1ae036ec3429134808e4	tree
parent	0489a5871e715185bbb0a24a5a69c2cae57341fb	commit \| diff

CVE-2016-2110: auth/gensec: fix the client side of a spnego downgrade

New servers response with SPNEGO_REQUEST_MIC instead of
SPNEGO_ACCEPT_INCOMPLETE to a downgrade.

With just KRB5 and NTLMSSP this doesn't happen, but we
want to be prepared for the future.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>

auth/gensec/spnego.c

diff | blob | history

Samba Shared Repository

RSS Atom