git.samba.org - metze/samba/wip.git/commit

git.samba.org / metze / samba / wip.git / commit

author	Isaac Boukris <iboukris@gmail.com>
	Thu, 3 Oct 2019 10:09:29 +0000 (13:09 +0300)
committer	Andreas Schneider <asn@cryptomilk.org>
	Sat, 12 Oct 2019 14:33:32 +0000 (14:33 +0000)
commit	37daeb220e461b842ad9708497699f15c5fa5df3
tree	a2a0b21b63f9ff2c7c281bd07c5c9d227133daa5	tree
parent	efb43ecb8e3994171efeb8f8b4231fdd420ace0b	commit \| diff

spnego: ignore server mech_types list

We should not use the mech list sent by the server in the last
'negotiate' packet in CIFS protocol, as it is not protected and
may be subject to downgrade attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

auth/gensec/spnego.c

diff | blob | history

Work in progress branches

RSS Atom