| commit | 1da911bf29c0c712670a445943292bfb98107ffc | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Wed, 23 Nov 2016 10:42:59 +0000 (23 11:42 +0100) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Mon, 19 Dec 2016 09:52:14 +0000 (19 10:52 +0100) | ||
| tree | 5dbe52ed396dce2be5d7e9f2fa0d72f5177dc6cb | treesnapshot (tar.gz zip) |
| parent | ac3ce22fe960b9b6c6368a0b5bf95a1ae0180ae7 | commitdiff |
CVE-2016-2125: s3:gse: avoid using GSS_C_DELEG_FLAG
We should only use GSS_C_DELEG_POLICY_FLAG in order to let
the KDC decide if we should send delegated credentials to
a remote server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12445
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
We should only use GSS_C_DELEG_POLICY_FLAG in order to let
the KDC decide if we should send delegated credentials to
a remote server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12445
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
| source3/librpc/crypto/gse.c | diffblobblamehistory |