| commit | 88abbea50659a00a5881ef80ae885914b446d121 | |
| author | Isaac Boukris <iboukris@gmail.com> | |
| Thu, 3 Oct 2019 10:09:29 +0000 (3 13:09 +0300) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Wed, 16 Oct 2019 19:25:13 +0000 (16 19:25 +0000) | ||
| tree | c0d6963576b14a26179bc162f325206f6baa085b | treesnapshot (tar.gz zip) |
| parent | c79e39571910d52cb9336212417f072df82a98b2 | commitdiff |
spnego: ignore server mech_types list
We should not use the mech list sent by the server in the last
'negotiate' packet in CIFS protocol, as it is not protected and
may be subject to downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
We should not use the mech list sent by the server in the last
'negotiate' packet in CIFS protocol, as it is not protected and
may be subject to downgrade attacks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106
Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
| auth/gensec/spnego.c | diffblobblamehistory |