| commit | a4dd51294603e3ad92d204ca3d8436de29c926e6 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Tue, 24 Nov 2015 19:13:24 +0000 (24 20:13 +0100) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Tue, 12 Apr 2016 17:25:23 +0000 (12 19:25 +0200) | ||
| tree | 886c1b3f74968aaf0a4b59c1edbcafcb670814cf | treesnapshot (tar.gz zip) |
| parent | 4ec38db6f17a4f998a8e38291b599dd08b6a6192 | commitdiff |
CVE-2016-2110: auth/gensec: require spnego mechListMIC exchange for new_spnego backends
This used to work more or less before, but only for krb5 with the
server finishing first.
With NTLMSSP and new_spnego the client will finish first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This used to work more or less before, but only for krb5 with the
server finishing first.
With NTLMSSP and new_spnego the client will finish first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
| auth/gensec/spnego.c | diffblobblamehistory |