| commit | f32ad5ca491965535d99c8fd67058878b151805d | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Tue, 24 Nov 2015 19:13:24 +0000 (24 20:13 +0100) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Tue, 29 Mar 2016 14:25:39 +0000 (29 16:25 +0200) | ||
| tree | 1baddcbddf7058d3f54078584085764fc931aa34 | treesnapshot (tar.gz zip) |
| parent | 36735336442e9bae9988a6655a0cb2bab6a4da1a | commitdiff |
CVE-2016-2110: auth/gensec: require spnego mechListMIC exchange for new_spnego backends
This used to work more or less before, but only for krb5 with the
server finishing first.
With NTLMSSP and new_spnego the client will finish first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This used to work more or less before, but only for krb5 with the
server finishing first.
With NTLMSSP and new_spnego the client will finish first.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11644
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
| auth/gensec/spnego.c | diffblobblamehistory |