]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 07ef0f6) | patch
CVE-2016-2125: s4:gensec_gssapi: don't use GSS_C_DELEG_FLAG by default
authorStefan Metzmacher <metze@samba.org>
Wed, 23 Nov 2016 10:44:22 +0000 (11:44 +0100)
committerKarolin Seeger <kseeger@samba.org>
Fri, 9 Dec 2016 09:59:16 +0000 (10:59 +0100)
commit58586ceae7fe628453e6bffdc463d4309ced15fb
treeccff385ea0b0511f9724d3501283478b4272ba2ftree
parent07ef0f6ce0fb9d9735710ab79c2ee91d7a72a974commit | diff
CVE-2016-2125: s4:gensec_gssapi: don't use GSS_C_DELEG_FLAG by default

This disabled the usage of GSS_C_DELEG_FLAG by default, as
GSS_C_DELEG_POLICY_FLAG is still used by default we let the
KDC decide if we should send delegated credentials to a remote server.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12445

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
source4/auth/gensec/gensec_gssapi.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git