1
0
Fork 0

http_negotiate: do not delegate GSSAPI credentials

CVE-2012-4545.  Reported by Marko Myllynen.
(cherry picked from elinks-0.12 commit da18694ff7)
This commit is contained in:
Kamil Dudka 2012-10-09 13:01:56 +02:00 committed by Kalle Olavi Niemitalo
parent 62818a39f9
commit 5e113362da
1 changed files with 1 additions and 1 deletions

View File

@ -188,7 +188,7 @@ http_negotiate_create_context(struct negotiate *neg)
&neg->context,
neg->server_name,
GSS_C_NO_OID,
GSS_C_DELEG_FLAG,
0,
0,
GSS_C_NO_CHANNEL_BINDINGS,
&neg->input_token,