Curl_input_negotiate: do not delegate GSSAPI credentials

This is a security flaw. See curl advisory 20110623 for details. Reported by: Richard Silverman
author: Daniel Stenberg <daniel@haxx.se> 2011-06-08 00:10:26 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2011-06-22 23:04:26 +0200
commit: 5c314c6bb449bfca06c1cdc383c84e7661faf42c (patch)
tree: 6cb475097a446d5b63bfb82c5b36f4a80a914fee /lib/http_negotiate.c
parent: 9016958aa8989f7d998476a1742d5806f6a3692d (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 202d69ecc..5127e6480 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -243,7 +243,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
                                       &neg_ctx->context,
                                       neg_ctx->server_name,
                                       GSS_C_NO_OID,
-                                      GSS_C_DELEG_FLAG,
+                                      0,
                                       0,
                                       GSS_C_NO_CHANNEL_BINDINGS,
                                       &input_token,
author	Daniel Stenberg <daniel@haxx.se>	2011-06-08 00:10:26 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2011-06-22 23:04:26 +0200
commit	5c314c6bb449bfca06c1cdc383c84e7661faf42c (patch)
tree	6cb475097a446d5b63bfb82c5b36f4a80a914fee /lib/http_negotiate.c
parent	9016958aa8989f7d998476a1742d5806f6a3692d (diff)