From 5c314c6bb449bfca06c1cdc383c84e7661faf42c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 8 Jun 2011 00:10:26 +0200 Subject: Curl_input_negotiate: do not delegate GSSAPI credentials This is a security flaw. See curl advisory 20110623 for details. Reported by: Richard Silverman --- lib/http_negotiate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 202d69ecc..5127e6480 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -243,7 +243,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy, &neg_ctx->context, neg_ctx->server_name, GSS_C_NO_OID, - GSS_C_DELEG_FLAG, + 0, 0, GSS_C_NO_CHANNEL_BINDINGS, &input_token, -- cgit v1.2.3