DragonFly-2.3.2.101.gbf831 master libexec/dma net.c

Simon Schubert corecode at crater.dragonflybsd.org
Thu Jul 16 07:15:38 PDT 2009


commit bf83173b8369a83173ad6bd93993e7ea9c996a76
Author: Simon Schubert <corecode at dragonflybsd.org>
Date:   Thu Jul 16 13:43:28 2009 +0200

    dma: treat encrypted connections as secure
    
    Users have to set the INSECURE config option to allow dma to send
    plaintext passwords on login.  This commit allows dma to send plaintext
    passwords through TLS connections even if the INSECURE config option is
    not set.
    
    The downside is that this allows a man-in-the-middle attack on the
    password exchange.  The only solution to this is checking the server
    certificate, but we don't do that (yet).

Summary of changes:
 libexec/dma/net.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bf83173b8369a83173ad6bd93993e7ea9c996a76


-- 
DragonFly BSD source repository





More information about the Commits mailing list