DragonFly-2.3.2.101.gbf831 master libexec/dma net.c
Simon Schubert
corecode at crater.dragonflybsd.org
Thu Jul 16 07:15:38 PDT 2009
commit bf83173b8369a83173ad6bd93993e7ea9c996a76
Author: Simon Schubert <corecode at dragonflybsd.org>
Date: Thu Jul 16 13:43:28 2009 +0200
dma: treat encrypted connections as secure
Users have to set the INSECURE config option to allow dma to send
plaintext passwords on login. This commit allows dma to send plaintext
passwords through TLS connections even if the INSECURE config option is
not set.
The downside is that this allows a man-in-the-middle attack on the
password exchange. The only solution to this is checking the server
certificate, but we don't do that (yet).
Summary of changes:
libexec/dma/net.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bf83173b8369a83173ad6bd93993e7ea9c996a76
--
DragonFly BSD source repository
More information about the Commits
mailing list