bareos: master 93f2db64

Author Committer Branch Timestamp Parent
franku franku master 2020-06-07 19:32 master 94a0525e Pending
Affected Issues  0001250: Authentication bypass in Director when allowing client and director initiated connections
Changeset cram-md5: do not accept challenge if own resource name is used

Fixes 0001250: Authentication bypass in Director

use the unified-resource-name for the cram challenge
i.e. auth cram-md5 <1001326377.1591525437@R_CLIENT::backup-bareos-test-fd>
mod - core/src/lib/cram_md5.cc Diff File
mod - core/src/lib/cram_md5.h Diff File
mod - core/src/lib/util.cc Diff File
mod - core/src/lib/util.h Diff File
mod - core/src/tests/bsock_test_connection_setup.cc Diff File