bareos: bareos-19.2 27ed33ed

Author Committer Branch Timestamp Parent
franku franku bareos-19.2 2020-06-07 19:32 bareos-19.2 4dec4a23 Pending
Affected Issues  0001250: Authentication bypass in Director when allowing client and director initiated connections
Changeset cram-md5: do not accept challenge if own resource name is used

Fixes 0001250: Authentication bypass in Director

use the unified-resource-name for the cram challenge
i.e. auth cram-md5 <1001326377.1591525437@R_CLIENT::backup-bareos-test-fd>
mod - core/src/lib/ Diff File
mod - core/src/lib/cram_md5.h Diff File
mod - core/src/lib/ Diff File
mod - core/src/lib/util.h Diff File
mod - core/src/tests/ Diff File