nant's projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 10eeb0d) | patch
dma: treat encrypted connections as secure
authorSimon Schubert <corecode@dragonflybsd.org>
Thu, 16 Jul 2009 11:43:28 +0000 (13:43 +0200)
committerSimon Schubert <corecode@dragonflybsd.org>
Thu, 16 Jul 2009 14:13:08 +0000 (16:13 +0200)
commitbf83173b8369a83173ad6bd93993e7ea9c996a76
tree5811db32aee939ae4ad01d330f32d760b4c6bc09tree | snapshot
parent10eeb0df95b955bf390441d90a3a68330819225ccommit | diff
dma: treat encrypted connections as secure

Users have to set the INSECURE config option to allow dma to send
plaintext passwords on login.  This commit allows dma to send plaintext
passwords through TLS connections even if the INSECURE config option is
not set.

The downside is that this allows a man-in-the-middle attack on the
password exchange.  The only solution to this is checking the server
certificate, but we don't do that (yet).
libexec/dma/net.c diff | blob | blame | history
Nuno's DragonFly repo.