diff options
author | Stefan Metzmacher <metze@samba.org> | 2016-03-16 13:03:08 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2016-04-12 19:25:25 +0200 |
commit | 6ad9ba72a7739ca9da5d9c2f3c6c680d69d15251 (patch) | |
tree | 1656261742242ea7a2a98b1c582fbd9762eabb0e /source3/param | |
parent | 7cf3318fa99aa52c9baf669c6cf5ab440ff2b801 (diff) | |
download | samba-6ad9ba72a7739ca9da5d9c2f3c6c680d69d15251.tar.gz |
CVE-2016-2113: docs-xml: let "tls verify peer" default to "as_strict_as_possible"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11752
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Diffstat (limited to 'source3/param')
-rw-r--r-- | source3/param/loadparm.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index a2b1000f9d3..17cbaff577a 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -869,7 +869,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL); Globals.tls_enabled = true; - Globals.tls_verify_peer = TLS_VERIFY_PEER_NO_CHECK; + Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE; lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem"); lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem"); |