On 03/13/2017 01:51 PM, Daniel P. Berrange wrote: > RFC 6331 documents a number of serious security weaknesses in > the SASL DIGEST-MD5 mechanism. As such, libvirtd should not > by using it as a default mechanism. GSSAPI is the only other > viable SASL mechanism that can provide secure session encryption > so enable that by defalt as the replacement. > > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> > --- > daemon/libvirtd.sasl | 44 +++++++++++++++++--------- > docs/auth.html.in | 89 +++++++++++++++++++++++++++++++++++++++++----------- > libvirt.spec.in | 6 ++-- > 3 files changed, 102 insertions(+), 37 deletions(-) ACK Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
