summaryrefslogtreecommitdiff
path: root/src/mod_authn_mysql.c
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2019-09-08 18:26:58 -0400
committerGlenn Strauss <gstrauss@gluelogic.com>2019-09-08 18:26:58 -0400
commit0e749c1c84326a51f0f8a80c6db49c31c8e920ab (patch)
treec8fcd7135c621fa228194009e22e697e2e2b8985 /src/mod_authn_mysql.c
parent89dfbf14a5f9bb19bc89e9c29bffe2f5e8dcdcaa (diff)
downloadlighttpd1.4-0e749c1c84326a51f0f8a80c6db49c31c8e920ab.tar.gz
lighttpd1.4-0e749c1c84326a51f0f8a80c6db49c31c8e920ab.zip
[mod_auth] http_auth_const_time_memeq() (#2975, #2976)
use constant time comparison when comparing digests (mitigation for brute-force timing attacks against digests generated using the same nonce) x-ref: "Digest auth nonces are not validated" https://redmine.lighttpd.net/issues/2976 "safe_memcmp new function proposal" https://redmine.lighttpd.net/issues/2975
Diffstat (limited to 'src/mod_authn_mysql.c')
-rw-r--r--src/mod_authn_mysql.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/mod_authn_mysql.c b/src/mod_authn_mysql.c
index c1f881f5..d8842bfa 100644
--- a/src/mod_authn_mysql.c
+++ b/src/mod_authn_mysql.c
@@ -380,7 +380,7 @@ static int mod_authn_mysql_password_cmp(const char *userpw, unsigned long userpw
/*(compare 16-byte MD5 binary instead of converting to hex strings
* in order to then have to do case-insensitive hex str comparison)*/
return (0 == http_auth_digest_hex2bin(userpw, 32, md5pw, sizeof(md5pw)))
- ? memcmp(HA1, md5pw, sizeof(md5pw))
+ ? http_auth_const_time_memeq(HA1, md5pw, sizeof(md5pw)) ? 0 : 1
: -1;
}