summaryrefslogtreecommitdiff
path: root/src/mod_authn_mysql.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/mod_authn_mysql.c')
-rw-r--r--src/mod_authn_mysql.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/mod_authn_mysql.c b/src/mod_authn_mysql.c
index c1f881f5..d8842bfa 100644
--- a/src/mod_authn_mysql.c
+++ b/src/mod_authn_mysql.c
@@ -380,7 +380,7 @@ static int mod_authn_mysql_password_cmp(const char *userpw, unsigned long userpw
/*(compare 16-byte MD5 binary instead of converting to hex strings
* in order to then have to do case-insensitive hex str comparison)*/
return (0 == http_auth_digest_hex2bin(userpw, 32, md5pw, sizeof(md5pw)))
- ? memcmp(HA1, md5pw, sizeof(md5pw))
+ ? http_auth_const_time_memeq(HA1, md5pw, sizeof(md5pw)) ? 0 : 1
: -1;
}