]> git.ipfire.org Git - thirdparty/hostap.git/commitdiff
projects / thirdparty / hostap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4685482)
EAP-MD5: Use os_memcmp_const() for hash/password comparisons
authorJouni Malinen <j@w1.fi>
Sun, 29 Jun 2014 17:24:41 +0000 (20:24 +0300)
committerJouni Malinen <j@w1.fi>
Wed, 2 Jul 2014 09:38:47 +0000 (12:38 +0300)
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
src/eap_server/eap_server_md5.c patch | blob | blame | history

diff --git a/src/eap_server/eap_server_md5.c b/src/eap_server/eap_server_md5.c
index 5a5e2907efd629d9aa8cf603e088aa76cfc50442..71e8d59e03960a1bec9f575b7406da3bd3e11930 100644 (file)
--- a/src/eap_server/eap_server_md5.c
+++ b/src/eap_server/eap_server_md5.c
@@ -126,7 +126,7 @@ static void eap_md5_process(struct eap_sm *sm, void *priv,
                return;
        }
 
-       if (os_memcmp(hash, pos, CHAP_MD5_LEN) == 0) {
+       if (os_memcmp_const(hash, pos, CHAP_MD5_LEN) == 0) {
                wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Success");
                data->state = SUCCESS;
        } else {
Unnamed repository; edit this file 'description' to name the repository.