]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cb6313c) | patch
Remove pointer from the input of Digest nonce hashes (#549)
authorsquidcontrib <56416132+squidcontrib@users.noreply.github.com>
Wed, 29 Jan 2020 06:10:04 +0000 (06:10 +0000)
committerAmos Jeffries <yadij@users.noreply.github.com>
Thu, 19 Mar 2020 10:49:01 +0000 (23:49 +1300)
commit81133547aadf8c7ee653f900cf289b535f50fd52
tree2d25e735919352bd5d18de44b0d6b168ea4e5944tree | snapshot
parentcb6313c215d076f98e4997b3d24314336f7d6a4acommit | diff
Remove pointer from the input of Digest nonce hashes (#549)

This is a follow-up to #491 (b20ce97), which hashed what was previously
revealed as plaintext. Removing the pointer from the input to the hash
removes the possibility that someone could recover a pointer by
reversing a hash. Having the pointer as input was not adding anything:
Squid remembers all outstanding nonces, so it really only requires
uniqueness, which is already guaranteed by the
authenticateDigestNonceFindNonce loop.
src/auth/digest/Config.cc diff | blob | blame | history
src/auth/digest/Config.h diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git