]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a120b7a) | patch
Remove pointer from the input of Digest nonce hashes (#549)
authorsquidcontrib <56416132+squidcontrib@users.noreply.github.com>
Wed, 29 Jan 2020 06:10:04 +0000 (06:10 +0000)
committerSquid Anubis <squid-anubis@squid-cache.org>
Sat, 8 Feb 2020 06:11:44 +0000 (06:11 +0000)
commitb863968374cc519f2d587a36206446beb56c1d2b
tree0e907f413aa4b25386a4821414e7052feec90686tree | snapshot
parenta120b7a8793b8b1fadd97063dd5c20485a3ab1f1commit | diff
Remove pointer from the input of Digest nonce hashes (#549)

This is a follow-up to #491 (b20ce97), which hashed what was previously
revealed as plaintext. Removing the pointer from the input to the hash
removes the possibility that someone could recover a pointer by
reversing a hash. Having the pointer as input was not adding anything:
Squid remembers all outstanding nonces, so it really only requires
uniqueness, which is already guaranteed by the
authenticateDigestNonceFindNonce loop.
src/auth/digest/Config.cc diff | blob | blame | history
src/auth/digest/Config.h diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git