From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 23 Feb 2011 10:01:02 +0000 (+0100)
Subject: Use rad_digest_cmp() to avoid timing attacks
X-Git-Tag: release_2_1_11~110
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=480a9079fc2c047cd9db4ee08ca9e55a068127b7;p=thirdparty%2Ffreeradius-server.git

Use rad_digest_cmp() to avoid timing attacks
---

diff --git a/src/modules/rlm_chap/rlm_chap.c b/src/modules/rlm_chap/rlm_chap.c
index 83e47d0c5a1..213a5c6c84a 100644
--- a/src/modules/rlm_chap/rlm_chap.c
+++ b/src/modules/rlm_chap/rlm_chap.c
@@ -114,8 +114,8 @@ static int chap_authenticate(void *instance, REQUEST *request)
 	rad_chap_encode(request->packet,pass_str,
 			chap->vp_octets[0],passwd_item);
 
-	if (memcmp(pass_str + 1, chap->vp_octets + 1,
-		   CHAP_VALUE_LENGTH) != 0){
+	if (rad_digest_cmp(pass_str + 1, chap->vp_octets + 1,
+			   CHAP_VALUE_LENGTH) != 0) {
 		RDEBUG("Password check failed");
 		snprintf(module_fmsg, sizeof(module_fmsg),
 			 "rlm_chap: Wrong user password");