aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-06-29 17:26:25 (GMT)
committerJouni Malinen <j@w1.fi>2014-07-02 09:38:48 (GMT)
commit3e4b77c9bdcabb60ecb5253752cc2c1af5cb67e7 (patch)
treedd377f60639added8245559e66618fb92eee176a /src/eap_server
parenta6eae3f7a1477aaa15b2461340c2cd269da2232c (diff)
downloadhostap-3e4b77c9bdcabb60ecb5253752cc2c1af5cb67e7.zip
hostap-3e4b77c9bdcabb60ecb5253752cc2c1af5cb67e7.tar.gz
hostap-3e4b77c9bdcabb60ecb5253752cc2c1af5cb67e7.tar.bz2
EAP-GTC: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing information to potential attackers from comparisons of information received from a remote device and private material known only by the authorized devices. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_server')
-rw-r--r--src/eap_server/eap_server_gtc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/eap_server/eap_server_gtc.c b/src/eap_server/eap_server_gtc.c
index f423106..98ac3c6 100644
--- a/src/eap_server/eap_server_gtc.c
+++ b/src/eap_server/eap_server_gtc.c
@@ -175,7 +175,7 @@ static void eap_gtc_process(struct eap_sm *sm, void *priv,
}
if (rlen != sm->user->password_len ||
- os_memcmp(pos, sm->user->password, rlen) != 0) {
+ os_memcmp_const(pos, sm->user->password, rlen) != 0) {
wpa_printf(MSG_DEBUG, "EAP-GTC: Done - Failure");
data->state = FAILURE;
} else {