aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-06-29 17:24:41 (GMT)
committerJouni Malinen <j@w1.fi>2014-07-02 09:38:47 (GMT)
commita564d9ca3653af7d4e61cab12e10f232ca9c63ce (patch)
tree2959a69883d25d30416b4118c6ccafdd583f0288 /src/eap_server
parent468548255272aee552a83b578d1e6be08e5284c4 (diff)
downloadhostap-a564d9ca3653af7d4e61cab12e10f232ca9c63ce.zip
hostap-a564d9ca3653af7d4e61cab12e10f232ca9c63ce.tar.gz
hostap-a564d9ca3653af7d4e61cab12e10f232ca9c63ce.tar.bz2
EAP-MD5: Use os_memcmp_const() for hash/password comparisons
This makes the implementation less likely to provide useful timing information to potential attackers from comparisons of information received from a remote device and private material known only by the authorized devices. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_server')
-rw-r--r--src/eap_server/eap_server_md5.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/eap_server/eap_server_md5.c b/src/eap_server/eap_server_md5.c
index 5a5e290..71e8d59 100644
--- a/src/eap_server/eap_server_md5.c
+++ b/src/eap_server/eap_server_md5.c
@@ -126,7 +126,7 @@ static void eap_md5_process(struct eap_sm *sm, void *priv,
return;
}
- if (os_memcmp(hash, pos, CHAP_MD5_LEN) == 0) {
+ if (os_memcmp_const(hash, pos, CHAP_MD5_LEN) == 0) {
wpa_printf(MSG_DEBUG, "EAP-MD5: Done - Success");
data->state = SUCCESS;
} else {