git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 87f6850) | patch
auth: Use constant-time memcmp when comparing sensitive buffers
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Thu, 17 Feb 2022 02:35:42 +0000 (15:35 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 9 Jun 2022 22:49:29 +0000 (22:49 +0000)
commitae6634c78774d2368e815dea650ba71650dd1861
treebf361a9acf1e5eb9595b25adea734d303bad31c4tree
parent87f68500ed651f393e2fc6c514ab08b561a60a9bcommit | diff
auth: Use constant-time memcmp when comparing sensitive buffers

This helps to avoid timing attacks.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15010

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
24 files changed:
auth/gensec/schannel.c diff | blob | history
auth/ntlmssp/ntlmssp_ndr.c diff | blob | history
auth/ntlmssp/ntlmssp_server.c diff | blob | history
auth/ntlmssp/ntlmssp_sign.c diff | blob | history
lib/util/data_blob.c diff | blob | history
lib/util/data_blob.h diff | blob | history
libcli/auth/credentials.c diff | blob | history
libcli/auth/netlogon_creds_cli.c diff | blob | history
libcli/auth/ntlm_check.c diff | blob | history
libcli/smb/smbXcli_base.c diff | blob | history
libcli/smb/smb_signing.c diff | blob | history
source3/librpc/crypto/gse_krb5.c diff | blob | history
source3/passdb/machine_account_secrets.c diff | blob | history
source3/rpc_client/cli_netlogon.c diff | blob | history
source3/rpc_server/netlogon/srv_netlog_nt.c diff | blob | history
source3/rpc_server/samr/srv_samr_chgpasswd.c diff | blob | history
source3/winbindd/winbindd_dual_srv.c diff | blob | history
source3/winbindd/winbindd_pam.c diff | blob | history
source4/auth/ntlm/auth_sam.c diff | blob | history
source4/dsdb/samdb/ldb_modules/password_hash.c diff | blob | history
source4/libcli/raw/smb_signing.c diff | blob | history
source4/rpc_server/backupkey/dcesrv_backupkey.c diff | blob | history
source4/rpc_server/netlogon/dcerpc_netlogon.c diff | blob | history
source4/rpc_server/samr/samr_password.c diff | blob | history
Samba Shared Repository