bridgepassword 602 B

1234567891011
  1. o Security fixes:
  2. - When using the debuging BridgePassword field, a bridge authority
  3. now compares alleged passwords by hashing them, then comparing
  4. the result to a digest of the expected authenticator. This avoids
  5. a potential side-channel attack in the previous code, which
  6. had foolishly used strcmp(). Fortunately, the BridgePassword field
  7. *is not in use*, but if it had been, the timing
  8. behavior of strcmp() might have allowed an adversary to guess the
  9. BridgePassword value, and enumerate the bridges. Bugfix on
  10. 0.2.0.14-alpha. Fixes bug 5543.