diff options
| author | Michal Čihař <michal@cihar.com> | 2016-08-18 10:39:22 +0300 |
|---|---|---|
| committer | Michal Čihař <michal@cihar.com> | 2016-08-18 10:39:22 +0300 |
| commit | 6117ad5cef7bbe3ff080efb557bbafaff757e0ea (patch) | |
| tree | e6d8a9949c230a06e1bbddd28fee06a2fd41dc20 /libraries/plugins | |
| parent | 58245cb1cc25a1b167941cf30a4cc742a27c0b5b (diff) | |
Use hash_equals for checking username
This makes the comparison happen in constant time and makes it
impossible to use it to guess stored usernames.
Signed-off-by: Michal Čihař <michal@cihar.com>
Diffstat (limited to 'libraries/plugins')
| -rw-r--r-- | libraries/plugins/auth/AuthenticationCookie.class.php | 4 | ||||
| -rw-r--r-- | libraries/plugins/auth/AuthenticationHttp.class.php | 6 |
2 files changed, 5 insertions, 5 deletions
diff --git a/libraries/plugins/auth/AuthenticationCookie.class.php b/libraries/plugins/auth/AuthenticationCookie.class.php index d0ac972b8c..1d35b139ff 100644 --- a/libraries/plugins/auth/AuthenticationCookie.class.php +++ b/libraries/plugins/auth/AuthenticationCookie.class.php @@ -413,14 +413,14 @@ class AuthenticationCookie extends AuthenticationPlugin // Ensures valid authentication mode, 'only_db', bookmark database and // table names and relation table name are used - if ($cfg['Server']['user'] != $GLOBALS['PHP_AUTH_USER']) { + if (! hash_equals($cfg['Server']['user'], $GLOBALS['PHP_AUTH_USER'])) { foreach ($cfg['Servers'] as $idx => $current) { if ($current['host'] == $cfg['Server']['host'] && $current['port'] == $cfg['Server']['port'] && $current['socket'] == $cfg['Server']['socket'] && $current['ssl'] == $cfg['Server']['ssl'] && $current['connect_type'] == $cfg['Server']['connect_type'] - && $current['user'] == $GLOBALS['PHP_AUTH_USER'] + && hash_equals($current['user'], $GLOBALS['PHP_AUTH_USER']) ) { $GLOBALS['server'] = $idx; $cfg['Server'] = $current; diff --git a/libraries/plugins/auth/AuthenticationHttp.class.php b/libraries/plugins/auth/AuthenticationHttp.class.php index 54a49ad09c..ad695e3510 100644 --- a/libraries/plugins/auth/AuthenticationHttp.class.php +++ b/libraries/plugins/auth/AuthenticationHttp.class.php @@ -164,7 +164,7 @@ class AuthenticationHttp extends AuthenticationPlugin // User logged out -> ensure the new username is not the same $old_usr = isset($_REQUEST['old_usr']) ? $_REQUEST['old_usr'] : ''; if (! empty($old_usr) - && (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER) + && (isset($PHP_AUTH_USER) && hash_equals($old_usr, $PHP_AUTH_USER)) ) { $PHP_AUTH_USER = ''; // -> delete user's choices that were stored in session @@ -197,12 +197,12 @@ class AuthenticationHttp extends AuthenticationPlugin // Ensures valid authentication mode, 'only_db', bookmark database and // table names and relation table name are used - if ($cfg['Server']['user'] != $PHP_AUTH_USER) { + if (! hash_equals($cfg['Server']['user'], $PHP_AUTH_USER)) { $servers_cnt = count($cfg['Servers']); for ($i = 1; $i <= $servers_cnt; $i++) { if (isset($cfg['Servers'][$i]) && ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] - && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER) + && hash_equals($cfg['Servers'][$i]['user'], $PHP_AUTH_USER)) ) { $server = $i; $cfg['Server'] = $cfg['Servers'][$i]; |