dandri/i2p.i2p
1
0
Fork 0
mirror of https://github.com/i2p/i2p.i2p.git synced 2026-06-04 15:11:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Util: Use constant-time comparison in various password checkers

Browse Source 
reported by: bottomlineit.co.za
This commit is contained in:
zzz
2026-05-08 15:02:22 -04:00
parent bbe18c9e9f
commit a4afe588f3
5 changed files with 68 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/routerconsole/java/src/net/i2p/router/web/ConsolePasswordManager.java
+1 -1
View File
@@ -67,7 +67,7 @@ public class ConsolePasswordManager extends RouterPasswordManager {
String hex = _context.getProperty(pfx + PROP_MD5);
if (hex == null)
return false;
return hex.equals(md5Hex(subrealm, user, pw));
return DataHelper.eqCT(md5Hex(subrealm, user, pw), hex);
}
/**