mirror of
https://github.com/weechat/weechat.git
synced 2026-07-01 15:26:37 +02:00
relay: fix timing attack on password authentication (GHSA-vhv8-g2r9-cwcc)
The relay authentication used non-constant-time comparisons (strcasecmp, strcmp) to verify password hashes and plaintext passwords, allowing an attacker to derive the expected hash byte-by-byte from response timing and then authenticate without knowing the password. - SHA/PBKDF2 hex hash comparisons: normalize the client-supplied hash to uppercase and compare in constant time over the fixed expected length. - Plaintext password comparison: HMAC-SHA256 both passwords with a fresh per-call random key and compare the fixed-size MACs in constant time, hiding both per-byte timing and the password length. Add string_memcmp_constant_time helper in core, exposed via the plugin API. Bump WEECHAT_PLUGIN_API_VERSION accordingly.
This commit is contained in:
@@ -624,6 +624,7 @@ plugin_load (const char *filename, int init_plugin, int argc, char **argv)
|
||||
new_plugin->strncasecmp = &string_strncasecmp;
|
||||
new_plugin->strncasecmp_range = &string_strncasecmp_range;
|
||||
new_plugin->strcmp_ignore_chars = &string_strcmp_ignore_chars;
|
||||
new_plugin->string_memcmp_constant_time = &string_memcmp_constant_time;
|
||||
new_plugin->strcasestr = &string_strcasestr;
|
||||
new_plugin->strlen_screen = &gui_chat_strlen_screen;
|
||||
new_plugin->string_match = &string_match;
|
||||
|
||||
Reference in New Issue
Block a user