mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-08 07:52:40 +01:00
4a53fc339e
Summary: Ref T13436. There's no real security value to doing this comparison, it just wards off evil "security researchers" who get upset if you ever compare two strings with a non-constant-time algorithm. In practice, SSH public keys are pretty long, pretty public, and have pretty similar lengths. This leads to a relatively large amount of work to do constant-time comparisons on them (we frequently can't abort early after identifying differing string length). Test Plan: Ran `bin/ssh-auth --sshd-key ...` on `secure` with ~1K keys, saw runtime drop by ~50% (~400ms to ~200ms) with `===`. Maniphest Tasks: T13436 Differential Revision: https://secure.phabricator.com/D20875 |
||
|---|---|---|
| .. | ||
| almanac | ||
| cache | ||
| celerity | ||
| daemon | ||
| diviner | ||
| drydock | ||
| fact | ||
| files | ||
| fpm | ||
| init | ||
| install | ||
| lipsum | ||
| repository | ||
| search | ||
| setup | ||
| sql | ||
| ssh | ||
| symbols | ||
| util | ||
| __init_script__.php | ||
| manage_bulk.php | ||