Russtopia/xs
2
1
Fork 0
mirror of https://gogs.blitter.com/RLabs/xs synced 2024-08-14 10:26:42 +00:00
Code Issues Projects Releases Wiki Activity

-hkexauth now always tries bcrypt even for nonexistent users (user enum timing attack resist)

Browse source
This commit is contained in:
Russ Magee 2018-09-11 22:36:20 -07:00
parent 140523dabb
commit 350f3f375e
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
hkexauth.go
View file

@ -34,7 +34,14 @@ func AuthUser(username string, auth string, fname string) (valid bool, allowedCm
for { for {
record, err := r.Read() record, err := r.Read()
if err == io.EOF { if err == io.EOF {
break // Use dummy entry if user not found
// (prevent user enumeration attack via obvious timing diff;
// ie., not attempting any auth at all)
record = []string{"$nosuchuser$",
"$2a$12$l0coBlRDNEJeQVl6GdEPbU",
"$2a$12$l0coBlRDNEJeQVl6GdEPbUC/xmuOANvqgmrMVum6S4i.EXPgnTXy6"}
username = "$nosuchuser$"
err = nil
} }
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
@ -42,7 +49,7 @@ func AuthUser(username string, auth string, fname string) (valid bool, allowedCm
if username == record[0] { if username == record[0] {
tmp, _ := bcrypt.Hash(auth, record[1]) tmp, _ := bcrypt.Hash(auth, record[1])
if tmp == record[2] { if tmp == record[2] && username != "$nosuchuser$" {
valid = true valid = true
} }
break break