Proxmox-Port/proxmox
1
0
Fork 0
forked from proxmox-mirrors/proxmox
Code Pull Requests Activity
8609fb58ef
proxmox/proxmox-auth-api
History
Stefan Sterz 8609fb58ef auth-api: use constant time comparison for csrf tokens 
by using openssl's `memcmp::eq()` we can avoid potential side-channel
attack on the csrf token comparison. this comparison's runtime only
depends on the length of the two byte vectors, not their contents.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2024-05-22 10:26:38 +02:00
..
debian auth-api: bump version to 0.3.5 2024-04-24 21:22:33 +02:00
examples auth-api: fixup examples 2023-07-10 09:06:35 +02:00
src auth-api: use constant time comparison for csrf tokens 2024-05-22 10:26:38 +02:00
Cargo.toml auth-api: bump version to 0.3.5 2024-04-24 21:22:33 +02:00