[Rt-commit] rt branch, 4.0.25-releng, updated. rt-4.0.25rc2-1-ga9c7049

Shawn Moore shawn at bestpractical.com
Tue Jul 11 11:36:12 EDT 2017


The branch, 4.0.25-releng has been updated
       via  a9c70491044c6590225da82096ff150b0cdfaa08 (commit)
      from  0c49a075b6a92931737fd4f20e57eeef46dde1e7 (commit)

Summary of changes:
 lib/RT/User.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

- Log -----------------------------------------------------------------
commit a9c70491044c6590225da82096ff150b0cdfaa08
Author: Shawn M Moore <shawn at bestpractical.com>
Date:   Tue Jul 11 11:13:18 2017 -0400

    Avoid unnecessarily regenerating passwords on login
    
    The password timing attack commit dae22b7de dropped the unconditional
    return for the SHA512 branch. This means a successful login fell through
    to the end of IsPassword, meant for upgrading legacy password formats.
    It's unnecessary since the password is already stored in the latest form.
    
    There is no security concern because the SHA512 branch was still
    returning 0 immediately when the password was incorrect.

diff --git a/lib/RT/User.pm b/lib/RT/User.pm
index c5e0e54..e98c73c 100644
--- a/lib/RT/User.pm
+++ b/lib/RT/User.pm
@@ -946,7 +946,7 @@ sub IsPassword {
         # If it's a new-style (>= RT 4.0) password, it starts with a '!'
         my (undef, $method, $salt, undef) = split /!/, $stored;
         if ($method eq "sha512") {
-            return 0 unless RT::Util::constant_time_eq(
+            return RT::Util::constant_time_eq(
                 $self->_GeneratePassword_sha512($value, $salt),
                 $stored
             );

-----------------------------------------------------------------------


More information about the rt-commit mailing list