stack/resilient: compare password in constant time

15a65975 · Jérome Perrin · 15c1948f · 15a65975 · 15a65975
Commit 15a65975 authored Jan 12, 2023 by Jérome Perrin
Showing with 3 additions and 2 deletions

stack/resilient/buildout.hash.cfg stack/resilient/buildout.hash.cfg +1 -1

stack/resilient/resilient-web-takeover-cgi-script.py.in stack/resilient/resilient-web-takeover-cgi-script.py.in +2 -1

No files found.
--- a/stack/resilient/buildout.hash.cfg
+++ b/stack/resilient/buildout.hash.cfg
@@ -46,7 +46,7 @@ md5sum = 2c9828b57a65ee1eda62fcc4e9a92714

 [resilient-web-takeover-cgi-script-download]
 filename = resilient-web-takeover-cgi-script.py.in
-md5sum = 261d00f9ae4f75881385727832eec249
+md5sum = 8f5c9830f4865265d3477fe51425e71d

 [template-wrapper]
 filename = templates/wrapper.in

--- a/stack/resilient/resilient-web-takeover-cgi-script.py.in
+++ b/stack/resilient/resilient-web-takeover-cgi-script.py.in
@@ -8,6 +8,7 @@ takeover_script = '${resiliency-takeover-script:wrapper-takeover}'
 import atexit
 import cgi
 import datetime
+import hmac
 try:
  import dbm.gnu as gdbm
 except ImportError:
@@ -105,7 +106,7 @@ if "password" not in form:
 </html>""" % (latest_backup_message, isBackupInProgress(), getSoftwareReleaseInformationFormatted()))
  sys.exit(0)

-if form['password'].value != '${:password}':
+if not hmac.compare_digest(form['password'].value.encode(), b'${:password}'):
  print("<H1>Error</H1>")
  print("Password is invalid.")
  sys.exit(1)