On Thu, Sep 29, 2011 at 08:15:55PM +0200, Stephan Beal wrote: > On Thu, Sep 29, 2011 at 8:00 PM, Dmitry Chestnykh > <dmi...@codingrobots.com>wrote: > > > The more eyes the better, as it touches login code. > > ...COMPARE("AAAAAAAAA", "PASSWORD") returns FALSE in 0.1 msec, but > > COMPARE("PAAAAAAAA", "PASSWORD") returns FALSE in 0.3 msec, because it did > > two comparisons: > > > > All that said - i wouldn't object to this being added (as if my vote > matters! ;), i just think it's overly paranoid.
I totally agree. I don't object, but I consider this either paranoid or simply thinking an excuse to play with fossil authentication code. :) Regards. _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users