CVSROOT: /cvs Module name: src Changes by: dtuc...@cvs.openbsd.org 2015/05/14 23:44:21
Modified files:
usr.bin/ssh : ssh-agent.c
Log message:
Use a salted hash of the lock passphrase instead of plain text and do
constant-time comparisons of it. Should prevent leaking any information about
it via timing, pointed out by Ryan Castellucci. Add a 0.1s incrementing delay
for each failed unlock attempt up to 10s. ok markus@ (earlier version), djm@
