From 7121040790b611ca3fbc400a1bbcd4364ef57233 Mon Sep 17 00:00:00 2001
From: Roy Marples <roy@marples.name>
Date: Fri, 19 Apr 2019 21:40:14 +0100
Subject: [PATCH] auth: Use consttime_memequal(3) to compare hashes

This stops any attacker from trying to infer secrets from latency.

Thanks to Maxime Villard <max@m00nbsd.net>
---
 src/auth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/auth.c b/src/auth.c
index 9e24998c..ce97051e 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -354,7 +354,7 @@ gottoken:
 	}
 
 	free(mm);
-	if (memcmp(d, &hmac_code, dlen)) {
+	if (!consttime_memequal(d, &hmac_code, dlen)) {
 		errno = EPERM;
 		return NULL;
 	}
-- 
2.21.0