From 57dfd6249a69ae6b667230c3597fb4b86e31db70 Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Fri, 19 Jun 2020 03:28:42 +0100
Subject: Use InspIRCd::TimingSafeCompare in more places.

---
 src/modules/m_bcrypt.cpp | 11 -----------
 src/modules/m_pbkdf2.cpp |  2 +-
 2 files changed, 1 insertion(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/modules/m_bcrypt.cpp b/src/modules/m_bcrypt.cpp
index 04cb06b08..a8de729d2 100644
--- a/src/modules/m_bcrypt.cpp
+++ b/src/modules/m_bcrypt.cpp
@@ -56,17 +56,6 @@ class BCryptProvider : public HashProvider
 		return Generate(data, Salt());
 	}
 
-	bool Compare(const std::string& input, const std::string& hash) CXX11_OVERRIDE
-	{
-		std::string ret = Generate(input, hash);
-		if (ret.empty())
-			return false;
-
-		if (ret == hash)
-			return true;
-		return false;
-	}
-
 	std::string ToPrintable(const std::string& raw) CXX11_OVERRIDE
 	{
 		return raw;
diff --git a/src/modules/m_pbkdf2.cpp b/src/modules/m_pbkdf2.cpp
index a4ac69f12..8a57936fd 100644
--- a/src/modules/m_pbkdf2.cpp
+++ b/src/modules/m_pbkdf2.cpp
@@ -126,7 +126,7 @@ class PBKDF2Provider : public HashProvider
 			return false;
 
 		std::string cmp = PBKDF2(input, hs.salt, hs.iterations, hs.length);
-		return (cmp == hs.hash);
+		return InspIRCd::TimingSafeCompare(cmp, hs.hash);
 	}
 
 	std::string ToPrintable(const std::string& raw) CXX11_OVERRIDE
-- 
cgit v1.2.3