Re: [PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

On 28 February 2017 at 22:52, Matthieu Herrb wrote: > > On Tue, Feb 28, 2017 at 10:41:29PM +, Emil Velikov wrote: >> Hi Matthieu, >> >> On 28 February 2017 at 18:18, Matthieu Herrb wrote: >> > Provide the function definition for systems that don't have

Re: [PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

On Wed, Mar 01, 2017 at 12:15:00AM +0100, Hans de Goede wrote: > Hi, > > On 28-02-17 23:52, Matthieu Herrb wrote: > > > > On Tue, Feb 28, 2017 at 10:41:29PM +, Emil Velikov wrote: > > > Hi Matthieu, > > > > > > On 28 February 2017 at 18:18, Matthieu Herrb wrote: > > > >

Re: [PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

Hi, On 28-02-17 23:52, Matthieu Herrb wrote: On Tue, Feb 28, 2017 at 10:41:29PM +, Emil Velikov wrote: Hi Matthieu, On 28 February 2017 at 18:18, Matthieu Herrb wrote: Provide the function definition for systems that don't have it. Signed-off-by: Matthieu Herrb

Re: [PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

On Tue, Feb 28, 2017 at 10:41:29PM +, Emil Velikov wrote: > Hi Matthieu, > > On 28 February 2017 at 18:18, Matthieu Herrb wrote: > > Provide the function definition for systems that don't have it. > > > > Signed-off-by: Matthieu Herrb > > Reviewed-by:

Re: [PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

Hi Matthieu, On 28 February 2017 at 18:18, Matthieu Herrb wrote: > Provide the function definition for systems that don't have it. > > Signed-off-by: Matthieu Herrb > Reviewed-by: Alan Coopersmith > --- > configure.ac

[PATCH 1/3] Use timingsafe_memcmp() to compare MIT-MAGIC-COOKIES CVE-2017-2624

Provide the function definition for systems that don't have it. Signed-off-by: Matthieu Herrb Reviewed-by: Alan Coopersmith --- configure.ac| 3 ++- include/dix-config.h.in | 3 +++ include/os.h| 5 + os/mitauth.c