upstream commit

Use a salted hash of the lock passphrase instead of plain
 text and do constant-time comparisons of it. Should prevent leaking any
 information about it via timing, pointed out by Ryan Castellucci.  Add a 0.1s
 incrementing delay for each failed unlock attempt up to 10s.  ok markus@
 (earlier version), djm@

Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f

0 files changed, 0 insertions, 0 deletions