diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2018-04-13 03:57:26 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2018-04-13 15:26:11 +1000 |
commit | e9d910b0289c820852f7afa67f584cef1c05fe95 (patch) | |
tree | 207f618329c9df13a2278c71c95b1dc66450bb86 /openbsd-compat | |
parent | d97874cbd909eb706886cd0cdd418f812c119ef9 (diff) |
upstream: Defend against user enumeration timing attacks. This
establishes a minimum time for each failed authentication attempt (5ms) and
adds a per-user constant derived from a host secret (0-4ms). Based on work
by joona.kannisto at tut.fi, ok markus@ djm@.
OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca
Diffstat (limited to 'openbsd-compat')
0 files changed, 0 insertions, 0 deletions