Commit Graph

8 Commits

Author SHA1 Message Date
Manuel Buil
869e030bdd VPN PoC
Signed-off-by: Manuel Buil <mbuil@suse.com>
2023-06-09 12:39:33 +02:00
Brad Davidson
239021e759 Consistently use constant-time comparison of password hashes
As per https://github.com/golang/go/issues/47001 even subtle.ConstantTimeCompare should never be used with variable-length inputs, as it will return 0 if the lengths do not match. Switch to consistently using constant-time comparisons of hashes for password checks to avoid any possible side-channel leaks that could be combined with other vectors to discover password lengths.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2023-05-09 13:54:50 -07:00
Luther Monson
9a849b1bb7
[master] changing package to k3s-io (#4846)
* changing package to k3s-io

Signed-off-by: Luther Monson <luther.monson@gmail.com>

Co-authored-by: Derek Nola <derek.nola@suse.com>
2022-03-02 15:47:27 -08:00
Erik Wilson
92d04355f4
Use secrets for node-passwd entries and cleanup 2020-11-05 09:48:53 -07:00
Knic Knic
2346ccc63f get build on windows and get api_server to work 2020-02-22 23:17:59 -08:00
Knic Knic
522e08872a do not rename inuse files 2020-02-21 22:45:05 -08:00
Erik Wilson
eff502342a Fix node-passwd on upgrade missing 3 columns 2019-11-12 13:16:05 -07:00
Darren Shepherd
ba240d0611 Refactor tokens, bootstrap, and cli args 2019-10-30 19:06:49 -07:00