Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,781 Commits 27 Branches 785 Tags 625 MiB
dc6c569b98
Commit Graph

7 Commits

Author SHA1 Message Date
Brad Davidson
239021e759 Consistently use constant-time comparison of password hashes 
As per https://github.com/golang/go/issues/47001 even subtle.ConstantTimeCompare should never be used with variable-length inputs, as it will return 0 if the lengths do not match. Switch to consistently using constant-time comparisons of hashes for password checks to avoid any possible side-channel leaks that could be combined with other vectors to discover password lengths.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
 2023-05-09 13:54:50 -07:00
Luther Monson
9a849b1bb7
[master] changing package to k3s-io (#4846) 
* changing package to k3s-io

Signed-off-by: Luther Monson <luther.monson@gmail.com>

Co-authored-by: Derek Nola <derek.nola@suse.com>
 2022-03-02 15:47:27 -08:00
Erik Wilson
92d04355f4
Use secrets for node-passwd entries and cleanup 2020-11-05 09:48:53 -07:00
Knic Knic
2346ccc63f get build on windows and get api_server to work 2020-02-22 23:17:59 -08:00
Knic Knic
522e08872a do not rename inuse files 2020-02-21 22:45:05 -08:00
Erik Wilson
eff502342a Fix node-passwd on upgrade missing 3 columns 2019-11-12 13:16:05 -07:00
Darren Shepherd
ba240d0611 Refactor tokens, bootstrap, and cli args 2019-10-30 19:06:49 -07:00