mirror of
https://github.com/rclone/rclone
synced 2024-11-28 06:41:41 +01:00
proxy: reduce the internal bcrypt strength to fix race tests
Before this change the race tests were taking too long. The bcrypt function went from about 20ms to 1s under the race detector and this is called for every transaction on webdav. This change reduces the bcrypt strength so it takes 1ms non race so the race tests pass and still has adequate security for in memory only storage.
This commit is contained in:
parent
51efb349ac
commit
9115752679
@ -208,7 +208,10 @@ func (p *Proxy) call(user, pass string, passwordBytes []byte) (value interface{}
|
||||
if err != nil {
|
||||
return nil, false, err
|
||||
}
|
||||
pwHash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.DefaultCost)
|
||||
// The bcrypt cost is a compromise between security and speed. The password is looked up on every
|
||||
// transaction for WebDAV so we store it lightly hashed. An attacker would find it easier to go after
|
||||
// the unencrypted password in memory most likely.
|
||||
pwHash, err := bcrypt.GenerateFromPassword(passwordBytes, bcrypt.MinCost)
|
||||
if err != nil {
|
||||
return nil, false, err
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user