diff options
author | 2014-03-12 21:21:10 -0400 | |
---|---|---|
committer | 2014-03-12 21:41:20 -0400 | |
commit | 77693b77a7c7ae09e340e3a609c0c310eeb68fa7 (patch) | |
tree | 667655d2550fa1b513dd2289bd284128f0a23020 /debian | |
parent | 4bb70698d38aaca746e163c0602ee74da0915d80 (diff) |
webapp: Use securemem for constant time auth token comparisons.
Debian stable does not have securemem, but neither does it have warp-tls,
so just disable use of securemem when not building with https support.
Diffstat (limited to 'debian')
-rw-r--r-- | debian/changelog | 1 | ||||
-rw-r--r-- | debian/control | 2 |
2 files changed, 3 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 7ff502ad3..ca82d88ad 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,7 @@ git-annex (5.20140307) UNRELEASED; urgency=medium are no longer incorrectly detected as unused. * repair: Improve memory usage when git fsck finds a great many broken objects. + * webapp: Use securemem for constant time auth token comparisons. -- Joey Hess <joeyh@debian.org> Thu, 06 Mar 2014 16:17:01 -0400 diff --git a/debian/control b/debian/control index 30840b34e..9b6e812b8 100644 --- a/debian/control +++ b/debian/control @@ -39,6 +39,8 @@ Build-Depends: libghc-warp-tls-dev [i386 amd64 kfreebsd-i386 kfreebsd-amd64 powerpc sparc], libghc-wai-dev [i386 amd64 kfreebsd-i386 kfreebsd-amd64 powerpc sparc], libghc-wai-logger-dev [i386 amd64 kfreebsd-i386 kfreebsd-amd64 powerpc sparc], + libghc-securemem-dev, + libghc-byteable-dev, libghc-dns-dev, libghc-case-insensitive-dev, libghc-http-types-dev, |