diff options
| author | Erik Johnston <erik@matrix.org> | 2016-07-06 11:04:44 +0100 |
|---|---|---|
| committer | Erik Johnston <erik@matrix.org> | 2016-07-06 11:05:16 +0100 |
| commit | 0da24cac8bde47961396f7da774d8dc8ed847107 (patch) | |
| tree | ab221a2b9b3a30c00c8a521c711bd6722c842e3b | |
| parent | Remove spurious txn (diff) | |
| download | synapse-0da24cac8bde47961396f7da774d8dc8ed847107.tar.xz | |
Add null separator to hmac
| -rwxr-xr-x | scripts/register_new_matrix_user | 2 | ||||
| -rw-r--r-- | synapse/rest/client/v1/register.py | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/scripts/register_new_matrix_user b/scripts/register_new_matrix_user index 987bf32d1c..12ed20d623 100755 --- a/scripts/register_new_matrix_user +++ b/scripts/register_new_matrix_user @@ -32,7 +32,9 @@ def request_registration(user, password, server_location, shared_secret, admin=F ) mac.update(user) + mac.update("\x00") mac.update(password) + mac.update("\x00") mac.update("admin" if admin else "notadmin") mac = mac.hexdigest() diff --git a/synapse/rest/client/v1/register.py b/synapse/rest/client/v1/register.py index 25d63a0b0b..83872f5f60 100644 --- a/synapse/rest/client/v1/register.py +++ b/synapse/rest/client/v1/register.py @@ -336,7 +336,9 @@ class RegisterRestServlet(ClientV1RestServlet): digestmod=sha1, ) want_mac.update(user) + want_mac.update("\x00") want_mac.update(password) + want_mac.update("\x00") want_mac.update("admin" if admin else "notadmin") want_mac = want_mac.hexdigest() |