Thread: pgsql: Add timingsafe_bcmp(), for constant-time memory comparison

Add timingsafe_bcmp(), for constant-time memory comparison

timingsafe_bcmp() should be used instead of memcmp() or a naive
for-loop, when comparing passwords or secret tokens, to avoid leaking
information about the secret token by timing. This commit just
introduces the function but does not change any existing code to use
it yet.

Co-authored-by: Jelte Fennema-Nio <github-tech@jeltef.nl>
Discussion: https://www.postgresql.org/message-id/7b86da3b-9356-4e50-aa1b-56570825e234@iki.fi

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/09be39112654c3f158098fdb5f820143c0330763

Modified Files
--------------
configure                  | 23 +++++++++++++++++++++++
configure.ac               |  3 ++-
meson.build                |  2 ++
src/include/port.h         |  4 ++++
src/port/meson.build       |  1 +
src/port/timingsafe_bcmp.c | 43 +++++++++++++++++++++++++++++++++++++++++++
6 files changed, 75 insertions(+), 1 deletion(-)