|
@@ -67,6 +67,11 @@ func (client *Client) run() {
|
67
|
67
|
checkPass, ok := command.(checkPasswordCommand)
|
68
|
68
|
if ok {
|
69
|
69
|
checkPass.LoadPassword(client.server)
|
|
70
|
+ // Block the client thread while handling a potentially expensive
|
|
71
|
+ // password bcrypt operation. Since the server is single-threaded
|
|
72
|
+ // for commands, we don't want the server to perform the bcrypt,
|
|
73
|
+ // blocking anyone else from sending commands until it
|
|
74
|
+ // completes. This could be a form of DoS if handled naively.
|
70
|
75
|
checkPass.CheckPassword()
|
71
|
76
|
}
|
72
|
77
|
|