From b58b74bbec874a041ee710842b269a43d7e18453 Mon Sep 17 00:00:00 2001
From: Patrick Cloke <patrickc@matrix.org>
Date: Thu, 26 Aug 2021 13:12:26 -0400
Subject: [PATCH 1/2] Remove unused `compare_digest` function.

---
 synapse/rest/client/register.py | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/synapse/rest/client/register.py b/synapse/rest/client/register.py
index 2781a0ea96df..7b5f49d635cb 100644
--- a/synapse/rest/client/register.py
+++ b/synapse/rest/client/register.py
@@ -12,7 +12,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-import hmac
 import logging
 import random
 from typing import List, Union
@@ -60,18 +59,6 @@
 
 from ._base import client_patterns, interactive_auth_handler
 
-# We ought to be using hmac.compare_digest() but on older pythons it doesn't
-# exist. It's a _really minor_ security flaw to use plain string comparison
-# because the timing attack is so obscured by all the other code here it's
-# unlikely to make much difference
-if hasattr(hmac, "compare_digest"):
-    compare_digest = hmac.compare_digest
-else:
-
-    def compare_digest(a, b):
-        return a == b
-
-
 logger = logging.getLogger(__name__)
 
 

From b080a5713815ab850f09a6cd16ac05dcce6481c9 Mon Sep 17 00:00:00 2001
From: Patrick Cloke <patrickc@matrix.org>
Date: Thu, 26 Aug 2021 13:13:24 -0400
Subject: [PATCH 2/2] Newsfragment

---
 changelog.d/10706.misc | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/10706.misc

diff --git a/changelog.d/10706.misc b/changelog.d/10706.misc
new file mode 100644
index 000000000000..eed4aa58d621
--- /dev/null
+++ b/changelog.d/10706.misc
@@ -0,0 +1 @@
+Remove unused `compare_digest` function.