-/* $OpenBSD: login_chpass.c,v 1.16 2012/12/04 02:24:47 deraadt Exp $ */
+/* $OpenBSD: login_chpass.c,v 1.17 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved.
pwd_gensalt(salt, sizeof(salt), lc, 'y') == 0)
strlcpy(salt, "xx", sizeof(salt));
crypt(p, salt);
- memset(p, 0, strlen(p));
+ explicit_bzero(p, strlen(p));
}
warnx("YP passwd database unchanged.");
exit(1);
-/* $OpenBSD: login_lchpass.c,v 1.14 2012/12/04 02:24:47 deraadt Exp $ */
+/* $OpenBSD: login_lchpass.c,v 1.15 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1995,1996 Berkeley Software Design, Inc. All rights reserved.
exit(1);
salt = crypt(p, salt);
- memset(p, 0, strlen(p));
+ explicit_bzero(p, strlen(p));
if (!pwd || strcmp(salt, pwd->pw_passwd) != 0)
exit(1);
-/* $OpenBSD: login.c,v 1.11 2015/01/16 06:39:50 deraadt Exp $ */
+/* $OpenBSD: login.c,v 1.12 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved.
#endif
if (password != NULL)
- memset(password, 0, strlen(password));
+ explicit_bzero(password, strlen(password));
if (ret != AUTH_OK)
fprintf(back, BI_REJECT "\n");
-/* $OpenBSD: login_passwd.c,v 1.10 2014/09/16 22:07:02 tedu Exp $ */
+/* $OpenBSD: login_passwd.c,v 1.11 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 2001 Hans Insulander <hin@openbsd.org>.
if (crypt_checkpass(password, goodhash) == 0)
passok = 1;
plen = strlen(password);
- memset(password, 0, plen);
+ explicit_bzero(password, plen);
if (!passok)
return (AUTH_FAILED);
-/* $OpenBSD: raddauth.c,v 1.27 2015/01/16 06:39:50 deraadt Exp $ */
+/* $OpenBSD: raddauth.c,v 1.28 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1996, 1997 Berkeley Software Design, Inc. All rights reserved.
}
total_length += AUTH_VECTOR_LEN;
}
+ explicit_bzero(pass_buf, strlen(pass_buf));
/* Client id */
*ptr++ = PW_CLIENT_ID;
-/* $OpenBSD: login_tis.c,v 1.12 2015/01/16 06:39:50 deraadt Exp $ */
+/* $OpenBSD: login_tis.c,v 1.13 2015/10/05 17:31:17 millert Exp $ */
/*
* Copyright (c) 2004 Todd C. Miller <Todd.Miller@courtesan.com>
}
DES_string_to_key(key, &cblock);
error = DES_set_key(&cblock, &tc->keysched);
- memset(key, 0, len);
- memset(&cblock, 0, sizeof(cblock));
+ explicit_bzero(key, len);
+ explicit_bzero(&cblock, sizeof(cblock));
free(tbuf);
return (error);
}
len, &ks, &iv, DES_DECRYPT);
if (strlcpy(buf, tbuf, bufsiz) >= bufsiz) {
syslog(LOG_ERR, "unencrypted data too large to store");
- memset(tbuf, 0, sizeof(tbuf));
+ explicit_bzero(tbuf, sizeof(tbuf));
return (-1);
}
- memset(tbuf, 0, sizeof(tbuf));
+ explicit_bzero(tbuf, sizeof(tbuf));
}
return (len);
}
syslog(LOG_ERR, "unexpected response from authsrv: %s", obuf);
resp = error;
}
- memset(buf, 0, sizeof(buf));
+ explicit_bzero(buf, sizeof(buf));
return (resp);
}
if (strncmp(buf, "ok", 2) == 0) {
if (buf[2] != '\0')
strlcpy(ebuf, buf + 3, TIS_BUFSIZ);
- memset(buf, 0, sizeof(buf));
+ explicit_bzero(buf, sizeof(buf));
return (0);
}
strlcpy(ebuf, buf, TIS_BUFSIZ);
- memset(buf, 0, sizeof(buf));
+ explicit_bzero(buf, sizeof(buf));
return (-1);
}
-/* $OpenBSD: token.c,v 1.18 2013/12/03 01:29:00 deraadt Exp $ */
+/* $OpenBSD: token.c,v 1.19 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1995 Migration Associates Corp. All Rights Reserved
return (-1);
h2cb(tokenrec.secret, &user_seed);
- memset(&tokenrec.secret, 0, sizeof(tokenrec.secret));
+ explicit_bzero(&tokenrec.secret, sizeof(tokenrec.secret));
if (!(tokenrec.flags & TOKEN_ENABLED))
return (-1);
DES_fixup_key_parity(&user_seed.cb);
DES_key_sched(&user_seed.cb, &key_schedule);
- memset(user_seed.ct, 0, sizeof(user_seed.ct));
+ explicit_bzero(user_seed.ct, sizeof(user_seed.ct));
DES_ecb_encrypt(&tokennumber.cb, &cipher_text.cb, &key_schedule,
DES_ENCRYPT);
- memset(&key_schedule, 0, sizeof(key_schedule));
+ explicit_bzero(&key_schedule, sizeof(key_schedule));
/*
* The token thinks it's descended from VAXen. Deal with i386
*/
if (!(flags & TOKEN_GENSECRET)) {
- memset(&secret, 0, sizeof(secret));
+ explicit_bzero(&secret, sizeof(secret));
return (0);
}
secret.cb[4], secret.cb[5], secret.cb[6], secret.cb[7]);
DES_key_sched(&secret.cb, &key_schedule);
- memset(&secret, 0, sizeof(secret));
+ explicit_bzero(&secret, sizeof(secret));
memset(&nulls, 0, sizeof(nulls));
DES_ecb_encrypt(&nulls.cb, &checksum.cb, &key_schedule, DES_ENCRYPT);
- memset(&key_schedule, 0, sizeof(key_schedule));
+ explicit_bzero(&key_schedule, sizeof(key_schedule));
HTONL(checksum.ul[0]);
snprintf(checktxt.ct, sizeof(checktxt.ct), "%8.8x", checksum.ul[0]);
printf("Hex Checksum: \"%s\"", checktxt.ct);
-/* $OpenBSD: tokendb.c,v 1.9 2012/12/04 02:24:47 deraadt Exp $ */
+/* $OpenBSD: tokendb.c,v 1.10 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1995 Migration Associates Corp. All Rights Reserved
tokendb_delrec(char *username)
{
DBT key;
- DBT data;
int status = 0;
key.data = username;
key.size = strlen(username) + 1;
- memset(&data, 0, sizeof(data));
if (!tokendb_open()) {
if (flock((tokendb->fd)(tokendb), LOCK_EX)) {
projects / openbsd / commitdiff