use explicit_bzero() instead of memset() to clear out sensitive data.

ok gilles@

diff --git a/usr.sbin/smtpd/config.c b/usr.sbin/smtpd/config.c
index 35f051d..9eff839 100644 (file)
--- a/usr.sbin/smtpd/config.c
+++ b/usr.sbin/smtpd/config.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: config.c,v 1.28 2014/04/19 17:29:56 gilles Exp $      */
+/*     $OpenBSD: config.c,v 1.29 2014/04/29 10:18:06 reyk Exp $        */
 
 /*
  * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -71,8 +71,8 @@ purge_config(uint8_t what)
        }
        if (what & PURGE_PKI) {
                while (dict_poproot(env->sc_pki_dict, (void **)&p)) {
-                       memset(p->pki_cert, 0, p->pki_cert_len);
-                       memset(p->pki_key, 0, p->pki_key_len);
+                       explicit_bzero(p->pki_cert, p->pki_cert_len);
+                       explicit_bzero(p->pki_key, p->pki_key_len);
                        free(p->pki_cert);
                        free(p->pki_key);
                        free(p);

diff --git a/usr.sbin/smtpd/mta_session.c b/usr.sbin/smtpd/mta_session.c
index b80cf50..615ddfd 100644 (file)
--- a/usr.sbin/smtpd/mta_session.c
+++ b/usr.sbin/smtpd/mta_session.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: mta_session.c,v 1.60 2014/04/19 13:35:51 gilles Exp $ */
+/*     $OpenBSD: mta_session.c,v 1.61 2014/04/29 10:18:06 reyk Exp $   */
 
 /*
  * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -347,8 +347,8 @@ mta_session_imsg(struct mproc *p, struct imsg *imsg)
                        fatal("mta: ssl_mta_init");
                io_start_tls(&s->io, ssl);
 
-               memset(resp_ca_cert->cert, 0, resp_ca_cert->cert_len);
-               memset(resp_ca_cert->key, 0, resp_ca_cert->key_len);
+               explicit_bzero(resp_ca_cert->cert, resp_ca_cert->cert_len);
+               explicit_bzero(resp_ca_cert->key, resp_ca_cert->key_len);
                free(resp_ca_cert->cert);
                free(resp_ca_cert->key);
                free(resp_ca_cert);

diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
index a971658..6849b0e 100644 (file)
--- a/usr.sbin/smtpd/smtp_session.c
+++ b/usr.sbin/smtpd/smtp_session.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: smtp_session.c,v 1.207 2014/04/19 17:04:42 gilles Exp $       */
+/*     $OpenBSD: smtp_session.c,v 1.208 2014/04/29 10:18:06 reyk Exp $ */
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -601,8 +601,8 @@ smtp_session_imsg(struct mproc *p, struct imsg *imsg)
                io_set_read(&s->io);
                io_start_tls(&s->io, ssl);
 
-               memset(resp_ca_cert->cert, 0, resp_ca_cert->cert_len);
-               memset(resp_ca_cert->key, 0, resp_ca_cert->key_len);
+               explicit_bzero(resp_ca_cert->cert, resp_ca_cert->cert_len);
+               explicit_bzero(resp_ca_cert->key, resp_ca_cert->key_len);
                free(resp_ca_cert->cert);
                free(resp_ca_cert->key);
                free(resp_ca_cert);

diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
index 1a9c7f9..6e4c348 100644 (file)
--- a/usr.sbin/smtpd/smtpd.c
+++ b/usr.sbin/smtpd/smtpd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: smtpd.c,v 1.221 2014/04/19 14:00:45 gilles Exp $      */
+/*     $OpenBSD: smtpd.c,v 1.222 2014/04/29 10:18:06 reyk Exp $        */
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -721,7 +721,7 @@ void
 post_fork(int proc)
 {
        if (proc != PROC_QUEUE && env->sc_queue_key)
-               memset(env->sc_queue_key, 0, strlen(env->sc_queue_key));
+               explicit_bzero(env->sc_queue_key, strlen(env->sc_queue_key));
 
        if (proc != PROC_CONTROL) {
                close(control_socket);