diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2017-03-20 18:34:53 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2017-03-20 18:34:53 +0000 |
| commit | 6525fc98570256ee881632e5503815918d1df153 (patch) | |
| tree | 252e005b9634434e7f583f17770fc9ba0baf5d24 /lib/libskey/skeylogin.c | |
| parent | 6f3b5a941c92298bb55c56c2c3558b3094d90086 (diff) | |
use explicit_bzero. one from Ricardo Mestre plus two more.
Diffstat (limited to 'lib/libskey/skeylogin.c')
| -rw-r--r-- | lib/libskey/skeylogin.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/libskey/skeylogin.c b/lib/libskey/skeylogin.c index 16bf8382968..5e1f509931b 100644 --- a/lib/libskey/skeylogin.c +++ b/lib/libskey/skeylogin.c @@ -10,7 +10,7 @@ * * S/Key verification check, lookups, and authentication. * - * $OpenBSD: skeylogin.c,v 1.58 2016/03/17 21:36:48 krw Exp $ + * $OpenBSD: skeylogin.c,v 1.59 2017/03/20 18:34:52 tedu Exp $ */ #ifdef QUOTA @@ -449,7 +449,7 @@ skey_fakeprompt(char *username, char *skeyprompt) /* Collapse the hash */ ptr = hash_collapse(up); - memset(up, 0, strlen(up)); + explicit_bzero(up, strlen(up)); /* See if the random file's there, else use ctime */ if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1 && @@ -482,7 +482,7 @@ skey_fakeprompt(char *username, char *skeyprompt) SHA1End(&ctx, up); /* Zero out */ - memset(secret, 0, secretlen); + explicit_bzero(secret, secretlen); /* Now hash the hash */ SHA1Init(&ctx); @@ -500,7 +500,7 @@ skey_fakeprompt(char *username, char *skeyprompt) /* Sequence number */ ptr = ((up[2] + up[3]) % 99) + 1; - memset(up, 0, 20); /* SHA1 specific */ + explicit_bzero(up, 20); /* SHA1 specific */ free(up); (void)snprintf(skeyprompt, SKEY_MAX_CHALLENGE, |