summaryrefslogtreecommitdiff
path: root/libexec/login_radius
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2015-10-05 17:31:18 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2015-10-05 17:31:18 +0000
commitc57928ea02f1c43d3d3a4725f2e8c2fba14f77ea (patch)
tree6051d3384840364c2af13a819ddcade38a040fc0 /libexec/login_radius
parent7f3e6c2703ec9106ba052b198e062311e333e012 (diff)
Use explicit_bzero() instead of memset() for zeroing out secrets.
OK deraadt@
Diffstat (limited to 'libexec/login_radius')
-rw-r--r--libexec/login_radius/raddauth.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/libexec/login_radius/raddauth.c b/libexec/login_radius/raddauth.c
index 71089908058..5261e377f49 100644
--- a/libexec/login_radius/raddauth.c
+++ b/libexec/login_radius/raddauth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: raddauth.c,v 1.27 2015/01/16 06:39:50 deraadt Exp $ */
+/* $OpenBSD: raddauth.c,v 1.28 2015/10/05 17:31:17 millert Exp $ */
/*-
* Copyright (c) 1996, 1997 Berkeley Software Design, Inc. All rights reserved.
@@ -397,6 +397,7 @@ rad_request(u_char id, char *name, char *password, int port, char *vector,
}
total_length += AUTH_VECTOR_LEN;
}
+ explicit_bzero(pass_buf, strlen(pass_buf));
/* Client id */
*ptr++ = PW_CLIENT_ID;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 09:20:43 +0000