- djm@cvs.openbsd.org 2014/02/02 03:44:32
[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
[buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
[kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
[monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
[ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
[sshd.c]
convert memset of potentially-private data to explicit_bzero()
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 8140447..9f03109 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.239 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.240 2014/02/02 03:44:31 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -267,7 +267,7 @@
pass = read_passphrase("Enter passphrase: ",
RP_ALLOW_STDIN);
prv = key_load_private(filename, pass, NULL);
- memset(pass, 0, strlen(pass));
+ explicit_bzero(pass, strlen(pass));
free(pass);
}
return prv;
@@ -1258,7 +1258,7 @@
RP_ALLOW_STDIN);
private = key_load_private(identity_file, old_passphrase,
&comment);
- memset(old_passphrase, 0, strlen(old_passphrase));
+ explicit_bzero(old_passphrase, strlen(old_passphrase));
free(old_passphrase);
if (private == NULL) {
printf("Bad passphrase.\n");
@@ -1280,15 +1280,15 @@
/* Verify that they are the same. */
if (strcmp(passphrase1, passphrase2) != 0) {
- memset(passphrase1, 0, strlen(passphrase1));
- memset(passphrase2, 0, strlen(passphrase2));
+ explicit_bzero(passphrase1, strlen(passphrase1));
+ explicit_bzero(passphrase2, strlen(passphrase2));
free(passphrase1);
free(passphrase2);
printf("Pass phrases do not match. Try again.\n");
exit(1);
}
/* Destroy the other copy. */
- memset(passphrase2, 0, strlen(passphrase2));
+ explicit_bzero(passphrase2, strlen(passphrase2));
free(passphrase2);
}
@@ -1296,14 +1296,14 @@
if (!key_save_private(private, identity_file, passphrase1, comment,
use_new_format, new_format_cipher, rounds)) {
printf("Saving the key failed: %s.\n", identity_file);
- memset(passphrase1, 0, strlen(passphrase1));
+ explicit_bzero(passphrase1, strlen(passphrase1));
free(passphrase1);
key_free(private);
free(comment);
exit(1);
}
/* Destroy the passphrase and the copy of the key in memory. */
- memset(passphrase1, 0, strlen(passphrase1));
+ explicit_bzero(passphrase1, strlen(passphrase1));
free(passphrase1);
key_free(private); /* Destroys contents */
free(comment);
@@ -1375,7 +1375,7 @@
/* Try to load using the passphrase. */
private = key_load_private(identity_file, passphrase, &comment);
if (private == NULL) {
- memset(passphrase, 0, strlen(passphrase));
+ explicit_bzero(passphrase, strlen(passphrase));
free(passphrase);
printf("Bad passphrase.\n");
exit(1);
@@ -1396,7 +1396,7 @@
printf("Enter new comment: ");
fflush(stdout);
if (!fgets(new_comment, sizeof(new_comment), stdin)) {
- memset(passphrase, 0, strlen(passphrase));
+ explicit_bzero(passphrase, strlen(passphrase));
key_free(private);
exit(1);
}
@@ -1407,13 +1407,13 @@
if (!key_save_private(private, identity_file, passphrase, new_comment,
use_new_format, new_format_cipher, rounds)) {
printf("Saving the key failed: %s.\n", identity_file);
- memset(passphrase, 0, strlen(passphrase));
+ explicit_bzero(passphrase, strlen(passphrase));
free(passphrase);
key_free(private);
free(comment);
exit(1);
}
- memset(passphrase, 0, strlen(passphrase));
+ explicit_bzero(passphrase, strlen(passphrase));
free(passphrase);
public = key_from_private(private);
key_free(private);
@@ -2632,15 +2632,15 @@
* The passphrases do not match. Clear them and
* retry.
*/
- memset(passphrase1, 0, strlen(passphrase1));
- memset(passphrase2, 0, strlen(passphrase2));
+ explicit_bzero(passphrase1, strlen(passphrase1));
+ explicit_bzero(passphrase2, strlen(passphrase2));
free(passphrase1);
free(passphrase2);
printf("Passphrases do not match. Try again.\n");
goto passphrase_again;
}
/* Clear the other copy of the passphrase. */
- memset(passphrase2, 0, strlen(passphrase2));
+ explicit_bzero(passphrase2, strlen(passphrase2));
free(passphrase2);
}
@@ -2655,12 +2655,12 @@
if (!key_save_private(private, identity_file, passphrase1, comment,
use_new_format, new_format_cipher, rounds)) {
printf("Saving the key failed: %s.\n", identity_file);
- memset(passphrase1, 0, strlen(passphrase1));
+ explicit_bzero(passphrase1, strlen(passphrase1));
free(passphrase1);
exit(1);
}
/* Clear the passphrase. */
- memset(passphrase1, 0, strlen(passphrase1));
+ explicit_bzero(passphrase1, strlen(passphrase1));
free(passphrase1);
/* Clear the private key and the random number generator. */