diff options
author | onefang | 2020-03-21 01:47:42 +1000 |
---|---|---|
committer | onefang | 2020-03-21 01:47:42 +1000 |
commit | 7985f46b941cc0a865918ce61f45f00562e4378c (patch) | |
tree | fc655a06bcc94f29b5d665b06d357ef7bf156d38 /src | |
parent | It's actually qLibc. (diff) | |
download | opensim-SC-7985f46b941cc0a865918ce61f45f00562e4378c.zip opensim-SC-7985f46b941cc0a865918ce61f45f00562e4378c.tar.gz opensim-SC-7985f46b941cc0a865918ce61f45f00562e4378c.tar.bz2 opensim-SC-7985f46b941cc0a865918ce61f45f00562e4378c.tar.xz |
Better sucure memory wipe.
Diffstat (limited to 'src')
-rw-r--r-- | src/sledjchisl/sledjchisl.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c index aa5c78e..da52365 100644 --- a/src/sledjchisl/sledjchisl.c +++ b/src/sledjchisl/sledjchisl.c | |||
@@ -60,6 +60,7 @@ extern char **environ; | |||
60 | #include <qlibc.h> | 60 | #include <qlibc.h> |
61 | #include <extensions/qconfig.h> | 61 | #include <extensions/qconfig.h> |
62 | 62 | ||
63 | #include <openssl/crypto.h> | ||
63 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
64 | #include "openssl/hmac.h" | 65 | #include "openssl/hmac.h" |
65 | #include <uuid/uuid.h> | 66 | #include <uuid/uuid.h> |
@@ -3947,17 +3948,9 @@ static int validatePassword(reqData *Rd, qhashtbl_t *data, char *name) | |||
3947 | } | 3948 | } |
3948 | } | 3949 | } |
3949 | 3950 | ||
3950 | // TODO - try to fix this, then make it portable (Windows has some other function name), then spread it through the rest of the code where needed. | 3951 | // TODO - try to find code for dealing with security enclaves, encrypted memory, and such. |
3951 | // And try to find code for dealing with security enclaves, encrypted memory, and such. | 3952 | // NOTE - these get filtered through what ever web server is being used, and might leak there. |
3952 | // NOTE - thes get giltered through what ever web server is being used, and might leak there. | 3953 | OPENSSL_cleanse(password, strlen(password)); |
3953 | // explicit_bzero() is the magic to properly wipe things, and it exists, but the damn thing manages to hide itself. | ||
3954 | // So gotta make sure it's actually used, to avoid the compiler optimizing bzero() away. | ||
3955 | // explicit_bzero(password, strlen(password)); | ||
3956 | bzero(password, strlen(password)); | ||
3957 | if (login) | ||
3958 | D("User logged in%s.", password); | ||
3959 | else | ||
3960 | D("Account created%s.", password); | ||
3961 | 3954 | ||
3962 | badBoy(ret, Rd, data, "auth.passwordSalt", NULL); | 3955 | badBoy(ret, Rd, data, "auth.passwordSalt", NULL); |
3963 | 3956 | ||