From 7985f46b941cc0a865918ce61f45f00562e4378c Mon Sep 17 00:00:00 2001 From: onefang Date: Sat, 21 Mar 2020 01:47:42 +1000 Subject: Better sucure memory wipe. --- src/sledjchisl/sledjchisl.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c index aa5c78e..da52365 100644 --- a/src/sledjchisl/sledjchisl.c +++ b/src/sledjchisl/sledjchisl.c @@ -60,6 +60,7 @@ extern char **environ; #include #include +#include #include #include "openssl/hmac.h" #include @@ -3947,17 +3948,9 @@ static int validatePassword(reqData *Rd, qhashtbl_t *data, char *name) } } -// TODO - try to fix this, then make it portable (Windows has some other function name), then spread it through the rest of the code where needed. -// And try to find code for dealing with security enclaves, encrypted memory, and such. -// NOTE - thes get giltered through what ever web server is being used, and might leak there. - // explicit_bzero() is the magic to properly wipe things, and it exists, but the damn thing manages to hide itself. - // So gotta make sure it's actually used, to avoid the compiler optimizing bzero() away. -// explicit_bzero(password, strlen(password)); - bzero(password, strlen(password)); - if (login) - D("User logged in%s.", password); - else - D("Account created%s.", password); +// TODO - try to find code for dealing with security enclaves, encrypted memory, and such. +// NOTE - these get filtered through what ever web server is being used, and might leak there. + OPENSSL_cleanse(password, strlen(password)); badBoy(ret, Rd, data, "auth.passwordSalt", NULL); -- cgit v1.1