From 7985f46b941cc0a865918ce61f45f00562e4378c Mon Sep 17 00:00:00 2001
From: onefang
Date: Sat, 21 Mar 2020 01:47:42 +1000
Subject: Better sucure memory wipe.

---
 src/sledjchisl/sledjchisl.c | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

(limited to 'src/sledjchisl/sledjchisl.c')

diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c
index aa5c78e..da52365 100644
--- a/src/sledjchisl/sledjchisl.c
+++ b/src/sledjchisl/sledjchisl.c
@@ -60,6 +60,7 @@ extern char **environ;
 #include <qlibc.h>
 #include <extensions/qconfig.h>
 
+#include <openssl/crypto.h>
 #include <openssl/evp.h>
 #include "openssl/hmac.h"
 #include <uuid/uuid.h>
@@ -3947,17 +3948,9 @@ static int validatePassword(reqData *Rd, qhashtbl_t *data, char *name)
     }
   }
 
-// TODO - try to fix this, then make it portable (Windows has some other function name), then spread it through the rest of the code where needed.
-//	And try to find code for dealing with security enclaves, encrypted memory, and such.
-// NOTE - thes get giltered through what ever web server is being used, and might leak there.
-  // explicit_bzero() is the magic to properly wipe things, and it exists, but the damn thing manages to hide itself.
-  // So gotta make sure it's actually used, to avoid the compiler optimizing bzero() away.
-//  explicit_bzero(password, strlen(password));
-  bzero(password, strlen(password));
-  if (login)
-    D("User logged in%s.", password);
-  else
-    D("Account created%s.", password);
+// TODO - try to find code for dealing with security enclaves, encrypted memory, and such.
+// NOTE - these get filtered through what ever web server is being used, and might leak there.
+  OPENSSL_cleanse(password, strlen(password));
 
   badBoy(ret, Rd, data, "auth.passwordSalt", NULL);
 
-- 
cgit v1.1