I'm not 100% sure about the DES bits, though they will not hurt
anything.
- todd
Index: login_chpass/login_chpass.c
===================================================================
RCS file: /cvs/src/libexec/login_chpass/login_chpass.c,v
retrieving revision 1.16
diff -u -p -u -r1.16 login_chpass.c
--- login_chpass/login_chpass.c 4 Dec 2012 02:24:47 -0000 1.16
+++ login_chpass/login_chpass.c 5 Oct 2015 15:32:16 -0000
@@ -208,7 +208,7 @@ yp_chpass(char *username)
pwd_gensalt(salt, sizeof(salt), lc, 'y') == 0)
strlcpy(salt, "xx", sizeof(salt));
crypt(p, salt);
- memset(p, 0, strlen(p));
+ explicit_bzero(p, strlen(p));
}
warnx("YP passwd database unchanged.");
exit(1);
Index: login_lchpass/login_lchpass.c
===================================================================
RCS file: /cvs/src/libexec/login_lchpass/login_lchpass.c,v
retrieving revision 1.14
diff -u -p -u -r1.14 login_lchpass.c
--- login_lchpass/login_lchpass.c 4 Dec 2012 02:24:47 -0000 1.14
+++ login_lchpass/login_lchpass.c 5 Oct 2015 15:32:28 -0000
@@ -136,7 +136,7 @@ main(int argc, char *argv[])
exit(1);
salt = crypt(p, salt);
- memset(p, 0, strlen(p));
+ explicit_bzero(p, strlen(p));
if (!pwd || strcmp(salt, pwd->pw_passwd) != 0)
exit(1);
Index: login_passwd/login.c
===================================================================
RCS file: /cvs/src/libexec/login_passwd/login.c,v
retrieving revision 1.11
diff -u -p -u -r1.11 login.c
--- login_passwd/login.c 16 Jan 2015 06:39:50 -0000 1.11
+++ login_passwd/login.c 5 Oct 2015 15:32:39 -0000
@@ -158,7 +158,7 @@ main(int argc, char **argv)
#endif
if (password != NULL)
- memset(password, 0, strlen(password));
+ explicit_bzero(password, strlen(password));
if (ret != AUTH_OK)
fprintf(back, BI_REJECT "\n");
Index: login_passwd/login_passwd.c
===================================================================
RCS file: /cvs/src/libexec/login_passwd/login_passwd.c,v
retrieving revision 1.10
diff -u -p -u -r1.10 login_passwd.c
--- login_passwd/login_passwd.c 16 Sep 2014 22:07:02 -0000 1.10
+++ login_passwd/login_passwd.c 5 Oct 2015 15:31:05 -0000
@@ -54,7 +54,7 @@ pwd_login(char *username, char *password
if (crypt_checkpass(password, goodhash) == 0)
passok = 1;
plen = strlen(password);
- memset(password, 0, plen);
+ explicit_bzero(password, plen);
if (!passok)
return (AUTH_FAILED);
Index: login_radius/raddauth.c
===================================================================
RCS file: /cvs/src/libexec/login_radius/raddauth.c,v
retrieving revision 1.27
diff -u -p -u -r1.27 raddauth.c
--- login_radius/raddauth.c 16 Jan 2015 06:39:50 -0000 1.27
+++ login_radius/raddauth.c 5 Oct 2015 15:39:08 -0000
@@ -397,6 +397,7 @@ rad_request(u_char id, char *name, char
}
total_length += AUTH_VECTOR_LEN;
}
+ explicit_bzero(pass_buf, strlen(pass_buf));
/* Client id */
*ptr++ = PW_CLIENT_ID;
Index: login_tis/login_tis.c
===================================================================
RCS file: /cvs/src/libexec/login_tis/login_tis.c,v
retrieving revision 1.12
diff -u -p -u -r1.12 login_tis.c
--- login_tis/login_tis.c 16 Jan 2015 06:39:50 -0000 1.12
+++ login_tis/login_tis.c 5 Oct 2015 15:43:35 -0000
@@ -395,8 +395,8 @@ tis_getkey(struct tis_connection *tc)
}
DES_string_to_key(key, &cblock);
error = DES_set_key(&cblock, &tc->keysched);
- memset(key, 0, len);
- memset(&cblock, 0, sizeof(cblock));
+ explicit_bzero(key, len);
+ explicit_bzero(&cblock, sizeof(cblock));
free(tbuf);
return (error);
}
@@ -508,10 +508,10 @@ tis_recv(struct tis_connection *tc, u_ch
len, &ks, &iv, DES_DECRYPT);
if (strlcpy(buf, tbuf, bufsiz) >= bufsiz) {
syslog(LOG_ERR, "unencrypted data too large to store");
- memset(tbuf, 0, sizeof(tbuf));
+ explicit_bzero(tbuf, sizeof(tbuf));
return (-1);
}
- memset(tbuf, 0, sizeof(tbuf));
+ explicit_bzero(tbuf, sizeof(tbuf));
}
return (len);
}
@@ -657,7 +657,7 @@ tis_authorize(struct tis_connection *tc,
syslog(LOG_ERR, "unexpected response from authsrv: %s", obuf);
resp = error;
}
- memset(buf, 0, sizeof(buf));
+ explicit_bzero(buf, sizeof(buf));
return (resp);
}
@@ -685,10 +685,10 @@ tis_verify(struct tis_connection *tc, co
if (strncmp(buf, "ok", 2) == 0) {
if (buf[2] != '\0')
strlcpy(ebuf, buf + 3, TIS_BUFSIZ);
- memset(buf, 0, sizeof(buf));
+ explicit_bzero(buf, sizeof(buf));
return (0);
}
strlcpy(ebuf, buf, TIS_BUFSIZ);
- memset(buf, 0, sizeof(buf));
+ explicit_bzero(buf, sizeof(buf));
return (-1);
}
Index: login_token/token.c
===================================================================
RCS file: /cvs/src/libexec/login_token/token.c,v
retrieving revision 1.18
diff -u -p -u -r1.18 token.c
--- login_token/token.c 3 Dec 2013 01:29:00 -0000 1.18
+++ login_token/token.c 5 Oct 2015 15:48:41 -0000
@@ -189,7 +189,7 @@ tokenverify(char *username, char *challe
return (-1);
h2cb(tokenrec.secret, &user_seed);
- memset(&tokenrec.secret, 0, sizeof(tokenrec.secret));
+ explicit_bzero(&tokenrec.secret, sizeof(tokenrec.secret));
if (!(tokenrec.flags & TOKEN_ENABLED))
return (-1);
@@ -201,10 +201,10 @@ tokenverify(char *username, char *challe
DES_fixup_key_parity(&user_seed.cb);
DES_key_sched(&user_seed.cb, &key_schedule);
- memset(user_seed.ct, 0, sizeof(user_seed.ct));
+ explicit_bzero(user_seed.ct, sizeof(user_seed.ct));
DES_ecb_encrypt(&tokennumber.cb, &cipher_text.cb, &key_schedule,
DES_ENCRYPT);
- memset(&key_schedule, 0, sizeof(key_schedule));
+ explicit_bzero(&key_schedule, sizeof(key_schedule));
/*
* The token thinks it's descended from VAXen. Deal with i386
@@ -304,7 +304,7 @@ tokenuserinit(int flags, char *username,
*/
if (!(flags & TOKEN_GENSECRET)) {
- memset(&secret, 0, sizeof(secret));
+ explicit_bzero(&secret, sizeof(secret));
return (0);
}
@@ -314,10 +314,10 @@ tokenuserinit(int flags, char *username,
secret.cb[4], secret.cb[5], secret.cb[6], secret.cb[7]);
DES_key_sched(&secret.cb, &key_schedule);
- memset(&secret, 0, sizeof(secret));
+ explicit_bzero(&secret, sizeof(secret));
memset(&nulls, 0, sizeof(nulls));
DES_ecb_encrypt(&nulls.cb, &checksum.cb, &key_schedule, DES_ENCRYPT);
- memset(&key_schedule, 0, sizeof(key_schedule));
+ explicit_bzero(&key_schedule, sizeof(key_schedule));
HTONL(checksum.ul[0]);
snprintf(checktxt.ct, sizeof(checktxt.ct), "%8.8x", checksum.ul[0]);
printf("Hex Checksum: \"%s\"", checktxt.ct);
Index: login_token/tokendb.c
===================================================================
RCS file: /cvs/src/libexec/login_token/tokendb.c,v
retrieving revision 1.9
diff -u -p -u -r1.9 tokendb.c
--- login_token/tokendb.c 4 Dec 2012 02:24:47 -0000 1.9
+++ login_token/tokendb.c 5 Oct 2015 15:47:37 -0000
@@ -135,12 +135,10 @@ int
tokendb_delrec(char *username)
{
DBT key;
- DBT data;
int status = 0;
key.data = username;
key.size = strlen(username) + 1;
- memset(&data, 0, sizeof(data));
if (!tokendb_open()) {
if (flock((tokendb->fd)(tokendb), LOCK_EX)) {
