summaryrefslogtreecommitdiff
path: root/auth2-passwd.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2014-02-04 11:20:14 +1100
committerDamien Miller <djm@mindrot.org>2014-02-04 11:20:14 +1100
commita5103f413bde6f31bff85d6e1fd29799c647d765 (patch)
tree0b35ad9292b2ca8d58229435865d0ec3818e5981 /auth2-passwd.c
parent1d2c4564265ee827147af246a16f3777741411ed (diff)
- djm@cvs.openbsd.org 2014/02/02 03:44:32
[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
Diffstat (limited to 'auth2-passwd.c')
-rw-r--r--auth2-passwd.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/auth2-passwd.c b/auth2-passwd.c
index 21bc5047..707680cd 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.10 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.11 2014/02/02 03:44:31 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -59,7 +59,7 @@ userauth_passwd(Authctxt *authctxt)
if (change) {
/* discard new password from packet */
newpass = packet_get_string(&newlen);
- memset(newpass, 0, newlen);
+ explicit_bzero(newpass, newlen);
free(newpass);
}
packet_check_eom();
@@ -68,7 +68,7 @@ userauth_passwd(Authctxt *authctxt)
logit("password change not supported");
else if (PRIVSEP(auth_password(authctxt, password)) == 1)
authenticated = 1;
- memset(password, 0, len);
+ explicit_bzero(password, len);
free(password);
return authenticated;
}