diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2021-04-29 09:19:56 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2021-04-29 09:19:56 -0400 |
commit | 9ac307ec148442b981a9aae43598382f2d960776 (patch) | |
tree | 168bc21243ef8b71a4a95eb896b43c8fcf121d95 /src/mod_auth.c | |
parent | 13ea2d880b14c0a50a777c0ece5f26453483a7de (diff) | |
download | lighttpd-git-9ac307ec148442b981a9aae43598382f2d960776.tar.gz |
[mod_authn_file] wipe password/digest after use
slurp password/digest file into memory and then clear after use
(avoid stdio, which buffers by default and does not wipe those buffers)
password/digest files are not expected to be very large
e.g. a password file with 1000 entries is expected to be < 64k
If files are larger, mod_authn_dbi or other mod_authn_* is recommended
Diffstat (limited to 'src/mod_auth.c')
-rw-r--r-- | src/mod_auth.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/mod_auth.c b/src/mod_auth.c index 7cd920eb..b9679afa 100644 --- a/src/mod_auth.c +++ b/src/mod_auth.c @@ -829,6 +829,7 @@ static handler_t mod_auth_check_basic(request_st * const r, void *p_d, const str break; } + safe_memclear(pw, pwlen); buffer_free(username); return (HANDLER_UNSET != rc) ? rc : mod_auth_send_401_unauthorized_basic(r, require->realm); } @@ -1475,6 +1476,7 @@ static handler_t mod_auth_check_digest(request_st * const r, void *p_d, const st mod_auth_digest_mutate(&ai,m,uri,nonce,cnonce,nc,qop); if (!http_auth_const_time_memeq(rdigest, ai.digest, ai.dlen)) { + /*safe_memclear(ai.digest, ai.dlen);*//* skip clear since mutated */ /* digest not ok */ log_error(r->conf.errh, __FILE__, __LINE__, "digest: auth failed for %s: wrong password, IP: %s", @@ -1484,6 +1486,7 @@ static handler_t mod_auth_check_digest(request_st * const r, void *p_d, const st buffer_free(b); return mod_auth_send_401_unauthorized_digest(r, require, 0); } + /*safe_memclear(ai.digest, ai.dlen);*//* skip clear since mutated */ /* value is our allow-rules */ if (!http_auth_match_rules(require, username, NULL, NULL)) { |