diff options
author | Joe Orton <joe@manyfish.uk> | 2021-03-06 10:38:13 +0000 |
---|---|---|
committer | Joe Orton <joe@manyfish.uk> | 2021-03-06 10:38:13 +0000 |
commit | caee3edf1de2c1715de215ac3e0d8758cf84fda1 (patch) | |
tree | 926b08bea34b6a0a5d244d73f244ea32f5c8c5b9 | |
parent | 4a75a0adab5b6593cc43e321a5a6a2a55e287840 (diff) | |
download | neon-git-caee3edf1de2c1715de215ac3e0d8758cf84fda1.tar.gz |
* macros/neon.m4 (LIBNEON_SOURCE_CHECKS): Check for explicit_bzero.
* src/ne_internal.h (ne__strzero): New macro.
* src/ne_auth.c (basic_challenge, ntlm_challenge): Use it.
* src/ne_pkcs11.c (pk11_login): Use it.
-rw-r--r-- | macros/neon.m4 | 3 | ||||
-rw-r--r-- | src/ne_auth.c | 5 | ||||
-rw-r--r-- | src/ne_internal.h | 6 | ||||
-rw-r--r-- | src/ne_pkcs11.c | 4 |
4 files changed, 12 insertions, 6 deletions
diff --git a/macros/neon.m4 b/macros/neon.m4 index be38caa..2c3a7a8 100644 --- a/macros/neon.m4 +++ b/macros/neon.m4 @@ -625,7 +625,8 @@ NE_LARGEFILE AC_REPLACE_FUNCS(strcasecmp) -AC_CHECK_FUNCS(signal setvbuf setsockopt stpcpy poll fcntl getsockopt sendmsg) +AC_CHECK_FUNCS([signal setvbuf setsockopt stpcpy poll fcntl getsockopt \ + explicit_bzero sendmsg]) if test "x${ac_cv_func_poll}${ac_cv_header_sys_poll_h}y" = "xyesyesy"; then AC_DEFINE([NE_USE_POLL], 1, [Define if poll() should be used]) diff --git a/src/ne_auth.c b/src/ne_auth.c index ad36382..a8f746f 100644 --- a/src/ne_auth.c +++ b/src/ne_auth.c @@ -489,8 +489,7 @@ static int basic_challenge(auth_session *sess, int attempt, sess->basic = ne_base64((unsigned char *)tmp, strlen(tmp)); ne_free(tmp); - /* Paranoia. */ - memset(password, 0, sizeof password); + ne__strzero(password, sizeof password); if (sess->context == AUTH_CONNECT) { /* For proxy auth w/TLS, auth is limited to handling CONNECT @@ -871,6 +870,8 @@ static int ntlm_challenge(auth_session *sess, int attempt, } sess->ntlm_context = ne__ntlm_create_context(sess->username, password); + + ne__strzero(password, sizeof password); } status = ne__ntlm_authenticate(sess->ntlm_context, parms->opaque); diff --git a/src/ne_internal.h b/src/ne_internal.h index 7abde47..a58e5d8 100644 --- a/src/ne_internal.h +++ b/src/ne_internal.h @@ -89,4 +89,10 @@ * input. */ NE_PRIVATE char *ne__strhash2hex(const unsigned char *digest, size_t len, unsigned int flags); +#ifdef HAVE_EXPLICIT_BZERO +#define ne__strzero(s, n) explicit_bzero(s, n) +#else +#define ne__strzero(s, n) memset(s, 0, n) +#endif + #endif /* NE_INTERNAL_H */ diff --git a/src/ne_pkcs11.c b/src/ne_pkcs11.c index 6563086..d57f68c 100644 --- a/src/ne_pkcs11.c +++ b/src/ne_pkcs11.c @@ -444,9 +444,7 @@ static int pk11_login(ne_ssl_pkcs11_provider *prov, ck_slot_id_t slot_id, rv = pakchois_login(pks, CKU_USER, (unsigned char *)pin, strlen(pin)); - /* Try to scrub the pin off the stack. Clever compilers will - * probably optimize this away, oh well. */ - memset(pin, 0, sizeof pin); + ne__strzero(pin, sizeof pin); } while (rv == CKR_PIN_INCORRECT); NE_DEBUG(NE_DBG_SSL, "pk11: Login result = %lu\n", rv); |