marcothms/slock
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

clear passwords with explicit_bzero

Browse Source 
Make sure to explicitly clear memory that is used for password input. memset
is often optimized out by the compiler.

Brought to attention by the OpenBSD community, see:
https://marc.info/?t=146989502600003&r=1&w=2
Thread subject: x11/slock: clear passwords with explicit_bzero

Changes:

- explicit_bzero.c import from libressl-portable.
- Makefile: add COMPATSRC for compatibility src.
- config.mk: add separate *BSD section in config.mk to simply uncomment it on
  these platforms.
This commit is contained in:
Hiltjo Posthuma
2016-07-31 13:43:00 +02:00
parent 65b8d52788
commit a7afade170
5 changed files with 34 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config.mk
View File

@@ -18,9 +18,13 @@ LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr
CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H
CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS}
LDFLAGS = -s ${LIBS}
COMPATSRC = explicit_bzero.c
# On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH
# On OpenBSD and Darwin remove -lcrypt from LIBS
#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr
#CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_BSD_AUTH -D_BSD_SOURCE
#COMPATSRC =
# compiler and linker
CC = cc