25 files changed, 96 insertions, 65 deletions

diff --git a/ChangeLog b/ChangeLog
index 269f5363d..a3f75a8d2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -36,6 +36,14 @@
      allow shutdown(2) syscall in sandbox - it may be called by packet_close()
      from portable
      (Id sync only; change is already in portable)
+   - tedu@cvs.openbsd.org 2014/01/31 16:39:19
+     [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
+     [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
+     [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
+     [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
+     [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
+     replace most bzero with explicit_bzero, except a few that cna be memset
+     ok djm dtucker
 
 20140131
  - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
diff --git a/auth2-chall.c b/auth2-chall.c
index 031c2828c..4cfd8ff5b 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.39 2013/11/08 00:39:14 djm Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.40 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -148,7 +148,7 @@ kbdint_free(KbdintAuthctxt *kbdintctxt)
         if (kbdintctxt->device)
                 kbdint_reset_device(kbdintctxt);
         free(kbdintctxt->devices);
-        bzero(kbdintctxt, sizeof(*kbdintctxt));
+        explicit_bzero(kbdintctxt, sizeof(*kbdintctxt));
         free(kbdintctxt);
 }
 /* get next device */
diff --git a/authfd.c b/authfd.c
index f9636903a..cea3f97b4 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.91 2013/12/29 04:29:25 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.92 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -102,7 +102,7 @@ ssh_get_authentication_socket(void)
         if (!authsocket)
                 return -1;
 
-        bzero(&sunaddr, sizeof(sunaddr));
+        memset(&sunaddr, 0, sizeof(sunaddr));
         sunaddr.sun_family = AF_UNIX;
         strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
 
diff --git a/authfile.c b/authfile.c
index 7eccbb2c9..22da0eb05 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.101 2013/12/29 04:35:50 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.102 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -703,17 +703,17 @@ key_load_file(int fd, const char *filename, Buffer *blob)
                             __func__, filename == NULL ? "" : filename,
                             filename == NULL ? "" : " ", strerror(errno));
                         buffer_clear(blob);
-                        bzero(buf, sizeof(buf));
+                        explicit_bzero(buf, sizeof(buf));
                         return 0;
                 }
                 buffer_append(blob, buf, len);
                 if (buffer_len(blob) > MAX_KEY_FILE_SIZE) {
                         buffer_clear(blob);
-                        bzero(buf, sizeof(buf));
+                        explicit_bzero(buf, sizeof(buf));
                         goto toobig;
                 }
         }
-        bzero(buf, sizeof(buf));
+        explicit_bzero(buf, sizeof(buf));
         if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
             st.st_size != buffer_len(blob)) {
                 debug("%s: key file %.200s%schanged size while reading",
diff --git a/bufaux.c b/bufaux.c
index 9401fe1d0..f1f14b33d 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.54 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: bufaux.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -216,7 +216,7 @@ buffer_get_cstring_ret(Buffer *buffer, u_int *length_ptr)
                 if (cp == ret + length - 1)
                         error("buffer_get_cstring_ret: string contains \\0");
                 else {
-                        bzero(ret, length);
+                        explicit_bzero(ret, length);
                         free(ret);
                         return NULL;
                 }
diff --git a/bufec.c b/bufec.c
index 6c0048978..89482b906 100644
--- a/bufec.c
+++ b/bufec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufec.c,v 1.2 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: bufec.c,v 1.3 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 2010 Damien Miller <djm@mindrot.org>
  *
@@ -77,7 +77,7 @@ buffer_put_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve,
         ret = 0;
  out:
         if (buf != NULL) {
-                bzero(buf, len);
+                explicit_bzero(buf, len);
                 free(buf);
         }
         BN_CTX_free(bnctx);
@@ -130,7 +130,7 @@ buffer_get_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve,
         ret = 0;
  out:
         BN_CTX_free(bnctx);
-        bzero(buf, len);
+        explicit_bzero(buf, len);
         free(buf);
         return ret;
 }
diff --git a/canohost.c b/canohost.c
index a19a60cda..a61a8c94d 100644
--- a/canohost.c
+++ b/canohost.c
@@ -192,7 +192,7 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len)
         memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr));
         port = a6->sin6_port;
 
-        bzero(a4, sizeof(*a4));
+        memset(a4, 0, sizeof(*a4));
 
         a4->sin_family = AF_INET;
         *len = sizeof(*a4);
diff --git a/channels.c b/channels.c
index e741f29b9..013accdc4 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.328 2013/12/19 01:04:36 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.329 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -423,7 +423,7 @@ channel_free(Channel *c)
                 if (cc->abandon_cb != NULL)
                         cc->abandon_cb(c, cc->ctx);
                 TAILQ_REMOVE(&c->status_confirms, cc, entry);
-                bzero(cc, sizeof(*cc));
+                explicit_bzero(cc, sizeof(*cc));
                 free(cc);
         }
         if (c->filter_cleanup != NULL && c->filter_ctx != NULL)
@@ -2671,7 +2671,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
                 return;
         cc->cb(type, c, cc->ctx);
         TAILQ_REMOVE(&c->status_confirms, cc, entry);
-        bzero(cc, sizeof(*cc));
+        explicit_bzero(cc, sizeof(*cc));
         free(cc);
 }
 
@@ -3304,9 +3304,7 @@ channel_connect_ctx_free(struct channel_connect *cctx)
         free(cctx->host);
         if (cctx->aitop)
                 freeaddrinfo(cctx->aitop);
-        bzero(cctx, sizeof(*cctx));
-        cctx->host = NULL;
-        cctx->ai = cctx->aitop = NULL;
+        memset(cctx, 0, sizeof(*cctx));
 }
 
 /* Return CONNECTING channel to remote host, port */
diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c
index 91b0830fd..251b94ec8 100644
--- a/cipher-chachapoly.c
+++ b/cipher-chachapoly.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: cipher-chachapoly.c,v 1.3 2013/12/15 21:42:35 djm Exp $ */
+/* $OpenBSD: cipher-chachapoly.c,v 1.4 2014/01/31 16:39:19 tedu Exp $ */
 
 #include "includes.h"
 
@@ -58,7 +58,7 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest,
          * Run ChaCha20 once to generate the Poly1305 key. The IV is the
          * packet sequence number.
          */
-        bzero(poly_key, sizeof(poly_key));
+        memset(poly_key, 0, sizeof(poly_key));
         put_u64(seqbuf, seqnr);
         chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL);
         chacha_encrypt_bytes(&ctx->main_ctx,
@@ -90,9 +90,9 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest,
         r = 0;
 
  out:
-        bzero(expected_tag, sizeof(expected_tag));
-        bzero(seqbuf, sizeof(seqbuf));
-        bzero(poly_key, sizeof(poly_key));
+        explicit_bzero(expected_tag, sizeof(expected_tag));
+        explicit_bzero(seqbuf, sizeof(seqbuf));
+        explicit_bzero(poly_key, sizeof(poly_key));
         return r;
 }
 
diff --git a/clientloop.c b/clientloop.c
index f30c8b6b5..fd3ff49e8 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.256 2013/11/20 20:54:10 deraadt Exp $ */
+/* $OpenBSD: clientloop.c,v 1.257 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -549,7 +549,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
                 gc->cb(type, seq, gc->ctx);
         if (--gc->ref_count <= 0) {
                 TAILQ_REMOVE(&global_confirms, gc, entry);
-                bzero(gc, sizeof(*gc));
+                explicit_bzero(gc, sizeof(*gc));
                 free(gc);
         }
 
@@ -876,7 +876,7 @@ process_cmdline(void)
         int cancel_port, ok;
         Forward fwd;
 
-        bzero(&fwd, sizeof(fwd));
+        memset(&fwd, 0, sizeof(fwd));
         fwd.listen_host = fwd.connect_host = NULL;
 
         leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
diff --git a/configure.ac b/configure.ac
index dfd32cd85..a350a2a55 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.568 2014/01/30 00:26:46 djm Exp $
+# $Id: configure.ac,v 1.569 2014/02/04 00:18:21 djm Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
-AC_REVISION($Revision: 1.568 $)
+AC_REVISION($Revision: 1.569 $)
 AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
 
@@ -1649,6 +1649,7 @@ AC_CHECK_FUNCS([ \
         closefrom \
         dirfd \
         endgrent \
+        explicit_bzero \
         fchmod \
         fchown \
         freeaddrinfo \
diff --git a/hostfile.c b/hostfile.c
index 0198cd001..8bc9540b7 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.54 2014/01/27 18:58:14 markus Exp $ */
+/* $OpenBSD: hostfile.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -333,10 +333,10 @@ free_hostkeys(struct hostkeys *hostkeys)
                 free(hostkeys->entries[i].host);
                 free(hostkeys->entries[i].file);
                 key_free(hostkeys->entries[i].key);
-                bzero(hostkeys->entries + i, sizeof(*hostkeys->entries));
+                explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries));
         }
         free(hostkeys->entries);
-        bzero(hostkeys, sizeof(*hostkeys));
+        explicit_bzero(hostkeys, sizeof(*hostkeys));
         free(hostkeys);
 }
 
diff --git a/kexc25519.c b/kexc25519.c
index 48ca4aaa2..ee79b4327 100644
--- a/kexc25519.c
+++ b/kexc25519.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kexc25519.c,v 1.4 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: kexc25519.c,v 1.5 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 2001, 2013 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -70,7 +70,7 @@ kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
 #endif
         buffer_clear(out);
         buffer_put_bignum2_from_string(out, shared_key, CURVE25519_SIZE);
-        memset(shared_key, 0, CURVE25519_SIZE); /* XXX explicit_bzero() */
+        explicit_bzero(shared_key, CURVE25519_SIZE);
 }
 
 void
diff --git a/krl.c b/krl.c
index b2d0354f2..3b4cded05 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.13 2013/07/20 22:20:42 djm Exp $ */
+/* $OpenBSD: krl.c,v 1.14 2014/01/31 16:39:19 tedu Exp $ */
 
 #include "includes.h"
 
@@ -238,7 +238,7 @@ insert_serial_range(struct revoked_serial_tree *rt, u_int64_t lo, u_int64_t hi)
         struct revoked_serial rs, *ers, *crs, *irs;
 
         KRL_DBG(("%s: insert %llu:%llu", __func__, lo, hi));
-        bzero(&rs, sizeof(rs));
+        memset(&rs, 0, sizeof(rs));
         rs.lo = lo;
         rs.hi = hi;
         ers = RB_NFIND(revoked_serial_tree, rt, &rs);
@@ -1115,7 +1115,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key)
         struct revoked_certs *rc;
 
         /* Check explicitly revoked hashes first */
-        bzero(&rb, sizeof(rb));
+        memset(&rb, 0, sizeof(rb));
         if ((rb.blob = key_fingerprint_raw(key, SSH_FP_SHA1, &rb.len)) == NULL)
                 return -1;
         erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb);
@@ -1126,7 +1126,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key)
         }
 
         /* Next, explicit keys */
-        bzero(&rb, sizeof(rb));
+        memset(&rb, 0, sizeof(rb));
         if (plain_key_blob(key, &rb.blob, &rb.len) != 0)
                 return -1;
         erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb);
@@ -1147,7 +1147,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key)
                 return 0; /* No entry for this CA */
 
         /* Check revocation by cert key ID */
-        bzero(&rki, sizeof(rki));
+        memset(&rki, 0, sizeof(rki));
         rki.key_id = key->cert->key_id;
         erki = RB_FIND(revoked_key_id_tree, &rc->revoked_key_ids, &rki);
         if (erki != NULL) {
@@ -1162,7 +1162,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key)
         if (key_cert_is_legacy(key) || key->cert->serial == 0)
                 return 0;
 
-        bzero(&rs, sizeof(rs));
+        memset(&rs, 0, sizeof(rs));
         rs.lo = rs.hi = key->cert->serial;
         ers = RB_FIND(revoked_serial_tree, &rc->revoked_serials, &rs);
         if (ers != NULL) {
diff --git a/monitor.c b/monitor.c
index c923e7c0b..79bd7c0c4 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.129 2014/01/29 06:18:35 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.130 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -544,7 +544,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
         struct pollfd pfd[2];
 
         for (;;) {
-                bzero(&pfd, sizeof(pfd));
+                memset(&pfd, 0, sizeof(pfd));
                 pfd[0].fd = pmonitor->m_sendfd;
                 pfd[0].events = POLLIN;
                 pfd[1].fd = pmonitor->m_log_recvfd;
diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
new file mode 100644
index 000000000..b106741e5
--- /dev/null
+++ b/openbsd-compat/explicit_bzero.c
@@ -0,0 +1,20 @@
+/* OPENBSD ORIGINAL: lib/libc/string/explicit_bzero.c */
+/*      $OpenBSD: explicit_bzero.c,v 1.1 2014/01/22 21:06:45 tedu Exp $ */
+/*
+ * Public domain.
+ * Written by Ted Unangst
+ */
+
+#include "includes.h"
+
+#ifndef HAVE_EXPLICIT_BZERO
+
+/*
+ * explicit_bzero - don't let the compiler optimize away bzero
+ */
+void
+explicit_bzero(void *p, size_t n)
+{
+        bzero(p, n);
+}
+#endif
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index f34619e4a..bc9888e31 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.60 2013/12/07 00:51:54 djm Exp $ */
+/* $Id: openbsd-compat.h,v 1.61 2014/02/04 00:18:23 djm Exp $ */
 
 /*
  * Copyright (c) 1999-2003 Damien Miller.  All rights reserved.
@@ -246,6 +246,10 @@ int	bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t,
     u_int8_t *, size_t, unsigned int);
 #endif
 
+#ifndef HAVE_EXPLICIT_BZERO
+void explicit_bzero(void *p, size_t n);
+#endif
+
 void *xmmap(size_t size);
 char *xcrypt(const char *password, const char *salt);
 char *shadow_pw(struct passwd *pw);
diff --git a/sandbox-systrace.c b/sandbox-systrace.c
index 70af3862f..6706c9a80 100644
--- a/sandbox-systrace.c
+++ b/sandbox-systrace.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sandbox-systrace.c,v 1.8 2014/01/30 22:26:14 djm Exp $ */
+/* $OpenBSD: sandbox-systrace.c,v 1.9 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -142,7 +142,7 @@ ssh_sandbox_parent(struct ssh_sandbox *box, pid_t child_pid,
                     box->systrace_fd, child_pid, strerror(errno));
 
         /* Allocate and assign policy */
-        bzero(&policy, sizeof(policy));
+        memset(&policy, 0, sizeof(policy));
         policy.strp_op = SYSTR_POLICY_NEW;
         policy.strp_maxents = SYS_MAXSYSCALL;
         if (ioctl(box->systrace_fd, STRIOCPOLICY, &policy) == -1)
diff --git a/session.c b/session.c
index 12dd9ab10..f5049774b 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.269 2014/01/18 09:36:26 dtucker Exp $ */
+/* $OpenBSD: session.c,v 1.270 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1889,7 +1889,7 @@ session_unused(int id)
                 fatal("%s: insane session id %d (max %d nalloc %d)",
                     __func__, id, options.max_sessions, sessions_nalloc);
         }
-        bzero(&sessions[id], sizeof(*sessions));
+        memset(&sessions[id], 0, sizeof(*sessions));
         sessions[id].self = id;
         sessions[id].used = 0;
         sessions[id].chanid = -1;
diff --git a/sftp-client.c b/sftp-client.c
index fc035f2ef..2f5907c85 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.113 2014/01/17 00:21:06 djm Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.114 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -310,7 +310,7 @@ get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st,
                     SSH2_FXP_EXTENDED_REPLY, type);
         }
 
-        bzero(st, sizeof(*st));
+        memset(st, 0, sizeof(*st));
         st->f_bsize = buffer_get_int64(&msg);
         st->f_frsize = buffer_get_int64(&msg);
         st->f_blocks = buffer_get_int64(&msg);
diff --git a/ssh-keygen.c b/ssh-keygen.c
index eae83a461..8140447f7 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.238 2013/12/06 13:39:49 markus Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.239 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1716,7 +1716,7 @@ parse_absolute_time(const char *s)
                 fatal("Invalid certificate time format %s", s);
         }
 
-        bzero(&tm, sizeof(tm));
+        memset(&tm, 0, sizeof(tm));
         if (strptime(buf, fmt, &tm) == NULL)
                 fatal("Invalid certificate time %s", s);
         if ((tt = mktime(&tm)) < 0)
diff --git a/ssh.c b/ssh.c
index 5de8fcf43..ec957333b 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.397 2013/12/29 05:42:16 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.398 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -239,7 +239,7 @@ resolve_host(const char *name, u_int port, int logerr, char *cname, size_t clen)
         int gaierr, loglevel = SYSLOG_LEVEL_DEBUG1;
 
         snprintf(strport, sizeof strport, "%u", port);
-        bzero(&hints, sizeof(hints));
+        memset(&hints, 0, sizeof(hints));
         hints.ai_family = options.address_family;
         hints.ai_socktype = SOCK_STREAM;
         if (cname != NULL)
@@ -1697,8 +1697,8 @@ load_public_identity_files(void)
 #endif /* PKCS11 */
 
         n_ids = 0;
-        bzero(identity_files, sizeof(identity_files));
-        bzero(identity_keys, sizeof(identity_keys));
+        memset(identity_files, 0, sizeof(identity_files));
+        memset(identity_keys, 0, sizeof(identity_keys));
 
 #ifdef ENABLE_PKCS11
         if (options.pkcs11_provider != NULL &&
@@ -1773,9 +1773,9 @@ load_public_identity_files(void)
         memcpy(options.identity_files, identity_files, sizeof(identity_files));
         memcpy(options.identity_keys, identity_keys, sizeof(identity_keys));
 
-        bzero(pwname, strlen(pwname));
+        explicit_bzero(pwname, strlen(pwname));
         free(pwname);
-        bzero(pwdir, strlen(pwdir));
+        explicit_bzero(pwdir, strlen(pwdir));
         free(pwdir);
 }
 
diff --git a/sshconnect2.c b/sshconnect2.c
index 8343db10e..c60a8511b 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.202 2014/01/29 06:18:35 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.203 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1190,7 +1190,7 @@ pubkey_prepare(Authctxt *authctxt)
                 /* If IdentitiesOnly set and key not found then don't use it */
                 if (!found && options.identities_only) {
                         TAILQ_REMOVE(&files, id, next);
-                        bzero(id, sizeof(*id));
+                        explicit_bzero(id, sizeof(*id));
                         free(id);
                 }
         }
diff --git a/sshd.c b/sshd.c
index cb2e7db40..b7411fe83 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.416 2014/01/29 00:19:26 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.417 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -621,7 +621,7 @@ privsep_preauth_child(void)
         arc4random_stir();
         arc4random_buf(rnd, sizeof(rnd));
         RAND_seed(rnd, sizeof(rnd));
-        bzero(rnd, sizeof(rnd));
+        explicit_bzero(rnd, sizeof(rnd));
 
         /* Demote the private keys to public keys. */
         demote_sensitive_data();
@@ -756,7 +756,7 @@ privsep_postauth(Authctxt *authctxt)
         arc4random_stir();
         arc4random_buf(rnd, sizeof(rnd));
         RAND_seed(rnd, sizeof(rnd));
-        bzero(rnd, sizeof(rnd));
+        explicit_bzero(rnd, sizeof(rnd));
 
         /* Drop privileges */
         do_setusercontext(authctxt->pw);
@@ -1355,7 +1355,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                         arc4random_stir();
                         arc4random_buf(rnd, sizeof(rnd));
                         RAND_seed(rnd, sizeof(rnd));
-                        bzero(rnd, sizeof(rnd));
+                        explicit_bzero(rnd, sizeof(rnd));
                 }
 
                 /* child process check (or debug mode) */
diff --git a/sshlogin.c b/sshlogin.c
index 2688d8d7b..e79ca9b47 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshlogin.c,v 1.27 2011/01/11 06:06:09 djm Exp $ */
+/* $OpenBSD: sshlogin.c,v 1.28 2014/01/31 16:39:19 tedu Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland