summaryrefslogtreecommitdiff
path: root/packet.c
diff options
context:
space:
mode:
Diffstat (limited to 'packet.c')
-rw-r--r--packet.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/packet.c b/packet.c
index 6cf7edbb8..54c0558f9 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.191 2013/12/06 13:34:54 markus Exp $ */ 1/* $OpenBSD: packet.c,v 1.192 2014/02/02 03:44:31 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -764,9 +764,9 @@ set_newkeys(int mode)
764 mac = &active_state->newkeys[mode]->mac; 764 mac = &active_state->newkeys[mode]->mac;
765 comp = &active_state->newkeys[mode]->comp; 765 comp = &active_state->newkeys[mode]->comp;
766 mac_clear(mac); 766 mac_clear(mac);
767 memset(enc->iv, 0, enc->iv_len); 767 explicit_bzero(enc->iv, enc->iv_len);
768 memset(enc->key, 0, enc->key_len); 768 explicit_bzero(enc->key, enc->key_len);
769 memset(mac->key, 0, mac->key_len); 769 explicit_bzero(mac->key, mac->key_len);
770 free(enc->name); 770 free(enc->name);
771 free(enc->iv); 771 free(enc->iv);
772 free(enc->key); 772 free(enc->key);
@@ -787,9 +787,9 @@ set_newkeys(int mode)
787 cipher_init(cc, enc->cipher, enc->key, enc->key_len, 787 cipher_init(cc, enc->cipher, enc->key, enc->key_len,
788 enc->iv, enc->iv_len, crypt_type); 788 enc->iv, enc->iv_len, crypt_type);
789 /* Deleting the keys does not gain extra security */ 789 /* Deleting the keys does not gain extra security */
790 /* memset(enc->iv, 0, enc->block_size); 790 /* explicit_bzero(enc->iv, enc->block_size);
791 memset(enc->key, 0, enc->key_len); 791 explicit_bzero(enc->key, enc->key_len);
792 memset(mac->key, 0, mac->key_len); */ 792 explicit_bzero(mac->key, mac->key_len); */
793 if ((comp->type == COMP_ZLIB || 793 if ((comp->type == COMP_ZLIB ||
794 (comp->type == COMP_DELAYED && 794 (comp->type == COMP_DELAYED &&
795 active_state->after_authentication)) && comp->enabled == 0) { 795 active_state->after_authentication)) && comp->enabled == 0) {
@@ -928,7 +928,7 @@ packet_send2_wrapped(void)
928 } 928 }
929 } else { 929 } else {
930 /* clear padding */ 930 /* clear padding */
931 memset(cp, 0, padlen); 931 explicit_bzero(cp, padlen);
932 } 932 }
933 /* sizeof (packet_len + pad_len + payload + padding) */ 933 /* sizeof (packet_len + pad_len + payload + padding) */
934 len = buffer_len(&active_state->outgoing_packet); 934 len = buffer_len(&active_state->outgoing_packet);