From 4e8d937af79ce4e253f77ec93489d098b25becc3 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 4 Feb 2014 11:02:42 +1100 Subject: - markus@cvs.openbsd.org 2014/01/27 18:58:14 [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] replace openssl HMAC with an implementation based on our ssh_digest_* ok and feedback djm@ --- hostfile.c | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) (limited to 'hostfile.c') diff --git a/hostfile.c b/hostfile.c index 2778fb5df..0198cd001 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.53 2014/01/09 23:20:00 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.54 2014/01/27 18:58:14 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -42,9 +42,6 @@ #include -#include -#include - #include #include #include @@ -58,6 +55,7 @@ #include "log.h" #include "misc.h" #include "digest.h" +#include "hmac.h" struct hostkeys { struct hostkey_entry *entries; @@ -102,9 +100,9 @@ extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) debug2("extract_salt: salt decode error"); return (-1); } - if (ret != SHA_DIGEST_LENGTH) { - debug2("extract_salt: expected salt len %d, got %d", - SHA_DIGEST_LENGTH, ret); + if (ret != (int)ssh_hmac_bytes(SSH_DIGEST_SHA1)) { + debug2("extract_salt: expected salt len %zd, got %d", + ssh_hmac_bytes(SSH_DIGEST_SHA1), ret); return (-1); } @@ -114,14 +112,13 @@ extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) char * host_hash(const char *host, const char *name_from_hostfile, u_int src_len) { - const EVP_MD *md = EVP_sha1(); - HMAC_CTX mac_ctx; + struct ssh_hmac_ctx *ctx; u_char salt[256], result[256]; char uu_salt[512], uu_result[512]; static char encoded[1024]; u_int i, len; - len = EVP_MD_size(md); + len = ssh_digest_bytes(SSH_DIGEST_SHA1); if (name_from_hostfile == NULL) { /* Create new salt */ @@ -134,14 +131,16 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) return (NULL); } - HMAC_Init(&mac_ctx, salt, len, md); - HMAC_Update(&mac_ctx, (u_char *)host, strlen(host)); - HMAC_Final(&mac_ctx, result, NULL); - HMAC_cleanup(&mac_ctx); + if ((ctx = ssh_hmac_start(SSH_DIGEST_SHA1)) == NULL || + ssh_hmac_init(ctx, salt, len) < 0 || + ssh_hmac_update(ctx, host, strlen(host)) < 0 || + ssh_hmac_final(ctx, result, sizeof(result))) + fatal("%s: ssh_hmac failed", __func__); + ssh_hmac_free(ctx); if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) - fatal("host_hash: __b64_ntop failed"); + fatal("%s: __b64_ntop failed", __func__); snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt, HASH_DELIM, uu_result); -- cgit v1.2.3 From 1d2c4564265ee827147af246a16f3777741411ed Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 4 Feb 2014 11:18:20 +1100 Subject: - tedu@cvs.openbsd.org 2014/01/31 16:39:19 [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker --- ChangeLog | 8 ++++++++ auth2-chall.c | 4 ++-- authfd.c | 4 ++-- authfile.c | 8 ++++---- bufaux.c | 4 ++-- bufec.c | 6 +++--- canohost.c | 2 +- channels.c | 10 ++++------ cipher-chachapoly.c | 10 +++++----- clientloop.c | 6 +++--- configure.ac | 5 +++-- hostfile.c | 6 +++--- kexc25519.c | 4 ++-- krl.c | 12 ++++++------ monitor.c | 4 ++-- openbsd-compat/explicit_bzero.c | 20 ++++++++++++++++++++ openbsd-compat/openbsd-compat.h | 6 +++++- sandbox-systrace.c | 4 ++-- session.c | 4 ++-- sftp-client.c | 4 ++-- ssh-keygen.c | 4 ++-- ssh.c | 12 ++++++------ sshconnect2.c | 4 ++-- sshd.c | 8 ++++---- sshlogin.c | 2 +- 25 files changed, 96 insertions(+), 65 deletions(-) create mode 100644 openbsd-compat/explicit_bzero.c (limited to 'hostfile.c') diff --git a/ChangeLog b/ChangeLog index 269f5363d..a3f75a8d2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,14 @@ allow shutdown(2) syscall in sandbox - it may be called by packet_close() from portable (Id sync only; change is already in portable) + - tedu@cvs.openbsd.org 2014/01/31 16:39:19 + [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] + [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] + [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] + [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] + [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] + replace most bzero with explicit_bzero, except a few that cna be memset + ok djm dtucker 20140131 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) diff --git a/auth2-chall.c b/auth2-chall.c index 031c2828c..4cfd8ff5b 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.39 2013/11/08 00:39:14 djm Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.40 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -148,7 +148,7 @@ kbdint_free(KbdintAuthctxt *kbdintctxt) if (kbdintctxt->device) kbdint_reset_device(kbdintctxt); free(kbdintctxt->devices); - bzero(kbdintctxt, sizeof(*kbdintctxt)); + explicit_bzero(kbdintctxt, sizeof(*kbdintctxt)); free(kbdintctxt); } /* get next device */ diff --git a/authfd.c b/authfd.c index f9636903a..cea3f97b4 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.91 2013/12/29 04:29:25 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.92 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -102,7 +102,7 @@ ssh_get_authentication_socket(void) if (!authsocket) return -1; - bzero(&sunaddr, sizeof(sunaddr)); + memset(&sunaddr, 0, sizeof(sunaddr)); sunaddr.sun_family = AF_UNIX; strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); diff --git a/authfile.c b/authfile.c index 7eccbb2c9..22da0eb05 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.101 2013/12/29 04:35:50 djm Exp $ */ +/* $OpenBSD: authfile.c,v 1.102 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -703,17 +703,17 @@ key_load_file(int fd, const char *filename, Buffer *blob) __func__, filename == NULL ? "" : filename, filename == NULL ? "" : " ", strerror(errno)); buffer_clear(blob); - bzero(buf, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); return 0; } buffer_append(blob, buf, len); if (buffer_len(blob) > MAX_KEY_FILE_SIZE) { buffer_clear(blob); - bzero(buf, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); goto toobig; } } - bzero(buf, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && st.st_size != buffer_len(blob)) { debug("%s: key file %.200s%schanged size while reading", diff --git a/bufaux.c b/bufaux.c index 9401fe1d0..f1f14b33d 100644 --- a/bufaux.c +++ b/bufaux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.54 2014/01/12 08:13:13 djm Exp $ */ +/* $OpenBSD: bufaux.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -216,7 +216,7 @@ buffer_get_cstring_ret(Buffer *buffer, u_int *length_ptr) if (cp == ret + length - 1) error("buffer_get_cstring_ret: string contains \\0"); else { - bzero(ret, length); + explicit_bzero(ret, length); free(ret); return NULL; } diff --git a/bufec.c b/bufec.c index 6c0048978..89482b906 100644 --- a/bufec.c +++ b/bufec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufec.c,v 1.2 2013/05/17 00:13:13 djm Exp $ */ +/* $OpenBSD: bufec.c,v 1.3 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2010 Damien Miller * @@ -77,7 +77,7 @@ buffer_put_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve, ret = 0; out: if (buf != NULL) { - bzero(buf, len); + explicit_bzero(buf, len); free(buf); } BN_CTX_free(bnctx); @@ -130,7 +130,7 @@ buffer_get_ecpoint_ret(Buffer *buffer, const EC_GROUP *curve, ret = 0; out: BN_CTX_free(bnctx); - bzero(buf, len); + explicit_bzero(buf, len); free(buf); return ret; } diff --git a/canohost.c b/canohost.c index a19a60cda..a61a8c94d 100644 --- a/canohost.c +++ b/canohost.c @@ -192,7 +192,7 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len) memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr)); port = a6->sin6_port; - bzero(a4, sizeof(*a4)); + memset(a4, 0, sizeof(*a4)); a4->sin_family = AF_INET; *len = sizeof(*a4); diff --git a/channels.c b/channels.c index e741f29b9..013accdc4 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.328 2013/12/19 01:04:36 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.329 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -423,7 +423,7 @@ channel_free(Channel *c) if (cc->abandon_cb != NULL) cc->abandon_cb(c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - bzero(cc, sizeof(*cc)); + explicit_bzero(cc, sizeof(*cc)); free(cc); } if (c->filter_cleanup != NULL && c->filter_ctx != NULL) @@ -2671,7 +2671,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) return; cc->cb(type, c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - bzero(cc, sizeof(*cc)); + explicit_bzero(cc, sizeof(*cc)); free(cc); } @@ -3304,9 +3304,7 @@ channel_connect_ctx_free(struct channel_connect *cctx) free(cctx->host); if (cctx->aitop) freeaddrinfo(cctx->aitop); - bzero(cctx, sizeof(*cctx)); - cctx->host = NULL; - cctx->ai = cctx->aitop = NULL; + memset(cctx, 0, sizeof(*cctx)); } /* Return CONNECTING channel to remote host, port */ diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c index 91b0830fd..251b94ec8 100644 --- a/cipher-chachapoly.c +++ b/cipher-chachapoly.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: cipher-chachapoly.c,v 1.3 2013/12/15 21:42:35 djm Exp $ */ +/* $OpenBSD: cipher-chachapoly.c,v 1.4 2014/01/31 16:39:19 tedu Exp $ */ #include "includes.h" @@ -58,7 +58,7 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, * Run ChaCha20 once to generate the Poly1305 key. The IV is the * packet sequence number. */ - bzero(poly_key, sizeof(poly_key)); + memset(poly_key, 0, sizeof(poly_key)); put_u64(seqbuf, seqnr); chacha_ivsetup(&ctx->main_ctx, seqbuf, NULL); chacha_encrypt_bytes(&ctx->main_ctx, @@ -90,9 +90,9 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int seqnr, u_char *dest, r = 0; out: - bzero(expected_tag, sizeof(expected_tag)); - bzero(seqbuf, sizeof(seqbuf)); - bzero(poly_key, sizeof(poly_key)); + explicit_bzero(expected_tag, sizeof(expected_tag)); + explicit_bzero(seqbuf, sizeof(seqbuf)); + explicit_bzero(poly_key, sizeof(poly_key)); return r; } diff --git a/clientloop.c b/clientloop.c index f30c8b6b5..fd3ff49e8 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.256 2013/11/20 20:54:10 deraadt Exp $ */ +/* $OpenBSD: clientloop.c,v 1.257 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -549,7 +549,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt) gc->cb(type, seq, gc->ctx); if (--gc->ref_count <= 0) { TAILQ_REMOVE(&global_confirms, gc, entry); - bzero(gc, sizeof(*gc)); + explicit_bzero(gc, sizeof(*gc)); free(gc); } @@ -876,7 +876,7 @@ process_cmdline(void) int cancel_port, ok; Forward fwd; - bzero(&fwd, sizeof(fwd)); + memset(&fwd, 0, sizeof(fwd)); fwd.listen_host = fwd.connect_host = NULL; leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE); diff --git a/configure.ac b/configure.ac index dfd32cd85..a350a2a55 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.568 2014/01/30 00:26:46 djm Exp $ +# $Id: configure.ac,v 1.569 2014/02/04 00:18:21 djm Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) -AC_REVISION($Revision: 1.568 $) +AC_REVISION($Revision: 1.569 $) AC_CONFIG_SRCDIR([ssh.c]) AC_LANG([C]) @@ -1649,6 +1649,7 @@ AC_CHECK_FUNCS([ \ closefrom \ dirfd \ endgrent \ + explicit_bzero \ fchmod \ fchown \ freeaddrinfo \ diff --git a/hostfile.c b/hostfile.c index 0198cd001..8bc9540b7 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.54 2014/01/27 18:58:14 markus Exp $ */ +/* $OpenBSD: hostfile.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -333,10 +333,10 @@ free_hostkeys(struct hostkeys *hostkeys) free(hostkeys->entries[i].host); free(hostkeys->entries[i].file); key_free(hostkeys->entries[i].key); - bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); + explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); } free(hostkeys->entries); - bzero(hostkeys, sizeof(*hostkeys)); + explicit_bzero(hostkeys, sizeof(*hostkeys)); free(hostkeys); } diff --git a/kexc25519.c b/kexc25519.c index 48ca4aaa2..ee79b4327 100644 --- a/kexc25519.c +++ b/kexc25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexc25519.c,v 1.4 2014/01/12 08:13:13 djm Exp $ */ +/* $OpenBSD: kexc25519.c,v 1.5 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -70,7 +70,7 @@ kexc25519_shared_key(const u_char key[CURVE25519_SIZE], #endif buffer_clear(out); buffer_put_bignum2_from_string(out, shared_key, CURVE25519_SIZE); - memset(shared_key, 0, CURVE25519_SIZE); /* XXX explicit_bzero() */ + explicit_bzero(shared_key, CURVE25519_SIZE); } void diff --git a/krl.c b/krl.c index b2d0354f2..3b4cded05 100644 --- a/krl.c +++ b/krl.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: krl.c,v 1.13 2013/07/20 22:20:42 djm Exp $ */ +/* $OpenBSD: krl.c,v 1.14 2014/01/31 16:39:19 tedu Exp $ */ #include "includes.h" @@ -238,7 +238,7 @@ insert_serial_range(struct revoked_serial_tree *rt, u_int64_t lo, u_int64_t hi) struct revoked_serial rs, *ers, *crs, *irs; KRL_DBG(("%s: insert %llu:%llu", __func__, lo, hi)); - bzero(&rs, sizeof(rs)); + memset(&rs, 0, sizeof(rs)); rs.lo = lo; rs.hi = hi; ers = RB_NFIND(revoked_serial_tree, rt, &rs); @@ -1115,7 +1115,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key) struct revoked_certs *rc; /* Check explicitly revoked hashes first */ - bzero(&rb, sizeof(rb)); + memset(&rb, 0, sizeof(rb)); if ((rb.blob = key_fingerprint_raw(key, SSH_FP_SHA1, &rb.len)) == NULL) return -1; erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb); @@ -1126,7 +1126,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key) } /* Next, explicit keys */ - bzero(&rb, sizeof(rb)); + memset(&rb, 0, sizeof(rb)); if (plain_key_blob(key, &rb.blob, &rb.len) != 0) return -1; erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb); @@ -1147,7 +1147,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key) return 0; /* No entry for this CA */ /* Check revocation by cert key ID */ - bzero(&rki, sizeof(rki)); + memset(&rki, 0, sizeof(rki)); rki.key_id = key->cert->key_id; erki = RB_FIND(revoked_key_id_tree, &rc->revoked_key_ids, &rki); if (erki != NULL) { @@ -1162,7 +1162,7 @@ is_key_revoked(struct ssh_krl *krl, const Key *key) if (key_cert_is_legacy(key) || key->cert->serial == 0) return 0; - bzero(&rs, sizeof(rs)); + memset(&rs, 0, sizeof(rs)); rs.lo = rs.hi = key->cert->serial; ers = RB_FIND(revoked_serial_tree, &rc->revoked_serials, &rs); if (ers != NULL) { diff --git a/monitor.c b/monitor.c index c923e7c0b..79bd7c0c4 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.129 2014/01/29 06:18:35 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.130 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -544,7 +544,7 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent, struct pollfd pfd[2]; for (;;) { - bzero(&pfd, sizeof(pfd)); + memset(&pfd, 0, sizeof(pfd)); pfd[0].fd = pmonitor->m_sendfd; pfd[0].events = POLLIN; pfd[1].fd = pmonitor->m_log_recvfd; diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c new file mode 100644 index 000000000..b106741e5 --- /dev/null +++ b/openbsd-compat/explicit_bzero.c @@ -0,0 +1,20 @@ +/* OPENBSD ORIGINAL: lib/libc/string/explicit_bzero.c */ +/* $OpenBSD: explicit_bzero.c,v 1.1 2014/01/22 21:06:45 tedu Exp $ */ +/* + * Public domain. + * Written by Ted Unangst + */ + +#include "includes.h" + +#ifndef HAVE_EXPLICIT_BZERO + +/* + * explicit_bzero - don't let the compiler optimize away bzero + */ +void +explicit_bzero(void *p, size_t n) +{ + bzero(p, n); +} +#endif diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index f34619e4a..bc9888e31 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h @@ -1,4 +1,4 @@ -/* $Id: openbsd-compat.h,v 1.60 2013/12/07 00:51:54 djm Exp $ */ +/* $Id: openbsd-compat.h,v 1.61 2014/02/04 00:18:23 djm Exp $ */ /* * Copyright (c) 1999-2003 Damien Miller. All rights reserved. @@ -246,6 +246,10 @@ int bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t, u_int8_t *, size_t, unsigned int); #endif +#ifndef HAVE_EXPLICIT_BZERO +void explicit_bzero(void *p, size_t n); +#endif + void *xmmap(size_t size); char *xcrypt(const char *password, const char *salt); char *shadow_pw(struct passwd *pw); diff --git a/sandbox-systrace.c b/sandbox-systrace.c index 70af3862f..6706c9a80 100644 --- a/sandbox-systrace.c +++ b/sandbox-systrace.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sandbox-systrace.c,v 1.8 2014/01/30 22:26:14 djm Exp $ */ +/* $OpenBSD: sandbox-systrace.c,v 1.9 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -142,7 +142,7 @@ ssh_sandbox_parent(struct ssh_sandbox *box, pid_t child_pid, box->systrace_fd, child_pid, strerror(errno)); /* Allocate and assign policy */ - bzero(&policy, sizeof(policy)); + memset(&policy, 0, sizeof(policy)); policy.strp_op = SYSTR_POLICY_NEW; policy.strp_maxents = SYS_MAXSYSCALL; if (ioctl(box->systrace_fd, STRIOCPOLICY, &policy) == -1) diff --git a/session.c b/session.c index 12dd9ab10..f5049774b 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.269 2014/01/18 09:36:26 dtucker Exp $ */ +/* $OpenBSD: session.c,v 1.270 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1889,7 +1889,7 @@ session_unused(int id) fatal("%s: insane session id %d (max %d nalloc %d)", __func__, id, options.max_sessions, sessions_nalloc); } - bzero(&sessions[id], sizeof(*sessions)); + memset(&sessions[id], 0, sizeof(*sessions)); sessions[id].self = id; sessions[id].used = 0; sessions[id].chanid = -1; diff --git a/sftp-client.c b/sftp-client.c index fc035f2ef..2f5907c85 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.113 2014/01/17 00:21:06 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.114 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * @@ -310,7 +310,7 @@ get_decode_statvfs(struct sftp_conn *conn, struct sftp_statvfs *st, SSH2_FXP_EXTENDED_REPLY, type); } - bzero(st, sizeof(*st)); + memset(st, 0, sizeof(*st)); st->f_bsize = buffer_get_int64(&msg); st->f_frsize = buffer_get_int64(&msg); st->f_blocks = buffer_get_int64(&msg); diff --git a/ssh-keygen.c b/ssh-keygen.c index eae83a461..8140447f7 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.238 2013/12/06 13:39:49 markus Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.239 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -1716,7 +1716,7 @@ parse_absolute_time(const char *s) fatal("Invalid certificate time format %s", s); } - bzero(&tm, sizeof(tm)); + memset(&tm, 0, sizeof(tm)); if (strptime(buf, fmt, &tm) == NULL) fatal("Invalid certificate time %s", s); if ((tt = mktime(&tm)) < 0) diff --git a/ssh.c b/ssh.c index 5de8fcf43..ec957333b 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.397 2013/12/29 05:42:16 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.398 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -239,7 +239,7 @@ resolve_host(const char *name, u_int port, int logerr, char *cname, size_t clen) int gaierr, loglevel = SYSLOG_LEVEL_DEBUG1; snprintf(strport, sizeof strport, "%u", port); - bzero(&hints, sizeof(hints)); + memset(&hints, 0, sizeof(hints)); hints.ai_family = options.address_family; hints.ai_socktype = SOCK_STREAM; if (cname != NULL) @@ -1697,8 +1697,8 @@ load_public_identity_files(void) #endif /* PKCS11 */ n_ids = 0; - bzero(identity_files, sizeof(identity_files)); - bzero(identity_keys, sizeof(identity_keys)); + memset(identity_files, 0, sizeof(identity_files)); + memset(identity_keys, 0, sizeof(identity_keys)); #ifdef ENABLE_PKCS11 if (options.pkcs11_provider != NULL && @@ -1773,9 +1773,9 @@ load_public_identity_files(void) memcpy(options.identity_files, identity_files, sizeof(identity_files)); memcpy(options.identity_keys, identity_keys, sizeof(identity_keys)); - bzero(pwname, strlen(pwname)); + explicit_bzero(pwname, strlen(pwname)); free(pwname); - bzero(pwdir, strlen(pwdir)); + explicit_bzero(pwdir, strlen(pwdir)); free(pwdir); } diff --git a/sshconnect2.c b/sshconnect2.c index 8343db10e..c60a8511b 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.202 2014/01/29 06:18:35 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.203 2014/01/31 16:39:19 tedu Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1190,7 +1190,7 @@ pubkey_prepare(Authctxt *authctxt) /* If IdentitiesOnly set and key not found then don't use it */ if (!found && options.identities_only) { TAILQ_REMOVE(&files, id, next); - bzero(id, sizeof(*id)); + explicit_bzero(id, sizeof(*id)); free(id); } } diff --git a/sshd.c b/sshd.c index cb2e7db40..b7411fe83 100644 --- a/sshd.c +++ b/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.416 2014/01/29 00:19:26 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.417 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -621,7 +621,7 @@ privsep_preauth_child(void) arc4random_stir(); arc4random_buf(rnd, sizeof(rnd)); RAND_seed(rnd, sizeof(rnd)); - bzero(rnd, sizeof(rnd)); + explicit_bzero(rnd, sizeof(rnd)); /* Demote the private keys to public keys. */ demote_sensitive_data(); @@ -756,7 +756,7 @@ privsep_postauth(Authctxt *authctxt) arc4random_stir(); arc4random_buf(rnd, sizeof(rnd)); RAND_seed(rnd, sizeof(rnd)); - bzero(rnd, sizeof(rnd)); + explicit_bzero(rnd, sizeof(rnd)); /* Drop privileges */ do_setusercontext(authctxt->pw); @@ -1355,7 +1355,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s) arc4random_stir(); arc4random_buf(rnd, sizeof(rnd)); RAND_seed(rnd, sizeof(rnd)); - bzero(rnd, sizeof(rnd)); + explicit_bzero(rnd, sizeof(rnd)); } /* child process check (or debug mode) */ diff --git a/sshlogin.c b/sshlogin.c index 2688d8d7b..e79ca9b47 100644 --- a/sshlogin.c +++ b/sshlogin.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshlogin.c,v 1.27 2011/01/11 06:06:09 djm Exp $ */ +/* $OpenBSD: sshlogin.c,v 1.28 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -- cgit v1.2.3