clear passwords with explicit_bzero
Make sure to explicitly clear memory that is used for password input. memset is often optimized out by the compiler. Brought to attention by the OpenBSD community, see: https://marc.info/?t=146989502600003&r=1&w=2 Thread subject: x11/slock: clear passwords with explicit_bzero Changes: - explicit_bzero.c import from libressl-portable. - Makefile: add COMPATSRC for compatibility src. - config.mk: add separate *BSD section in config.mk to simply uncomment it on these platforms.
This commit is contained in:
Hiltjo Posthuma
parent
65b8d52788
commit
a7afade170
5 changed files with 34 additions and 5 deletions
6
Makefile
6
Makefile
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
include config.mk
|
||||
|
||||
SRC = slock.c
|
||||
SRC = slock.c ${COMPATSRC}
|
||||
OBJ = ${SRC:.c=.o}
|
||||
|
||||
all: options slock
|
||||
|
|
@ -35,8 +35,8 @@ clean:
|
|||
dist: clean
|
||||
@echo creating dist tarball
|
||||
@mkdir -p slock-${VERSION}
|
||||
@cp -R LICENSE Makefile README config.def.h config.mk ${SRC} slock.1 \
|
||||
slock-${VERSION}
|
||||
@cp -R LICENSE Makefile README config.def.h config.mk ${SRC} \
|
||||
explicit_bzero.c slock.1 slock-${VERSION}
|
||||
@tar -cf slock-${VERSION}.tar slock-${VERSION}
|
||||
@gzip slock-${VERSION}.tar
|
||||
@rm -rf slock-${VERSION}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue