- djm@cvs.openbsd.org 2014/02/02 03:44:32

[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
     [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
     [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
     [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
     [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c]
     convert memset of potentially-private data to explicit_bzero()

ChangeLog

@@ -44,6 +44,15 @@
      [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
      replace most bzero with explicit_bzero, except a few that cna be memset
      ok djm dtucker
+   - djm@cvs.openbsd.org 2014/02/02 03:44:32
+     [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
+     [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
+     [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
+     [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
+     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
+     [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
+     [sshd.c]
+     convert memset of potentially-private data to explicit_bzero()
 
 20140131
  - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)

auth1.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.79 2013/05/19 02:42:42 djm Exp $ */
+/* $OpenBSD: auth1.c,v 1.80 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -129,7 +129,7 @@ auth1_process_password(Authctxt *authctxt)
 	/* Try authentication with the password. */
 	authenticated = PRIVSEP(auth_password(authctxt, password));
 
-	memset(password, 0, dlen);
+	explicit_bzero(password, dlen);
 	free(password);
 
 	return (authenticated);
@@ -222,7 +222,7 @@ auth1_process_tis_response(Authctxt *authctxt)
 	response = packet_get_string(&dlen);
 	packet_check_eom();
 	authenticated = verify_response(authctxt, response);
-	memset(response, 'r', dlen);
+	explicit_bzero(response, dlen);
 	free(response);
 
 	return (authenticated);

auth2-chall.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.40 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.41 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -312,7 +312,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
 	res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
 
 	for (i = 0; i < nresp; i++) {
-		memset(response[i], 'r', strlen(response[i]));
+		explicit_bzero(response[i], strlen(response[i]));
 		free(response[i]);
 	}
 	free(response);

auth2-passwd.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.10 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.11 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -59,7 +59,7 @@ userauth_passwd(Authctxt *authctxt)
 	if (change) {
 		/* discard new password from packet */
 		newpass = packet_get_string(&newlen);
-		memset(newpass, 0, newlen);
+		explicit_bzero(newpass, newlen);
 		free(newpass);
 	}
 	packet_check_eom();
@@ -68,7 +68,7 @@ userauth_passwd(Authctxt *authctxt)
 		logit("password change not supported");
 	else if (PRIVSEP(auth_password(authctxt, password)) == 1)
 		authenticated = 1;
-	memset(password, 0, len);
+	explicit_bzero(password, len);
 	free(password);
 	return authenticated;
 }

authfile.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.102 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: authfile.c,v 1.103 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -131,7 +131,7 @@ key_private_to_blob2(Key *prv, Buffer *blob, const char *passphrase,
 		buffer_put_int(&kdf, rounds);
 	}
 	cipher_init(&ctx, c, key, keylen, key + keylen , ivlen, 1);
-	memset(key, 0, keylen + ivlen);
+	explicit_bzero(key, keylen + ivlen);
 	free(key);
 
 	buffer_init(&encoded);
@@ -143,7 +143,7 @@ key_private_to_blob2(Key *prv, Buffer *blob, const char *passphrase,
 	key_to_blob(prv, &cp, &len);			/* public key */
 	buffer_put_string(&encoded, cp, len);
 
-	memset(cp, 0, len);
+	explicit_bzero(cp, len);
 	free(cp);
 
 	buffer_free(&kdf);
@@ -409,7 +409,7 @@ key_parse_private2(Buffer *blob, int type, const char *passphrase,
 	free(salt);
 	free(comment);
 	if (key)
-		memset(key, 0, keylen + ivlen);
+		explicit_bzero(key, keylen + ivlen);
 	free(key);
 	buffer_free(&encoded);
 	buffer_free(&copy);
@@ -496,10 +496,10 @@ key_private_rsa1_to_blob(Key *key, Buffer *blob, const char *passphrase,
 	    buffer_ptr(&buffer), buffer_len(&buffer), 0, 0) != 0)
 		fatal("%s: cipher_crypt failed", __func__);
 	cipher_cleanup(&ciphercontext);
-	memset(&ciphercontext, 0, sizeof(ciphercontext));
+	explicit_bzero(&ciphercontext, sizeof(ciphercontext));
 
 	/* Destroy temporary data. */
-	memset(buf, 0, sizeof(buf));
+	explicit_bzero(buf, sizeof(buf));
 	buffer_free(&buffer);
 
 	buffer_append(blob, buffer_ptr(&encrypted), buffer_len(&encrypted));
@@ -831,7 +831,7 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp)
 	    buffer_ptr(&copy), buffer_len(&copy), 0, 0) != 0)
 		fatal("%s: cipher_crypt failed", __func__);
 	cipher_cleanup(&ciphercontext);
-	memset(&ciphercontext, 0, sizeof(ciphercontext));
+	explicit_bzero(&ciphercontext, sizeof(ciphercontext));
 	buffer_free(&copy);
 
 	check1 = buffer_get_char(&decrypted);

bufaux.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: bufaux.c,v 1.56 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -346,7 +346,7 @@ buffer_get_bignum2_as_string_ret(Buffer *buffer, u_int *length_ptr)
 	}
 	ret = xmalloc(len);
 	memcpy(ret, p, len);
-	memset(p, '\0', len);
+	explicit_bzero(p, len);
 	free(bin);
 	return ret;
 }
@@ -383,7 +383,7 @@ buffer_put_bignum2_from_string(Buffer *buffer, const u_char *s, u_int l)
 	}
 	memcpy(p, s, l);
 	buffer_put_string(buffer, buf, l + pad);
-	memset(buf, '\0', l + pad);
+	explicit_bzero(buf, l + pad);
 	free(buf);
 }
 

bufbn.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: bufbn.c,v 1.8 2013/11/08 11:15:19 dtucker Exp $*/
+/* $OpenBSD: bufbn.c,v 1.9 2014/02/02 03:44:31 djm Exp $*/
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -80,7 +80,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
 	/* Store the binary data. */
 	buffer_append(buffer, buf, oi);
 
-	memset(buf, 0, bin_size);
+	explicit_bzero(buf, bin_size);
 	free(buf);
 
 	return (0);
@@ -173,7 +173,7 @@ buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
 	}
 	hasnohigh = (buf[1] & 0x80) ? 0 : 1;
 	buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
-	memset(buf, 0, bytes);
+	explicit_bzero(buf, bytes);
 	free(buf);
 	return (0);
 }

buffer.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: buffer.c,v 1.34 2013/11/08 11:15:19 dtucker Exp $ */
+/* $OpenBSD: buffer.c,v 1.35 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -49,7 +49,7 @@ void
 buffer_free(Buffer *buffer)
 {
 	if (buffer->alloc > 0) {
-		memset(buffer->buf, 0, buffer->alloc);
+		explicit_bzero(buffer->buf, buffer->alloc);
 		buffer->alloc = 0;
 		free(buffer->buf);
 	}

cipher-3des1.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher-3des1.c,v 1.9 2013/11/08 00:39:15 djm Exp $ */
+/* $OpenBSD: cipher-3des1.c,v 1.10 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2003 Markus Friedl.  All rights reserved.
  *
@@ -93,7 +93,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
 	if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 ||
 	    EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 ||
 	    EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) {
-		memset(c, 0, sizeof(*c));
+		explicit_bzero(c, sizeof(*c));
 		free(c);
 		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
 		return (0);
@@ -134,7 +134,7 @@ ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx)
 		EVP_CIPHER_CTX_cleanup(&c->k1);
 		EVP_CIPHER_CTX_cleanup(&c->k2);
 		EVP_CIPHER_CTX_cleanup(&c->k3);
-		memset(c, 0, sizeof(*c));
+		explicit_bzero(c, sizeof(*c));
 		free(c);
 		EVP_CIPHER_CTX_set_app_data(ctx, NULL);
 	}

cipher.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.95 2014/01/27 19:18:54 markus Exp $ */
+/* $OpenBSD: cipher.c,v 1.96 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -337,7 +337,7 @@ cipher_init(CipherContext *cc, const Cipher *cipher,
 		if (EVP_Cipher(&cc->evp, discard, junk,
 		    cipher->discard_len) == 0)
 			fatal("evp_crypt: EVP_Cipher failed during discard");
-		memset(discard, 0, cipher->discard_len);
+		explicit_bzero(discard, cipher->discard_len);
 		free(junk);
 		free(discard);
 	}
@@ -422,7 +422,7 @@ void
 cipher_cleanup(CipherContext *cc)
 {
 	if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0)
-		memset(&cc->cp_ctx, 0, sizeof(cc->cp_ctx));
+		explicit_bzero(&cc->cp_ctx, sizeof(cc->cp_ctx));
 	else if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0)
 		error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed");
 }
@@ -444,7 +444,7 @@ cipher_set_key_string(CipherContext *cc, const Cipher *cipher,
 
 	cipher_init(cc, cipher, digest, 16, NULL, 0, do_encrypt);
 
-	memset(digest, 0, sizeof(digest));
+	explicit_bzero(digest, sizeof(digest));
 }
 
 /*

clientloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.257 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: clientloop.c,v 1.258 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1761,7 +1761,7 @@ client_input_stdout_data(int type, u_int32_t seq, void *ctxt)
 	char *data = packet_get_string(&data_len);
 	packet_check_eom();
 	buffer_append(&stdout_buffer, data, data_len);
-	memset(data, 0, data_len);
+	explicit_bzero(data, data_len);
 	free(data);
 }
 static void
@@ -1771,7 +1771,7 @@ client_input_stderr_data(int type, u_int32_t seq, void *ctxt)
 	char *data = packet_get_string(&data_len);
 	packet_check_eom();
 	buffer_append(&stderr_buffer, data, data_len);
-	memset(data, 0, data_len);
+	explicit_bzero(data, data_len);
 	free(data);
 }
 static void

gss-serv.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-serv.c,v 1.24 2013/07/20 01:55:13 djm Exp $ */
+/* $OpenBSD: gss-serv.c,v 1.25 2014/02/02 03:44:31 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -346,7 +346,8 @@ ssh_gssapi_userok(char *user)
 			gss_release_buffer(&lmin, &gssapi_client.displayname);
 			gss_release_buffer(&lmin, &gssapi_client.exportedname);
 			gss_release_cred(&lmin, &gssapi_client.creds);
-			memset(&gssapi_client, 0, sizeof(ssh_gssapi_client));
+			explicit_bzero(&gssapi_client,
+			    sizeof(ssh_gssapi_client));
 			return 0;
 		}
 	else

kex.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.97 2014/01/25 20:35:37 markus Exp $ */
+/* $OpenBSD: kex.c,v 1.98 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -666,8 +666,8 @@ derive_ssh1_session_id(BIGNUM *host_modulus, BIGNUM *server_modulus,
 		fatal("%s: ssh_digest_final failed", __func__);
 	memcpy(id, obuf, ssh_digest_bytes(SSH_DIGEST_MD5));
 
-	memset(nbuf, 0, sizeof(nbuf));
-	memset(obuf, 0, sizeof(obuf));
+	explicit_bzero(nbuf, sizeof(nbuf));
+	explicit_bzero(obuf, sizeof(obuf));
 }
 
 #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) || defined(DEBUG_KEXECDH)

kexdhc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhc.c,v 1.14 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.15 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -124,7 +124,7 @@ kexdh_client(Kex *kex)
 		fatal("kexdh_client: BN_new failed");
 	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexdh_client: BN_bin2bn failed");
-	memset(kbuf, 0, klen);
+	explicit_bzero(kbuf, klen);
 	free(kbuf);
 
 	/* calc and verify H */

kexdhs.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.17 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.18 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -110,7 +110,7 @@ kexdh_server(Kex *kex)
 		fatal("kexdh_server: BN_new failed");
 	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexdh_server: BN_bin2bn failed");
-	memset(kbuf, 0, klen);
+	explicit_bzero(kbuf, klen);
 	free(kbuf);
 
 	key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);

kexecdhc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhc.c,v 1.6 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: kexecdhc.c,v 1.7 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -119,7 +119,7 @@ kexecdh_client(Kex *kex)
 		fatal("%s: BN_new failed", __func__);
 	if (BN_bin2bn(kbuf, klen, shared_secret) == NULL)
 		fatal("%s: BN_bin2bn failed", __func__);
-	memset(kbuf, 0, klen);
+	explicit_bzero(kbuf, klen);
 	free(kbuf);
 
 	/* calc and verify H */

kexecdhs.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexecdhs.c,v 1.9 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: kexecdhs.c,v 1.10 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -103,7 +103,7 @@ kexecdh_server(Kex *kex)
 		fatal("%s: BN_new failed", __func__);
 	if (BN_bin2bn(kbuf, klen, shared_secret) == NULL)
 		fatal("%s: BN_bin2bn failed", __func__);
-	memset(kbuf, 0, klen);
+	explicit_bzero(kbuf, klen);
 	free(kbuf);
 
 	/* calc H */

kexgexc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.16 2014/01/25 10:12:50 dtucker Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.17 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -162,7 +162,7 @@ kexgex_client(Kex *kex)
 		fatal("kexgex_client: BN_new failed");
 	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexgex_client: BN_bin2bn failed");
-	memset(kbuf, 0, klen);
+	explicit_bzero(kbuf, klen);
 	free(kbuf);
 
 	if (datafellows & SSH_OLD_DHGEX)

kexgexs.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.18 2014/01/12 08:13:13 djm Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.19 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -150,7 +150,7 @@ kexgex_server(Kex *kex)
 		fatal("kexgex_server: BN_new failed");
 	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
 		fatal("kexgex_server: BN_bin2bn failed");
-	memset(kbuf, 0, klen);
+	explicit_bzero(kbuf, klen);
 	free(kbuf);
 
 	key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);

key.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.115 2014/01/09 23:20:00 djm Exp $ */
+/* $OpenBSD: key.c,v 1.116 2014/02/02 03:44:31 djm Exp $ */
 /*
  * read_bignum():
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -242,12 +242,12 @@ key_free(Key *k)
 	case KEY_ED25519:
 	case KEY_ED25519_CERT:
 		if (k->ed25519_pk) {
-			memset(k->ed25519_pk, 0, ED25519_PK_SZ);
+			explicit_bzero(k->ed25519_pk, ED25519_PK_SZ);
 			free(k->ed25519_pk);
 			k->ed25519_pk = NULL;
 		}
 		if (k->ed25519_sk) {
-			memset(k->ed25519_sk, 0, ED25519_SK_SZ);
+			explicit_bzero(k->ed25519_sk, ED25519_SK_SZ);
 			free(k->ed25519_sk);
 			k->ed25519_sk = NULL;
 		}
@@ -415,7 +415,7 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
 		if ((ssh_digest_memory(hash_alg, blob, len,
 		    retval, SSH_DIGEST_MAX_LENGTH)) != 0)
 			fatal("%s: digest_memory failed", __func__);
-		memset(blob, 0, len);
+		explicit_bzero(blob, len);
 		free(blob);
 		*dgst_raw_length = ssh_digest_bytes(hash_alg);
 	} else {
@@ -623,7 +623,7 @@ key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
 		    dgst_rep);
 		break;
 	}
-	memset(dgst_raw, 0, dgst_raw_len);
+	explicit_bzero(dgst_raw, dgst_raw_len);
 	free(dgst_raw);
 	return retval;
 }
@@ -1744,7 +1744,7 @@ to_blob(const Key *key, u_char **blobp, u_int *lenp, int force_plain)
 		*blobp = xmalloc(len);
 		memcpy(*blobp, buffer_ptr(&b), len);
 	}
-	memset(buffer_ptr(&b), 0, len);
+	explicit_bzero(buffer_ptr(&b), len);
 	buffer_free(&b);
 	return len;
 }

monitor.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.130 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: monitor.c,v 1.131 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -858,7 +858,7 @@ mm_answer_authpassword(int sock, Buffer *m)
 	/* Only authenticate if the context is valid */
 	authenticated = options.password_authentication &&
 	    auth_password(authctxt, passwd);
-	memset(passwd, 0, strlen(passwd));
+	explicit_bzero(passwd, strlen(passwd));
 	free(passwd);
 
 	buffer_clear(m);
@@ -1800,13 +1800,13 @@ monitor_apply_keystate(struct monitor *pmonitor)
 	/* XXX inefficient for large buffers, need: buffer_init_from_string */
 	buffer_clear(packet_get_input());
 	buffer_append(packet_get_input(), child_state.input, child_state.ilen);
-	memset(child_state.input, 0, child_state.ilen);
+	explicit_bzero(child_state.input, child_state.ilen);
 	free(child_state.input);
 
 	buffer_clear(packet_get_output());
 	buffer_append(packet_get_output(), child_state.output,
 		      child_state.olen);
-	memset(child_state.output, 0, child_state.olen);
+	explicit_bzero(child_state.output, child_state.olen);
 	free(child_state.output);
 
 	/* Roaming */

monitor_wrap.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.78 2014/01/29 06:18:35 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.79 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -572,7 +572,7 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
 		*blobp = xmalloc(len);
 		memcpy(*blobp, buffer_ptr(&b), len);
 	}
-	memset(buffer_ptr(&b), 0, len);
+	explicit_bzero(buffer_ptr(&b), len);
 	buffer_free(&b);
 	return len;
 }
@@ -616,7 +616,7 @@ mm_send_keystate(struct monitor *monitor)
 		key = xmalloc(keylen+1);	/* add 1 if keylen == 0 */
 		keylen = packet_get_encryption_key(key);
 		buffer_put_string(&m, key, keylen);
-		memset(key, 0, keylen);
+		explicit_bzero(key, keylen);
 		free(key);
 
 		ivlen = packet_get_keyiv_len(MODE_OUT);

packet.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.191 2013/12/06 13:34:54 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.192 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -764,9 +764,9 @@ set_newkeys(int mode)
 		mac  = &active_state->newkeys[mode]->mac;
 		comp = &active_state->newkeys[mode]->comp;
 		mac_clear(mac);
-		memset(enc->iv,  0, enc->iv_len);
-		memset(enc->key, 0, enc->key_len);
-		memset(mac->key, 0, mac->key_len);
+		explicit_bzero(enc->iv,  enc->iv_len);
+		explicit_bzero(enc->key, enc->key_len);
+		explicit_bzero(mac->key, mac->key_len);
 		free(enc->name);
 		free(enc->iv);
 		free(enc->key);
@@ -787,9 +787,9 @@ set_newkeys(int mode)
 	cipher_init(cc, enc->cipher, enc->key, enc->key_len,
 	    enc->iv, enc->iv_len, crypt_type);
 	/* Deleting the keys does not gain extra security */
-	/* memset(enc->iv,  0, enc->block_size);
-	   memset(enc->key, 0, enc->key_len);
-	   memset(mac->key, 0, mac->key_len); */
+	/* explicit_bzero(enc->iv,  enc->block_size);
+	   explicit_bzero(enc->key, enc->key_len);
+	   explicit_bzero(mac->key, mac->key_len); */
 	if ((comp->type == COMP_ZLIB ||
 	    (comp->type == COMP_DELAYED &&
 	     active_state->after_authentication)) && comp->enabled == 0) {
@@ -928,7 +928,7 @@ packet_send2_wrapped(void)
 		}
 	} else {
 		/* clear padding */
-		memset(cp, 0, padlen);
+		explicit_bzero(cp, padlen);
 	}
 	/* sizeof (packet_len + pad_len + payload + padding) */
 	len = buffer_len(&active_state->outgoing_packet);

readpass.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: readpass.c,v 1.49 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: readpass.c,v 1.50 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -99,13 +99,13 @@ ssh_askpass(char *askpass, const char *msg)
 			break;
 	signal(SIGCHLD, osigchld);
 	if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) {
-		memset(buf, 0, sizeof(buf));
+		explicit_bzero(buf, sizeof(buf));
 		return NULL;
 	}
 
 	buf[strcspn(buf, "\r\n")] = '\0';
 	pass = xstrdup(buf);
-	memset(buf, 0, sizeof(buf));
+	explicit_bzero(buf, sizeof(buf));
 	return pass;
 }
 
@@ -162,7 +162,7 @@ read_passphrase(const char *prompt, int flags)
 	}
 
 	ret = xstrdup(buf);
-	memset(buf, 'x', sizeof buf);
+	explicit_bzero(buf, sizeof(buf));
 	return ret;
 }
 

rsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.c,v 1.30 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: rsa.c,v 1.31 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -94,8 +94,8 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	if (BN_bin2bn(outbuf, len, out) == NULL)
 		fatal("rsa_public_encrypt: BN_bin2bn failed");
 
-	memset(outbuf, 0, olen);
-	memset(inbuf, 0, ilen);
+	explicit_bzero(outbuf, olen);
+	explicit_bzero(inbuf, ilen);
 	free(outbuf);
 	free(inbuf);
 }
@@ -120,8 +120,8 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 		if (BN_bin2bn(outbuf, len, out) == NULL)
 			fatal("rsa_private_decrypt: BN_bin2bn failed");
 	}
-	memset(outbuf, 0, olen);
-	memset(inbuf, 0, ilen);
+	explicit_bzero(outbuf, olen);
+	explicit_bzero(inbuf, ilen);
 	free(outbuf);
 	free(inbuf);
 	return len;

serverloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.169 2013/12/19 00:19:12 dtucker Exp $ */
+/* $OpenBSD: serverloop.c,v 1.170 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -920,7 +920,7 @@ server_input_stdin_data(int type, u_int32_t seq, void *ctxt)
 	data = packet_get_string(&data_len);
 	packet_check_eom();
 	buffer_append(&stdin_buffer, data, data_len);
-	memset(data, 0, data_len);
+	explicit_bzero(data, data_len);
 	free(data);
 }
 

ssh-add.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.108 2013/12/19 00:10:30 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.109 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -90,7 +90,7 @@ static void
 clear_pass(void)
 {
 	if (pass) {
-		memset(pass, 0, strlen(pass));
+		explicit_bzero(pass, strlen(pass));
 		free(pass);
 		pass = NULL;
 	}
@@ -366,7 +366,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
 			fprintf(stderr, "Passwords do not match.\n");
 			passok = 0;
 		}
-		memset(p2, 0, strlen(p2));
+		explicit_bzero(p2, strlen(p2));
 		free(p2);
 	}
 	if (passok && ssh_lock_agent(ac, lock, p1)) {
@@ -374,7 +374,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
 		ret = 0;
 	} else
 		fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un");
-	memset(p1, 0, strlen(p1));
+	explicit_bzero(p1, strlen(p1));
 	free(p1);
 	return (ret);
 }

ssh-agent.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.182 2014/01/27 19:18:54 markus Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.183 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -554,7 +554,7 @@ process_lock_agent(SocketEntry *e, int lock)
 	passwd = buffer_get_string(&e->request, NULL);
 	if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
 		locked = 0;
-		memset(lock_passwd, 0, strlen(lock_passwd));
+		explicit_bzero(lock_passwd, strlen(lock_passwd));
 		free(lock_passwd);
 		lock_passwd = NULL;
 		success = 1;
@@ -563,7 +563,7 @@ process_lock_agent(SocketEntry *e, int lock)
 		lock_passwd = xstrdup(passwd);
 		success = 1;
 	}
-	memset(passwd, 0, strlen(passwd));
+	explicit_bzero(passwd, strlen(passwd));
 	free(passwd);
 
 	buffer_put_int(&e->output, 1);

ssh-dss.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.30 2014/01/09 23:20:00 djm Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.31 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -65,7 +65,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp,
 	}
 
 	sig = DSA_do_sign(digest, dlen, key->dsa);
-	memset(digest, 'd', sizeof(digest));
+	explicit_bzero(digest, sizeof(digest));
 
 	if (sig == NULL) {
 		error("ssh_dss_sign: sign failed");
@@ -79,7 +79,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp,
 		DSA_SIG_free(sig);
 		return -1;
 	}
-	memset(sigblob, 0, SIGBLOB_LEN);
+	explicit_bzero(sigblob, SIGBLOB_LEN);
 	BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
 	BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
 	DSA_SIG_free(sig);
@@ -168,7 +168,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
 		fatal("%s: BN_bin2bn failed", __func__);
 
 	/* clean up */
-	memset(sigblob, 0, len);
+	explicit_bzero(sigblob, len);
 	free(sigblob);
 
 	/* sha1 the data */
@@ -179,7 +179,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
 	}
 
 	ret = DSA_do_verify(digest, dlen, sig, key->dsa);
-	memset(digest, 'd', sizeof(digest));
+	explicit_bzero(digest, sizeof(digest));
 
 	DSA_SIG_free(sig);
 

ssh-ecdsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.8 2014/01/09 23:20:00 djm Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.9 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -72,7 +72,7 @@ ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp,
 	}
 
 	sig = ECDSA_do_sign(digest, dlen, key->ecdsa);
-	memset(digest, 'd', sizeof(digest));
+	explicit_bzero(digest, sizeof(digest));
 
 	if (sig == NULL) {
 		error("%s: sign failed", __func__);
@@ -153,7 +153,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
 	buffer_free(&bb);
 
 	/* clean up */
-	memset(sigblob, 0, len);
+	explicit_bzero(sigblob, len);
 	free(sigblob);
 
 	/* hash the data */
@@ -169,7 +169,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
 	}
 
 	ret = ECDSA_do_verify(digest, dlen, sig, key->ecdsa);
-	memset(digest, 'd', sizeof(digest));
+	explicit_bzero(digest, sizeof(digest));
 
 	ECDSA_SIG_free(sig);
 

ssh-ed25519.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ed25519.c,v 1.1 2013/12/06 13:39:49 markus Exp $ */
+/* $OpenBSD: ssh-ed25519.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2013 Markus Friedl <markus@openbsd.org>
  *
@@ -66,7 +66,7 @@ ssh_ed25519_sign(const Key *key, u_char **sigp, u_int *lenp,
 		memcpy(*sigp, buffer_ptr(&b), len);
 	}
 	buffer_free(&b);
-	memset(sig, 's', slen);
+	explicit_bzero(sig, slen);
 	free(sig);
 
 	return 0;
@@ -130,9 +130,9 @@ ssh_ed25519_verify(const Key *key, const u_char *signature, u_int signaturelen,
 	}
 	/* XXX compare 'm' and 'data' ? */
 
-	memset(sigblob, 's', len);
-	memset(sm, 'S', smlen);
-	memset(m, 'm', smlen); /* NB. mlen may be invalid if ret != 0 */
+	explicit_bzero(sigblob, len);
+	explicit_bzero(sm, smlen);
+	explicit_bzero(m, smlen); /* NB. mlen may be invalid if ret != 0 */
 	free(sigblob);
 	free(sm);
 	free(m);

ssh-keygen.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.239 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.240 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -267,7 +267,7 @@ load_identity(char *filename)
 			pass = read_passphrase("Enter passphrase: ",
 			    RP_ALLOW_STDIN);
 		prv = key_load_private(filename, pass, NULL);
-		memset(pass, 0, strlen(pass));
+		explicit_bzero(pass, strlen(pass));
 		free(pass);
 	}
 	return prv;
@@ -1258,7 +1258,7 @@ do_change_passphrase(struct passwd *pw)
 			    RP_ALLOW_STDIN);
 		private = key_load_private(identity_file, old_passphrase,
 		    &comment);
-		memset(old_passphrase, 0, strlen(old_passphrase));
+		explicit_bzero(old_passphrase, strlen(old_passphrase));
 		free(old_passphrase);
 		if (private == NULL) {
 			printf("Bad passphrase.\n");
@@ -1280,15 +1280,15 @@ do_change_passphrase(struct passwd *pw)
 
 		/* Verify that they are the same. */
 		if (strcmp(passphrase1, passphrase2) != 0) {
-			memset(passphrase1, 0, strlen(passphrase1));
-			memset(passphrase2, 0, strlen(passphrase2));
+			explicit_bzero(passphrase1, strlen(passphrase1));
+			explicit_bzero(passphrase2, strlen(passphrase2));
 			free(passphrase1);
 			free(passphrase2);
 			printf("Pass phrases do not match.  Try again.\n");
 			exit(1);
 		}
 		/* Destroy the other copy. */
-		memset(passphrase2, 0, strlen(passphrase2));
+		explicit_bzero(passphrase2, strlen(passphrase2));
 		free(passphrase2);
 	}
 
@@ -1296,14 +1296,14 @@ do_change_passphrase(struct passwd *pw)
 	if (!key_save_private(private, identity_file, passphrase1, comment,
 	    use_new_format, new_format_cipher, rounds)) {
 		printf("Saving the key failed: %s.\n", identity_file);
-		memset(passphrase1, 0, strlen(passphrase1));
+		explicit_bzero(passphrase1, strlen(passphrase1));
 		free(passphrase1);
 		key_free(private);
 		free(comment);
 		exit(1);
 	}
 	/* Destroy the passphrase and the copy of the key in memory. */
-	memset(passphrase1, 0, strlen(passphrase1));
+	explicit_bzero(passphrase1, strlen(passphrase1));
 	free(passphrase1);
 	key_free(private);		 /* Destroys contents */
 	free(comment);
@@ -1375,7 +1375,7 @@ do_change_comment(struct passwd *pw)
 		/* Try to load using the passphrase. */
 		private = key_load_private(identity_file, passphrase, &comment);
 		if (private == NULL) {
-			memset(passphrase, 0, strlen(passphrase));
+			explicit_bzero(passphrase, strlen(passphrase));
 			free(passphrase);
 			printf("Bad passphrase.\n");
 			exit(1);
@@ -1396,7 +1396,7 @@ do_change_comment(struct passwd *pw)
 		printf("Enter new comment: ");
 		fflush(stdout);
 		if (!fgets(new_comment, sizeof(new_comment), stdin)) {
-			memset(passphrase, 0, strlen(passphrase));
+			explicit_bzero(passphrase, strlen(passphrase));
 			key_free(private);
 			exit(1);
 		}
@@ -1407,13 +1407,13 @@ do_change_comment(struct passwd *pw)
 	if (!key_save_private(private, identity_file, passphrase, new_comment,
 	    use_new_format, new_format_cipher, rounds)) {
 		printf("Saving the key failed: %s.\n", identity_file);
-		memset(passphrase, 0, strlen(passphrase));
+		explicit_bzero(passphrase, strlen(passphrase));
 		free(passphrase);
 		key_free(private);
 		free(comment);
 		exit(1);
 	}
-	memset(passphrase, 0, strlen(passphrase));
+	explicit_bzero(passphrase, strlen(passphrase));
 	free(passphrase);
 	public = key_from_private(private);
 	key_free(private);
@@ -2632,15 +2632,15 @@ passphrase_again:
 			 * The passphrases do not match.  Clear them and
 			 * retry.
 			 */
-			memset(passphrase1, 0, strlen(passphrase1));
-			memset(passphrase2, 0, strlen(passphrase2));
+			explicit_bzero(passphrase1, strlen(passphrase1));
+			explicit_bzero(passphrase2, strlen(passphrase2));
 			free(passphrase1);
 			free(passphrase2);
 			printf("Passphrases do not match.  Try again.\n");
 			goto passphrase_again;
 		}
 		/* Clear the other copy of the passphrase. */
-		memset(passphrase2, 0, strlen(passphrase2));
+		explicit_bzero(passphrase2, strlen(passphrase2));
 		free(passphrase2);
 	}
 
@@ -2655,12 +2655,12 @@ passphrase_again:
 	if (!key_save_private(private, identity_file, passphrase1, comment,
 	    use_new_format, new_format_cipher, rounds)) {
 		printf("Saving the key failed: %s.\n", identity_file);
-		memset(passphrase1, 0, strlen(passphrase1));
+		explicit_bzero(passphrase1, strlen(passphrase1));
 		free(passphrase1);
 		exit(1);
 	}
 	/* Clear the passphrase. */
-	memset(passphrase1, 0, strlen(passphrase1));
+	explicit_bzero(passphrase1, strlen(passphrase1));
 	free(passphrase1);
 
 	/* Clear the private key and the random number generator. */

ssh-rsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-rsa.c,v 1.50 2014/01/09 23:20:00 djm Exp $ */
+/* $OpenBSD: ssh-rsa.c,v 1.51 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
  *
@@ -70,7 +70,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
 	sig = xmalloc(slen);
 
 	ok = RSA_sign(nid, digest, dlen, sig, &len, key->rsa);
-	memset(digest, 'd', sizeof(digest));
+	explicit_bzero(digest, sizeof(digest));
 
 	if (ok != 1) {
 		int ecode = ERR_get_error();
@@ -84,7 +84,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
 		u_int diff = slen - len;
 		debug("slen %u > len %u", slen, len);
 		memmove(sig + diff, sig, len);
-		memset(sig, 0, diff);
+		explicit_bzero(sig, diff);
 	} else if (len > slen) {
 		error("%s: slen %u slen2 %u", __func__, slen, len);
 		free(sig);
@@ -102,7 +102,7 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
 		memcpy(*sigp, buffer_ptr(&b), len);
 	}
 	buffer_free(&b);
-	memset(sig, 's', slen);
+	explicit_bzero(sig, slen);
 	free(sig);
 
 	return 0;
@@ -161,7 +161,7 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
 		    modlen, len);
 		sigblob = xrealloc(sigblob, 1, modlen);
 		memmove(sigblob + diff, sigblob, len);
-		memset(sigblob, 0, diff);
+		explicit_bzero(sigblob, diff);
 		len = modlen;
 	}
 	/* hash the data */
@@ -178,8 +178,8 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
 
 	ret = openssh_RSA_verify(hash_alg, digest, dlen, sigblob, len,
 	    key->rsa);
-	memset(digest, 'd', sizeof(digest));
-	memset(sigblob, 's', len);
+	explicit_bzero(digest, sizeof(digest));
+	explicit_bzero(sigblob, len);
 	free(sigblob);
 	debug("%s: signature %scorrect", __func__, (ret == 0) ? "in" : "");
 	return ret;

sshconnect.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.244 2014/01/09 23:26:48 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.245 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1299,7 +1299,7 @@ ssh_put_password(char *password)
 	padded = xcalloc(1, size);
 	strlcpy(padded, password, size);
 	packet_put_string(padded, size);
-	memset(padded, 0, size);
+	explicit_bzero(padded, size);
 	free(padded);
 }
 

sshconnect1.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect1.c,v 1.73 2014/01/27 19:18:54 markus Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.74 2014/02/02 03:44:32 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -120,7 +120,7 @@ try_agent_authentication(void)
 			 * return a wrong value.
 			 */
 			logit("Authentication agent failed to decrypt challenge.");
-			memset(response, 0, sizeof(response));
+			explicit_bzero(response, sizeof(response));
 		}
 		key_free(key);
 		debug("Sending response to RSA challenge.");
@@ -195,9 +195,9 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv)
 	packet_send();
 	packet_write_wait();
 
-	memset(buf, 0, sizeof(buf));
-	memset(response, 0, sizeof(response));
-	memset(&md, 0, sizeof(md));
+	explicit_bzero(buf, sizeof(buf));
+	explicit_bzero(response, sizeof(response));
+	explicit_bzero(&md, sizeof(md));
 }
 
 /*
@@ -271,7 +271,7 @@ try_rsa_authentication(int idx)
 				debug2("no passphrase given, try next key");
 				quit = 1;
 			}
-			memset(passphrase, 0, strlen(passphrase));
+			explicit_bzero(passphrase, strlen(passphrase));
 			free(passphrase);
 			if (private != NULL || quit)
 				break;
@@ -427,7 +427,7 @@ try_challenge_response_authentication(void)
 		}
 		packet_start(SSH_CMSG_AUTH_TIS_RESPONSE);
 		ssh_put_password(response);
-		memset(response, 0, strlen(response));
+		explicit_bzero(response, strlen(response));
 		free(response);
 		packet_send();
 		packet_write_wait();
@@ -460,7 +460,7 @@ try_password_authentication(char *prompt)
 		password = read_passphrase(prompt, 0);
 		packet_start(SSH_CMSG_AUTH_PASSWORD);
 		ssh_put_password(password);
-		memset(password, 0, strlen(password));
+		explicit_bzero(password, strlen(password));
 		free(password);
 		packet_send();
 		packet_write_wait();
@@ -652,8 +652,11 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	/* Set the encryption key. */
 	packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, options.cipher);
 
-	/* We will no longer need the session key here.  Destroy any extra copies. */
-	memset(session_key, 0, sizeof(session_key));
+	/*
+	 * We will no longer need the session key here.
+	 * Destroy any extra copies.
+	 */
+	explicit_bzero(session_key, sizeof(session_key));
 
 	/*
 	 * Expect a success message from the server.  Note that this message

sshconnect2.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.203 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.204 2014/02/02 03:44:32 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -869,7 +869,7 @@ userauth_passwd(Authctxt *authctxt)
 	packet_put_cstring(authctxt->method->name);
 	packet_put_char(0);
 	packet_put_cstring(password);
-	memset(password, 0, strlen(password));
+	explicit_bzero(password, strlen(password));
 	free(password);
 	packet_add_padding(64);
 	packet_send();
@@ -915,7 +915,7 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
 	    authctxt->server_user, host);
 	password = read_passphrase(prompt, 0);
 	packet_put_cstring(password);
-	memset(password, 0, strlen(password));
+	explicit_bzero(password, strlen(password));
 	free(password);
 	password = NULL;
 	while (password == NULL) {
@@ -932,16 +932,16 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
 		    authctxt->server_user, host);
 		retype = read_passphrase(prompt, 0);
 		if (strcmp(password, retype) != 0) {
-			memset(password, 0, strlen(password));
+			explicit_bzero(password, strlen(password));
 			free(password);
 			logit("Mismatch; try again, EOF to quit.");
 			password = NULL;
 		}
-		memset(retype, 0, strlen(retype));
+		explicit_bzero(retype, strlen(retype));
 		free(retype);
 	}
 	packet_put_cstring(password);
-	memset(password, 0, strlen(password));
+	explicit_bzero(password, strlen(password));
 	free(password);
 	packet_add_padding(64);
 	packet_send();
@@ -1126,7 +1126,7 @@ load_identity_file(char *filename, int userprovided)
 				debug2("no passphrase given, try next key");
 				quit = 1;
 			}
-			memset(passphrase, 0, strlen(passphrase));
+			explicit_bzero(passphrase, strlen(passphrase));
 			free(passphrase);
 			if (private != NULL || quit)
 				break;
@@ -1385,7 +1385,7 @@ input_userauth_info_req(int type, u_int32_t seq, void *ctxt)
 		response = read_passphrase(prompt, echo ? RP_ECHO : 0);
 
 		packet_put_cstring(response);
-		memset(response, 0, strlen(response));
+		explicit_bzero(response, strlen(response));
 		free(response);
 		free(prompt);
 	}
@@ -1555,7 +1555,7 @@ userauth_hostbased(Authctxt *authctxt)
 	packet_put_cstring(chost);
 	packet_put_cstring(authctxt->local_user);
 	packet_put_string(signature, slen);
-	memset(signature, 's', slen);
+	explicit_bzero(signature, slen);
 	free(signature);
 	free(chost);
 	free(pkalg);

sshd.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.417 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: sshd.c,v 1.418 2014/02/02 03:44:32 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -579,7 +579,7 @@ destroy_sensitive_data(void)
 		}
 	}
 	sensitive_data.ssh1_host_key = NULL;
-	memset(sensitive_data.ssh1_cookie, 0, SSH_SESSION_KEY_LENGTH);
+	explicit_bzero(sensitive_data.ssh1_cookie, SSH_SESSION_KEY_LENGTH);
 }
 
 /* Demote private to public keys for network child */
@@ -1657,7 +1657,8 @@ main(int ac, char **av)
 			fatal("Privilege separation user %s does not exist",
 			    SSH_PRIVSEP_USER);
 	} else {
-		memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
+		explicit_bzero(privsep_pw->pw_passwd,
+		    strlen(privsep_pw->pw_passwd));
 		privsep_pw = pwcopy(privsep_pw);
 		free(privsep_pw->pw_passwd);
 		privsep_pw->pw_passwd = xstrdup("*");
@@ -2341,7 +2342,7 @@ do_ssh1_kex(void)
 			    get_remote_ipaddr(), len, (u_long)sizeof(session_key));
 			rsafail++;
 		} else {
-			memset(session_key, 0, sizeof(session_key));
+			explicit_bzero(session_key, sizeof(session_key));
 			BN_bn2bin(session_key_int,
 			    session_key + sizeof(session_key) - len);
 
@@ -2379,7 +2380,7 @@ do_ssh1_kex(void)
 		    sizeof(session_key) - 16) < 0)
 			fatal("%s: md5 failed", __func__);
 		ssh_digest_free(md);
-		memset(buf, 0, bytes);
+		explicit_bzero(buf, bytes);
 		free(buf);
 		for (i = 0; i < 16; i++)
 			session_id[i] = session_key[i] ^ session_key[i + 16];
@@ -2397,7 +2398,7 @@ do_ssh1_kex(void)
 	packet_set_encryption_key(session_key, SSH_SESSION_KEY_LENGTH, cipher_type);
 
 	/* Destroy our copy of the session key.  It is no longer needed. */
-	memset(session_key, 0, sizeof(session_key));
+	explicit_bzero(session_key, sizeof(session_key));
 
 	debug("Received session key; encryption turned on.");