3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-23 06:02:37 +01:00

eap: Wipe passphrase memory in TLS, TTLS, EAP

Wipe the passphrase memory in more places before freeing.
This commit is contained in:
Andrew Zaborowski 2018-04-26 11:29:26 +02:00 committed by Denis Kenzior
parent 6dc5d2c3ec
commit 56d3d40f30
3 changed files with 10 additions and 0 deletions

View File

@ -180,6 +180,8 @@ static void eap_peap_free(struct eap_state *eap)
l_free(peap->ca_cert); l_free(peap->ca_cert);
l_free(peap->client_cert); l_free(peap->client_cert);
l_free(peap->client_key); l_free(peap->client_key);
if (peap->passphrase)
memset(peap->passphrase, 0, strlen(peap->passphrase));
l_free(peap->passphrase); l_free(peap->passphrase);
l_free(peap); l_free(peap);
@ -974,6 +976,8 @@ error:
l_free(peap->ca_cert); l_free(peap->ca_cert);
l_free(peap->client_cert); l_free(peap->client_cert);
l_free(peap->client_key); l_free(peap->client_key);
if (peap->passphrase)
memset(peap->passphrase, 0, strlen(peap->passphrase));
l_free(peap->passphrase); l_free(peap->passphrase);
l_free(peap); l_free(peap);

View File

@ -56,6 +56,8 @@ static void eap_tls_free(struct eap_state *eap)
l_free(tls->ca_cert); l_free(tls->ca_cert);
l_free(tls->client_cert); l_free(tls->client_cert);
l_free(tls->client_key); l_free(tls->client_key);
if (tls->passphrase)
memset(tls->passphrase, 0, strlen(tls->passphrase));
l_free(tls->passphrase); l_free(tls->passphrase);
if (tls->rx_pkt_buf) { if (tls->rx_pkt_buf) {

View File

@ -60,6 +60,8 @@ static void eap_ttls_free(struct eap_state *eap)
l_free(ttls->ca_cert); l_free(ttls->ca_cert);
l_free(ttls->client_cert); l_free(ttls->client_cert);
l_free(ttls->client_key); l_free(ttls->client_key);
if (ttls->passphrase)
memset(ttls->passphrase, 0, strlen(ttls->passphrase));
l_free(ttls->passphrase); l_free(ttls->passphrase);
if (ttls->rx_pkt_buf) { if (ttls->rx_pkt_buf) {
@ -788,6 +790,8 @@ err:
l_free(ttls->ca_cert); l_free(ttls->ca_cert);
l_free(ttls->client_cert); l_free(ttls->client_cert);
l_free(ttls->client_key); l_free(ttls->client_key);
if (ttls->passphrase)
memset(ttls->passphrase, 0, strlen(ttls->passphrase));
l_free(ttls->passphrase); l_free(ttls->passphrase);
l_free(ttls); l_free(ttls);