Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Tree: 9ab73b51e8
Branches Tags
buildroot
/
package
/
openssh
/
openssh-drop-SUSv3-legacy.patch

openssh-drop-SUSv3-legacy.patch 13 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441 
  1. Drop SUSv3 legacy fuctions
    2. 

  2. 

  3. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
    4. 

  4. ---
    5. 

  5.  auth2-jpake.c             |   24 ++++++++++++------------
    6. 

  6.  channels.c                |    6 +++---
    7. 

  7.  clientloop.c              |    4 ++--
    8. 

  8.  jpake.c                   |    6 +++---
    9. 

  9.  monitor.c                 |   18 +++++++++---------
    10. 

  10.  openbsd-compat/port-tun.c |    4 ++--
    11. 

  11.  schnorr.c                 |    6 +++---
    12. 

  12.  session.c                 |    2 +-
    13. 

  13.  sftp-client.c             |    2 +-
    14. 

  14.  ssh-keygen.c              |    2 +-
    15. 

  15.  ssh.c                     |    8 ++++----
    16. 

  16.  sshconnect2.c             |   22 +++++++++++-----------
    17. 

  17.  12 files changed, 52 insertions(+), 52 deletions(-)
    18. 

  18. 

  19. diff --git a/auth2-jpake.c b/auth2-jpake.c
    20. 

  20. index 5de5506..b34d696 100644
    21. 

  21. --- a/auth2-jpake.c
    22. 

  22. +++ b/auth2-jpake.c
    23. 

  23. @@ -173,7 +173,7 @@ derive_rawsalt(const char *username, u_char *rawsalt, u_int len)
    24. 

  24.  		fatal("%s: not enough bytes for rawsalt (want %u have %u)",
    25. 

  25.  		    __func__, len, digest_len);
    26. 

  26.  	memcpy(rawsalt, digest, len);
    27. 

  27. -	bzero(digest, digest_len);
    28. 

  28. +	memset(digest, 0, digest_len);
    29. 

  29.  	xfree(digest);
    30. 

  30.  }
    31. 

  31.  
    32. 

  32. @@ -198,10 +198,10 @@ makesalt(u_int want, const char *user)
    33. 

  33.  		fatal("%s: want %u", __func__, want);
    34. 

  34.  
    35. 

  35.  	derive_rawsalt(user, rawsalt, sizeof(rawsalt));
    36. 

  36. -	bzero(ret, sizeof(ret));
    37. 

  37. +	memset(ret, 0, sizeof(ret));
    38. 

  38.  	for (i = 0; i < want; i++)
    39. 

  39.  		ret[i] = pw_encode64(rawsalt[i]);
    40. 

  40. -	bzero(rawsalt, sizeof(rawsalt));
    41. 

  41. +	memset(rawsalt, 0, sizeof(rawsalt));
    42. 

  42.  
    43. 

  43.  	return ret;
    44. 

  44.  }
    45. 

  45. @@ -355,7 +355,7 @@ auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s,
    46. 

  46.  	debug3("%s: scheme = %s", __func__, *hash_scheme);
    47. 

  47.  	JPAKE_DEBUG_BN((*s, "%s: s = ", __func__));
    48. 

  48.  #endif
    49. 

  49. -	bzero(secret, secret_len);
    50. 

  50. +	memset(secret, 0, secret_len);
    51. 

  51.  	xfree(secret);
    52. 

  52.  }
    53. 

  53.  
    54. 

  54. @@ -396,12 +396,12 @@ auth2_jpake_start(Authctxt *authctxt)
    55. 

  55.  	packet_send();
    56. 

  56.  	packet_write_wait();
    57. 

  57.  
    58. 

  58. -	bzero(hash_scheme, strlen(hash_scheme));
    59. 

  59. -	bzero(salt, strlen(salt));
    60. 

  60. +	memset(hash_scheme, 0, strlen(hash_scheme));
    61. 

  61. +	memset(salt, 0, strlen(salt));
    62. 

  62.  	xfree(hash_scheme);
    63. 

  63.  	xfree(salt);
    64. 

  64. -	bzero(x3_proof, x3_proof_len);
    65. 

  65. -	bzero(x4_proof, x4_proof_len);
    66. 

  66. +	memset(x3_proof, 0, x3_proof_len);
    67. 

  67. +	memset(x4_proof, 0, x4_proof_len);
    68. 

  68.  	xfree(x3_proof);
    69. 

  69.  	xfree(x4_proof);
    70. 

  70.  
    71. 

  71. @@ -448,8 +448,8 @@ input_userauth_jpake_client_step1(int type, u_int32_t seq, void *ctxt)
    72. 

  72.  	    &pctx->b,
    73. 

  73.  	    &x4_s_proof, &x4_s_proof_len));
    74. 

  74.  
    75. 

  75. -	bzero(x1_proof, x1_proof_len);
    76. 

  76. -	bzero(x2_proof, x2_proof_len);
    77. 

  77. +	memset(x1_proof, 0, x1_proof_len);
    78. 

  78. +	memset(x2_proof, 0, x2_proof_len);
    79. 

  79.  	xfree(x1_proof);
    80. 

  80.  	xfree(x2_proof);
    81. 

  81.  
    82. 

  82. @@ -463,7 +463,7 @@ input_userauth_jpake_client_step1(int type, u_int32_t seq, void *ctxt)
    83. 

  83.  	packet_send();
    84. 

  84.  	packet_write_wait();
    85. 

  85.  
    86. 

  86. -	bzero(x4_s_proof, x4_s_proof_len);
    87. 

  87. +	memset(x4_s_proof, 0, x4_s_proof_len);
    88. 

  88.  	xfree(x4_s_proof);
    89. 

  89.  
    90. 

  90.  	/* Expect step 2 packet from peer */
    91. 

  91. @@ -504,7 +504,7 @@ input_userauth_jpake_client_step2(int type, u_int32_t seq, void *ctxt)
    92. 

  92.  	    &pctx->k,
    93. 

  93.  	    &pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len));
    94. 

  94.  
    95. 

  95. -	bzero(x2_s_proof, x2_s_proof_len);
    96. 

  96. +	memset(x2_s_proof, 0, x2_s_proof_len);
    97. 

  97.  	xfree(x2_s_proof);
    98. 

  98.  
    99. 

  99.  	if (!use_privsep)
    100. 

  100. diff --git a/channels.c b/channels.c
    101. 

  101. index 1cd5004..89dcfc6 100644
    102. 

  102. --- a/channels.c
    103. 

  103. +++ b/channels.c
    104. 

  104. @@ -418,7 +418,7 @@ channel_free(Channel *c)
    105. 

  105.  		if (cc->abandon_cb != NULL)
    106. 

  106.  			cc->abandon_cb(c, cc->ctx);
    107. 

  107.  		TAILQ_REMOVE(&c->status_confirms, cc, entry);
    108. 

  108. -		bzero(cc, sizeof(*cc));
    109. 

  109. +		memset(cc, 0, sizeof(*cc));
    110. 

  110.  		xfree(cc);
    111. 

  111.  	}
    112. 

  112.  	if (c->filter_cleanup != NULL && c->filter_ctx != NULL)
    113. 

  113. @@ -2625,7 +2625,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt)
    114. 

  114.  		return;
    115. 

  115.  	cc->cb(type, c, cc->ctx);
    116. 

  116.  	TAILQ_REMOVE(&c->status_confirms, cc, entry);
    117. 

  117. -	bzero(cc, sizeof(*cc));
    118. 

  118. +	memset(cc, 0, sizeof(*cc));
    119. 

  119.  	xfree(cc);
    120. 

  120.  }
    121. 

  121.  
    122. 

  122. @@ -3128,7 +3128,7 @@ channel_connect_ctx_free(struct channel_connect *cctx)
    123. 

  123.  	xfree(cctx->host);
    124. 

  124.  	if (cctx->aitop)
    125. 

  125.  		freeaddrinfo(cctx->aitop);
    126. 

  126. -	bzero(cctx, sizeof(*cctx));
    127. 

  127. +	memset(cctx, 0, sizeof(*cctx));
    128. 

  128.  	cctx->host = NULL;
    129. 

  129.  	cctx->ai = cctx->aitop = NULL;
    130. 

  130.  }
    131. 

  131. diff --git a/clientloop.c b/clientloop.c
    132. 

  132. index de79793..2d08690 100644
    133. 

  133. --- a/clientloop.c
    134. 

  134. +++ b/clientloop.c
    135. 

  135. @@ -533,7 +533,7 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
    136. 

  136.  		gc->cb(type, seq, gc->ctx);
    137. 

  137.  	if (--gc->ref_count <= 0) {
    138. 

  138.  		TAILQ_REMOVE(&global_confirms, gc, entry);
    139. 

  139. -		bzero(gc, sizeof(*gc));
    140. 

  140. +		memset(gc, 0, sizeof(*gc));
    141. 

  141.  		xfree(gc);
    142. 

  142.  	}
    143. 

  143.  
    144. 

  144. @@ -823,7 +823,7 @@ process_cmdline(void)
    145. 

  145.  	int cancel_port;
    146. 

  146.  	Forward fwd;
    147. 

  147.  
    148. 

  148. -	bzero(&fwd, sizeof(fwd));
    149. 

  149. +	memset(&fwd, 0, sizeof(fwd));
    150. 

  150.  	fwd.listen_host = fwd.connect_host = NULL;
    151. 

  151.  
    152. 

  152.  	leave_raw_mode(force_tty_flag);
    153. 

  153. diff --git a/jpake.c b/jpake.c
    154. 

  154. index cdf65f5..73ba954 100644
    155. 

  155. --- a/jpake.c
    156. 

  156. +++ b/jpake.c
    157. 

  157. @@ -104,7 +104,7 @@ jpake_free(struct jpake_ctx *pctx)
    158. 

  158.  #define JPAKE_BUF_CLEAR_FREE(v, l)		\
    159. 

  159.  	do {					\
    160. 

  160.  		if ((v) != NULL) {		\
    161. 

  161. -			bzero((v), (l));	\
    162. 

  162. +			memset((v), 0, (l));	\
    163. 

  163.  			xfree(v);		\
    164. 

  164.  			(v) = NULL;		\
    165. 

  165.  			(l) = 0;		\
    166. 

  166. @@ -132,7 +132,7 @@ jpake_free(struct jpake_ctx *pctx)
    167. 

  167.  #undef JPAKE_BN_CLEAR_FREE
    168. 

  168.  #undef JPAKE_BUF_CLEAR_FREE
    169. 

  169.  
    170. 

  170. -	bzero(pctx, sizeof(pctx));
    171. 

  171. +	memset(pctx, 0, sizeof(pctx));
    172. 

  172.  	xfree(pctx);
    173. 

  173.  }
    174. 

  174.  
    175. 

  175. @@ -437,7 +437,7 @@ jpake_check_confirm(const BIGNUM *k,
    176. 

  176.  	else if (timingsafe_bcmp(peer_confirm_hash, expected_confirm_hash,
    177. 

  177.  	    expected_confirm_hash_len) == 0)
    178. 

  178.  		success = 1;
    179. 

  179. -	bzero(expected_confirm_hash, expected_confirm_hash_len);
    180. 

  180. +	memset(expected_confirm_hash, 0, expected_confirm_hash_len);
    181. 

  181.  	xfree(expected_confirm_hash);
    182. 

  182.  	debug3("%s: success = %d", __func__, success);
    183. 

  183.  	return success;
    184. 

  184. diff --git a/monitor.c b/monitor.c
    185. 

  185. index 9eb4e35..0e85b7a 100644
    186. 

  186. --- a/monitor.c
    187. 

  187. +++ b/monitor.c
    188. 

  188. @@ -2028,8 +2028,8 @@ mm_answer_jpake_step1(int sock, Buffer *m)
    189. 

  189.  	debug3("%s: sending step1", __func__);
    190. 

  190.  	mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m);
    191. 

  191.  
    192. 

  192. -	bzero(x3_proof, x3_proof_len);
    193. 

  193. -	bzero(x4_proof, x4_proof_len);
    194. 

  194. +	memset(x3_proof, 0, x3_proof_len);
    195. 

  195. +	memset(x4_proof, 0, x4_proof_len);
    196. 

  196.  	xfree(x3_proof);
    197. 

  197.  	xfree(x4_proof);
    198. 

  198.  
    199. 

  199. @@ -2058,8 +2058,8 @@ mm_answer_jpake_get_pwdata(int sock, Buffer *m)
    200. 

  200.  	debug3("%s: sending pwdata", __func__);
    201. 

  201.  	mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m);
    202. 

  202.  
    203. 

  203. -	bzero(hash_scheme, strlen(hash_scheme));
    204. 

  204. -	bzero(salt, strlen(salt));
    205. 

  205. +	memset(hash_scheme, 0, strlen(hash_scheme));
    206. 

  206. +	memset(salt, 0, strlen(salt));
    207. 

  207.  	xfree(hash_scheme);
    208. 

  208.  	xfree(salt);
    209. 

  209.  
    210. 

  210. @@ -2098,8 +2098,8 @@ mm_answer_jpake_step2(int sock, Buffer *m)
    211. 

  211.  
    212. 

  212.  	JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__));
    213. 

  213.  
    214. 

  214. -	bzero(x1_proof, x1_proof_len);
    215. 

  215. -	bzero(x2_proof, x2_proof_len);
    216. 

  216. +	memset(x1_proof, 0, x1_proof_len);
    217. 

  217. +	memset(x2_proof, 0, x2_proof_len);
    218. 

  218.  	xfree(x1_proof);
    219. 

  219.  	xfree(x2_proof);
    220. 

  220.  
    221. 

  221. @@ -2111,7 +2111,7 @@ mm_answer_jpake_step2(int sock, Buffer *m)
    222. 

  222.  	debug3("%s: sending step2", __func__);
    223. 

  223.  	mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m);
    224. 

  224.  
    225. 

  225. -	bzero(x4_s_proof, x4_s_proof_len);
    226. 

  226. +	memset(x4_s_proof, 0, x4_s_proof_len);
    227. 

  227.  	xfree(x4_s_proof);
    228. 

  228.  
    229. 

  229.  	monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1);
    230. 

  230. @@ -2145,7 +2145,7 @@ mm_answer_jpake_key_confirm(int sock, Buffer *m)
    231. 

  231.  
    232. 

  232.  	JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__));
    233. 

  233.  
    234. 

  234. -	bzero(x2_s_proof, x2_s_proof_len);
    235. 

  235. +	memset(x2_s_proof, 0, x2_s_proof_len);
    236. 

  236.  	buffer_clear(m);
    237. 

  237.  
    238. 

  238.  	/* pctx->k is sensitive, not sent */
    239. 

  239. @@ -2179,7 +2179,7 @@ mm_answer_jpake_check_confirm(int sock, Buffer *m)
    240. 

  240.  
    241. 

  241.  	JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__));
    242. 

  242.  
    243. 

  243. -	bzero(peer_confirm_hash, peer_confirm_hash_len);
    244. 

  244. +	memset(peer_confirm_hash, 0, peer_confirm_hash_len);
    245. 

  245.  	xfree(peer_confirm_hash);
    246. 

  246.  
    247. 

  247.  	buffer_clear(m);
    248. 

  248. diff --git a/openbsd-compat/port-tun.c b/openbsd-compat/port-tun.c
    249. 

  249. index 0d756f7..98332ae 100644
    250. 

  250. --- a/openbsd-compat/port-tun.c
    251. 

  251. +++ b/openbsd-compat/port-tun.c
    252. 

  252. @@ -67,7 +67,7 @@ sys_tun_open(int tun, int mode)
    253. 

  253.  		return (-1);
    254. 

  254.  	}
    255. 

  255.  
    256. 

  256. -	bzero(&ifr, sizeof(ifr));	
    257. 

  257. +	memset(&ifr, 0, sizeof(ifr));	
    258. 

  258.  
    259. 

  259.  	if (mode == SSH_TUNMODE_ETHERNET) {
    260. 

  260.  		ifr.ifr_flags = IFF_TAP;
    261. 

  261. @@ -215,7 +215,7 @@ sys_tun_infilter(struct Channel *c, char *buf, int len)
    262. 

  262.  	if (len <= 0 || len > (int)(sizeof(rbuf) - sizeof(*af)))
    263. 

  263.  		return (-1);
    264. 

  264.  	ptr = (char *)&rbuf[0];
    265. 

  265. -	bcopy(buf, ptr + sizeof(u_int32_t), len);
    266. 

  266. +	memmove(ptr + sizeof(u_int32_t), buf, len);
    267. 

  267.  	len += sizeof(u_int32_t);
    268. 

  268.  	af = (u_int32_t *)ptr;
    269. 

  269.  
    270. 

  270. diff --git a/schnorr.c b/schnorr.c
    271. 

  271. index c17ff32..ec4e41b 100644
    272. 

  272. --- a/schnorr.c
    273. 

  273. +++ b/schnorr.c
    274. 

  274. @@ -101,7 +101,7 @@ schnorr_hash(const BIGNUM *p, const BIGNUM *q, const BIGNUM *g,
    275. 

  275.  	SCHNORR_DEBUG_BN((h, "%s: h = ", __func__));
    276. 

  276.   out:
    277. 

  277.  	buffer_free(&b);
    278. 

  278. -	bzero(digest, digest_len);
    279. 

  279. +	memset(digest, 0, digest_len);
    280. 

  280.  	xfree(digest);
    281. 

  281.  	digest_len = 0;
    282. 

  282.  	if (success == 0)
    283. 

  283. @@ -451,7 +451,7 @@ hash_buffer(const u_char *buf, u_int len, const EVP_MD *md,
    284. 

  284.  	success = 0;
    285. 

  285.   out:
    286. 

  286.  	EVP_MD_CTX_cleanup(&evp_md_ctx);
    287. 

  287. -	bzero(digest, sizeof(digest));
    288. 

  288. +	memset(digest, 0, sizeof(digest));
    289. 

  289.  	digest_len = 0;
    290. 

  290.  	return success;
    291. 

  291.  }
    292. 

  292. @@ -544,7 +544,7 @@ modp_group_free(struct modp_group *grp)
    293. 

  293.  		BN_clear_free(grp->p);
    294. 

  294.  	if (grp->q != NULL)
    295. 

  295.  		BN_clear_free(grp->q);
    296. 

  296. -	bzero(grp, sizeof(*grp));
    297. 

  297. +	memset(grp, 0, sizeof(*grp));
    298. 

  298.  	xfree(grp);
    299. 

  299.  }
    300. 

  300.  
    301. 

  301. diff --git a/session.c b/session.c
    302. 

  302. index 71e4fbe..70c51f2 100644
    303. 

  303. --- a/session.c
    304. 

  304. +++ b/session.c
    305. 

  305. @@ -1895,7 +1895,7 @@ session_unused(int id)
    306. 

  306.  		fatal("%s: insane session id %d (max %d nalloc %d)",
    307. 

  307.  		    __func__, id, options.max_sessions, sessions_nalloc);
    308. 

  308.  	}
    309. 

  309. -	bzero(&sessions[id], sizeof(*sessions));
    310. 

  310. +	memset(&sessions[id], 0, sizeof(*sessions));
    311. 

  311.  	sessions[id].self = id;
    312. 

  312.  	sessions[id].used = 0;
    313. 

  313.  	sessions[id].chanid = -1;
    314. 

  314. diff --git a/sftp-client.c b/sftp-client.c
    315. 

  315. index 9dab477..0815b41 100644
    316. 

  316. --- a/sftp-client.c
    317. 

  317. +++ b/sftp-client.c
    318. 

  318. @@ -289,7 +289,7 @@ get_decode_statvfs(int fd, struct sftp_statvfs *st, u_int expected_id,
    319. 

  319.  		    SSH2_FXP_EXTENDED_REPLY, type);
    320. 

  320.  	}
    321. 

  321.  
    322. 

  322. -	bzero(st, sizeof(*st));
    323. 

  323. +	memset(st, 0, sizeof(*st));
    324. 

  324.  	st->f_bsize = buffer_get_int64(&msg);
    325. 

  325.  	st->f_frsize = buffer_get_int64(&msg);
    326. 

  326.  	st->f_blocks = buffer_get_int64(&msg);
    327. 

  327. diff --git a/ssh-keygen.c b/ssh-keygen.c
    328. 

  328. index d90b1df..d78837a 100644
    329. 

  329. --- a/ssh-keygen.c
    330. 

  330. +++ b/ssh-keygen.c
    331. 

  331. @@ -1503,7 +1503,7 @@ parse_absolute_time(const char *s)
    332. 

  332.  		fatal("Invalid certificate time format %s", s);
    333. 

  333.  	}
    334. 

  334.  
    335. 

  335. -	bzero(&tm, sizeof(tm));
    336. 

  336. +	memset(&tm, 0, sizeof(tm));
    337. 

  337.  	if (strptime(buf, fmt, &tm) == NULL)
    338. 

  338.  		fatal("Invalid certificate time %s", s);
    339. 

  339.  	if ((tt = mktime(&tm)) < 0)
    340. 

  340. diff --git a/ssh.c b/ssh.c
    341. 

  341. index 4419f76..52a8b5e 100644
    342. 

  342. --- a/ssh.c
    343. 

  343. +++ b/ssh.c
    344. 

  344. @@ -1436,8 +1436,8 @@ load_public_identity_files(void)
    345. 

  345.  #endif /* PKCS11 */
    346. 

  346.  
    347. 

  347.  	n_ids = 0;
    348. 

  348. -	bzero(identity_files, sizeof(identity_files));
    349. 

  349. -	bzero(identity_keys, sizeof(identity_keys));
    350. 

  350. +	memset(identity_files, 0, sizeof(identity_files));
    351. 

  351. +	memset(identity_keys, 0, sizeof(identity_keys));
    352. 

  352.  
    353. 

  353.  #ifdef ENABLE_PKCS11
    354. 

  354.  	if (options.pkcs11_provider != NULL &&
    355. 

  355. @@ -1511,8 +1511,8 @@ load_public_identity_files(void)
    356. 

  356.  	memcpy(options.identity_files, identity_files, sizeof(identity_files));
    357. 

  357.  	memcpy(options.identity_keys, identity_keys, sizeof(identity_keys));
    358. 

  358.  
    359. 

  359. -	bzero(pwname, strlen(pwname));
    360. 

  360. +	memset(pwname, 0, strlen(pwname));
    361. 

  361.  	xfree(pwname);
    362. 

  362. -	bzero(pwdir, strlen(pwdir));
    363. 

  363. +	memset(pwdir, 0, strlen(pwdir));
    364. 

  364.  	xfree(pwdir);
    365. 

  365.  }
    366. 

  366. diff --git a/sshconnect2.c b/sshconnect2.c
    367. 

  367. index 4c379ae..b5502c2 100644
    368. 

  368. --- a/sshconnect2.c
    369. 

  369. +++ b/sshconnect2.c
    370. 

  370. @@ -948,14 +948,14 @@ jpake_password_to_secret(Authctxt *authctxt, const char *crypt_scheme,
    371. 

  371.  	    &secret, &secret_len) != 0)
    372. 

  372.  		fatal("%s: hash_buffer", __func__);
    373. 

  373.  
    374. 

  374. -	bzero(password, strlen(password));
    375. 

  375. -	bzero(crypted, strlen(crypted));
    376. 

  376. +	memset(password, 0, strlen(password));
    377. 

  377. +	memset(crypted, 0, strlen(crypted));
    378. 

  378.  	xfree(password);
    379. 

  379.  	xfree(crypted);
    380. 

  380.  
    381. 

  381.  	if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL)
    382. 

  382.  		fatal("%s: BN_bin2bn (secret)", __func__);
    383. 

  383. -	bzero(secret, secret_len);
    384. 

  384. +	memset(secret, 0, secret_len);
    385. 

  385.  	xfree(secret);
    386. 

  386.  
    387. 

  387.  	return ret;
    388. 

  388. @@ -992,8 +992,8 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt)
    389. 

  389.  
    390. 

  390.  	/* Obtain password and derive secret */
    391. 

  391.  	pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt);
    392. 

  392. -	bzero(crypt_scheme, strlen(crypt_scheme));
    393. 

  393. -	bzero(salt, strlen(salt));
    394. 

  394. +	memset(crypt_scheme, 0, strlen(crypt_scheme));
    395. 

  395. +	memset(salt, 0, strlen(salt));
    396. 

  396.  	xfree(crypt_scheme);
    397. 

  397.  	xfree(salt);
    398. 

  398.  	JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__));
    399. 

  399. @@ -1008,8 +1008,8 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt)
    400. 

  400.  	    &pctx->a,
    401. 

  401.  	    &x2_s_proof, &x2_s_proof_len);
    402. 

  402.  
    403. 

  403. -	bzero(x3_proof, x3_proof_len);
    404. 

  404. -	bzero(x4_proof, x4_proof_len);
    405. 

  405. +	memset(x3_proof, 0, x3_proof_len);
    406. 

  406. +	memset(x4_proof, 0, x4_proof_len);
    407. 

  407.  	xfree(x3_proof);
    408. 

  408.  	xfree(x4_proof);
    409. 

  409.  
    410. 

  410. @@ -1021,7 +1021,7 @@ input_userauth_jpake_server_step1(int type, u_int32_t seq, void *ctxt)
    411. 

  411.  	packet_put_string(x2_s_proof, x2_s_proof_len);
    412. 

  412.  	packet_send();
    413. 

  413.  
    414. 

  414. -	bzero(x2_s_proof, x2_s_proof_len);
    415. 

  415. +	memset(x2_s_proof, 0, x2_s_proof_len);
    416. 

  416.  	xfree(x2_s_proof);
    417. 

  417.  
    418. 

  418.  	/* Expect step 2 packet from peer */
    419. 

  419. @@ -1061,7 +1061,7 @@ input_userauth_jpake_server_step2(int type, u_int32_t seq, void *ctxt)
    420. 

  420.  	    &pctx->k,
    421. 

  421.  	    &pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len);
    422. 

  422.  
    423. 

  423. -	bzero(x4_s_proof, x4_s_proof_len);
    424. 

  424. +	memset(x4_s_proof, 0, x4_s_proof_len);
    425. 

  425.  	xfree(x4_s_proof);
    426. 

  426.  
    427. 

  427.  	JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
    428. 

  428. @@ -1725,8 +1725,8 @@ userauth_jpake(Authctxt *authctxt)
    429. 

  429.  	packet_put_string(x2_proof, x2_proof_len);
    430. 

  430.  	packet_send();
    431. 

  431.  
    432. 

  432. -	bzero(x1_proof, x1_proof_len);
    433. 

  433. -	bzero(x2_proof, x2_proof_len);
    434. 

  434. +	memset(x1_proof, 0, x1_proof_len);
    435. 

  435. +	memset(x2_proof, 0, x2_proof_len);
    436. 

  436.  	xfree(x1_proof);
    437. 

  437.  	xfree(x2_proof);
    438. 

  438.  
    439. 

  439. -- 
    440. 

  440. 1.7.2.2
    441. 

  441.