summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2019-10-31 19:04:43 -0400
committerJune McEnroe <june@causal.agency>2019-10-31 19:04:43 -0400
commitc4404762701c7073e1f85d7f89834b5ddd59e749 (patch)
treebbe1d574587f2e6d5841d2c49fb7eb4018839eef
parentSend clients their own QUIT on shutdown (diff)
downloadpounce-c4404762701c7073e1f85d7f89834b5ddd59e749.tar.gz
pounce-c4404762701c7073e1f85d7f89834b5ddd59e749.zip
Use explicit_bzero to clear passwords
GNU doesn't implement memset_s, but both FreeBSD and GNU implement
explicit_bzero. Darwin doesn't, so #define it in terms of memset_s.
-rw-r--r--bounce.c9
-rw-r--r--bounce.h5
-rw-r--r--client.c4
-rw-r--r--config.c2
-rw-r--r--ring.c4
-rw-r--r--server.c4
-rw-r--r--state.c7
7 files changed, 20 insertions, 15 deletions
diff --git a/bounce.c b/bounce.c
index b89e90a..49bc0f9 100644
--- a/bounce.c
+++ b/bounce.c
@@ -14,7 +14,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define __STDC_WANT_LIB_EXT1__ 1
+#include "bounce.h"
 
 #include <assert.h>
 #include <err.h>
@@ -26,6 +26,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <strings.h>
 #include <sys/file.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
@@ -33,8 +34,6 @@
 #include <tls.h>
 #include <unistd.h>
 
-#include "bounce.h"
-
 #ifndef SIGINFO
 #define SIGINFO SIGUSR2
 #endif
@@ -197,8 +196,8 @@ int main(int argc, char *argv[]) {
 
 	int server = serverConnect(insecure, host, port);
 	stateLogin(pass, auth, nick, user, real);
-	if (pass) memset_s(pass, strlen(pass), 0, strlen(pass));
-	if (auth) memset_s(auth, strlen(auth), 0, strlen(auth));
+	if (pass) explicit_bzero(pass, strlen(pass));
+	if (auth) explicit_bzero(auth, strlen(auth));
 
 	while (!stateReady()) serverRecv();
 	serverFormat("AWAY :%s\r\n", away);
diff --git a/bounce.h b/bounce.h
index 5e6313b..5a03af2 100644
--- a/bounce.h
+++ b/bounce.h
@@ -14,6 +14,11 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#ifdef __APPLE__
+#define __STDC_WANT_LIB_EXT1__ 1
+#define explicit_bzero(b, len) memset_s((b), (len), 0, (len))
+#endif
+
 #include <stdbool.h>
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/client.c b/client.c
index bcb281f..c951590 100644
--- a/client.c
+++ b/client.c
@@ -14,6 +14,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "bounce.h"
+
 #include <assert.h>
 #include <err.h>
 #include <stdarg.h>
@@ -24,8 +26,6 @@
 #include <sysexits.h>
 #include <tls.h>
 
-#include "bounce.h"
-
 enum Need {
 	NeedNick = 1 << 0,
 	NeedUser = 1 << 1,
diff --git a/config.c b/config.c
index adf2b34..1d608d6 100644
--- a/config.c
+++ b/config.c
@@ -14,6 +14,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "bounce.h"
+
 #include <err.h>
 #include <getopt.h>
 #include <stdio.h>
diff --git a/ring.c b/ring.c
index 5fb9daa..aca33a0 100644
--- a/ring.c
+++ b/ring.c
@@ -14,6 +14,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "bounce.h"
+
 #include <assert.h>
 #include <err.h>
 #include <stdio.h>
@@ -21,8 +23,6 @@
 #include <sysexits.h>
 #include <time.h>
 
-#include "bounce.h"
-
 static struct {
 	size_t len;
 	char **lines;
diff --git a/server.c b/server.c
index d0181bb..e1fc328 100644
--- a/server.c
+++ b/server.c
@@ -14,6 +14,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#include "bounce.h"
+
 #include <assert.h>
 #include <err.h>
 #include <netdb.h>
@@ -27,8 +29,6 @@
 #include <tls.h>
 #include <unistd.h>
 
-#include "bounce.h"
-
 static struct tls *client;
 
 int serverConnect(bool insecure, const char *host, const char *port) {
diff --git a/state.c b/state.c
index 37df845..c980ad7 100644
--- a/state.c
+++ b/state.c
@@ -14,7 +14,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define __STDC_WANT_LIB_EXT1__ 1
+#include "bounce.h"
 
 #include <assert.h>
 #include <err.h>
@@ -22,10 +22,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <strings.h>
 #include <sysexits.h>
 
-#include "bounce.h"
-
 typedef void Handler(struct Message *msg);
 
 static void require(const struct Message *msg, bool origin, size_t len) {
@@ -101,7 +100,7 @@ static void handleAuthenticate(struct Message *msg) {
 	(void)msg;
 	if (!plainBase64) errx(EX_PROTOCOL, "unsolicited AUTHENTICATE");
 	serverFormat("AUTHENTICATE %s\r\n", plainBase64);
-	memset_s(plainBase64, strlen(plainBase64), 0, strlen(plainBase64));
+	explicit_bzero(plainBase64, strlen(plainBase64));
 	free(plainBase64);
 	plainBase64 = NULL;
 }