mirrors
/
kore
mirror of https://git.kore.io/kore.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity

cleanse any intermediate buffers for keymgr.

This commit is contained in:
Joris Vink 2017-02-27 21:05:56 -08:00
parent 6ba7390cc9
commit 0fe570ef41
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/keymgr.c
View File

@ -177,6 +177,7 @@ keymgr_load_randfile(void)
total += (size_t)ret; total += (size_t)ret;
RAND_seed(buf, (int)ret); RAND_seed(buf, (int)ret);
OPENSSL_cleanse(buf, sizeof(buf));
} }
(void)close(fd); (void)close(fd);
@ -204,7 +205,7 @@ keymgr_save_randfile(void)
if (RAND_bytes(buf, sizeof(buf)) != 1) { if (RAND_bytes(buf, sizeof(buf)) != 1) {
kore_log(LOG_WARNING, "RAND_bytes: %s", ssl_errno_s); kore_log(LOG_WARNING, "RAND_bytes: %s", ssl_errno_s);
return; goto cleanup;
} }
if ((fd = open(RAND_TMP_FILE, if ((fd = open(RAND_TMP_FILE,
@ -212,7 +213,7 @@ keymgr_save_randfile(void)
kore_log(LOG_WARNING, kore_log(LOG_WARNING,
"failed to open %s: %s - random data not written", "failed to open %s: %s - random data not written",
RAND_TMP_FILE, errno_s); RAND_TMP_FILE, errno_s);
return; goto cleanup;
} }
ret = write(fd, buf, sizeof(buf)); ret = write(fd, buf, sizeof(buf));
@ -220,7 +221,7 @@ keymgr_save_randfile(void)
kore_log(LOG_WARNING, "failed to write random data"); kore_log(LOG_WARNING, "failed to write random data");
(void)close(fd); (void)close(fd);
(void)unlink(RAND_TMP_FILE); (void)unlink(RAND_TMP_FILE);
return; goto cleanup;
} }
if (close(fd) == -1) if (close(fd) == -1)
@ -232,6 +233,9 @@ keymgr_save_randfile(void)
(void)unlink(rand_file); (void)unlink(rand_file);
(void)unlink(RAND_TMP_FILE); (void)unlink(RAND_TMP_FILE);
} }
cleanup:
OPENSSL_cleanse(buf, sizeof(buf));
} }
static void static void