authkeys.c (280849) | authkeys.c (289764) |
---|---|
1/* 2 * authkeys.c - routines to manage the storage of authentication keys 3 */ 4#ifdef HAVE_CONFIG_H 5# include <config.h> 6#endif 7 8#include <math.h> --- 520 unchanged lines hidden (view full) --- 529 DEBUG_ENSURE(len < 4 * 1024); 530 /* 531 * See if we already have the key. If so just stick in the 532 * new value. 533 */ 534 bucket = &key_hash[KEYHASH(keyno)]; 535 for (sk = *bucket; sk != NULL; sk = sk->hlink) { 536 if (keyno == sk->keyid) { | 1/* 2 * authkeys.c - routines to manage the storage of authentication keys 3 */ 4#ifdef HAVE_CONFIG_H 5# include <config.h> 6#endif 7 8#include <math.h> --- 520 unchanged lines hidden (view full) --- 529 DEBUG_ENSURE(len < 4 * 1024); 530 /* 531 * See if we already have the key. If so just stick in the 532 * new value. 533 */ 534 bucket = &key_hash[KEYHASH(keyno)]; 535 for (sk = *bucket; sk != NULL; sk = sk->hlink) { 536 if (keyno == sk->keyid) { |
537 /* TALOS-CAN-0054: make sure we have a new buffer! */ 538 if (NULL != sk->secret) { 539 memset(sk->secret, 0, sk->secretsize); 540 free(sk->secret); 541 } 542 sk->secret = emalloc(len); |
|
537 sk->type = (u_short)keytype; 538 secretsize = len; 539 sk->secretsize = (u_short)secretsize; 540#ifndef DISABLE_BUG1243_FIX 541 memcpy(sk->secret, key, secretsize); 542#else 543 strlcpy((char *)sk->secret, (const char *)key, 544 secretsize); --- 43 unchanged lines hidden (view full) --- 588 symkey * sk; 589 590 ITER_DLIST_BEGIN(key_listhead, sk, llink, symkey) 591 if (sk->keyid > NTP_MAXKEY) { /* autokey */ 592 continue; 593 } 594 595 /* | 543 sk->type = (u_short)keytype; 544 secretsize = len; 545 sk->secretsize = (u_short)secretsize; 546#ifndef DISABLE_BUG1243_FIX 547 memcpy(sk->secret, key, secretsize); 548#else 549 strlcpy((char *)sk->secret, (const char *)key, 550 secretsize); --- 43 unchanged lines hidden (view full) --- 594 symkey * sk; 595 596 ITER_DLIST_BEGIN(key_listhead, sk, llink, symkey) 597 if (sk->keyid > NTP_MAXKEY) { /* autokey */ 598 continue; 599 } 600 601 /* |
596 * Don't lose info as to which keys are trusted. | 602 * Don't lose info as to which keys are trusted. Make 603 * sure there are no dangling pointers! |
597 */ 598 if (KEY_TRUSTED & sk->flags) { 599 if (sk->secret != NULL) { | 604 */ 605 if (KEY_TRUSTED & sk->flags) { 606 if (sk->secret != NULL) { |
600 memset(sk->secret, '\0', sk->secretsize); | 607 memset(sk->secret, 0, sk->secretsize); |
601 free(sk->secret); | 608 free(sk->secret); |
609 sk->secret = NULL; /* TALOS-CAN-0054 */ |
|
602 } 603 sk->secretsize = 0; 604 sk->lifetime = 0; 605 } else { 606 freesymkey(sk, &key_hash[KEYHASH(sk->keyid)]); 607 } 608 ITER_DLIST_END() 609} --- 77 unchanged lines hidden --- | 610 } 611 sk->secretsize = 0; 612 sk->lifetime = 0; 613 } else { 614 freesymkey(sk, &key_hash[KEYHASH(sk->keyid)]); 615 } 616 ITER_DLIST_END() 617} --- 77 unchanged lines hidden --- |