diff options
author | Hiltjo Posthuma <hiltjo@codemadness.org> | 2016-07-31 13:43:00 +0200 |
---|---|---|
committer | Hiltjo Posthuma <hiltjo@codemadness.org> | 2016-08-13 09:58:00 +0200 |
commit | a7afade1701a809f6a33b53525d59dd29b38d381 (patch) | |
tree | 45bb7250f76f0ed0261354ae313c4f0c3a561eb6 /config.mk | |
parent | 65b8d5278882310eed758e6fbfd6ab9676db883c (diff) | |
download | slock-a7afade1701a809f6a33b53525d59dd29b38d381.tar.gz slock-a7afade1701a809f6a33b53525d59dd29b38d381.tar.xz |
clear passwords with explicit_bzero
Make sure to explicitly clear memory that is used for password input. memset
is often optimized out by the compiler.
Brought to attention by the OpenBSD community, see:
https://marc.info/?t=146989502600003&r=1&w=2
Thread subject: x11/slock: clear passwords with explicit_bzero
Changes:
- explicit_bzero.c import from libressl-portable.
- Makefile: add COMPATSRC for compatibility src.
- config.mk: add separate *BSD section in config.mk to simply uncomment it on
these platforms.
Diffstat (limited to 'config.mk')
-rw-r--r-- | config.mk | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -18,9 +18,13 @@ LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS} LDFLAGS = -s ${LIBS} +COMPATSRC = explicit_bzero.c # On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH # On OpenBSD and Darwin remove -lcrypt from LIBS +#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr +#CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_BSD_AUTH -D_BSD_SOURCE +#COMPATSRC = # compiler and linker CC = cc |