From a7afade1701a809f6a33b53525d59dd29b38d381 Mon Sep 17 00:00:00 2001 From: Hiltjo Posthuma Date: Sun, 31 Jul 2016 13:43:00 +0200 Subject: clear passwords with explicit_bzero Make sure to explicitly clear memory that is used for password input. memset is often optimized out by the compiler. Brought to attention by the OpenBSD community, see: https://marc.info/?t=146989502600003&r=1&w=2 Thread subject: x11/slock: clear passwords with explicit_bzero Changes: - explicit_bzero.c import from libressl-portable. - Makefile: add COMPATSRC for compatibility src. - config.mk: add separate *BSD section in config.mk to simply uncomment it on these platforms. --- config.mk | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'config.mk') diff --git a/config.mk b/config.mk index f93879e..3afc061 100644 --- a/config.mk +++ b/config.mk @@ -18,9 +18,13 @@ LIBS = -L/usr/lib -lc -lcrypt -L${X11LIB} -lX11 -lXext -lXrandr CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_SHADOW_H CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS} LDFLAGS = -s ${LIBS} +COMPATSRC = explicit_bzero.c # On *BSD remove -DHAVE_SHADOW_H from CPPFLAGS and add -DHAVE_BSD_AUTH # On OpenBSD and Darwin remove -lcrypt from LIBS +#LIBS = -L/usr/lib -lc -L${X11LIB} -lX11 -lXext -lXrandr +#CPPFLAGS = -DVERSION=\"${VERSION}\" -DHAVE_BSD_AUTH -D_BSD_SOURCE +#COMPATSRC = # compiler and linker CC = cc -- cgit v1.2.3-70-g09d2