git.ipfire.org Git - thirdparty/krb5.git/commit

]> git.ipfire.org Git - thirdparty/krb5.git/commit

projects / thirdparty / krb5.git / commit

author	Dylan Gray <35609490+Dylan-MSFT@users.noreply.github.com>
	Fri, 13 Jul 2018 22:09:01 +0000 (15:09 -0700)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 16 Jul 2018 14:09:26 +0000 (10:09 -0400)
commit	5d19f90f3216309c311507acbca2c8d0a286d632
tree	e48fe0a4acf94e9e9732babc4aae8e56875f4d06	tree \| snapshot
parent	ad2d39831b243c2bd5cde40a3b5d4ea54f212de9	commit \| diff

Zap copy of secret in RC4 string-to-key

Commit b8814745049b5f401e3ae39a81dc1e14598ae48c (ticket 8576) added a
zero-terminated copy of the input string in
krb5int_arcfour_string_to_key(). This copy should be zeroed when
freed as the input string typically contains a password.

[ghudson@mit.edu: rewrote commit message]

ticket: 8713 (new)

src/lib/crypto/krb/s2k_rc4.c

diff | blob | blame | history

Mirror of https://github.com/krb5/krb5.git

RSS Atom