From a7afade1701a809f6a33b53525d59dd29b38d381 Mon Sep 17 00:00:00 2001
From: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Sun, 31 Jul 2016 13:43:00 +0200
Subject: clear passwords with explicit_bzero

Make sure to explicitly clear memory that is used for password input. memset
is often optimized out by the compiler.

Brought to attention by the OpenBSD community, see:
https://marc.info/?t=146989502600003&r=1&w=2
Thread subject: x11/slock: clear passwords with explicit_bzero

Changes:

- explicit_bzero.c import from libressl-portable.
- Makefile: add COMPATSRC for compatibility src.
- config.mk: add separate *BSD section in config.mk to simply uncomment it on
  these platforms.
---
 util.h | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 util.h

(limited to 'util.h')

diff --git a/util.h b/util.h
new file mode 100644
index 0000000..6f748b8
--- /dev/null
+++ b/util.h
@@ -0,0 +1,2 @@
+#undef explicit_bzero
+void explicit_bzero(void *, size_t);
-- 
cgit v1.2.3