From 5d84be296d86bf6b13ab97887576cbc7209680a0 Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Tue, 3 Jun 2003 03:18:41 +0000
Subject: 	* change_password.c (krb_change_password): Explicitly zero the
 	session key.  Zero the key derived from the new password.

	* mk_req.c (krb_mk_req): Explicitly zero the session key.
	(krb_mk_req_creds_prealm): Don't zero the session key, in case the
	caller wants to make use of it.

ticket: 1546
status: open
target_version: 1.3
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15543 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb4/ChangeLog         | 9 +++++++++
 src/lib/krb4/change_password.c | 3 +++
 src/lib/krb4/mk_req.c          | 7 +++----
 3 files changed, 15 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog
index 010f96f644..f16f07c45a 100644
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,12 @@
+2003-06-02  Tom Yu  <tlyu@mit.edu>
+
+	* change_password.c (krb_change_password): Explicitly zero the
+	session key.  Zero the key derived from the new password.
+
+	* mk_req.c (krb_mk_req): Explicitly zero the session key.
+	(krb_mk_req_creds_prealm): Don't zero the session key, in case the
+	caller wants to make use of it.
+
 2003-05-24  Ken Raeburn  <raeburn@mit.edu>
 
 	* lifetime.c (krb_life_to_time, krb_time_to_life): Rewrite to use
diff --git a/src/lib/krb4/change_password.c b/src/lib/krb4/change_password.c
index a6e4d7b291..7c3bcd01d0 100644
--- a/src/lib/krb4/change_password.c
+++ b/src/lib/krb4/change_password.c
@@ -100,6 +100,7 @@ krb_change_password(char *principal, char *instance, char *realm,
     p = key;
     KRB4_GET32BE(tempKey, p);
     sendSize += vts_long(tempKey, &sendStream, (int)sendSize);
+    tempKey = 0;
 
     if (newPassword) {
 	sendSize += vts_string(newPassword, &sendStream, (int)sendSize);
@@ -120,5 +121,7 @@ disconnect:
     kadm_cli_disconn(&client_parm);
 
 cleanup:
+    memset(&client_parm.creds.session, 0, sizeof(client_parm.creds.session));
+    memset(&key, 0, sizeof(key));
     return err;
 }
diff --git a/src/lib/krb4/mk_req.c b/src/lib/krb4/mk_req.c
index 698d2c2ad7..3066f43d71 100644
--- a/src/lib/krb4/mk_req.c
+++ b/src/lib/krb4/mk_req.c
@@ -114,7 +114,6 @@ krb_mk_req_creds_prealm(authent, creds, checksum, myrealm)
 				+ 1 + 1 + ticket->length)
 	|| ticket->length < 0 || ticket->length > 255) {
 	authent->length = 0;
-	memset(creds->session, 0, sizeof(creds->session));
 	return KFAILURE;
     }
 
@@ -150,7 +149,6 @@ krb_mk_req_creds_prealm(authent, creds, checksum, myrealm)
     myrealmlen = strlen(myrealm) + 1;
     if (sizeof(req_id->dat) / 8 < (pnamelen + pinstlen + myrealmlen
 				   + 4 + 1 + 4 + 7) / 8) {
-	memset(creds->session, 0, sizeof(creds->session));
 	return KFAILURE;
     }
 
@@ -185,7 +183,6 @@ krb_mk_req_creds_prealm(authent, creds, checksum, myrealm)
                  (long)req_id->length, key_s, &creds->session, 1);
     /* clean up */
     memset(key_s, 0, sizeof(key_s));
-    memset(creds->session, 0, sizeof(creds->session));
 #endif /* NOENCRYPTION */
 
     /* Copy it into the authenticator */
@@ -252,7 +249,9 @@ krb_mk_req(authent, service, instance, realm, checksum)
     if (retval != KSUCCESS)
 	return retval;
 
-    return krb_mk_req_creds_prealm(authent, &creds, checksum, myrealm);
+    retval = krb_mk_req_creds_prealm(authent, &creds, checksum, myrealm);
+    memset(&creds.session, 0, sizeof(creds.session));
+    return retval;
 }
 
 int KRB5_CALLCONV
-- 
cgit