sergiotarxz/termux-packages
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
78b3381ef8
termux-packages/packages/openssh
History
Günther Noack 78b3381ef8 Indirect explicit_bzero through memset pointer. 
The original comment indicates that using `bzero()` directly may result in dead store elimination, so they explicitly avoided calling `bzero()` as you do now. `explicit_bzero` is used in cryptographic software to clear keys from process memory after use, even if that memory is not read any more afterwards.

Maybe it would be safer like this? (I copied the approach from https://android.googlesource.com/platform/external/openssh/+/refs/tags/android-6.0.1_r70/openbsd-compat/explicit_bzero.c, so that should work on Android.)

Caveat, I was hand-editing the diff and did not find time to set up the toolchain to build this; but the general approach should work?
2020-03-29 23:03:21 +03:00
..
auth2-passwd.c.patch
auth.c.patch
build.sh openssh: update list of env variables to keep 2020-03-08 20:53:27 +02:00
fix-hardcoded-paths.patch openssh: Update from 8.1 to 8.2 2020-02-15 23:04:18 +01:00
hostfile.c.patch
Makefile.in.patch
misc_c.patch
mux.c.patch
no_loginrec.patch
no_tty_chmod.patch
openbsd-compat-explicit_bzero.c.patch Indirect explicit_bzero through memset pointer. 2020-03-29 23:03:21 +03:00
openbsd-compat-xcrypt.c.patch
servconf.c.patch
session.c.patch openssh: update list of env variables to keep 2020-03-08 20:53:27 +02:00
sftp-server.c.patch
sftp-with-agent.sh
source-ssh-agent.sh openssh: Fix zsh 5.8 incompatible check in source-ssh-agent 2020-02-23 10:46:58 +01:00
ssh-agent.c.patch openssh: remove hardcoded prefix 2020-02-28 06:47:26 +01:00
ssh-keygen.c.patch
ssh-with-agent.sh
sshd_config.5.patch
sshd.c.patch