aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_gpsk.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-06-29 18:16:30 (GMT)
committerJouni Malinen <j@w1.fi>2014-07-02 09:38:48 (GMT)
commitf534ee0804dc8d77434d2b534a118e86bd597694 (patch)
treeca115c0a59a991135bb28c4772d8b6e18746d6ad /src/eap_peer/eap_gpsk.c
parent19c48da06b6980915e97a84ea8387a9db858c662 (diff)
downloadhostap-f534ee0804dc8d77434d2b534a118e86bd597694.zip
hostap-f534ee0804dc8d77434d2b534a118e86bd597694.tar.gz
hostap-f534ee0804dc8d77434d2b534a118e86bd597694.tar.bz2
EAP peer: Clear keying material on deinit
Reduce the amount of time keying material (MSK, EMSK, temporary private data) remains in memory in EAP methods. This provides additional protection should there be any issues that could expose process memory to external observers. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_peer/eap_gpsk.c')
-rw-r--r--src/eap_peer/eap_gpsk.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/eap_peer/eap_gpsk.c b/src/eap_peer/eap_gpsk.c
index 998ea06..c54bf11 100644
--- a/src/eap_peer/eap_gpsk.c
+++ b/src/eap_peer/eap_gpsk.c
@@ -134,8 +134,11 @@ static void eap_gpsk_deinit(struct eap_sm *sm, void *priv)
struct eap_gpsk_data *data = priv;
os_free(data->id_server);
os_free(data->id_peer);
- os_free(data->psk);
- os_free(data);
+ if (data->psk) {
+ os_memset(data->psk, 0, data->psk_len);
+ os_free(data->psk);
+ }
+ bin_clear_free(data, sizeof(*data));
}