aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_peer/eap_pwd.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2014-06-29 18:16:30 (GMT)
committerJouni Malinen <j@w1.fi>2014-07-02 09:38:48 (GMT)
commitf534ee0804dc8d77434d2b534a118e86bd597694 (patch)
treeca115c0a59a991135bb28c4772d8b6e18746d6ad /src/eap_peer/eap_pwd.c
parent19c48da06b6980915e97a84ea8387a9db858c662 (diff)
downloadhostap-f534ee0804dc8d77434d2b534a118e86bd597694.zip
hostap-f534ee0804dc8d77434d2b534a118e86bd597694.tar.gz
hostap-f534ee0804dc8d77434d2b534a118e86bd597694.tar.bz2
EAP peer: Clear keying material on deinit
Reduce the amount of time keying material (MSK, EMSK, temporary private data) remains in memory in EAP methods. This provides additional protection should there be any issues that could expose process memory to external observers. Signed-off-by: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/eap_peer/eap_pwd.c')
-rw-r--r--src/eap_peer/eap_pwd.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
index fec3224..bdcca0b 100644
--- a/src/eap_peer/eap_pwd.c
+++ b/src/eap_peer/eap_pwd.c
@@ -157,7 +157,7 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv)
EC_POINT_free(data->server_element);
os_free(data->id_peer);
os_free(data->id_server);
- os_free(data->password);
+ bin_clear_free(data->password, data->password_len);
if (data->grp) {
EC_GROUP_free(data->grp->group);
EC_POINT_free(data->grp->pwe);
@@ -167,7 +167,7 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv)
}
wpabuf_free(data->inbuf);
wpabuf_free(data->outbuf);
- os_free(data);
+ bin_clear_free(data, sizeof(*data));
}