From: John Kohl Date: Thu, 18 Oct 1990 16:02:23 +0000 (+0000) Subject: nuke the encryption keys when cleaning up X-Git-Tag: krb5-1.0-alpha2~137 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=1ba597b658d17eadd1753cc959f8822c2688c123;p=krb5.git nuke the encryption keys when cleaning up git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1274 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index d9aa19c54..35e8e2d42 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -154,6 +154,7 @@ OLDDECLARG(krb5_ccache, ccache) } retval = (*decrypt_proc)(decrypt_key, decryptarg, as_reply); + bzero((char *)decrypt_key->contents, decrypt_key->length); krb5_free_keyblock(decrypt_key); if (retval) { krb5_free_kdc_rep(as_reply); @@ -181,6 +182,8 @@ OLDDECLARG(krb5_ccache, ccache) (request.till != 0) && (as_reply->enc_part2->times.renew_till > request.till)) ) { + bzero((char *)as_reply->enc_part2->session.contents, + as_reply->enc_part2->session.length); krb5_free_kdc_rep(as_reply); return KRB5_KDCREP_MODIFIED; } @@ -190,6 +193,8 @@ OLDDECLARG(krb5_ccache, ccache) /* fill in the credentials */ if (retval = krb5_copy_keyblock(as_reply->enc_part2->session, &creds->keyblock)) { + bzero((char *)as_reply->enc_part2->session.contents, + as_reply->enc_part2->session.length); krb5_free_kdc_rep(as_reply); return retval; }