diff options
| author | jsing <> | 2015-09-13 12:52:07 +0000 | 
|---|---|---|
| committer | jsing <> | 2015-09-13 12:52:07 +0000 | 
| commit | dbde60fff1c036e5516a50111ebb745f671073d4 (patch) | |
| tree | f6ea2b92ad7e8b51381771f6255361b62689c691 /src/lib/libc/stdlib/reallocarray.c | |
| parent | 629b11ace4d06660bae04ea3e03ea2fe9455d522 (diff) | |
| download | openbsd-dbde60fff1c036e5516a50111ebb745f671073d4.tar.gz openbsd-dbde60fff1c036e5516a50111ebb745f671073d4.tar.bz2 openbsd-dbde60fff1c036e5516a50111ebb745f671073d4.zip | |
Stop generating private keys in a network buffer.
The current client key exchange code generates DH and ECDH keys into the
same buffer that we use to send data to the network - stop doing this and
malloc() a new buffer, which we explicit_bzero() and free() on return.
This also benefits from ASLR and means that the keys are no longer
generated in a well known location.
ok beck@
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions
