OpenVPN/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2025-05-09 21:51:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

proxy.c: Clear sensitive data after use

Browse Source 
Usage of credentials  is a bit odd in this file.
Actually the copy of "struct user_pass" kept in p->up is not
required at all. It just defeats the purpose of auth-nocahe
as it never gets cleared.

Removing it is beyond the scope of this patch -- we just ensure
it's purged after use.

Change-Id: Ic6d63a319d272a56ac0e278f1356bc5241b56a34
Signed-off-by: Selva Nair <selva.nair@gmail.com>
Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20240905100724.4105-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29061.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
Selva Nair 2024-09-05 12:07:24 +02:00 committed by Gert Doering
parent c829f57096
commit dbe7e45695
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/openvpn/proxy.c
View File

@ -247,7 +247,9 @@ username_password_as_base64(const struct http_proxy_info *p,
struct buffer out = alloc_buf_gc(strlen(p->up.username) + strlen(p->up.password) + 2, gc); struct buffer out = alloc_buf_gc(strlen(p->up.username) + strlen(p->up.password) + 2, gc);
ASSERT(strlen(p->up.username) > 0); ASSERT(strlen(p->up.username) > 0);
buf_printf(&out, "%s:%s", p->up.username, p->up.password); buf_printf(&out, "%s:%s", p->up.username, p->up.password);
return (const char *)make_base64_string((const uint8_t *)BSTR(&out), gc); char *ret = (char *)make_base64_string((const uint8_t *)BSTR(&out), gc);
secure_memzero(BSTR(&out), out.len);
return ret;
} }
static void static void
@ -736,6 +738,9 @@ establish_http_proxy_passthru(struct http_proxy_info *p,
ASSERT(0); ASSERT(0);
} }
/* clear any sensitive content in buf */
secure_memzero(buf, sizeof(buf));
/* send empty CR, LF */ /* send empty CR, LF */
if (!send_crlf(sd)) if (!send_crlf(sd))
{ {
@ -983,6 +988,8 @@ establish_http_proxy_passthru(struct http_proxy_info *p,
{ {
goto error; goto error;
} }
/* clear any sensitive content in buf */
secure_memzero(buf, sizeof(buf));
/* receive reply from proxy */ /* receive reply from proxy */
if (!recv_line(sd, buf, sizeof(buf), get_server_poll_remaining_time(server_poll_timeout), true, NULL, signal_received)) if (!recv_line(sd, buf, sizeof(buf), get_server_poll_remaining_time(server_poll_timeout), true, NULL, signal_received))
@ -1086,10 +1093,12 @@ establish_http_proxy_passthru(struct http_proxy_info *p,
#endif #endif
done: done:
purge_user_pass(&p->up, true);
gc_free(&gc); gc_free(&gc);
return ret; return ret;
error: error:
purge_user_pass(&p->up, true);
register_signal(sig_info, SIGUSR1, "HTTP proxy error"); /* SOFT-SIGUSR1 -- HTTP proxy error */ register_signal(sig_info, SIGUSR1, "HTTP proxy error"); /* SOFT-SIGUSR1 -- HTTP proxy error */
gc_free(&gc); gc_free(&gc);
return ret; return ret;