cryptosoft - Zero out ctx after SHA1 or MD5 op

author Alex Hornung <ahornung@gmail.com>

Tue, 19 Oct 2010 18:05:17 +0000 (19:05 +0100)

committer Matthew Dillon <dillon@apollo.backplane.com>

Sun, 24 Oct 2010 16:32:32 +0000 (09:32 -0700)
author Alex Hornung <ahornung@gmail.com>
Tue, 19 Oct 2010 18:05:17 +0000 (19:05 +0100)
committer Matthew Dillon <dillon@apollo.backplane.com>
Sun, 24 Oct 2010 16:32:32 +0000 (09:32 -0700)
diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c

index 2053a86..28a611e 100644 (file)
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -1017,8 +1017,10 @@ swcr_freesession_slot(struct swcr_data **swdp, u_int32_t sid)
                case CRYPTO_SHA1:
                        axf = swd->sw_axf;
 
-                       if (swd->sw_ictx)
+                       if (swd->sw_ictx) {
+                               bzero(swd->sw_ictx, axf->ctxsize);
                                kfree(swd->sw_ictx, M_CRYPTO_DATA);
+                       }
                        break;
 
                case CRYPTO_DEFLATE_COMP:
author	Alex Hornung <ahornung@gmail.com>
	Tue, 19 Oct 2010 18:05:17 +0000 (19:05 +0100)
committer	Matthew Dillon <dillon@apollo.backplane.com>
	Sun, 24 Oct 2010 16:32:32 +0000 (09:32 -0700)