# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1171287498 0
# Node ID ce14fab8673201910f0fa161813e7e2978bb886e
# Parent  fd1f05639ed410ebaa16d0ae7fc4d79120dbca21# Parent  695413c59b6a5f26ce454b00d22986f1825ebf9b
propagate from branch 'au.asn.ucc.matt.dropbear' (head 6cb7793493d92968e09b5dea21d71ded5811d21f)
            to branch 'au.asn.ucc.matt.dropbear.channel-fix' (head 275bf5c6b71ca286c29733b9e38bac40eeb06a40)

diff -r fd1f05639ed4 -r ce14fab86732 cli-main.c
--- a/cli-main.c	Mon Feb 12 13:37:58 2007 +0000
+++ b/cli-main.c	Mon Feb 12 13:38:18 2007 +0000
@@ -47,6 +47,8 @@
 	_dropbear_exit = cli_dropbear_exit;
 	_dropbear_log = cli_dropbear_log;
 
+	disallow_core();
+
 	cli_getopts(argc, argv);
 
 	TRACE(("user='%s' host='%s' port='%s'", cli_opts.username,
diff -r fd1f05639ed4 -r ce14fab86732 dbutil.c
--- a/dbutil.c	Mon Feb 12 13:37:58 2007 +0000
+++ b/dbutil.c	Mon Feb 12 13:38:18 2007 +0000
@@ -693,3 +693,9 @@
 	}
 	TRACE(("leave setnonblocking"))
 }
+
+void disallow_core() {
+	struct rlimit lim;
+	lim.rlim_cur = lim.rlim_max = 0;
+	setrlimit(RLIMIT_CORE, &lim);
+}
diff -r fd1f05639ed4 -r ce14fab86732 dbutil.h
--- a/dbutil.h	Mon Feb 12 13:37:58 2007 +0000
+++ b/dbutil.h	Mon Feb 12 13:38:18 2007 +0000
@@ -63,6 +63,7 @@
 void __m_free(void* ptr);
 void m_burn(void* data, unsigned int len);
 void setnonblocking(int fd);
+void disallow_core();
 
 /* Used to force mp_ints to be initialised */
 #define DEF_MP_INT(X) mp_int X = {0, 0, 0, NULL}
diff -r fd1f05639ed4 -r ce14fab86732 includes.h
--- a/includes.h	Mon Feb 12 13:37:58 2007 +0000
+++ b/includes.h	Mon Feb 12 13:38:18 2007 +0000
@@ -38,6 +38,7 @@
 #include <sys/time.h>
 #include <sys/un.h>
 #include <sys/wait.h>
+#include <sys/resource.h>
 
 #include <stdio.h>
 #include <errno.h>
diff -r fd1f05639ed4 -r ce14fab86732 packet.c
--- a/packet.c	Mon Feb 12 13:37:58 2007 +0000
+++ b/packet.c	Mon Feb 12 13:38:18 2007 +0000
@@ -446,10 +446,6 @@
 	}
 
 	/* finished with payload */
-	buf_burn(ses.writepayload); /* XXX This is probably a good idea, and isn't
-								   _that_ likely to hurt performance too badly.
-								   Buffers can have cleartext passwords etc, or
-								   other sensitive data */
 	buf_setpos(ses.writepayload, 0);
 	buf_setlen(ses.writepayload, 0);
 
diff -r fd1f05639ed4 -r ce14fab86732 process-packet.c
--- a/process-packet.c	Mon Feb 12 13:37:58 2007 +0000
+++ b/process-packet.c	Mon Feb 12 13:38:18 2007 +0000
@@ -119,7 +119,6 @@
 	recv_unimplemented();
 
 out:
-	buf_burn(ses.payload); /* Clear the memory to avoid swapping it out */
 	buf_free(ses.payload);
 	ses.payload = NULL;
 
diff -r fd1f05639ed4 -r ce14fab86732 svr-main.c
--- a/svr-main.c	Mon Feb 12 13:37:58 2007 +0000
+++ b/svr-main.c	Mon Feb 12 13:38:18 2007 +0000
@@ -52,6 +52,8 @@
 	_dropbear_exit = svr_dropbear_exit;
 	_dropbear_log = svr_dropbear_log;
 
+	disallow_core();
+
 	/* get commandline options */
 	svr_getopts(argc, argv);