===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/Attic/auth1.c,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -r1.79 -r1.80
--- src/usr.bin/ssh/Attic/auth1.c	2013/05/19 02:42:42	1.79
+++ src/usr.bin/ssh/Attic/auth1.c	2014/02/02 03:44:31	1.80
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.79 2013/05/19 02:42:42 djm Exp $ */
+/* $OpenBSD: auth1.c,v 1.80 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -122,7 +122,7 @@
 	/* Try authentication with the password. */
 	authenticated = PRIVSEP(auth_password(authctxt, password));
 
-	memset(password, 0, dlen);
+	explicit_bzero(password, dlen);
 	free(password);
 
 	return (authenticated);
@@ -217,7 +217,7 @@
 	response = packet_get_string(&dlen);
 	packet_check_eom();
 	authenticated = verify_response(authctxt, response);
-	memset(response, 'r', dlen);
+	explicit_bzero(response, dlen);
 	free(response);
 
 	return (authenticated);