Aaron Plattner <aplattner@xxxxxxxxxx> writes: > When a struct credential expires, credential_fill() clears c->password > so that clients don't try to use it later. However, a struct cred that > uses an alternate authtype won't have a password, but might have a > credential stored in c->credential. Clear that too. Hmph, piling another thing on top of these selected "discard/reset" we already have should make us rethink a few things. - Is this the only place we discard/reset/clear? - Isn't there already a helper function that was DESIGNED to do this for us? - Are all these places we discard/reset/clear using that helper function? For example, when we rejecting credential, shouldn't we be clearing the same members of the structure as we notice that the auth material is stale and has expired? There is credential_clear() and credential_clear_secrets(). Would one of these want to be reused in this (and also reject) context?
