mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
lib:util: Add support to keep talloc chunks secret
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlet <abartlet@samba.org>
This commit is contained in:
parent
29d7c80ee4
commit
b7f7e5a37b
52
lib/util/talloc_keep_secret.c
Normal file
52
lib/util/talloc_keep_secret.c
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2019 Andreas Schneider <asn@samba.org>
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "includes.h"
|
||||||
|
#include "talloc_keep_secret.h"
|
||||||
|
|
||||||
|
static int talloc_keep_secret_destructor(void *ptr)
|
||||||
|
{
|
||||||
|
size_t size = talloc_get_size(ptr);
|
||||||
|
|
||||||
|
if (unlikely(size == 0)) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
memset_s(ptr, size, 0, size);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
void _talloc_keep_secret(void *ptr, const char *name)
|
||||||
|
{
|
||||||
|
size_t size;
|
||||||
|
|
||||||
|
if (unlikely(ptr == NULL)) {
|
||||||
|
#ifdef DEVELOPER
|
||||||
|
smb_panic("Invalid talloc pointer");
|
||||||
|
#endif
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
size = talloc_get_size(ptr);
|
||||||
|
if (unlikely(size == 0)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
talloc_set_name_const(ptr, name);
|
||||||
|
talloc_set_destructor(ptr, talloc_keep_secret_destructor);
|
||||||
|
}
|
42
lib/util/talloc_keep_secret.h
Normal file
42
lib/util/talloc_keep_secret.h
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2019 Andreas Schneider <asn@samba.org>
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _TALLOC_KEEP_SECRET_H
|
||||||
|
#define _TALLOC_KEEP_SECRET_H
|
||||||
|
|
||||||
|
#ifdef DOXYGEN
|
||||||
|
/**
|
||||||
|
* @brief Keep the memory secret when freeing.
|
||||||
|
*
|
||||||
|
* This can be used to define memory as secret. For example memory which holds
|
||||||
|
* passwords or other secrets like session keys. The memory will be zeroed
|
||||||
|
* before is being freed.
|
||||||
|
*
|
||||||
|
* If you duplicate memory, e.g. using talloc_strdup() or talloc_asprintf() you
|
||||||
|
* need to call talloc_keep_secret() on the newly allocated memory too!
|
||||||
|
*
|
||||||
|
* @param[in] ptr The talloc chunk to mark as secure.
|
||||||
|
*
|
||||||
|
* @warning Do not use this in combination with talloc_realloc().
|
||||||
|
*/
|
||||||
|
void talloc_keep_secret(const void *ptr);
|
||||||
|
#else
|
||||||
|
#define talloc_keep_secret(ptr) _talloc_keep_secret(ptr, #ptr);
|
||||||
|
void _talloc_keep_secret(void *ptr, const char *name);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#endif /* _TALLOC_KEEP_SECRET_H */
|
@ -115,16 +115,34 @@ else:
|
|||||||
install=False)
|
install=False)
|
||||||
|
|
||||||
bld.SAMBA_LIBRARY('samba-util',
|
bld.SAMBA_LIBRARY('samba-util',
|
||||||
source='''talloc_stack.c smb_threads.c
|
source='''
|
||||||
rbtree.c rfc1738.c system.c getpass.c
|
base64.c
|
||||||
genrand_util.c fsusage.c
|
dprintf.c
|
||||||
params.c util_id.c util_net.c
|
fsusage.c
|
||||||
util_strlist_v3.c util_paths.c
|
genrand_util.c
|
||||||
idtree_random.c base64.c
|
getpass.c
|
||||||
util_str.c util_str_common.c ms_fnmatch.c
|
idtree_random.c
|
||||||
server_id.c dprintf.c
|
memcache.c
|
||||||
tevent_debug.c memcache.c unix_match.c tfork.c
|
ms_fnmatch.c
|
||||||
tftw.c''',
|
params.c
|
||||||
|
rbtree.c
|
||||||
|
rfc1738.c
|
||||||
|
server_id.c
|
||||||
|
smb_threads.c
|
||||||
|
system.c
|
||||||
|
talloc_keep_secret.c
|
||||||
|
talloc_stack.c
|
||||||
|
tevent_debug.c
|
||||||
|
tfork.c
|
||||||
|
tftw.c
|
||||||
|
unix_match.c
|
||||||
|
util_id.c
|
||||||
|
util_net.c
|
||||||
|
util_paths.c
|
||||||
|
util_str.c
|
||||||
|
util_str_common.c
|
||||||
|
util_strlist_v3.c
|
||||||
|
''',
|
||||||
deps='samba-util-core DYNCONFIG close-low-fd tiniparser genrand util_str_hex',
|
deps='samba-util-core DYNCONFIG close-low-fd tiniparser genrand util_str_hex',
|
||||||
public_deps='talloc tevent execinfo pthread LIBCRYPTO charset util_setid',
|
public_deps='talloc tevent execinfo pthread LIBCRYPTO charset util_setid',
|
||||||
public_headers='''
|
public_headers='''
|
||||||
|
Loading…
Reference in New Issue
Block a user