1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

lib:util: Add support to keep talloc chunks secret

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
This commit is contained in:
Andreas Schneider 2019-03-19 10:57:54 +01:00 committed by Andreas Schneider
parent 29d7c80ee4
commit b7f7e5a37b
3 changed files with 122 additions and 10 deletions

View File

@ -0,0 +1,52 @@
/*
* Copyright (c) 2019 Andreas Schneider <asn@samba.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
#include "talloc_keep_secret.h"
static int talloc_keep_secret_destructor(void *ptr)
{
size_t size = talloc_get_size(ptr);
if (unlikely(size == 0)) {
return 0;
}
memset_s(ptr, size, 0, size);
return 0;
}
void _talloc_keep_secret(void *ptr, const char *name)
{
size_t size;
if (unlikely(ptr == NULL)) {
#ifdef DEVELOPER
smb_panic("Invalid talloc pointer");
#endif
return;
}
size = talloc_get_size(ptr);
if (unlikely(size == 0)) {
return;
}
talloc_set_name_const(ptr, name);
talloc_set_destructor(ptr, talloc_keep_secret_destructor);
}

View File

@ -0,0 +1,42 @@
/*
* Copyright (c) 2019 Andreas Schneider <asn@samba.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _TALLOC_KEEP_SECRET_H
#define _TALLOC_KEEP_SECRET_H
#ifdef DOXYGEN
/**
* @brief Keep the memory secret when freeing.
*
* This can be used to define memory as secret. For example memory which holds
* passwords or other secrets like session keys. The memory will be zeroed
* before is being freed.
*
* If you duplicate memory, e.g. using talloc_strdup() or talloc_asprintf() you
* need to call talloc_keep_secret() on the newly allocated memory too!
*
* @param[in] ptr The talloc chunk to mark as secure.
*
* @warning Do not use this in combination with talloc_realloc().
*/
void talloc_keep_secret(const void *ptr);
#else
#define talloc_keep_secret(ptr) _talloc_keep_secret(ptr, #ptr);
void _talloc_keep_secret(void *ptr, const char *name);
#endif
#endif /* _TALLOC_KEEP_SECRET_H */

View File

@ -115,16 +115,34 @@ else:
install=False)
bld.SAMBA_LIBRARY('samba-util',
source='''talloc_stack.c smb_threads.c
rbtree.c rfc1738.c system.c getpass.c
genrand_util.c fsusage.c
params.c util_id.c util_net.c
util_strlist_v3.c util_paths.c
idtree_random.c base64.c
util_str.c util_str_common.c ms_fnmatch.c
server_id.c dprintf.c
tevent_debug.c memcache.c unix_match.c tfork.c
tftw.c''',
source='''
base64.c
dprintf.c
fsusage.c
genrand_util.c
getpass.c
idtree_random.c
memcache.c
ms_fnmatch.c
params.c
rbtree.c
rfc1738.c
server_id.c
smb_threads.c
system.c
talloc_keep_secret.c
talloc_stack.c
tevent_debug.c
tfork.c
tftw.c
unix_match.c
util_id.c
util_net.c
util_paths.c
util_str.c
util_str_common.c
util_strlist_v3.c
''',
deps='samba-util-core DYNCONFIG close-low-fd tiniparser genrand util_str_hex',
public_deps='talloc tevent execinfo pthread LIBCRYPTO charset util_setid',
public_headers='''