--- /dev/null
+/*
+ * Copyright (c) 2019 Andreas Schneider <asn@samba.org>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "talloc_keep_secret.h"
+
+static int talloc_keep_secret_destructor(void *ptr)
+{
+ size_t size = talloc_get_size(ptr);
+
+ if (unlikely(size == 0)) {
+ return 0;
+ }
+
+ memset_s(ptr, size, 0, size);
+
+ return 0;
+}
+
+void _talloc_keep_secret(void *ptr, const char *name)
+{
+ size_t size;
+
+ if (unlikely(ptr == NULL)) {
+#ifdef DEVELOPER
+ smb_panic("Invalid talloc pointer");
+#endif
+ return;
+ }
+
+ size = talloc_get_size(ptr);
+ if (unlikely(size == 0)) {
+ return;
+ }
+
+ talloc_set_name_const(ptr, name);
+ talloc_set_destructor(ptr, talloc_keep_secret_destructor);
+}
--- /dev/null
+/*
+ * Copyright (c) 2019 Andreas Schneider <asn@samba.org>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _TALLOC_KEEP_SECRET_H
+#define _TALLOC_KEEP_SECRET_H
+
+#ifdef DOXYGEN
+/**
+ * @brief Keep the memory secret when freeing.
+ *
+ * This can be used to define memory as secret. For example memory which holds
+ * passwords or other secrets like session keys. The memory will be zeroed
+ * before is being freed.
+ *
+ * If you duplicate memory, e.g. using talloc_strdup() or talloc_asprintf() you
+ * need to call talloc_keep_secret() on the newly allocated memory too!
+ *
+ * @param[in] ptr The talloc chunk to mark as secure.
+ *
+ * @warning Do not use this in combination with talloc_realloc().
+ */
+void talloc_keep_secret(const void *ptr);
+#else
+#define talloc_keep_secret(ptr) _talloc_keep_secret(ptr, #ptr);
+void _talloc_keep_secret(void *ptr, const char *name);
+#endif
+
+#endif /* _TALLOC_KEEP_SECRET_H */
install=False)
bld.SAMBA_LIBRARY('samba-util',
- source='''talloc_stack.c smb_threads.c
- rbtree.c rfc1738.c system.c getpass.c
- genrand_util.c fsusage.c
- params.c util_id.c util_net.c
- util_strlist_v3.c util_paths.c
- idtree_random.c base64.c
- util_str.c util_str_common.c ms_fnmatch.c
- server_id.c dprintf.c
- tevent_debug.c memcache.c unix_match.c tfork.c
- tftw.c''',
+ source='''
+ base64.c
+ dprintf.c
+ fsusage.c
+ genrand_util.c
+ getpass.c
+ idtree_random.c
+ memcache.c
+ ms_fnmatch.c
+ params.c
+ rbtree.c
+ rfc1738.c
+ server_id.c
+ smb_threads.c
+ system.c
+ talloc_keep_secret.c
+ talloc_stack.c
+ tevent_debug.c
+ tfork.c
+ tftw.c
+ unix_match.c
+ util_id.c
+ util_net.c
+ util_paths.c
+ util_str.c
+ util_str_common.c
+ util_strlist_v3.c
+ ''',
deps='samba-util-core DYNCONFIG close-low-fd tiniparser genrand util_str_hex',
public_deps='talloc tevent execinfo pthread LIBCRYPTO charset util_setid',
public_headers='''