Removed configuration option `paranoid-memory`

Don't pretend that we're capable of performing memory locking. The
implementation of that, `sc_mem_alloc_secure()` (also removed), was
almost unused anyway.

etc/opensc.conf.in

@@ -36,15 +36,6 @@ app default {
 	#
 	# profile_dir = @PROFILE_DIR@;
 
-	# Paranoid memory allocation.
-	#
-	# If set to 'true', then refuse to continue when locking of non-pageable
-	# memory fails. This can cause subtle failures but is more secure when
-	# you have a swap disk.
-	# Default: false
-	#
-	# paranoid_memory = false;
-
 	# Dsiable pop-ups of built-in GUI
 	#
 	# Default: false

src/libopensc/ctx.c

@@ -367,10 +367,6 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
 		sc_ctx_log_to_file(ctx, NULL);
 	}
 
-	if (scconf_get_bool (block, "paranoid-memory",
-				ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY))
-		ctx->flags |= SC_CTX_FLAG_PARANOID_MEMORY;
-
 	if (scconf_get_bool (block, "disable_popups",
 				ctx->flags & SC_CTX_FLAG_DISABLE_POPUPS))
 		ctx->flags |= SC_CTX_FLAG_DISABLE_POPUPS;

src/libopensc/libopensc.exports

@@ -130,7 +130,6 @@ sc_list_files
 sc_lock
 sc_logout
 sc_make_cache_dir
-sc_mem_alloc_secure
 sc_mem_clear
 sc_mem_reverse
 sc_match_atr_block

src/libopensc/opensc.h

@@ -688,6 +688,7 @@ typedef struct {
  * calling sc_disconnect_card.
  */
 #define SC_CTX_FLAG_TERMINATE				0x00000001
+/** removed in 0.18.0 and later */
 #define SC_CTX_FLAG_PARANOID_MEMORY			0x00000002
 #define SC_CTX_FLAG_DEBUG_MEMORY			0x00000004
 #define SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER	0x00000008
@@ -1324,7 +1325,6 @@ int sc_base64_decode(const char *in, u8 *out, size_t outlen);
  * @param  len  length of the memory buffer
  */
 void sc_mem_clear(void *ptr, size_t len);
-void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len);
 int sc_mem_reverse(unsigned char *buf, size_t len);
 
 int sc_get_cache_dir(sc_context_t *ctx, char *buf, size_t bufsize);

src/libopensc/pkcs15.c

@@ -2569,7 +2569,7 @@ sc_pkcs15_allocate_object_content(struct sc_context *ctx, struct sc_pkcs15_objec
 	/* Need to pass by temporary variable,
 	 * because 'value' and 'content.value' pointers can be the sames.
 	 */
-	tmp_buf = (unsigned char *)sc_mem_alloc_secure(ctx, len);
+	tmp_buf = calloc(sizeof *tmp_buf, len);
 	if (!tmp_buf)
 		return SC_ERROR_OUT_OF_MEMORY;
 

src/libopensc/sc.c

@@ -826,40 +826,8 @@ int _sc_parse_atr(sc_reader_t *reader)
 	return SC_SUCCESS;
 }
 
-void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len)
-{
-    void *pointer;
-    int locked = 0;
-
-    pointer = calloc(len, sizeof(unsigned char));
-    if (!pointer)
-	return NULL;
-#ifdef HAVE_SYS_MMAN_H
-    /* TODO mprotect */
-    /* Do not swap the memory */
-    if (mlock(pointer, len) >= 0)
-	locked = 1;
-#endif
-#ifdef _WIN32
-	/* Do not swap the memory */
-	if (VirtualLock(pointer, len) != 0)
-		locked = 1;
-#endif
-    if (!locked) {
-	if (ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY) {
-	    sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, failing allocation because paranoid set");
-	    free (pointer);
-	    pointer = NULL;
-	} else {
-	    sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, sensitive data may be paged to disk");
-	}
-    }
-    return pointer;
-}
-
 void sc_mem_clear(void *ptr, size_t len)
 {
-	/* FIXME: Bug in 1.0.0-beta series crashes with 0 length */
 	if (len > 0)   {
 #ifdef ENABLE_OPENSSL
 		OPENSSL_cleanse(ptr, len);

src/pkcs11/misc.c

@@ -187,7 +187,7 @@ CK_RV push_login_state(struct sc_pkcs11_slot *slot,
 	}
 
 	if (pPin && ulPinLen) {
-		login->pPin = sc_mem_alloc_secure(context, (sizeof *pPin)*ulPinLen);
+		login->pPin = calloc((sizeof *pPin), ulPinLen);
 		if (login->pPin == NULL) {
 			goto err;
 		}