Removed configuration option `paranoid-memory`
Don't pretend that we're capable of performing memory locking. The implementation of that, `sc_mem_alloc_secure()` (also removed), was almost unused anyway.
This commit is contained in:
parent
58b6cc05aa
commit
5d7ed37246
|
@ -36,15 +36,6 @@ app default {
|
|||
#
|
||||
# profile_dir = @PROFILE_DIR@;
|
||||
|
||||
# Paranoid memory allocation.
|
||||
#
|
||||
# If set to 'true', then refuse to continue when locking of non-pageable
|
||||
# memory fails. This can cause subtle failures but is more secure when
|
||||
# you have a swap disk.
|
||||
# Default: false
|
||||
#
|
||||
# paranoid_memory = false;
|
||||
|
||||
# Dsiable pop-ups of built-in GUI
|
||||
#
|
||||
# Default: false
|
||||
|
|
|
@ -367,10 +367,6 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
|
|||
sc_ctx_log_to_file(ctx, NULL);
|
||||
}
|
||||
|
||||
if (scconf_get_bool (block, "paranoid-memory",
|
||||
ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY))
|
||||
ctx->flags |= SC_CTX_FLAG_PARANOID_MEMORY;
|
||||
|
||||
if (scconf_get_bool (block, "disable_popups",
|
||||
ctx->flags & SC_CTX_FLAG_DISABLE_POPUPS))
|
||||
ctx->flags |= SC_CTX_FLAG_DISABLE_POPUPS;
|
||||
|
|
|
@ -130,7 +130,6 @@ sc_list_files
|
|||
sc_lock
|
||||
sc_logout
|
||||
sc_make_cache_dir
|
||||
sc_mem_alloc_secure
|
||||
sc_mem_clear
|
||||
sc_mem_reverse
|
||||
sc_match_atr_block
|
||||
|
|
|
@ -688,6 +688,7 @@ typedef struct {
|
|||
* calling sc_disconnect_card.
|
||||
*/
|
||||
#define SC_CTX_FLAG_TERMINATE 0x00000001
|
||||
/** removed in 0.18.0 and later */
|
||||
#define SC_CTX_FLAG_PARANOID_MEMORY 0x00000002
|
||||
#define SC_CTX_FLAG_DEBUG_MEMORY 0x00000004
|
||||
#define SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER 0x00000008
|
||||
|
@ -1324,7 +1325,6 @@ int sc_base64_decode(const char *in, u8 *out, size_t outlen);
|
|||
* @param len length of the memory buffer
|
||||
*/
|
||||
void sc_mem_clear(void *ptr, size_t len);
|
||||
void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len);
|
||||
int sc_mem_reverse(unsigned char *buf, size_t len);
|
||||
|
||||
int sc_get_cache_dir(sc_context_t *ctx, char *buf, size_t bufsize);
|
||||
|
|
|
@ -2569,7 +2569,7 @@ sc_pkcs15_allocate_object_content(struct sc_context *ctx, struct sc_pkcs15_objec
|
|||
/* Need to pass by temporary variable,
|
||||
* because 'value' and 'content.value' pointers can be the sames.
|
||||
*/
|
||||
tmp_buf = (unsigned char *)sc_mem_alloc_secure(ctx, len);
|
||||
tmp_buf = calloc(sizeof *tmp_buf, len);
|
||||
if (!tmp_buf)
|
||||
return SC_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
|
|
|
@ -826,40 +826,8 @@ int _sc_parse_atr(sc_reader_t *reader)
|
|||
return SC_SUCCESS;
|
||||
}
|
||||
|
||||
void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len)
|
||||
{
|
||||
void *pointer;
|
||||
int locked = 0;
|
||||
|
||||
pointer = calloc(len, sizeof(unsigned char));
|
||||
if (!pointer)
|
||||
return NULL;
|
||||
#ifdef HAVE_SYS_MMAN_H
|
||||
/* TODO mprotect */
|
||||
/* Do not swap the memory */
|
||||
if (mlock(pointer, len) >= 0)
|
||||
locked = 1;
|
||||
#endif
|
||||
#ifdef _WIN32
|
||||
/* Do not swap the memory */
|
||||
if (VirtualLock(pointer, len) != 0)
|
||||
locked = 1;
|
||||
#endif
|
||||
if (!locked) {
|
||||
if (ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY) {
|
||||
sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, failing allocation because paranoid set");
|
||||
free (pointer);
|
||||
pointer = NULL;
|
||||
} else {
|
||||
sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, sensitive data may be paged to disk");
|
||||
}
|
||||
}
|
||||
return pointer;
|
||||
}
|
||||
|
||||
void sc_mem_clear(void *ptr, size_t len)
|
||||
{
|
||||
/* FIXME: Bug in 1.0.0-beta series crashes with 0 length */
|
||||
if (len > 0) {
|
||||
#ifdef ENABLE_OPENSSL
|
||||
OPENSSL_cleanse(ptr, len);
|
||||
|
|
|
@ -187,7 +187,7 @@ CK_RV push_login_state(struct sc_pkcs11_slot *slot,
|
|||
}
|
||||
|
||||
if (pPin && ulPinLen) {
|
||||
login->pPin = sc_mem_alloc_secure(context, (sizeof *pPin)*ulPinLen);
|
||||
login->pPin = calloc((sizeof *pPin), ulPinLen);
|
||||
if (login->pPin == NULL) {
|
||||
goto err;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue