Removed configuration option `paranoid-memory`
Don't pretend that we're capable of performing memory locking. The implementation of that, `sc_mem_alloc_secure()` (also removed), was almost unused anyway.
This commit is contained in:
parent
58b6cc05aa
commit
5d7ed37246
|
@ -36,15 +36,6 @@ app default {
|
||||||
#
|
#
|
||||||
# profile_dir = @PROFILE_DIR@;
|
# profile_dir = @PROFILE_DIR@;
|
||||||
|
|
||||||
# Paranoid memory allocation.
|
|
||||||
#
|
|
||||||
# If set to 'true', then refuse to continue when locking of non-pageable
|
|
||||||
# memory fails. This can cause subtle failures but is more secure when
|
|
||||||
# you have a swap disk.
|
|
||||||
# Default: false
|
|
||||||
#
|
|
||||||
# paranoid_memory = false;
|
|
||||||
|
|
||||||
# Dsiable pop-ups of built-in GUI
|
# Dsiable pop-ups of built-in GUI
|
||||||
#
|
#
|
||||||
# Default: false
|
# Default: false
|
||||||
|
|
|
@ -367,10 +367,6 @@ load_parameters(sc_context_t *ctx, scconf_block *block, struct _sc_ctx_options *
|
||||||
sc_ctx_log_to_file(ctx, NULL);
|
sc_ctx_log_to_file(ctx, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (scconf_get_bool (block, "paranoid-memory",
|
|
||||||
ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY))
|
|
||||||
ctx->flags |= SC_CTX_FLAG_PARANOID_MEMORY;
|
|
||||||
|
|
||||||
if (scconf_get_bool (block, "disable_popups",
|
if (scconf_get_bool (block, "disable_popups",
|
||||||
ctx->flags & SC_CTX_FLAG_DISABLE_POPUPS))
|
ctx->flags & SC_CTX_FLAG_DISABLE_POPUPS))
|
||||||
ctx->flags |= SC_CTX_FLAG_DISABLE_POPUPS;
|
ctx->flags |= SC_CTX_FLAG_DISABLE_POPUPS;
|
||||||
|
|
|
@ -130,7 +130,6 @@ sc_list_files
|
||||||
sc_lock
|
sc_lock
|
||||||
sc_logout
|
sc_logout
|
||||||
sc_make_cache_dir
|
sc_make_cache_dir
|
||||||
sc_mem_alloc_secure
|
|
||||||
sc_mem_clear
|
sc_mem_clear
|
||||||
sc_mem_reverse
|
sc_mem_reverse
|
||||||
sc_match_atr_block
|
sc_match_atr_block
|
||||||
|
|
|
@ -688,6 +688,7 @@ typedef struct {
|
||||||
* calling sc_disconnect_card.
|
* calling sc_disconnect_card.
|
||||||
*/
|
*/
|
||||||
#define SC_CTX_FLAG_TERMINATE 0x00000001
|
#define SC_CTX_FLAG_TERMINATE 0x00000001
|
||||||
|
/** removed in 0.18.0 and later */
|
||||||
#define SC_CTX_FLAG_PARANOID_MEMORY 0x00000002
|
#define SC_CTX_FLAG_PARANOID_MEMORY 0x00000002
|
||||||
#define SC_CTX_FLAG_DEBUG_MEMORY 0x00000004
|
#define SC_CTX_FLAG_DEBUG_MEMORY 0x00000004
|
||||||
#define SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER 0x00000008
|
#define SC_CTX_FLAG_ENABLE_DEFAULT_DRIVER 0x00000008
|
||||||
|
@ -1324,7 +1325,6 @@ int sc_base64_decode(const char *in, u8 *out, size_t outlen);
|
||||||
* @param len length of the memory buffer
|
* @param len length of the memory buffer
|
||||||
*/
|
*/
|
||||||
void sc_mem_clear(void *ptr, size_t len);
|
void sc_mem_clear(void *ptr, size_t len);
|
||||||
void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len);
|
|
||||||
int sc_mem_reverse(unsigned char *buf, size_t len);
|
int sc_mem_reverse(unsigned char *buf, size_t len);
|
||||||
|
|
||||||
int sc_get_cache_dir(sc_context_t *ctx, char *buf, size_t bufsize);
|
int sc_get_cache_dir(sc_context_t *ctx, char *buf, size_t bufsize);
|
||||||
|
|
|
@ -2569,7 +2569,7 @@ sc_pkcs15_allocate_object_content(struct sc_context *ctx, struct sc_pkcs15_objec
|
||||||
/* Need to pass by temporary variable,
|
/* Need to pass by temporary variable,
|
||||||
* because 'value' and 'content.value' pointers can be the sames.
|
* because 'value' and 'content.value' pointers can be the sames.
|
||||||
*/
|
*/
|
||||||
tmp_buf = (unsigned char *)sc_mem_alloc_secure(ctx, len);
|
tmp_buf = calloc(sizeof *tmp_buf, len);
|
||||||
if (!tmp_buf)
|
if (!tmp_buf)
|
||||||
return SC_ERROR_OUT_OF_MEMORY;
|
return SC_ERROR_OUT_OF_MEMORY;
|
||||||
|
|
||||||
|
|
|
@ -826,40 +826,8 @@ int _sc_parse_atr(sc_reader_t *reader)
|
||||||
return SC_SUCCESS;
|
return SC_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
void *sc_mem_alloc_secure(sc_context_t *ctx, size_t len)
|
|
||||||
{
|
|
||||||
void *pointer;
|
|
||||||
int locked = 0;
|
|
||||||
|
|
||||||
pointer = calloc(len, sizeof(unsigned char));
|
|
||||||
if (!pointer)
|
|
||||||
return NULL;
|
|
||||||
#ifdef HAVE_SYS_MMAN_H
|
|
||||||
/* TODO mprotect */
|
|
||||||
/* Do not swap the memory */
|
|
||||||
if (mlock(pointer, len) >= 0)
|
|
||||||
locked = 1;
|
|
||||||
#endif
|
|
||||||
#ifdef _WIN32
|
|
||||||
/* Do not swap the memory */
|
|
||||||
if (VirtualLock(pointer, len) != 0)
|
|
||||||
locked = 1;
|
|
||||||
#endif
|
|
||||||
if (!locked) {
|
|
||||||
if (ctx->flags & SC_CTX_FLAG_PARANOID_MEMORY) {
|
|
||||||
sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, failing allocation because paranoid set");
|
|
||||||
free (pointer);
|
|
||||||
pointer = NULL;
|
|
||||||
} else {
|
|
||||||
sc_do_log (ctx, 0, NULL, 0, NULL, "cannot lock memory, sensitive data may be paged to disk");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return pointer;
|
|
||||||
}
|
|
||||||
|
|
||||||
void sc_mem_clear(void *ptr, size_t len)
|
void sc_mem_clear(void *ptr, size_t len)
|
||||||
{
|
{
|
||||||
/* FIXME: Bug in 1.0.0-beta series crashes with 0 length */
|
|
||||||
if (len > 0) {
|
if (len > 0) {
|
||||||
#ifdef ENABLE_OPENSSL
|
#ifdef ENABLE_OPENSSL
|
||||||
OPENSSL_cleanse(ptr, len);
|
OPENSSL_cleanse(ptr, len);
|
||||||
|
|
|
@ -187,7 +187,7 @@ CK_RV push_login_state(struct sc_pkcs11_slot *slot,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (pPin && ulPinLen) {
|
if (pPin && ulPinLen) {
|
||||||
login->pPin = sc_mem_alloc_secure(context, (sizeof *pPin)*ulPinLen);
|
login->pPin = calloc((sizeof *pPin), ulPinLen);
|
||||||
if (login->pPin == NULL) {
|
if (login->pPin == NULL) {
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue