diff options
author | Yann Ylavic <ylavic@apache.org> | 2022-06-28 16:09:12 +0000 |
---|---|---|
committer | Yann Ylavic <ylavic@apache.org> | 2022-06-28 16:09:12 +0000 |
commit | 4000041d0ea6f7fccea67d2ac3d8205270b1cf1a (patch) | |
tree | 60520ce5d99c7db9fb3a19ad0d03ae4a28fe0296 /include | |
parent | 17ab72e940b86ec420057e27dbe543f54c9b21ff (diff) | |
download | apr-4000041d0ea6f7fccea67d2ac3d8205270b1cf1a.tar.gz |
apr_strings: Provide apr_memzero_explicit() in APR.
This function is handy outside apu_crypto usage, don't require users to link
to APU for the feature.
This commit moves the apr_crypto_memzero() implementation to apr_strings under
the apr_memzero_explicit() name, and replaces the calls to the former with the
latter, and apr_crypto_memzero() now calls apr_memzero_explicit() directly.
* include/apr_strings.h():
Declare apr_memzero_explicit().
* strings/apr_strings.c():
Implement apr_memzero_explicit() by moving/renaming the code from apu_crypto.
* crypto/apr_crypto.c(apr_crypto_memzero):
Fall back to apr_memzero_explicit().
* crypto/apr_crypto.c(crypto_clear):
Use apr_memzero_explicit() instead of apr_crypto_memzero().
* crypto/apr_crypto_prng.c(cprng_cleanup, cprng_stream_bytes,
apr_crypto_prng_reseed, cprng_bytes,
apr_crypto_prng_rekey, apr_crypto_prng_after_fork):
Use apr_memzero_explicit() instead of apr_crypto_memzero().
* crypto/apr_md4.c(MD4Transform):
Use apr_memzero_explicit() instead of apr_crypto_memzero().
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1902323 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'include')
-rw-r--r-- | include/apr_strings.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/include/apr_strings.h b/include/apr_strings.h index d5f8719d2..56f0426fc 100644 --- a/include/apr_strings.h +++ b/include/apr_strings.h @@ -183,6 +183,16 @@ APR_DECLARE_NONSTD(char *) apr_psprintf(apr_pool_t *p, const char *fmt, ...) __attribute__((format(printf,2,3))); /** + * zero out the buffer provided, without being optimized out by + * the compiler. + * + * @param buffer buffer to zero out + * @param size size of the buffer to zero out + * @return APR_SUCCESS or an errno + */ +APR_DECLARE(apr_status_t) apr_memzero_explicit(void *buffer, apr_size_t size); + +/** * Copy up to dst_size characters from src to dst; does not copy * past a NUL terminator in src, but always terminates dst with a NUL * regardless. |