apr_strings: Provide apr_memzero_explicit() in APR.

This function is handy outside apu_crypto usage, don't require users to link
to APU for the feature.

This commit moves the apr_crypto_memzero() implementation to apr_strings under
the apr_memzero_explicit() name, and replaces the calls to the former with the
latter, and apr_crypto_memzero() now calls apr_memzero_explicit() directly.

* include/apr_strings.h():
  Declare apr_memzero_explicit().

* strings/apr_strings.c():
  Implement apr_memzero_explicit() by moving/renaming the code from apu_crypto.

* crypto/apr_crypto.c(apr_crypto_memzero):
  Fall back to apr_memzero_explicit().

* crypto/apr_crypto.c(crypto_clear):
  Use apr_memzero_explicit() instead of apr_crypto_memzero().

* crypto/apr_crypto_prng.c(cprng_cleanup, cprng_stream_bytes,
                           apr_crypto_prng_reseed, cprng_bytes,
                           apr_crypto_prng_rekey, apr_crypto_prng_after_fork):
  Use apr_memzero_explicit() instead of apr_crypto_memzero().

* crypto/apr_md4.c(MD4Transform):
  Use apr_memzero_explicit() instead of apr_crypto_memzero().



git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1902323 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 10 insertions, 0 deletions

diff --git a/include/apr_strings.h b/include/apr_strings.h
index d5f8719d2..56f0426fc 100644
--- a/include/apr_strings.h
+++ b/include/apr_strings.h
@@ -183,6 +183,16 @@ APR_DECLARE_NONSTD(char *) apr_psprintf(apr_pool_t *p, const char *fmt, ...)
         __attribute__((format(printf,2,3)));
 
 /**
+ * zero out the buffer provided, without being optimized out by
+ * the compiler.
+ *
+ * @param buffer buffer to zero out
+ * @param size size of the buffer to zero out
+ * @return APR_SUCCESS or an errno
+ */
+APR_DECLARE(apr_status_t) apr_memzero_explicit(void *buffer, apr_size_t size);
+
+/**
  * Copy up to dst_size characters from src to dst; does not copy
  * past a NUL terminator in src, but always terminates dst with a NUL
  * regardless.