dnsdist: Add support for explicit_bzero() and explicit_memset()

author Remi Gacogne <remi.gacogne@powerdns.com>

Wed, 28 Mar 2018 21:20:12 +0000 (23:20 +0200)

committer Remi Gacogne <remi.gacogne@powerdns.com>

Thu, 29 Mar 2018 09:03:39 +0000 (11:03 +0200)
author Remi Gacogne <remi.gacogne@powerdns.com>
Wed, 28 Mar 2018 21:20:12 +0000 (23:20 +0200)
committer Remi Gacogne <remi.gacogne@powerdns.com>
Thu, 29 Mar 2018 09:03:39 +0000 (11:03 +0200)
diff --git a/pdns/dnsdistdist/m4/dnsdist_check_gnutls.m4 b/pdns/dnsdistdist/m4/dnsdist_check_gnutls.m4

index 77bb03f14ffddd898e931a36fdd8d1f50cd0821a..65b116a4f3e4c891ad2977637bea0bbf254bacb7 100644 (file)
--- a/pdns/dnsdistdist/m4/dnsdist_check_gnutls.m4
+++ b/pdns/dnsdistdist/m4/dnsdist_check_gnutls.m4
@@ -18,7 +18,7 @@ AC_DEFUN([DNSDIST_CHECK_GNUTLS], [
          save_LIBS=$LIBS
          CFLAGS="$GNUTLS_CFLAGS $CFLAGS"
          LIBS="$GNUTLS_LIBS $LIBS"
-        AC_CHECK_FUNCS([gnutls_memset])
+        AC_CHECK_FUNCS([gnutls_memset explicit_bzero explicit_memset])
          CFLAGS=$save_CFLAGS
          LIBS=$save_LIBS
  
diff --git a/pdns/dnsdistdist/tcpiohandler.cc b/pdns/dnsdistdist/tcpiohandler.cc

index 0408fcd92d0a9ea9108618a26989bc02da53d86a..b674bc5e0ec888bc11af74b4055faabd9914e72b 100644 (file)
--- a/pdns/dnsdistdist/tcpiohandler.cc
+++ b/pdns/dnsdistdist/tcpiohandler.cc
@@ -546,19 +546,23 @@ std::atomic<uint64_t> OpenSSLTLSIOCtx::s_users(0);
  #ifndef HAVE_LIBSODIUM
  void safe_memset(void* data, int c, size_t size)
  {
-#ifdef HAVE_GNUTLS_MEMSET
-      gnutls_memset(data, c, size);
-#else
-      /* shamelessly taken from Dovecot's src/lib/safe-memset.c */
-      volatile unsigned int volatile_zero_idx = 0;
-      volatile unsigned char *p = reinterpret_cast<volatile unsigned char *>(data);
-
-      if (size == 0)
-        return;
-
-      do {
-        memset(data, c, size);
-      } while (p[volatile_zero_idx] != c);
+#if defined(HAVE_EXPLICIT_BZERO)
+  explicit_bzero(data, size);
+#elif defined(HAVE_EXPLICIT_MEMSET)
+  explicit_memset(data, c, size);
+#elif defined(HAVE_GNUTLS_MEMSET)
+  gnutls_memset(data, c, size);
+#else /* HAVE_GNUTLS_MEMSET */
+  /* shamelessly taken from Dovecot's src/lib/safe-memset.c */
+  volatile unsigned int volatile_zero_idx = 0;
+  volatile unsigned char *p = reinterpret_cast<volatile unsigned char *>(data);
+
+  if (size == 0)
+    return;
+
+  do {
+    memset(data, c, size);
+  } while (p[volatile_zero_idx] != c);
  #endif /* HAVE_GNUTLS_MEMSET */
  }
  #endif /* HAVE_LIBSODIUM */
author	Remi Gacogne <remi.gacogne@powerdns.com>
	Wed, 28 Mar 2018 21:20:12 +0000 (23:20 +0200)
committer	Remi Gacogne <remi.gacogne@powerdns.com>
	Thu, 29 Mar 2018 09:03:39 +0000 (11:03 +0200)
pdns/dnsdistdist/m4/dnsdist_check_gnutls.m4		patch \| blob \| history
pdns/dnsdistdist/tcpiohandler.cc		patch \| blob \| history