Subject: Re: [PATCH] wincng: Added explicit clear memory feature to WinCNG backend

Re: [PATCH] wincng: Added explicit clear memory feature to WinCNG backend

From: Peter Stuge <peter_at_stuge.se>
Date: Fri, 20 Jun 2014 18:15:16 +0200

Marc Hoersken wrote:
> > enabling the option should throw an error when this functionality
> > is not available
>
> thanks for the feedback. I updated configure.ac to produce a warning if
> secure clearing/zeroing of memory is unsupported / not available

I think a warning is appropriate when the --enable option was not
explicitly specified.

I think an error is neccessary when --enable *was* specified, but
support is unavailable.

> and expanded the configure summary to look like the following,
> as an example for the OpenSSL backend:
>
> configure: summary of build options:
>
> version: 1.4.4_DEV
> Host type: x86_64-unknown-linux-gnu
> Install prefix: /usr/local
> Compiler: gcc
> Compiler flags: -g -O2
> Library types: Shared=yes, Static=yes
> Crypto library: OpenSSL (AES-CTR: yes)
> Clear memory: unsupported

Looks great!

> +++ b/configure.ac
> @@ -197,6 +197,21 @@ if test "$GEX_NEW" != "no"; then
> AC_DEFINE(LIBSSH2_DH_GEX_NEW, 1, [Enable newer diffie-hellman-group-exchange-sha1 syntax])
> fi
>
> +AC_ARG_ENABLE(clear-memory,
> + AC_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]),
> + [CLEAR_MEMORY=$enableval])
> +if test "$ac_cv_libbcrypt" = "yes"; then

Please don't add a new list of crypto backends to maintain. I'd
suggest to instead introduce an abstraction such as
$support_clear_memory which is set to no by default and set to yes by
backends supporting this functionality.

The above check would then inspect only that variable.

Thanks

//Peter

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Received on 2014-06-20