[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] master ffde1e9: Simplify recent gnutls.c changes
|
From: |
Paul Eggert |
|
Subject: |
[Emacs-diffs] master ffde1e9: Simplify recent gnutls.c changes |
|
Date: |
Thu, 20 Jul 2017 19:22:40 -0400 (EDT) |
branch: master
commit ffde1e9b9e9aa763e18f009e0d54345f509134db
Author: Paul Eggert <address@hidden>
Commit: Paul Eggert <address@hidden>
Simplify recent gnutls.c changes
* src/gnutls.c (clear_storage) [HAVE_GNUTLS3_AEAD]: Remove.
All uses replaced by calls to explicit_bzero; that’s clear enough.
(gnutls_symmetric_aead) [HAVE_GNUTLS3_AEAD]: Simplify by
coalescing duplicate actions. There is no need to invoke
SAFE_FREE before calling ‘error’.
---
src/gnutls.c | 45 ++++++++++-----------------------------------
1 file changed, 10 insertions(+), 35 deletions(-)
diff --git a/src/gnutls.c b/src/gnutls.c
index 7c98840..5969407 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1891,26 +1891,6 @@ The alist key is the cipher name. */)
return ciphers;
}
-#ifdef HAVE_GNUTLS3_AEAD
-
-/* Zero out STORAGE (even if it will become inaccessible. It has
- STORAGE_LENGTH bytes. The goal is to improve security a bit, in
- case an Emacs module or some buggy part of Emacs attempts to
- inspect STORAGE later to retrieve a secret.
-
- Calls to this function document when storage containing a secret is
- known to go out of scope. This function is not guaranteed to erase
- the secret, as copies of STORAGE may well be accessible elsewhere
- on the machine. */
-
-static void
-clear_storage (void *storage, ptrdiff_t storage_length)
-{
- explicit_bzero (storage, storage_length);
-}
-
-#endif /* HAVE_GNUTLS3_AEAD */
-
static Lisp_Object
gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca,
Lisp_Object cipher,
@@ -1975,23 +1955,18 @@ gnutls_symmetric_aead (bool encrypting,
gnutls_cipher_algorithm_t gca,
(acipher, vdata, vsize, aead_auth_data, aead_auth_size,
cipher_tag_size, idata, isize, storage, &storage_length));
- if (ret < GNUTLS_E_SUCCESS)
- {
- clear_storage (storage, storage_length);
- SAFE_FREE ();
- gnutls_aead_cipher_deinit (acipher);
- if (encrypting)
- error ("GnuTLS AEAD cipher %s encryption failed: %s",
- gnutls_cipher_get_name (gca), emacs_gnutls_strerror (ret));
- else
- error ("GnuTLS AEAD cipher %s decryption failed: %s",
- gnutls_cipher_get_name (gca), emacs_gnutls_strerror (ret));
- }
-
+ Lisp_Object output;
+ if (GNUTLS_E_SUCCESS <= ret)
+ output = make_unibyte_string (storage, storage_length);
+ explicit_bzero (storage, storage_length);
gnutls_aead_cipher_deinit (acipher);
- Lisp_Object output = make_unibyte_string (storage, storage_length);
- clear_storage (storage, storage_length);
+ if (ret < GNUTLS_E_SUCCESS)
+ error ((encrypting
+ ? "GnuTLS AEAD cipher %s encryption failed: %s"
+ : "GnuTLS AEAD cipher %s decryption failed: %s"),
+ gnutls_cipher_get_name (gca), emacs_gnutls_strerror (ret));
+
SAFE_FREE ();
return list2 (output, actual_iv);
#else
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] master ffde1e9: Simplify recent gnutls.c changes,
Paul Eggert <=