commit 1d6dd288e1c084a5118785899cca910e8c69fbb1 Author: Nick Mathewson nickm@torproject.org Date: Mon Jan 11 09:02:42 2016 -0500
Try a little harder to only use SecureZeroMemory when it's present
We could be using AC_CHECK_FUNC_DECL too, but it shouldn't be needed. --- configure.ac | 2 ++ src/common/compat_openssl.h | 10 ++++++++-- src/common/crypto.c | 4 +++- 3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac index b62b4d3..6d2312d 100644 --- a/configure.ac +++ b/configure.ac @@ -376,6 +376,8 @@ AM_CONDITIONAL(THREADS_PTHREADS, test "$bwin32" = "false")
AC_CHECK_FUNCS( _NSGetEnviron \ + RtlSecureZeroMemory \ + SecureZeroMemory \ accept4 \ backtrace \ backtrace_symbols_fd \ diff --git a/src/common/compat_openssl.h b/src/common/compat_openssl.h index 5825ff7..9c98181 100644 --- a/src/common/compat_openssl.h +++ b/src/common/compat_openssl.h @@ -19,8 +19,14 @@ #error "We require OpenSSL >= 1.0.0" #endif
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) || \ - defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && \ + ! defined(LIBRESSL_VERSION_NUMBER) +/* We define this macro if we're trying to build with the majorly refactored + * API in OpenSSL 1.1 */ +#define OPENSSL_1_1_API +#endif + +#ifndef OPENSSL_1_1_API #define OPENSSL_VERSION SSLEAY_VERSION #define OpenSSL_version(v) SSLeay_version(v) #define OpenSSL_version_num() SSLeay() diff --git a/src/common/crypto.c b/src/common/crypto.c index 2f498ac..9cc5ee0 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -2960,9 +2960,11 @@ memwipe(void *mem, uint8_t byte, size_t sz) * have this function call "memset". A smart compiler could inline it, then * eliminate dead memsets, and declare itself to be clever. */
-#ifdef _WIN32 +#if defined(SecureZeroMemory) || defined(HAVE_SECUREZEROMEMORY) /* Here's what you do on windows. */ SecureZeroMemory(mem,sz); +#elif defined(HAVE_RTLSECUREZEROMEMORY) + RtlSecureZeroMemory(mem,sz); #elif defined(HAVE_EXPLICIT_BZERO) /* The BSDs provide this. */ explicit_bzero(mem, sz);