pluto: Securely wipe sensitive data from memory.

author Thomas Egerer <thomas.egerer@secunet.com>

Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)
author Thomas Egerer <thomas.egerer@secunet.com>
Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)
diff --git a/src/pluto/state.c b/src/pluto/state.c

index 4b96df6..e4234bc 100644 (file)
--- a/src/pluto/state.c
+++ b/src/pluto/state.c
@@ -350,19 +350,20 @@ void delete_state(struct state *st)
  
         DESTROY_IF(st->st_dh);
  
-       free(st->st_tpacket.ptr);
-       free(st->st_rpacket.ptr);
-       free(st->st_p1isa.ptr);
-       free(st->st_gi.ptr);
-       free(st->st_gr.ptr);
-       free(st->st_shared.ptr);
-       free(st->st_ni.ptr);
-       free(st->st_nr.ptr);
-       free(st->st_skeyid.ptr);
-       free(st->st_skeyid_d.ptr);
-       free(st->st_skeyid_a.ptr);
-       free(st->st_skeyid_e.ptr);
-       free(st->st_enc_key.ptr);
+       chunk_clear(&st->st_tpacket);
+       chunk_clear(&st->st_rpacket);
+       chunk_clear(&st->st_p1isa);
+       chunk_clear(&st->st_gi);
+       chunk_clear(&st->st_gr);
+       chunk_clear(&st->st_shared);
+       chunk_clear(&st->st_ni);
+       chunk_clear(&st->st_nr);
+       chunk_clear(&st->st_skeyid);
+       chunk_clear(&st->st_skeyid_d);
+       chunk_clear(&st->st_skeyid_a);
+       chunk_clear(&st->st_skeyid_e);
+       chunk_clear(&st->st_enc_key);
+
         free(st->st_ah.our_keymat);
         free(st->st_ah.peer_keymat);
         free(st->st_esp.our_keymat);
author	Thomas Egerer <thomas.egerer@secunet.com>
	Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)