pluto: Securely wipe sensitive data from memory.
authorThomas Egerer <thomas.egerer@secunet.com>
Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 10 May 2011 13:19:46 +0000 (15:19 +0200)
src/pluto/state.c

index 4b96df6..e4234bc 100644 (file)
@@ -350,19 +350,20 @@ void delete_state(struct state *st)
 
        DESTROY_IF(st->st_dh);
 
-       free(st->st_tpacket.ptr);
-       free(st->st_rpacket.ptr);
-       free(st->st_p1isa.ptr);
-       free(st->st_gi.ptr);
-       free(st->st_gr.ptr);
-       free(st->st_shared.ptr);
-       free(st->st_ni.ptr);
-       free(st->st_nr.ptr);
-       free(st->st_skeyid.ptr);
-       free(st->st_skeyid_d.ptr);
-       free(st->st_skeyid_a.ptr);
-       free(st->st_skeyid_e.ptr);
-       free(st->st_enc_key.ptr);
+       chunk_clear(&st->st_tpacket);
+       chunk_clear(&st->st_rpacket);
+       chunk_clear(&st->st_p1isa);
+       chunk_clear(&st->st_gi);
+       chunk_clear(&st->st_gr);
+       chunk_clear(&st->st_shared);
+       chunk_clear(&st->st_ni);
+       chunk_clear(&st->st_nr);
+       chunk_clear(&st->st_skeyid);
+       chunk_clear(&st->st_skeyid_d);
+       chunk_clear(&st->st_skeyid_a);
+       chunk_clear(&st->st_skeyid_e);
+       chunk_clear(&st->st_enc_key);
+
        free(st->st_ah.our_keymat);
        free(st->st_ah.peer_keymat);
        free(st->st_esp.our_keymat);