Commit graph

7 commits

Author SHA1 Message Date
Philip Kaufmann
0f8a647782 don't use memset() in privacy/security relevant code parts
As memset() can be optimized out by a compiler it should not be used in
privacy/security relevant code parts. OpenSSL provides the safe
OPENSSL_cleanse() function in crypto.h, which perfectly does the job of
clean and overwrite data.

For details see: http://www.viva64.com/en/b/0178/

- change memset() to OPENSSL_cleanse() where appropriate
- change a hard-coded number from netbase.cpp into a sizeof()
2012-11-09 12:53:53 +01:00
Wladimir J. van der Laan
e95568b78d Handle locked pages more robustly (Fixes issue #1462)
Memory locks do not stack, that is, pages which have been locked several times by calls to mlock()
will be unlocked by a single call to munlock(). This can result in keying material ending up in swap when
those functions are used naively. In this commit a class "LockedPageManager" is added
that simulates stacking memory locks by keeping a counter per page.
2012-08-23 06:55:35 +02:00
Pieter Wuille
0ed0806bb4 Update comment about secure_allocator<> 2012-06-08 16:27:05 +02:00
Fordy
3a25a2b9b0 Update License in File Headers
I originally created a pull to replace the "COPYING" in crypter.cpp and
crypter.h, but it turned out that COPYING was actually the correct
file.
2012-05-18 22:02:28 +08:00
Timothy Redaelli
9553c35d89 Add missing includes. (Fix bulding under GCC 4.7) 2012-04-20 12:50:57 +02:00
Pieter Wuille
ed6d0b5f85 Remove headers.h 2012-04-17 20:00:55 +02:00
Wladimir J. van der Laan
6cb6d62347 remove dependency on serialize.h and util.h for SecureString 2012-04-04 09:35:01 +02:00