summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Walleij <linus@foobar.localdomain>2010-02-19 11:09:38 +0100
committerSamuel Lidén Borell <samuel@slbdata.se>2010-02-19 11:32:57 +0100
commitb83b38248b180dcca5dbf4eff5aa34b1fb8e0c48 (patch)
tree2c5e7c060b1b3fa387ada9067f0df8bc1fef8798
parente834b58d59bee20d47d8fbe9b3e51d7ece542c61 (diff)
downloadfribid-b83b38248b180dcca5dbf4eff5aa34b1fb8e0c48.tar.gz
fribid-b83b38248b180dcca5dbf4eff5aa34b1fb8e0c48.tar.bz2
fribid-b83b38248b180dcca5dbf4eff5aa34b1fb8e0c48.zip
mlock() password memory
This locks the memory where the password is stored so that it cannot be swapped out to disk but stays resident in RAM. Signed-off-by: Linus Walleij <linus.ml.walleij@gmail.com>
-rw-r--r--client/main.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/client/main.c b/client/main.c
index afad275..cfdebb8 100644
--- a/client/main.c
+++ b/client/main.c
@@ -26,6 +26,7 @@
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/mman.h> // For mlock()
#include "../common/defines.h"
#include "../common/pipe.h"
@@ -109,6 +110,9 @@ void pipeData() {
}
while (platform_sign(&p12Data, &p12Length, &person, &password)) {
+ // Lock the password memory to RAM so it cannot be spooled out to swap
+ mlock(password, strlen(password));
+
// Try to authenticate/sign
if (command == PMC_Authenticate) {
error = bankid_authenticate(p12Data, p12Length, person, password,
@@ -123,6 +127,7 @@ void pipeData() {
free(p12Data);
keyfile_freeSubject(person);
memset(password, 0, strlen(password));
+ munlock(password, strlen(password));
free(password);
if (error == BIDERR_OK) break;