in addition to 'm'/'c' mode, asn1_wrap accepts a 's' mode clearing sensitive information

author: Martin Willi <martin@strongswan.org> 2009-08-19 16:00:48 +0200
committer: Martin Willi <martin@strongswan.org> 2009-08-26 11:23:51 +0200
commit: 957d1163286942fd966d2a83b027abc80bab000b (patch)
tree: aa372bda706a0566c787a52bee7e7839783da84d /src/libstrongswan/asn1/asn1.c
parent: d9b24887a464d28d622ab47ddbea4a872585cd95 (diff)
download: strongswan-957d1163286942fd966d2a83b027abc80bab000b.tar.bz2
strongswan-957d1163286942fd966d2a83b027abc80bab000b.tar.xz
1 files changed, 9 insertions, 2 deletions
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index ec46b165b..ea6702df9 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -832,9 +832,16 @@ chunk_t asn1_wrap(asn1_t type, const char *mode, ...)
 		memcpy(pos, ch.ptr, ch.len);
 		pos += ch.len;
 
-		if (*mode++ == 'm')
+		switch (*mode++)
 		{
-			free(ch.ptr);
+			case 's':
+				chunk_clear(&ch);
+				break;
+			case 'm':
+				free(ch.ptr);
+				break;
+			default:
+				break;
 		}
 	}
 	va_end(chunks);
author	Martin Willi <martin@strongswan.org>	2009-08-19 16:00:48 +0200
committer	Martin Willi <martin@strongswan.org>	2009-08-26 11:23:51 +0200
commit	957d1163286942fd966d2a83b027abc80bab000b (patch)
tree	aa372bda706a0566c787a52bee7e7839783da84d /src/libstrongswan/asn1/asn1.c
parent	d9b24887a464d28d622ab47ddbea4a872585cd95 (diff)
download	strongswan-957d1163286942fd966d2a83b027abc80bab000b.tar.bz2 strongswan-957d1163286942fd966d2a83b027abc80bab000b.tar.xz