vici: Clear cached strings in case the message contained shared secrets

author Tobias Brunner <tobias@strongswan.org>

Thu, 30 Sep 2021 10:10:44 +0000 (12:10 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Mon, 4 Oct 2021 09:30:03 +0000 (11:30 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 30 Sep 2021 10:10:44 +0000 (12:10 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Mon, 4 Oct 2021 09:30:03 +0000 (11:30 +0200)
diff --git a/src/libcharon/plugins/vici/vici_message.c b/src/libcharon/plugins/vici/vici_message.c

index df5b85c64c25ba701c1cdacaba4657661ad5bb66..e4bb4b43ab5875a3ca91aae33245329b920644ea 100644 (file)
--- a/src/libcharon/plugins/vici/vici_message.c
+++ b/src/libcharon/plugins/vici/vici_message.c
@@ -644,6 +644,13 @@ METHOD(vici_message_t, dump, bool,
         return FALSE;
  }
  
+CALLBACK(clear_strings, void,
+       char *str)
+{
+       memwipe(str, strlen(str));
+       free(str);
+}
+
  METHOD(vici_message_t, destroy, void,
         private_vici_message_t *this)
  {
@@ -651,7 +658,7 @@ METHOD(vici_message_t, destroy, void,
         {
                 chunk_clear(&this->encoding);
         }
-       this->strings->destroy_function(this->strings, free);
+       this->strings->destroy_function(this->strings, clear_strings);
         free(this);
  }
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 30 Sep 2021 10:10:44 +0000 (12:10 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 4 Oct 2021 09:30:03 +0000 (11:30 +0200)