]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 332fdc5)
DNSCrypt: Don't call `sodium_memzero()` right before `sodium_munlock()`
authorRemi Gacogne <remi.gacogne@powerdns.com>
Fri, 23 Dec 2016 11:19:47 +0000 (12:19 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Fri, 23 Dec 2016 11:22:03 +0000 (12:22 +0100)
The documentation states that `sodium_munlock()` will properly zero
the memory before making it swappable, so we don't need to call
`sodium_memzero()` ourselves.

pdns/dnscrypt.cc patch | blob | blame | history

diff --git a/pdns/dnscrypt.cc b/pdns/dnscrypt.cc
index 2e4d9ca1b3be012957f39c52e115bf80ddfeaf5c..5014e452a23b6ae120c3fcadae0b78031e4b33d3 100644 (file)
--- a/pdns/dnscrypt.cc
+++ b/pdns/dnscrypt.cc
@@ -56,7 +56,6 @@ void DnsCryptPrivateKey::saveToFile(const std::string& keyFile) const
 
 DnsCryptPrivateKey::~DnsCryptPrivateKey()
 {
-  sodium_memzero(key, sizeof(key));
   sodium_munlock(key, sizeof(key));
 }
 
@@ -67,7 +66,6 @@ DnsCryptQuery::DnsCryptQuery()
 
 DnsCryptQuery::~DnsCryptQuery()
 {
-  sodium_memzero(sharedKey, sizeof(sharedKey));
   sodium_munlock(sharedKey, sizeof(sharedKey));
 }
 
Unnamed repository; edit this file 'description' to name the repository.