diff options
author | Erwin Nindl <nine@wirdorange.org> | 2007-12-27 11:57:12 +0000 |
---|---|---|
committer | Erwin Nindl <nine@wirdorange.org> | 2007-12-27 11:57:12 +0000 |
commit | a3e710fbd44ca8a0f4840b4e3366c6fc946ecfc5 (patch) | |
tree | b5b189fa102e382da25b8c7385e628ed3889b335 /authAlgo.cpp | |
parent | added anytun to isakmpd (diff) |
* cypher and auth-algo selectable via commandline
* libgcrypt uses secure memory now
* a few bugfixes
Diffstat (limited to 'authAlgo.cpp')
-rw-r--r-- | authAlgo.cpp | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/authAlgo.cpp b/authAlgo.cpp index d6f9565..4b5515e 100644 --- a/authAlgo.cpp +++ b/authAlgo.cpp @@ -44,7 +44,6 @@ AuthTag NullAuthAlgo::calc(const Buffer& buf) const char* Sha1AuthAlgo::MIN_GCRYPT_VERSION = "1.2.3"; - // HMAC_SHA1 Sha1AuthAlgo::Sha1AuthAlgo() : ctx_(NULL) { @@ -57,6 +56,15 @@ Sha1AuthAlgo::Sha1AuthAlgo() : ctx_(NULL) cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::Sha1AuthAlgo: Invalid Version of libgcrypt, should be >= " << MIN_GCRYPT_VERSION; return; } + + /* Allocate a pool of secure memory. + * This also drops priviliges on some systems. */ + err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0); + if( err ) { + cLog.msg(Log::PRIO_ERR) << "Failed to allocate " << GCRYPT_SEC_MEM << "bytes of secure memory: " << gpg_strerror( err ); + return; + } + /* Tell Libgcrypt that initialization has completed. */ err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED); if( err ) { |