* cypher and auth-algo selectable via commandline

* libgcrypt uses secure memory now * a few bugfixes
author: Erwin Nindl <nine@wirdorange.org> 2007-12-27 11:57:12 +0000
committer: Erwin Nindl <nine@wirdorange.org> 2007-12-27 11:57:12 +0000
commit: a3e710fbd44ca8a0f4840b4e3366c6fc946ecfc5 (patch)
tree: b5b189fa102e382da25b8c7385e628ed3889b335 /keyDerivation.cpp
parent: added anytun to isakmpd (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/keyDerivation.cpp b/keyDerivation.cpp
index dbef123..911ea87 100644
--- a/keyDerivation.cpp
+++ b/keyDerivation.cpp
@@ -59,14 +59,14 @@ void KeyDerivation::init(Buffer key, Buffer salt)
     // do NOT allocate a pool of secure memory!
     // this is NOT thread safe!
 
-    //    /* Allocate a pool of 16k secure memory.  This also drops priviliges
-    //     *      on some systems. */
-    //    err = gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
-    //    if( err )
-    //    {
-    //      std::cerr << "Failed to allocate 16k secure memory: " << gpg_strerror( err ) << std::endl;
-    //      return;
-    //    }
+    /* Allocate a pool of 16k secure memory.  This also drops priviliges
+     * on some systems. */
+    err = gcry_control(GCRYCTL_INIT_SECMEM, GCRYPT_SEC_MEM, 0);
+    if( err )
+    {
+      cLog.msg(Log::PRIO_ERR) << "Failed to allocate " << GCRYPT_SEC_MEM << " bytes of secure memory: " << gpg_strerror( err );
+      return;
+    }
 
     /* Tell Libgcrypt that initialization has completed. */
     err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
author	Erwin Nindl <nine@wirdorange.org>	2007-12-27 11:57:12 +0000
committer	Erwin Nindl <nine@wirdorange.org>	2007-12-27 11:57:12 +0000
commit	a3e710fbd44ca8a0f4840b4e3366c6fc946ecfc5 (patch)
tree	b5b189fa102e382da25b8c7385e628ed3889b335 /keyDerivation.cpp
parent	added anytun to isakmpd (diff)