diff options
| author | Christian Göttsche <cgzones@googlemail.com> | 2023-01-30 17:53:24 +0100 |
|---|---|---|
| committer | Christian Göttsche <cgzones@googlemail.com> | 2023-02-28 15:11:18 +0100 |
| commit | 19a29268178951988eca29a7830f24bfef300c3c (patch) | |
| tree | 23024993a88582f13a3d63a60446c6ab4207b12e /configure.ac | |
| parent | bde2277d2aa1cd9d4a14a1a1f89241d5e86b0bad (diff) | |
| download | pam-19a29268178951988eca29a7830f24bfef300c3c.tar.gz pam-19a29268178951988eca29a7830f24bfef300c3c.tar.bz2 pam-19a29268178951988eca29a7830f24bfef300c3c.zip | |
libpam: introduce secure memory erasure helpers
Avoid compiler optimizations to elide the memory erasure by using a
secure method: either memset_explicit() [C23], bzero_explicit() [glibc
2.25] or a manual memory barrier.
Since the current helpers _pam_overwrite*() and _pam_drop_reply() are
publicly exported, create new ones in "pam_inline.h" and deprecate the
old ones.
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 8b89124e..8844eb35 100644 --- a/configure.ac +++ b/configure.ac @@ -615,6 +615,7 @@ AC_CHECK_FUNCS(getgrouplist getline getdelim) AC_CHECK_FUNCS(inet_ntop inet_pton innetgr) AC_CHECK_FUNCS(quotactl) AC_CHECK_FUNCS(unshare) +AC_CHECK_FUNCS(explicit_bzero memset_explicit) AC_CHECK_FUNCS([ruserok_af ruserok], [break]) AC_ARG_ENABLE([regenerate-docu], |