diff options
author | Lennart Poettering <lennart@poettering.net> | 2020-11-04 16:13:09 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2020-12-01 14:17:46 +0100 |
commit | f362fe731bc7d78ce915b4cdb69ad3ad46536bf5 (patch) | |
tree | 3de7bc9d8f0e5a65f5c73ef64511080931e486d5 | |
parent | scope: on unified, make sure to unwatch all PIDs once they've been moved to t... (diff) | |
download | systemd-f362fe731bc7d78ce915b4cdb69ad3ad46536bf5.tar.xz systemd-f362fe731bc7d78ce915b4cdb69ad3ad46536bf5.zip |
journal-remote: erase secret PEM key from memory after use
-rw-r--r-- | src/journal-remote/journal-gatewayd.c | 3 | ||||
-rw-r--r-- | src/journal-remote/journal-remote-main.c | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/src/journal-remote/journal-gatewayd.c b/src/journal-remote/journal-gatewayd.c index 0723f7d8bb..09c7ca4573 100644 --- a/src/journal-remote/journal-gatewayd.c +++ b/src/journal-remote/journal-gatewayd.c @@ -22,6 +22,7 @@ #include "log.h" #include "logs-show.h" #include "main-func.h" +#include "memory-util.h" #include "microhttpd-util.h" #include "os-util.h" #include "parse-util.h" @@ -37,7 +38,7 @@ static char *arg_cert_pem = NULL; static char *arg_trust_pem = NULL; static const char *arg_directory = NULL; -STATIC_DESTRUCTOR_REGISTER(arg_key_pem, freep); +STATIC_DESTRUCTOR_REGISTER(arg_key_pem, erase_and_freep); STATIC_DESTRUCTOR_REGISTER(arg_cert_pem, freep); STATIC_DESTRUCTOR_REGISTER(arg_trust_pem, freep); diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c index d2aa1815c2..16759aa6b5 100644 --- a/src/journal-remote/journal-remote-main.c +++ b/src/journal-remote/journal-remote-main.c @@ -13,6 +13,7 @@ #include "journal-remote-write.h" #include "journal-remote.h" #include "main-func.h" +#include "memory-util.h" #include "pretty-print.h" #include "process-util.h" #include "rlimit-util.h" @@ -1106,7 +1107,8 @@ static int load_certificates(char **key, char **cert, char **trust) { static int run(int argc, char **argv) { _cleanup_(journal_remote_server_destroy) RemoteServer s = {}; _cleanup_(notify_on_cleanup) const char *notify_message = NULL; - _cleanup_free_ char *key = NULL, *cert = NULL, *trust = NULL; + _cleanup_(erase_and_freep) char *key = NULL; + _cleanup_free_ char *cert = NULL, *trust = NULL; int r; log_show_color(true); |