gss: add _gss_secure_release_buffer()

Add _gss_secure_release_buffer() helper function that zeros buffer

diff --git a/lib/gssapi/mech/gss_utils.c b/lib/gssapi/mech/gss_utils.c
index 96ca6acae74e622b3f76e9ee35b735aa26bb2f1e..ffa7d98986a60928c844190eefa8c0bf2069486f 100644 (file)
--- a/lib/gssapi/mech/gss_utils.c
+++ b/lib/gssapi/mech/gss_utils.c
@@ -147,6 +147,16 @@ _gss_copy_buffer(OM_uint32 *minor_status,
        return (GSS_S_COMPLETE);
 }
 
+OM_uint32
+_gss_secure_release_buffer(OM_uint32 *minor_status,
+                          gss_buffer_t buffer)
+{
+    if (buffer->value)
+       memset_s(buffer->value, buffer->length, 0, buffer->length);
+
+    return gss_release_buffer(minor_status, buffer);
+}
+
 void
 _gss_mg_encode_le_uint32(uint32_t n, uint8_t *p)
 {

diff --git a/lib/gssapi/mech/utils.h b/lib/gssapi/mech/utils.h
index b0c9ead1d91f24c8a65f39133d1d7eb660a13312..16f48c56a24a3300240589f1857b3d90ffeecbce 100644 (file)
--- a/lib/gssapi/mech/utils.h
+++ b/lib/gssapi/mech/utils.h
@@ -31,6 +31,8 @@ OM_uint32 _gss_free_oid(OM_uint32 *, gss_OID);
 OM_uint32 _gss_intern_oid(OM_uint32 *, gss_const_OID, gss_OID *);
 OM_uint32 _gss_copy_buffer(OM_uint32 *minor_status,
     const gss_buffer_t from_buf, gss_buffer_t to_buf);
+OM_uint32 _gss_secure_release_buffer(OM_uint32 *minor_status,
+                                    gss_buffer_t buffer);
 
 void _gss_mg_encode_le_uint32(uint32_t n, uint8_t *p);
 void _gss_mg_decode_le_uint32(const void *ptr, uint32_t *n);