Add control commands to disable mlock and setuid dropping.
authorWerner Koch <wk@gnupg.org>
Thu, 18 Apr 2013 12:40:43 +0000 (14:40 +0200)
committerWerner Koch <wk@gnupg.org>
Wed, 22 May 2013 15:59:29 +0000 (17:59 +0200)
commit2b8014af202c9e0f7619f7a4377f5eb752235220
tree16f4498cfa6823f13d00467444fc856c2896e799
parent05b3e2dda61d3d532a7f1ffd2487a85ed1c4f3ab
Add control commands to disable mlock and setuid dropping.

* src/gcrypt.h.in (GCRYCTL_DISABLE_LOCKED_SECMEM): New.
(GCRYCTL_DISABLE_PRIV_DROP): New.
* src/global.c (_gcry_vcontrol): Implement them.
* src/secmem.h (GCRY_SECMEM_FLAG_NO_MLOCK): New.
(GCRY_SECMEM_FLAG_NO_PRIV_DROP): New.
* src/secmem.c (no_mlock, no_priv_drop): New.
(_gcry_secmem_set_flags, _gcry_secmem_get_flags): Set and get them.
(lock_pool): Handle no_mlock and no_priv_drop.

Signed-off-by: Werner Koch <wk@gnupg.org>
NEWS
doc/gcrypt.texi
src/gcrypt.h.in
src/global.c
src/secmem.c
src/secmem.h