Thank you for help again. It looks good to me. Thank you.
De: "Tobias Brunner" <[email protected]> À: "jean-francois hren" <[email protected]> Cc: "dev" <[email protected]> Envoyé: Vendredi 1 Octobre 2021 13:55:46 Objet: Re: [strongSwan-dev] Memwipe of loaded secrets through VICI Hi Jean-Francois, > For the mmap, I'm not expert and I use Strongswan under FreeBSD so I'm > not sure the behavior is the same. Yeah, don't know either. > However since decrypted private key blobs are written in the mmap chunk, As far as I can tell, that's not the case. The first thing the pem plugin does is cloning the chunk (pem_builder_t:load_from_blob()). But if the key is not encrypted and mmap() is not available, there will definitely be another copy of the key in memory that we have to clean. > In src/swanctl/commands/load_creds.c:load_containers(), a call to > chunk_unmap_clear() should be done too maybe ? While it's possible to create PKCS#12 containers without encryption, I don't think that's very common in practice. But sure, we can add it just to be safe. > The static buffer returned by getpass() calls in swanctl should be wiped > too after use. Thanks, I've pushed another commit that changes that for all getpass() calls. Regards, Tobias
