Provide a tls_unload_file() function, that frees the memory returned from

a tls_load_file() call, ensuring that it the contents become inaccessible. This is specifically needed on platforms where the library allocators may be different from the application allocator. ok beck@
author: jsing <> 2017-05-06 20:57:45 +0000
committer: jsing <> 2017-05-06 20:57:45 +0000
commit: e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a (patch)
tree: ebe437a0263ffd3bc7f16f0f1244fea73c05603c /src/lib/libtls/tls.h
parent: 270fd63e5d8c3683472108ff30860e5f0eb33ef1 (diff)
download: openbsd-e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a.tar.gz
openbsd-e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a.tar.bz2
openbsd-e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/libtls/tls.h b/src/lib/libtls/tls.h
index c9da8aa06e..4fad4518f2 100644
--- a/src/lib/libtls/tls.h
+++ b/src/lib/libtls/tls.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.h,v 1.48 2017/04/05 03:19:22 beck Exp $ */
+/* $OpenBSD: tls.h,v 1.49 2017/05/06 20:57:45 jsing Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -187,6 +187,7 @@ const char *tls_conn_servername(struct tls *_ctx);
 const char *tls_conn_version(struct tls *_ctx);
 uint8_t *tls_load_file(const char *_file, size_t *_len, char *_password);
+void tls_unload_file(uint8_t *_buf, size_t len);
 int tls_ocsp_process_response(struct tls *_ctx, const unsigned char *_response,
    size_t _size);
author	jsing <>	2017-05-06 20:57:45 +0000
committer	jsing <>	2017-05-06 20:57:45 +0000
commit	e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a (patch)
tree	ebe437a0263ffd3bc7f16f0f1244fea73c05603c /src/lib/libtls/tls.h
parent	270fd63e5d8c3683472108ff30860e5f0eb33ef1 (diff)
download	openbsd-e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a.tar.gz openbsd-e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a.tar.bz2 openbsd-e09c50ecb0edf1f7c4f6a7b1dee1285ccbf08d5a.zip