tSupport setting _DEBUG macro to allow core dumps - safe - password protected secret keeper
HTML git clone git://git.z3bra.org/safe.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit 4a78dc13dd075b6f9d0ea18d92f9b94847fdf7e5
DIR parent 279215e654f6f675d8f69f06261ddcc5ad408db7
HTML Author: Willy Goiffon <dev@z3bra.org>
Date: Sun, 21 Aug 2022 11:20:28 +0200
Support setting _DEBUG macro to allow core dumps
Diffstat:
M safe-agent.c | 4 +++-
M safe.c | 4 +++-
2 files changed, 6 insertions(+), 2 deletions(-)
---
DIR diff --git a/safe-agent.c b/safe-agent.c
t@@ -226,7 +226,6 @@ main(int argc, char *argv[])
int fd, timeout = 0, dflag = 0;
size_t dirlen;
char path[PATH_MAX];
- struct rlimit rlim;
pid = getpid();
strlcpy(path, agent_socktmp, sizeof(path));
t@@ -259,10 +258,13 @@ main(int argc, char *argv[])
sockp = path;
}
+#ifndef _DEBUG
/* deny core dump as memory contains derivated key */
+ struct rlimit rlim;
rlim.rlim_cur = rlim.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &rlim) < 0)
err(1, "setrlimit RLIMIT_CORE");
+#endif
if (dflag) {
printf("SAFE_PID=%d; export SAFE_PID\n", pid);
DIR diff --git a/safe.c b/safe.c
t@@ -368,7 +368,6 @@ main(int argc, char *argv[])
char passphrase[BUFSIZ], verifyphrase[BUFSIZ];
ssize_t pplen, vplen = 0;
struct safe s;
- struct rlimit rlim;
safe = getenv("SAFE_DIR");
sockp = getenv("SAFE_SOCK");
t@@ -411,10 +410,13 @@ main(int argc, char *argv[])
sodium_mlock(&passphrase, sizeof(passphrase));
sodium_mlock(&verifyphrase, sizeof(verifyphrase));
+#ifndef _DEBUG
/* deny core dump as memory contains passwords and keys */
+ struct rlimit rlim;
rlim.rlim_cur = rlim.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &rlim) < 0)
err(1, "setrlimit RLIMIT_CORE");
+#endif
if (!safe)
safe = safe_dir;