Disable secure memory in gc-libgcrypt.c.

diff --git a/ChangeLog b/ChangeLog
index 3d6d2ce..411ea3c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2008-01-15  Simon Josefsson  <simon@josefsson.org>
+
+       * lib/gc-libgcrypt.c (gc_init): Disable secure memory by default.
+       Applications that requires it should initialize libgcrypt
+       manually.
+
 2008-01-16  Simon Josefsson  <simon@josefsson.org>
 
        * lib/gethostname.c [!HAVE_UNAME]: Need string.h for strcpy.

diff --git a/lib/gc-libgcrypt.c b/lib/gc-libgcrypt.c
index a147d44..bec7b76 100644 (file)
--- a/lib/gc-libgcrypt.c
+++ b/lib/gc-libgcrypt.c
@@ -1,5 +1,5 @@
 /* gc-libgcrypt.c --- Crypto wrappers around Libgcrypt for GC.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007  Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008  Simon Josefsson
  *
  * This file is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published
@@ -46,6 +46,9 @@ gc_init (void)
   err = gcry_control (GCRYCTL_ANY_INITIALIZATION_P);
   if (err == GPG_ERR_NO_ERROR)
     {
+      if (gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0))
+       return GC_INIT_ERROR;
+
       if (gcry_check_version (GCRYPT_VERSION) == NULL)
        return GC_INIT_ERROR;