From 2b8014af202c9e0f7619f7a4377f5eb752235220 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 18 Apr 2013 14:40:43 +0200
Subject: Add control commands to disable mlock and setuid dropping.

* src/gcrypt.h.in (GCRYCTL_DISABLE_LOCKED_SECMEM): New.
(GCRYCTL_DISABLE_PRIV_DROP): New.
* src/global.c (_gcry_vcontrol): Implement them.
* src/secmem.h (GCRY_SECMEM_FLAG_NO_MLOCK): New.
(GCRY_SECMEM_FLAG_NO_PRIV_DROP): New.
* src/secmem.c (no_mlock, no_priv_drop): New.
(_gcry_secmem_set_flags, _gcry_secmem_get_flags): Set and get them.
(lock_pool): Handle no_mlock and no_priv_drop.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 NEWS | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 5dea5520..ac609930 100644
--- a/NEWS
+++ b/NEWS
@@ -68,6 +68,8 @@ Noteworthy changes in version 1.6.0 (unreleased)
  GCRYPT_VERSION_NUMBER           NEW.
  GCRY_KDF_SCRYPT                 NEW.
  gcry_pubkey_get_sexp            NEW.
+ GCRYCTL_DISABLE_LOCKED_SECMEM   NEW.
+ GCRYCTL_DISABLE_PRIV_DROP       NEW.
 
 
 Noteworthy changes in version 1.5.0 (2011-06-29)
-- 
cgit v1.2.1