src: enable clear memory on all platforms

- convert `_libssh2_explicit_zero()` to macro. This allows inlining where supported (e.g. `SecureZeroMemory()`). - replace `SecureZeroMemory()` (in `wincng.c`) and `LIBSSH2_CLEAR_MEMORY`-guarded `memset()` (in `os400qc3.c`) with `_libssh2_explicit_zero()` macro. - delete `LIBSSH2_CLEAR_MEMORY` guards, which enables secure-zeroing universally. - add `LIBSSH2_NO_CLEAR_MEMORY` option to disable secure-zeroing. - while here, delete double/triple inclusion of `misc.h`. `libssh2_priv.h` included it already. Closes #810
2025-11-20 02:42:09 +03:00 · 2023-03-07 14:21:46 +00:00
parent 505ea626b6
commit a0e424a51c
17 changed files with 35 additions and 77 deletions
--- a/src/libssh2_priv.h
+++ b/src/libssh2_priv.h
@@ -59,17 +59,6 @@
 #    define LIBSSH2_WINDOWS_APP
 #  endif
 # endif
-
-/* TODO: Enable this unconditionally for all platforms.
-         Also delete autotools logic that enables it only for mbedTLS.
-         And CMake logic which already enabled it unconditionally.
-         The actual memory clearing logic uses SecureZeroMemory(),
-         memset_s() or plain memset(), whichever is available, and
-         does not depend on any crypto backend function. */
-#ifndef LIBSSH2_CLEAR_MEMORY
-#define LIBSSH2_CLEAR_MEMORY
-#endif
-
 #endif

 #ifdef HAVE_WS2TCPIP_H
@@ -117,7 +106,7 @@
 #include "libssh2.h"
 #include "libssh2_publickey.h"
 #include "libssh2_sftp.h"
-#include "misc.h" /* for the linked list stuff */
+#include "misc.h"

 #ifndef FALSE
 #define FALSE 0