From f355f86fa11f7ee53471073af50a755411325a0b Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Wed, 16 Jan 2008 15:53:45 +0100
Subject: [PATCH] Disable secure memory in gc-libgcrypt.c.

---
 ChangeLog          | 6 ++++++
 lib/gc-libgcrypt.c | 5 ++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 3d6d2ce3aa..411ea3c54f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2008-01-15  Simon Josefsson  <simon@josefsson.org>
+
+	* lib/gc-libgcrypt.c (gc_init): Disable secure memory by default.
+	Applications that requires it should initialize libgcrypt
+	manually.
+
 2008-01-16  Simon Josefsson  <simon@josefsson.org>
 
 	* lib/gethostname.c [!HAVE_UNAME]: Need string.h for strcpy.
diff --git a/lib/gc-libgcrypt.c b/lib/gc-libgcrypt.c
index a147d44656..bec7b76f5a 100644
--- a/lib/gc-libgcrypt.c
+++ b/lib/gc-libgcrypt.c
@@ -1,5 +1,5 @@
 /* gc-libgcrypt.c --- Crypto wrappers around Libgcrypt for GC.
- * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007  Simon Josefsson
+ * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008  Simon Josefsson
  *
  * This file is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published
@@ -46,6 +46,9 @@ gc_init (void)
   err = gcry_control (GCRYCTL_ANY_INITIALIZATION_P);
   if (err == GPG_ERR_NO_ERROR)
     {
+      if (gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0))
+	return GC_INIT_ERROR;
+
       if (gcry_check_version (GCRYPT_VERSION) == NULL)
 	return GC_INIT_ERROR;
 
-- 
2.30.2