diff options
author | Pauli <paul.dale@oracle.com> | 2018-09-24 11:21:18 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-09-24 11:21:18 +1000 |
commit | 5c39a55d04ea6e6f734b627a050b9e702788d50d (patch) | |
tree | ca64965f2c41af4b4827847753aaf2883e1a840a /crypto/conf/conf_api.c | |
parent | 0f58220973a02248ca5c69db59e615378467b9c8 (diff) |
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7047)
Diffstat (limited to 'crypto/conf/conf_api.c')
-rw-r--r-- | crypto/conf/conf_api.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c index 72fe2da1ad..5e57d749ce 100644 --- a/crypto/conf/conf_api.c +++ b/crypto/conf/conf_api.c @@ -10,6 +10,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include "e_os.h" +#include "internal/cryptlib.h" #include <stdlib.h> #include <string.h> #include <openssl/conf.h> @@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, if (v != NULL) return v->value; if (strcmp(section, "ENV") == 0) { - p = getenv(name); + p = ossl_safe_getenv(name); if (p != NULL) return p; } @@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, else return NULL; } else - return getenv(name); + return ossl_safe_getenv(name); } static unsigned long conf_value_hash(const CONF_VALUE *v) |