diff options
author | Pauli <paul.dale@oracle.com> | 2018-09-24 11:21:18 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-09-24 11:22:22 +1000 |
commit | 79c2c741303ed188214b9299a51c837635f7e9a8 (patch) | |
tree | 5641f4b8a493967f892affa94536e24383bd678b /crypto/engine | |
parent | 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e (diff) |
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7047)
(cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d)
Diffstat (limited to 'crypto/engine')
-rw-r--r-- | crypto/engine/eng_list.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index 4bc7ea173c..45c339c541 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -317,8 +317,7 @@ ENGINE *ENGINE_by_id(const char *id) * Prevent infinite recursion if we're looking for the dynamic engine. */ if (strcmp(id, "dynamic")) { - if (OPENSSL_issetugid() - || (load_dir = getenv("OPENSSL_ENGINES")) == NULL) + if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL) load_dir = ENGINESDIR; iterator = ENGINE_by_id("dynamic"); if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || |