diff options
author | Pauli <paul.dale@oracle.com> | 2018-09-24 11:21:18 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-09-24 11:21:18 +1000 |
commit | 5c39a55d04ea6e6f734b627a050b9e702788d50d (patch) | |
tree | ca64965f2c41af4b4827847753aaf2883e1a840a /crypto/rand/randfile.c | |
parent | 0f58220973a02248ca5c69db59e615378467b9c8 (diff) |
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7047)
Diffstat (limited to 'crypto/rand/randfile.c')
-rw-r--r-- | crypto/rand/randfile.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index c652ddcf1e..89720eb5cf 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -262,11 +262,9 @@ const char *RAND_file_name(char *buf, size_t size) } } #else - if (OPENSSL_issetugid() != 0) { + if ((s = ossl_safe_getenv("RANDFILE")) == NULL || *s == '\0') { use_randfile = 0; - } else if ((s = getenv("RANDFILE")) == NULL || *s == '\0') { - use_randfile = 0; - s = getenv("HOME"); + s = ossl_safe_getenv("HOME"); } #endif |