diff options
author | Pauli <paul.dale@oracle.com> | 2018-09-24 11:21:18 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-09-24 11:22:22 +1000 |
commit | 79c2c741303ed188214b9299a51c837635f7e9a8 (patch) | |
tree | 5641f4b8a493967f892affa94536e24383bd678b /include | |
parent | 1fd6afb571e85fbc37ffb522646e7ec2c6e4a11e (diff) |
Use secure_getenv(3) when available.
Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.
CPU processor override flags are unchanged.
Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7047)
(cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d)
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/cryptlib.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h index a608735187..329ef62014 100644 --- a/include/internal/cryptlib.h +++ b/include/internal/cryptlib.h @@ -81,6 +81,8 @@ void OPENSSL_showfatal(const char *fmta, ...); void crypto_cleanup_all_ex_data_int(void); int openssl_init_fork_handlers(void); +char *ossl_safe_getenv(const char *name); + extern CRYPTO_RWLOCK *memdbg_lock; int openssl_strerror_r(int errnum, char *buf, size_t buflen); # if !defined(OPENSSL_NO_STDIO) |