Commit 79c2c741 authored by Pauli's avatar Pauli
Browse files

Use secure_getenv(3) when available. 



Change all calls to getenv() inside libcrypto to use a new wrapper function
that use secure_getenv() if available and an issetugid then getenv if not.

CPU processor override flags are unchanged.

Extra checks for OPENSSL_issetugid() have been removed in favour of the
safe getenv.

Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7047)

(cherry picked from commit 5c39a55d04ea6e6f734b627a050b9e702788d50d)
parent 1fd6afb5

crypto/build.info

+1 −1
Original line number Diff line number Diff line
@@ -2,7 +2,7 @@ LIBS=../libcrypto 
SOURCE[../libcrypto]=\

        cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \

        ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \

        threads_pthread.c threads_win.c threads_none.c \

        threads_pthread.c threads_win.c threads_none.c getenv.c \

        o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \

        {- $target{uplink_aux_src} -}

EXTRA=  ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \

crypto/conf/conf_api.c

+3 −2
Original line number Diff line number Diff line
@@ -10,6 +10,7 @@ 
/* Part of the code in here was originally in conf.c, which is now removed */



#include "e_os.h"

#include "internal/cryptlib.h"

#include <stdlib.h>

#include <string.h>

#include <openssl/conf.h>
@@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, 
            if (v != NULL)

                return v->value;

            if (strcmp(section, "ENV") == 0) {

                p = getenv(name);

                p = ossl_safe_getenv(name);

                if (p != NULL)

                    return p;

            }
@@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *section, 
        else

            return NULL;

    } else

        return getenv(name);

        return ossl_safe_getenv(name);

}



static unsigned long conf_value_hash(const CONF_VALUE *v)

crypto/conf/conf_mod.c

+2 −5
Original line number Diff line number Diff line
@@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void) 
    char *file, *sep = "";

    int len;



    if (!OPENSSL_issetugid()) {

        file = getenv("OPENSSL_CONF");

        if (file)

    if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL)

        return OPENSSL_strdup(file);

    }



    len = strlen(X509_get_default_cert_area());

#ifndef OPENSSL_SYS_VMS

crypto/ct/ct_log.c

+1 −1
Original line number Diff line number Diff line
@@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const CONF *conf, const char *sec 


int CTLOG_STORE_load_default_file(CTLOG_STORE *store)

{

    const char *fpath = getenv(CTLOG_FILE_EVP);

    const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP);



    if (fpath == NULL)

      fpath = CTLOG_FILE;

crypto/engine/eng_list.c

+1 −2
Original line number Diff line number Diff line
@@ -317,8 +317,7 @@ ENGINE *ENGINE_by_id(const char *id) 
     * Prevent infinite recursion if we're looking for the dynamic engine.

     */

    if (strcmp(id, "dynamic")) {

        if (OPENSSL_issetugid()

                || (load_dir = getenv("OPENSSL_ENGINES")) == NULL)

        if ((load_dir = ossl_safe_getenv("OPENSSL_ENGINES")) == NULL)

            load_dir = ENGINESDIR;

        iterator = ENGINE_by_id("dynamic");

        if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||