diff -up openssl-1.0.2i/crypto/conf/conf_api.c.secure-getenv openssl-1.0.2i/crypto/conf/conf_api.c --- openssl-1.0.2i/crypto/conf/conf_api.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/crypto/conf/conf_api.c 2016-09-22 13:51:29.847742209 +0200 @@ -63,6 +63,8 @@ # define NDEBUG #endif +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #include @@ -141,7 +143,7 @@ char *_CONF_get_string(const CONF *conf, if (v != NULL) return (v->value); if (strcmp(section, "ENV") == 0) { - p = getenv(name); + p = secure_getenv(name); if (p != NULL) return (p); } @@ -154,7 +156,7 @@ char *_CONF_get_string(const CONF *conf, else return (NULL); } else - return (getenv(name)); + return (secure_getenv(name)); } #if 0 /* There's no way to provide error checking diff -up openssl-1.0.2i/crypto/conf/conf_mod.c.secure-getenv openssl-1.0.2i/crypto/conf/conf_mod.c --- openssl-1.0.2i/crypto/conf/conf_mod.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/crypto/conf/conf_mod.c 2016-09-22 13:51:29.847742209 +0200 @@ -57,6 +57,8 @@ * */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #include @@ -530,7 +532,7 @@ char *CONF_get1_default_config_file(void char *file; int len; - file = getenv("OPENSSL_CONF"); + file = secure_getenv("OPENSSL_CONF"); if (file) return BUF_strdup(file); diff -up openssl-1.0.2i/crypto/engine/eng_list.c.secure-getenv openssl-1.0.2i/crypto/engine/eng_list.c --- openssl-1.0.2i/crypto/engine/eng_list.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/crypto/engine/eng_list.c 2016-09-22 13:51:29.847742209 +0200 @@ -62,6 +62,8 @@ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ +/* for secure_getenv */ +#define _GNU_SOURCE #include "eng_int.h" /* @@ -369,10 +371,10 @@ ENGINE *ENGINE_by_id(const char *id) */ if (strcmp(id, "dynamic")) { # ifdef OPENSSL_SYS_VMS - if ((load_dir = getenv("OPENSSL_ENGINES")) == 0) + if (OPENSSL_issetugid() || (load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]"; # else - if ((load_dir = getenv("OPENSSL_ENGINES")) == 0) + if ((load_dir = secure_getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR; # endif iterator = ENGINE_by_id("dynamic"); diff -up openssl-1.0.2i/crypto/md5/md5_dgst.c.secure-getenv openssl-1.0.2i/crypto/md5/md5_dgst.c --- openssl-1.0.2i/crypto/md5/md5_dgst.c.secure-getenv 2016-09-22 13:51:29.840742047 +0200 +++ openssl-1.0.2i/crypto/md5/md5_dgst.c 2016-09-22 13:51:29.847742209 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include "md5_locl.h" #include @@ -75,7 +77,8 @@ const char MD5_version[] = "MD5" OPENSSL int MD5_Init(MD5_CTX *c) #ifdef OPENSSL_FIPS { - if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL) + if (FIPS_mode() + && secure_getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL) OpenSSLDie(__FILE__, __LINE__, "Digest MD5 forbidden in FIPS mode!"); return private_MD5_Init(c); } diff -up openssl-1.0.2i/crypto/o_init.c.secure-getenv openssl-1.0.2i/crypto/o_init.c --- openssl-1.0.2i/crypto/o_init.c.secure-getenv 2016-09-22 13:51:29.830741814 +0200 +++ openssl-1.0.2i/crypto/o_init.c 2016-09-22 13:51:30.046746834 +0200 @@ -53,6 +53,8 @@ * */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #ifdef OPENSSL_FIPS @@ -72,7 +74,7 @@ static void init_fips_mode(void) char buf[2] = "0"; int fd; - if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { + if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { buf[0] = '1'; } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; diff -up openssl-1.0.2i/crypto/rand/randfile.c.secure-getenv openssl-1.0.2i/crypto/rand/randfile.c --- openssl-1.0.2i/crypto/rand/randfile.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/crypto/rand/randfile.c 2016-09-22 13:53:17.222237626 +0200 @@ -55,6 +55,8 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include @@ -327,14 +329,12 @@ const char *RAND_file_name(char *buf, si struct stat sb; #endif - if (OPENSSL_issetugid() == 0) - s = getenv("RANDFILE"); + s = secure_getenv("RANDFILE"); if (s != NULL && *s && strlen(s) + 1 < size) { if (BUF_strlcpy(buf, s, size) >= size) return NULL; } else { - if (OPENSSL_issetugid() == 0) - s = getenv("HOME"); + s = secure_getenv("HOME"); #ifdef DEFAULT_HOME if (s == NULL) { s = DEFAULT_HOME; diff -up openssl-1.0.2i/crypto/x509/by_dir.c.secure-getenv openssl-1.0.2i/crypto/x509/by_dir.c --- openssl-1.0.2i/crypto/x509/by_dir.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/crypto/x509/by_dir.c 2016-09-22 13:51:30.047746858 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #include @@ -128,7 +130,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, in switch (cmd) { case X509_L_ADD_DIR: if (argl == X509_FILETYPE_DEFAULT) { - dir = (char *)getenv(X509_get_default_cert_dir_env()); + dir = (char *)secure_getenv(X509_get_default_cert_dir_env()); if (dir) ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM); else diff -up openssl-1.0.2i/crypto/x509/by_file.c.secure-getenv openssl-1.0.2i/crypto/x509/by_file.c --- openssl-1.0.2i/crypto/x509/by_file.c.secure-getenv 2016-09-22 13:51:29.812741396 +0200 +++ openssl-1.0.2i/crypto/x509/by_file.c 2016-09-22 13:51:30.047746858 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #include @@ -97,7 +99,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx switch (cmd) { case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { - file = (char *)getenv(X509_get_default_cert_file_env()); + file = (char *)secure_getenv(X509_get_default_cert_file_env()); if (file) ok = (X509_load_cert_crl_file(ctx, file, X509_FILETYPE_PEM) != 0); diff -up openssl-1.0.2i/crypto/x509/x509_vfy.c.secure-getenv openssl-1.0.2i/crypto/x509/x509_vfy.c --- openssl-1.0.2i/crypto/x509/x509_vfy.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/crypto/x509/x509_vfy.c 2016-09-22 13:51:30.048746881 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #include @@ -620,7 +622,7 @@ static int check_chain_extensions(X509_S * A hack to keep people who don't want to modify their software * happy */ - if (getenv("OPENSSL_ALLOW_PROXY_CERTS")) + if (secure_getenv("OPENSSL_ALLOW_PROXY_CERTS")) allow_proxy_certs = 1; purpose = ctx->param->purpose; } diff -up openssl-1.0.2i/engines/ccgost/gost_ctl.c.secure-getenv openssl-1.0.2i/engines/ccgost/gost_ctl.c --- openssl-1.0.2i/engines/ccgost/gost_ctl.c.secure-getenv 2016-09-22 12:23:06.000000000 +0200 +++ openssl-1.0.2i/engines/ccgost/gost_ctl.c 2016-09-22 13:51:30.048746881 +0200 @@ -6,6 +6,8 @@ * Implementation of control commands for GOST engine * * OpenSSL 0.9.9 libraries required * **********************************************************************/ +/* for secure_getenv */ +#define _GNU_SOURCE #include #include #include @@ -64,7 +66,7 @@ const char *get_gost_engine_param(int pa if (gost_params[param] != NULL) { return gost_params[param]; } - tmp = getenv(gost_envnames[param]); + tmp = secure_getenv(gost_envnames[param]); if (tmp) { if (gost_params[param]) OPENSSL_free(gost_params[param]); @@ -79,7 +81,7 @@ int gost_set_default_param(int param, co const char *tmp; if (param < 0 || param > GOST_PARAM_MAX) return 0; - tmp = getenv(gost_envnames[param]); + tmp = secure_getenv(gost_envnames[param]); /* * if there is value in the environment, use it, else -passed string * */