Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ximi1970:Toolchains:Qt:MinGW:latest:win64
mingw64-openssl
openssl-1.0.2a-secure-getenv.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-1.0.2a-secure-getenv.patch of Package mingw64-openssl
diff -up openssl-1.0.2a/crypto/conf/conf_api.c.secure-getenv openssl-1.0.2a/crypto/conf/conf_api.c --- openssl-1.0.2a/crypto/conf/conf_api.c.secure-getenv 2015-03-19 14:19:00.000000000 +0100 +++ openssl-1.0.2a/crypto/conf/conf_api.c 2015-04-21 17:14:12.757214532 +0200 @@ -63,6 +63,8 @@ # define NDEBUG #endif +/* for secure_getenv */ +#define _GNU_SOURCE #include <assert.h> #include <stdlib.h> #include <string.h> @@ -141,7 +143,7 @@ char *_CONF_get_string(const CONF *conf, if (v != NULL) return (v->value); if (strcmp(section, "ENV") == 0) { - p = getenv(name); + p = secure_getenv(name); if (p != NULL) return (p); } @@ -154,7 +156,7 @@ char *_CONF_get_string(const CONF *conf, else return (NULL); } else - return (getenv(name)); + return (secure_getenv(name)); } #if 0 /* There's no way to provide error checking diff -up openssl-1.0.2a/crypto/conf/conf_mod.c.secure-getenv openssl-1.0.2a/crypto/conf/conf_mod.c --- openssl-1.0.2a/crypto/conf/conf_mod.c.secure-getenv 2015-03-19 14:19:00.000000000 +0100 +++ openssl-1.0.2a/crypto/conf/conf_mod.c 2015-04-21 17:13:24.165078848 +0200 @@ -57,6 +57,8 @@ * */ +/* for secure_getenv */ +#define _GNU_SOURCE #include <stdio.h> #include <ctype.h> #include <openssl/crypto.h> @@ -526,7 +528,7 @@ char *CONF_get1_default_config_file(void char *file; int len; - file = getenv("OPENSSL_CONF"); + file = secure_getenv("OPENSSL_CONF"); if (file) return BUF_strdup(file); diff -up openssl-1.0.2a/crypto/engine/eng_list.c.secure-getenv openssl-1.0.2a/crypto/engine/eng_list.c --- openssl-1.0.2a/crypto/engine/eng_list.c.secure-getenv 2015-04-21 17:13:24.165078848 +0200 +++ openssl-1.0.2a/crypto/engine/eng_list.c 2015-04-21 17:15:53.180561603 +0200 @@ -62,6 +62,8 @@ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ +/* for secure_getenv */ +#define _GNU_SOURCE #include "eng_int.h" /* @@ -368,10 +370,10 @@ ENGINE *ENGINE_by_id(const char *id) */ if (strcmp(id, "dynamic")) { # ifdef OPENSSL_SYS_VMS - if ((load_dir = getenv("OPENSSL_ENGINES")) == 0) + if (OPENSSL_issetugid() || (load_dir = getenv("OPENSSL_ENGINES")) == 0) load_dir = "SSLROOT:[ENGINES]"; # else - if ((load_dir = getenv("OPENSSL_ENGINES")) == 0) + if ((load_dir = secure_getenv("OPENSSL_ENGINES")) == 0) load_dir = ENGINESDIR; # endif iterator = ENGINE_by_id("dynamic"); diff -up openssl-1.0.2a/crypto/md5/md5_dgst.c.secure-getenv openssl-1.0.2a/crypto/md5/md5_dgst.c --- openssl-1.0.2a/crypto/md5/md5_dgst.c.secure-getenv 2015-04-21 17:13:24.156078637 +0200 +++ openssl-1.0.2a/crypto/md5/md5_dgst.c 2015-04-21 17:13:24.165078848 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include <stdio.h> #include "md5_locl.h" #include <openssl/opensslv.h> @@ -75,7 +77,8 @@ const char MD5_version[] = "MD5" OPENSSL int MD5_Init(MD5_CTX *c) #ifdef OPENSSL_FIPS { - if (FIPS_mode() && getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL) + if (FIPS_mode() + && secure_getenv("OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW") == NULL) OpenSSLDie(__FILE__, __LINE__, "Digest MD5 forbidden in FIPS mode!"); return private_MD5_Init(c); } diff -up openssl-1.0.2a/crypto/o_init.c.secure-getenv openssl-1.0.2a/crypto/o_init.c --- openssl-1.0.2a/crypto/o_init.c.secure-getenv 2015-04-21 17:13:24.142078310 +0200 +++ openssl-1.0.2a/crypto/o_init.c 2015-04-21 17:13:24.165078848 +0200 @@ -53,6 +53,8 @@ * */ +/* for secure_getenv */ +#define _GNU_SOURCE #include <e_os.h> #include <openssl/err.h> #ifdef OPENSSL_FIPS @@ -72,7 +74,7 @@ static void init_fips_mode(void) char buf[2] = "0"; int fd; - if (getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { + if (secure_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) { buf[0] = '1'; } else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) { while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ; diff -up openssl-1.0.2a/crypto/rand/randfile.c.secure-getenv openssl-1.0.2a/crypto/rand/randfile.c --- openssl-1.0.2a/crypto/rand/randfile.c.secure-getenv 2015-03-19 14:19:00.000000000 +0100 +++ openssl-1.0.2a/crypto/rand/randfile.c 2015-04-21 17:13:24.165078848 +0200 @@ -60,6 +60,8 @@ #if !defined(OPENSSL_SYS_VXWORKS) # define _XOPEN_SOURCE 500 #endif +/* for secure_getenv */ +#define _GNU_SOURCE #include <errno.h> #include <stdio.h> @@ -292,14 +294,12 @@ const char *RAND_file_name(char *buf, si struct stat sb; #endif - if (OPENSSL_issetugid() == 0) - s = getenv("RANDFILE"); + s = secure_getenv("RANDFILE"); if (s != NULL && *s && strlen(s) + 1 < size) { if (BUF_strlcpy(buf, s, size) >= size) return NULL; } else { - if (OPENSSL_issetugid() == 0) - s = getenv("HOME"); + s = secure_getenv("HOME"); #ifdef DEFAULT_HOME if (s == NULL) { s = DEFAULT_HOME; diff -up openssl-1.0.2a/crypto/x509/by_dir.c.secure-getenv openssl-1.0.2a/crypto/x509/by_dir.c --- openssl-1.0.2a/crypto/x509/by_dir.c.secure-getenv 2015-03-19 14:19:00.000000000 +0100 +++ openssl-1.0.2a/crypto/x509/by_dir.c 2015-04-21 17:13:24.165078848 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include <stdio.h> #include <time.h> #include <errno.h> @@ -128,7 +130,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, in switch (cmd) { case X509_L_ADD_DIR: if (argl == X509_FILETYPE_DEFAULT) { - dir = (char *)getenv(X509_get_default_cert_dir_env()); + dir = (char *)secure_getenv(X509_get_default_cert_dir_env()); if (dir) ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM); else diff -up openssl-1.0.2a/crypto/x509/by_file.c.secure-getenv openssl-1.0.2a/crypto/x509/by_file.c --- openssl-1.0.2a/crypto/x509/by_file.c.secure-getenv 2015-04-21 17:13:24.118077749 +0200 +++ openssl-1.0.2a/crypto/x509/by_file.c 2015-04-21 17:13:24.166078871 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include <stdio.h> #include <time.h> #include <errno.h> @@ -97,7 +99,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx switch (cmd) { case X509_L_FILE_LOAD: if (argl == X509_FILETYPE_DEFAULT) { - file = (char *)getenv(X509_get_default_cert_file_env()); + file = (char *)secure_getenv(X509_get_default_cert_file_env()); if (file) ok = (X509_load_cert_crl_file(ctx, file, X509_FILETYPE_PEM) != 0); diff -up openssl-1.0.2a/crypto/x509/x509_vfy.c.secure-getenv openssl-1.0.2a/crypto/x509/x509_vfy.c --- openssl-1.0.2a/crypto/x509/x509_vfy.c.secure-getenv 2015-03-19 14:30:36.000000000 +0100 +++ openssl-1.0.2a/crypto/x509/x509_vfy.c 2015-04-21 17:19:14.948277272 +0200 @@ -56,6 +56,8 @@ * [including the GNU Public Licence.] */ +/* for secure_getenv */ +#define _GNU_SOURCE #include <stdio.h> #include <time.h> #include <errno.h> @@ -550,7 +552,7 @@ static int check_chain_extensions(X509_S * A hack to keep people who don't want to modify their software * happy */ - if (getenv("OPENSSL_ALLOW_PROXY_CERTS")) + if (secure_getenv("OPENSSL_ALLOW_PROXY_CERTS")) allow_proxy_certs = 1; purpose = ctx->param->purpose; } diff -up openssl-1.0.2a/engines/ccgost/gost_ctl.c.secure-getenv openssl-1.0.2a/engines/ccgost/gost_ctl.c --- openssl-1.0.2a/engines/ccgost/gost_ctl.c.secure-getenv 2015-03-19 14:19:00.000000000 +0100 +++ openssl-1.0.2a/engines/ccgost/gost_ctl.c 2015-04-21 17:19:53.897187577 +0200 @@ -6,6 +6,8 @@ * Implementation of control commands for GOST engine * * OpenSSL 0.9.9 libraries required * **********************************************************************/ +/* for secure_getenv */ +#define _GNU_SOURCE #include <stdlib.h> #include <string.h> #include <openssl/crypto.h> @@ -64,7 +66,7 @@ const char *get_gost_engine_param(int pa if (gost_params[param] != NULL) { return gost_params[param]; } - tmp = getenv(gost_envnames[param]); + tmp = secure_getenv(gost_envnames[param]); if (tmp) { if (gost_params[param]) OPENSSL_free(gost_params[param]); @@ -79,7 +81,7 @@ int gost_set_default_param(int param, co const char *tmp; if (param < 0 || param > GOST_PARAM_MAX) return 0; - tmp = getenv(gost_envnames[param]); + tmp = secure_getenv(gost_envnames[param]); /* * if there is value in the environment, use it, else -passed string * */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor