The branch OpenSSL_1_1_0-stable has been updated via e7498968e229a4ec27702a3703826873a279a07b (commit) via 13af417ba4f6b826833d4b1f6caa39c4e0013d6f (commit) via 098dc9be439e5bc3625e01c4092bedc072498da9 (commit) from 7b368cd6d964da817cd1de85fc0cae74372e0966 (commit)
- Log ----------------------------------------------------------------- commit e7498968e229a4ec27702a3703826873a279a07b Author: Andy Polyakov <ap...@openssl.org> Date: Tue Sep 20 17:08:03 2016 +0200 rand/randfile.c: treat empty string in RAND_file_name as error. Suggested in GH#1589. Reviewed-by: Rich Salz <rs...@openssl.org> (cherry picked from commit 7dc0ad4d6dca81a003be7fa1fbd58a55f4be8646) commit 13af417ba4f6b826833d4b1f6caa39c4e0013d6f Author: Andy Polyakov <ap...@openssl.org> Date: Tue Sep 20 17:06:58 2016 +0200 rand/randfile.c: rationalize __OpenBSD__ code path. Reviewed-by: Rich Salz <rs...@openssl.org> (cherry picked from commit ba8fa4e53a35a0c46d1e0e81a4d270a026fac2b9) commit 098dc9be439e5bc3625e01c4092bedc072498da9 Author: Andy Polyakov <ap...@openssl.org> Date: Tue Sep 20 16:59:32 2016 +0200 rand/randfile.c: restore fallback to $HOME for non-setuid programs. Reported in GH#1589, but solution is different from suggested. Reviewed-by: Rich Salz <rs...@openssl.org> (cherry picked from commit 799c1293fcf412db64dcc8a09a6b11cc755914dc) ----------------------------------------------------------------------- Summary of changes: crypto/rand/randfile.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 7aeb871..c96383a 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -316,12 +316,14 @@ const char *RAND_file_name(char *buf, size_t size) } } #else - if (OPENSSL_issetugid() == 0) { - s = getenv("RANDFILE"); - } else { + if (OPENSSL_issetugid() != 0) { use_randfile = 0; - if (OPENSSL_issetugid() == 0) + } else { + s = getenv("RANDFILE"); + if (s == NULL || *s == '\0') { + use_randfile = 0; s = getenv("HOME"); + } } #endif #ifdef DEFAULT_HOME @@ -355,14 +357,10 @@ const char *RAND_file_name(char *buf, size_t size) * available. */ - if (!buf[0]) - if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) { - return NULL; - } - if (stat(buf, &sb) == -1) + if (!buf[0] || stat(buf, &sb) == -1) if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) { return NULL; } #endif - return buf; + return buf[0] ? buf : NULL; } _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits