The branch master has been updated via 284f4f6b70998b2b46dc74c3003c82cb1db0e742 (commit) from dc55e4f70f401c5869410d6a0c068c18c3fd53ec (commit)
- Log ----------------------------------------------------------------- commit 284f4f6b70998b2b46dc74c3003c82cb1db0e742 Author: Bernd Edlinger <bernd.edlin...@hotmail.de> Date: Wed Apr 4 14:45:49 2018 +0200 Don't use getenv for critical functions when run as setuid/setgid Reviewed-by: Richard Levitte <levi...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5856) ----------------------------------------------------------------------- Summary of changes: CHANGES | 4 ++++ crypto/conf/conf_mod.c | 8 +++++--- crypto/engine/eng_list.c | 3 ++- doc/man3/ENGINE_add.pod | 1 + doc/man3/OPENSSL_config.pod | 11 +++++++++++ doc/man5/config.pod | 16 ++++++++++++++++ 6 files changed, 39 insertions(+), 4 deletions(-) diff --git a/CHANGES b/CHANGES index b4d0329..40b5823 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,10 @@ Changes between 1.1.0h and 1.1.1 [xx XXX xxxx] + *) Don't use OPENSSL_ENGINES and OPENSSL_CONF environment values + in libcrypto when run as setuid/setgid. + [Bernd Edlinger] + *) Added new public header file <openssl/rand_drbg.h> and documentation for the RAND_DRBG API. See manual page RAND_DRBG(7) for an overview. [Matthias St. Pierre] diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index 99f0fcc..4a848b8 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -480,9 +480,11 @@ char *CONF_get1_default_config_file(void) char *file, *sep = ""; int len; - file = getenv("OPENSSL_CONF"); - if (file) - return OPENSSL_strdup(file); + if (!OPENSSL_issetugid()) { + file = getenv("OPENSSL_CONF"); + if (file) + return OPENSSL_strdup(file); + } len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c index bfd91e2..4bc7ea1 100644 --- a/crypto/engine/eng_list.c +++ b/crypto/engine/eng_list.c @@ -317,7 +317,8 @@ ENGINE *ENGINE_by_id(const char *id) * Prevent infinite recursion if we're looking for the dynamic engine. */ if (strcmp(id, "dynamic")) { - if ((load_dir = getenv("OPENSSL_ENGINES")) == NULL) + if (OPENSSL_issetugid() + || (load_dir = getenv("OPENSSL_ENGINES")) == NULL) load_dir = ENGINESDIR; iterator = ENGINE_by_id("dynamic"); if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) || diff --git a/doc/man3/ENGINE_add.pod b/doc/man3/ENGINE_add.pod index b009949..a2fc299 100644 --- a/doc/man3/ENGINE_add.pod +++ b/doc/man3/ENGINE_add.pod @@ -568,6 +568,7 @@ extension). =item B<OPENSSL_ENGINES> The path to the engines directory. +Ignored in set-user-ID and set-group-ID programs. =back diff --git a/doc/man3/OPENSSL_config.pod b/doc/man3/OPENSSL_config.pod index e70fcd5..ac686e6 100644 --- a/doc/man3/OPENSSL_config.pod +++ b/doc/man3/OPENSSL_config.pod @@ -48,6 +48,17 @@ application calls OPENSSL_config() it doesn't need to know or care about ENGINE control operations because they can be performed by editing a configuration file. +=head1 ENVIRONMENT + +=over 4 + +=item B<OPENSSL_CONF> + +The path to the config file. +Ignored in set-user-ID and set-group-ID programs. + +=back + =head1 RETURN VALUES Neither OPENSSL_config() nor OPENSSL_no_config() return a value. diff --git a/doc/man5/config.pod b/doc/man5/config.pod index ef8e10e..09d72be 100644 --- a/doc/man5/config.pod +++ b/doc/man5/config.pod @@ -384,6 +384,22 @@ will output: showing that the OID "newoid1" has been added as "1.2.3.4.1". +=head1 ENVIRONMENT + +=over 4 + +=item B<OPENSSL_CONF> + +The path to the config file. +Ignored in set-user-ID and set-group-ID programs. + +=item B<OPENSSL_ENGINES> + +The path to the engines directory. +Ignored in set-user-ID and set-group-ID programs. + +=back + =head1 BUGS Currently there is no way to include characters using the octal B<\nnn> _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits