[openssl-commits] [openssl] master update

[Andy Polyakov]

The branch master has been updated
       via  7dc0ad4d6dca81a003be7fa1fbd58a55f4be8646 (commit)
       via  ba8fa4e53a35a0c46d1e0e81a4d270a026fac2b9 (commit)
       via  799c1293fcf412db64dcc8a09a6b11cc755914dc (commit)
      from  776e15f9393a9e3083bec60a8da376ce2fe1e97e (commit)


- Log -----------------------------------------------------------------
commit 7dc0ad4d6dca81a003be7fa1fbd58a55f4be8646
Author: Andy Polyakov <appro at openssl.org>
Date:   Tue Sep 20 17:08:03 2016 +0200

    rand/randfile.c: treat empty string in RAND_file_name as error.
    
    Suggested in GH#1589.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit ba8fa4e53a35a0c46d1e0e81a4d270a026fac2b9
Author: Andy Polyakov <appro at openssl.org>
Date:   Tue Sep 20 17:06:58 2016 +0200

    rand/randfile.c: rationalize __OpenBSD__ code path.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit 799c1293fcf412db64dcc8a09a6b11cc755914dc
Author: Andy Polyakov <appro at openssl.org>
Date:   Tue Sep 20 16:59:32 2016 +0200

    rand/randfile.c: restore fallback to $HOME for non-setuid programs.
    
    Reported in GH#1589, but solution is different from suggested.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/randfile.c | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 7aeb871..c96383a 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -316,12 +316,14 @@ const char *RAND_file_name(char *buf, size_t size)
         }
     }
 #else
-    if (OPENSSL_issetugid() == 0) {
-        s = getenv("RANDFILE");
-    } else {
+    if (OPENSSL_issetugid() != 0) {
         use_randfile = 0;
-        if (OPENSSL_issetugid() == 0)
+    } else {
+        s = getenv("RANDFILE");
+        if (s == NULL || *s == '\0') {
+            use_randfile = 0;
             s = getenv("HOME");
+        }
     }
 #endif
 #ifdef DEFAULT_HOME
@@ -355,14 +357,10 @@ const char *RAND_file_name(char *buf, size_t size)
      * available.
      */
 
-    if (!buf[0])
-        if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) {
-            return NULL;
-        }
-    if (stat(buf, &sb) == -1)
+    if (!buf[0] || stat(buf, &sb) == -1)
         if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) {
             return NULL;
         }
 #endif
-    return buf;
+    return buf[0] ? buf : NULL;
 }