rand/randfile.c: restore fallback to $HOME for non-setuid programs.

Reported in GH#1589, but solution is different from suggested.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 799c1293fcf412db64dcc8a09a6b11cc755914dc)

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 7aeb87174370ddf0db39bfe990a7c0e731d4997b..16cc27aa9b08f88dc90cac5334d02db8942278cc 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -316,12 +316,14 @@ const char *RAND_file_name(char *buf, size_t size)
         }
     }
 #else
-    if (OPENSSL_issetugid() == 0) {
-        s = getenv("RANDFILE");
-    } else {
+    if (OPENSSL_issetugid() != 0) {
         use_randfile = 0;
-        if (OPENSSL_issetugid() == 0)
+    } else {
+        s = getenv("RANDFILE");
+        if (s == NULL || *s == '\0') {
+            use_randfile = 0;
             s = getenv("HOME");
+        }
     }
 #endif
 #ifdef DEFAULT_HOME