From: Richard Levitte Date: Sat, 27 Dec 2003 16:07:20 +0000 (+0000) Subject: Only use environment variables if uid and gid are the same as euid and egid. X-Git-Tag: BEN_FIPS_TEST_5~13^2~6 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f28e8bd300b32710c829316b4f620960154cf3e2;p=oweals%2Fopenssl.git Only use environment variables if uid and gid are the same as euid and egid. This is part of a large change submitted by Markus Friedl --- diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c index d0e088218b..f6f3df4b6a 100644 --- a/crypto/threads/mttest.c +++ b/crypto/threads/mttest.c @@ -267,7 +267,8 @@ bad: goto end; } - if (cipher == NULL) cipher=getenv("SSL_CIPHER"); + if (cipher == NULL && OPENSSL_issetugid() == 0) + cipher=getenv("SSL_CIPHER"); SSL_load_error_strings(); OpenSSL_add_ssl_algorithms();