krb5 commit: Use secure_getenv() where appropriate
Greg Hudson
ghudson at mit.edu
Tue Apr 30 18:09:16 EDT 2019
https://github.com/krb5/krb5/commit/d439e370b70f7af4ed2da9c692a3be7dcf7b4ac6
commit d439e370b70f7af4ed2da9c692a3be7dcf7b4ac6
Author: Greg Hudson <ghudson at mit.edu>
Date: Wed Apr 24 16:19:50 2019 -0400
Use secure_getenv() where appropriate
ticket: 8800
src/lib/kadm5/alt_prof.c | 2 +-
src/lib/krb5/ccache/ccselect_k5identity.c | 2 +-
src/lib/krb5/os/ccdefname.c | 2 +-
src/lib/krb5/os/expand_path.c | 2 +-
src/lib/krb5/os/init_os_ctx.c | 6 +++---
src/lib/krb5/os/ktdefname.c | 4 ++--
src/lib/krb5/os/trace.c | 2 +-
src/lib/krb5/rcache/rc_base.c | 4 ++--
src/lib/krb5/rcache/rc_io.c | 4 ++--
src/plugins/preauth/pkinit/pkinit_identity.c | 11 +++--------
src/plugins/tls/k5tls/openssl.c | 2 +-
src/util/profile/prof_file.c | 2 +-
12 files changed, 19 insertions(+), 24 deletions(-)
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index 3f6b536..5531a10 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -73,7 +73,7 @@ krb5_aprof_init(char *fname, char *envname, krb5_pointer *acontextp)
ret = krb5_get_default_config_files(&filenames);
if (ret)
return ret;
- if (envname == NULL || (kdc_config = getenv(envname)) == NULL)
+ if (envname == NULL || (kdc_config = secure_getenv(envname)) == NULL)
kdc_config = fname;
k5_buf_init_dynamic(&buf);
if (kdc_config)
diff --git a/src/lib/krb5/ccache/ccselect_k5identity.c b/src/lib/krb5/ccache/ccselect_k5identity.c
index bee5416..b2dbf8a 100644
--- a/src/lib/krb5/ccache/ccselect_k5identity.c
+++ b/src/lib/krb5/ccache/ccselect_k5identity.c
@@ -135,7 +135,7 @@ get_homedir(krb5_context context)
struct passwd pwx, *pwd;
if (!context->profile_secure)
- homedir = getenv("HOME");
+ homedir = secure_getenv("HOME");
if (homedir == NULL) {
if (k5_getpwuid_r(geteuid(), &pwx, pwbuf, sizeof(pwbuf), &pwd) != 0)
diff --git a/src/lib/krb5/os/ccdefname.c b/src/lib/krb5/os/ccdefname.c
index e5cb3e4..233173d 100644
--- a/src/lib/krb5/os/ccdefname.c
+++ b/src/lib/krb5/os/ccdefname.c
@@ -300,7 +300,7 @@ krb5_cc_default_name(krb5_context context)
return os_ctx->default_ccname;
/* Try the environment variable first. */
- envstr = getenv(KRB5_ENV_CCNAME);
+ envstr = secure_getenv(KRB5_ENV_CCNAME);
if (envstr != NULL) {
os_ctx->default_ccname = strdup(envstr);
return os_ctx->default_ccname;
diff --git a/src/lib/krb5/os/expand_path.c b/src/lib/krb5/os/expand_path.c
index 61fb234..4ce466c 100644
--- a/src/lib/krb5/os/expand_path.c
+++ b/src/lib/krb5/os/expand_path.c
@@ -280,7 +280,7 @@ expand_temp_folder(krb5_context context, PTYPE param, const char *postfix,
const char *p = NULL;
if (context == NULL || !context->profile_secure)
- p = getenv("TMPDIR");
+ p = secure_getenv("TMPDIR");
*ret = strdup((p != NULL) ? p : "/tmp");
if (*ret == NULL)
return ENOMEM;
diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c
index 09809b9..3aa86f4 100644
--- a/src/lib/krb5/os/init_os_ctx.c
+++ b/src/lib/krb5/os/init_os_ctx.c
@@ -243,7 +243,7 @@ os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure)
char *name = 0;
if (!secure) {
- char *env = getenv("KRB5_CONFIG");
+ char *env = secure_getenv("KRB5_CONFIG");
if (env) {
name = strdup(env);
if (!name) return ENOMEM;
@@ -298,7 +298,7 @@ os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure)
if (secure) {
filepath = DEFAULT_SECURE_PROFILE_PATH;
} else {
- filepath = getenv("KRB5_CONFIG");
+ filepath = secure_getenv("KRB5_CONFIG");
if (!filepath) filepath = DEFAULT_PROFILE_PATH;
}
@@ -344,7 +344,7 @@ add_kdc_config_file(profile_filespec_t **pfiles)
size_t count = 0;
profile_filespec_t *newfiles;
- file = getenv(KDC_PROFILE_ENV);
+ file = secure_getenv(KDC_PROFILE_ENV);
if (file == NULL)
file = DEFAULT_KDC_PROFILE;
diff --git a/src/lib/krb5/os/ktdefname.c b/src/lib/krb5/os/ktdefname.c
index ffbd14d..fbe4e98 100644
--- a/src/lib/krb5/os/ktdefname.c
+++ b/src/lib/krb5/os/ktdefname.c
@@ -42,7 +42,7 @@ kt_default_name(krb5_context context, char **name_out)
*name_out = strdup(krb5_overridekeyname);
return (*name_out == NULL) ? ENOMEM : 0;
} else if (context->profile_secure == FALSE &&
- (str = getenv("KRB5_KTNAME")) != NULL) {
+ (str = secure_getenv("KRB5_KTNAME")) != NULL) {
*name_out = strdup(str);
return (*name_out == NULL) ? ENOMEM : 0;
} else if (profile_get_string(context->profile, KRB5_CONF_LIBDEFAULTS,
@@ -63,7 +63,7 @@ k5_kt_client_default_name(krb5_context context, char **name_out)
char *str;
if (context->profile_secure == FALSE &&
- (str = getenv("KRB5_CLIENT_KTNAME")) != NULL) {
+ (str = secure_getenv("KRB5_CLIENT_KTNAME")) != NULL) {
*name_out = strdup(str);
return (*name_out == NULL) ? ENOMEM : 0;
} else if (profile_get_string(context->profile, KRB5_CONF_LIBDEFAULTS,
diff --git a/src/lib/krb5/os/trace.c b/src/lib/krb5/os/trace.c
index 4fff8f3..2a03ae9 100644
--- a/src/lib/krb5/os/trace.c
+++ b/src/lib/krb5/os/trace.c
@@ -389,7 +389,7 @@ k5_init_trace(krb5_context context)
{
const char *filename;
- filename = getenv("KRB5_TRACE");
+ filename = secure_getenv("KRB5_TRACE");
if (filename)
(void) krb5_set_trace_filename(context, filename);
}
diff --git a/src/lib/krb5/rcache/rc_base.c b/src/lib/krb5/rcache/rc_base.c
index 373ac30..9fa4643 100644
--- a/src/lib/krb5/rcache/rc_base.c
+++ b/src/lib/krb5/rcache/rc_base.c
@@ -107,7 +107,7 @@ char *
krb5_rc_default_type(krb5_context context)
{
char *s;
- if ((s = getenv("KRB5RCACHETYPE")))
+ if ((s = secure_getenv("KRB5RCACHETYPE")))
return s;
else
return "dfl";
@@ -117,7 +117,7 @@ char *
krb5_rc_default_name(krb5_context context)
{
char *s;
- if ((s = getenv("KRB5RCACHENAME")))
+ if ((s = secure_getenv("KRB5RCACHENAME")))
return s;
else
return (char *) 0;
diff --git a/src/lib/krb5/rcache/rc_io.c b/src/lib/krb5/rcache/rc_io.c
index 35fa14a..1800460 100644
--- a/src/lib/krb5/rcache/rc_io.c
+++ b/src/lib/krb5/rcache/rc_io.c
@@ -48,13 +48,13 @@ getdir(void)
{
char *dir;
- if (!(dir = getenv("KRB5RCACHEDIR"))) {
+ if (!(dir = secure_getenv("KRB5RCACHEDIR"))) {
#if defined(_WIN32)
if (!(dir = getenv("TEMP")))
if (!(dir = getenv("TMP")))
dir = "C:";
#else
- if (!(dir = getenv("TMPDIR"))) {
+ if (!(dir = secure_getenv("TMPDIR"))) {
#ifdef RCTMPDIR
dir = RCTMPDIR;
#else
diff --git a/src/plugins/preauth/pkinit/pkinit_identity.c b/src/plugins/preauth/pkinit/pkinit_identity.c
index 8cd3fc6..b89c5d0 100644
--- a/src/plugins/preauth/pkinit/pkinit_identity.c
+++ b/src/plugins/preauth/pkinit/pkinit_identity.c
@@ -29,16 +29,10 @@
* SUCH DAMAGES.
*/
-#include <errno.h>
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
+#include "pkinit.h"
#include <dlfcn.h>
-#include <unistd.h>
#include <dirent.h>
-#include "pkinit.h"
-
static void
free_list(char **list)
{
@@ -430,7 +424,8 @@ process_option_identity(krb5_context context,
switch (idtype) {
case IDTYPE_ENVVAR:
return process_option_identity(context, plg_cryptoctx, req_cryptoctx,
- idopts, id_cryptoctx, getenv(residual));
+ idopts, id_cryptoctx,
+ secure_getenv(residual));
break;
case IDTYPE_FILE:
retval = parse_fs_options(context, idopts, residual);
diff --git a/src/plugins/tls/k5tls/openssl.c b/src/plugins/tls/k5tls/openssl.c
index 822632c..76a43b3 100644
--- a/src/plugins/tls/k5tls/openssl.c
+++ b/src/plugins/tls/k5tls/openssl.c
@@ -399,7 +399,7 @@ load_anchor(SSL_CTX *ctx, const char *location)
} else if (strncmp(location, "DIR:", 4) == 0) {
return load_anchor_dir(store, location + 4);
} else if (strncmp(location, "ENV:", 4) == 0) {
- envloc = getenv(location + 4);
+ envloc = secure_getenv(location + 4);
if (envloc == NULL)
return ENOENT;
return load_anchor(ctx, envloc);
diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c
index 24e41fb..aa951df 100644
--- a/src/util/profile/prof_file.c
+++ b/src/util/profile/prof_file.c
@@ -182,7 +182,7 @@ errcode_t profile_open_file(const_profile_filespec_t filespec,
prf->magic = PROF_MAGIC_FILE;
if (filespec[0] == '~' && filespec[1] == '/') {
- home_env = getenv("HOME");
+ home_env = secure_getenv("HOME");
#ifdef HAVE_PWD_H
if (home_env == NULL) {
uid_t uid;
More information about the cvs-krb5
mailing list